Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP shut down - stubborn rootkit


  • This topic is locked This topic is locked
42 replies to this topic

#1 Pere92

Pere92

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 13 January 2013 - 12:52 PM

following advice from windows XP forum to post these logs here. Thanks.



DDS (Ver_2012-11-20.01) - NTFS_x86 MINIMAL
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by Administrator at 12:36:16 on 2013-01-13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1007.772 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gateway.net
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - <orphaned>
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\winnt\system32\shdocvw.dll
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRunOnce: [Report] C:\AdwCleaner[S2].txt
mRun: [SM1BG] c:\winnt\SM1BG.EXE
mRun: [IgfxTray] c:\winnt\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\winnt\system32\hkcmd.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\winnt\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [BellSouthWCC_McciTrayApp] c:\program files\bellsouthwcc\McciTrayApp.exe
mRun: [NeroFilterCheck] c:\winnt\system32\NeroCheck.exe
mRun: [Gateway Ink Monitor] "c:\program files\gateway\gateway ink monitor\GWInkMonitor.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [HPDJ Taskbar Utility] c:\winnt\system32\spool\drivers\w32x86\3\hpztsb10.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [Identities] rundll32.exe "c:\documents and settings\owner\local settings\application data\isolatedstorage\identities\wcgso.dll",DllRegisterServerW
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_Win32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - hxxps://remote.qvc.com/vdesk/cachecleaner.cab#version=7000,2011,0622,1013
DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - hxxp://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - hxxps://remote.qvc.com/vdesk/terminal/InstallerControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1354331760890
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210008182156
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{2B7ADEE5-464F-4F05-81CF-4BA0E5170CD3} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{7CF3F8C1-F857-4BC0-B27F-BA34EADC26B8} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{C1691451-F22E-456D-A4D3-D45680C8ADF9} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{F069ABBC-9A9C-4A1D-BB09-8774E1D39FE5} : DHCPNameServer = 192.168.1.254 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
S0 MpFilter;Microsoft Malware Protection Driver;c:\winnt\system32\drivers\MpFilter.sys [2012-8-30 193552]
S1 MpKsl6f5c0927;MpKsl6f5c0927;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsl6f5c0927.sys [2013-1-13 29904]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2012-1-11 1053184]
S3 iatmunin;iatmunin;\??\c:\docume~1\owner\locals~1\temp\iatmunin.sys --> c:\docume~1\owner\locals~1\temp\iatmunin.sys [?]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2072-07-31 21:44:42 375808 ----a-w- c:\program files\microsoft games\halo\binkw32.dll
2013-01-13 17:01:40 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsl6f5c0927.sys
2013-01-11 18:41:38 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKslb35eddd9.sys
2013-01-10 19:49:03 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\offreg.dll
2013-01-10 18:00:04 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsld57f6272.sys
2013-01-08 12:14:22 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsl1c0ebcde.sys
2013-01-08 11:46:20 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsld1b7f40c.sys
2013-01-07 03:32:49 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\MpKsl59a0d198.sys
2013-01-06 07:10:23 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c62aef0d-1c66-4b11-981a-bce72593dfe9}\mpengine.dll
2012-12-31 00:21:17 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-12-18 12:53:35 -------- d-----w- c:\program files\Microsoft Security Client
.
==================== Find3M ====================
.
2013-01-10 19:31:06 74248 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2013-01-10 19:31:06 697864 ----a-w- c:\winnt\system32\FlashPlayerApp.exe
2012-12-12 18:02:16 74703 ----a-w- c:\winnt\system32\mfc45.dll
2012-12-10 03:46:47 74703 ----a-w- c:\winnt\system32\mfc45.dat
2012-11-13 12:26:43 703 ----a-w- c:\winnt\system32\drivers\etc\urh1E.tmp
2012-11-08 21:33:50 703 ----a-w- c:\winnt\system32\drivers\etc\urh7.tmp
2012-10-22 08:37:31 1866368 ----a-w- c:\winnt\system32\win32k.sys
2003-08-27 20:19:18 36963 -c--a-r- c:\program files\common files\SM1updtr.dll
.
============= FINISH: 12:38:45.46 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 4/16/2004 3:40:00 PM
System Uptime: 1/13/2013 12:06:49 PM (0 hours ago)
.
Motherboard: Intel Corporation | | D865GVLC
Processor: Intel® Pentium® 4 CPU 2.80GHz | J2E1 | 2793/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 22.934 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: Intel® 82865G Graphics Controller
Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_7147107B&REV_02\3&267A616A&0&10
Manufacturer: Intel Corporation
Name: Intel® 82865G Graphics Controller
PNP Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_7147107B&REV_02\3&267A616A&0&10
Service: ialm
.
==== System Restore Points ===================
.
RP2039: 10/13/2012 12:53:40 PM - Software Distribution Service 3.0
RP2040: 10/17/2012 2:17:05 PM - Software Distribution Service 3.0
RP2041: 10/21/2012 12:03:03 PM - Software Distribution Service 3.0
RP2042: 10/24/2012 7:36:30 AM - Software Distribution Service 3.0
RP2043: 10/27/2012 11:58:33 AM - Software Distribution Service 3.0
RP2044: 11/1/2012 7:40:58 AM - Software Distribution Service 3.0
RP2045: 11/2/2012 12:13:13 PM - Software Distribution Service 3.0
RP2046: 11/4/2012 2:54:46 PM - System Checkpoint
RP2047: 11/6/2012 7:13:04 AM - Software Distribution Service 3.0
RP2048: 11/8/2012 2:28:54 PM - System Checkpoint
RP2049: 11/9/2012 6:56:11 PM - Software Distribution Service 3.0
RP2050: 11/13/2012 7:03:52 AM - Software Distribution Service 3.0
RP2051: 11/14/2012 7:26:54 AM - Restore Operation
RP2052: 11/14/2012 7:35:02 AM - Software Distribution Service 3.0
RP2053: 11/15/2012 3:55:39 PM - Software Distribution Service 3.0
RP2054: 11/16/2012 7:16:53 AM - Software Distribution Service 3.0
RP2055: 11/16/2012 11:25:48 AM - Software Distribution Service 3.0
RP2056: 11/16/2012 9:41:32 PM - Installed Steam
RP2057: 11/21/2012 7:33:07 AM - Software Distribution Service 3.0
RP2058: 11/23/2012 12:21:08 PM - Software Distribution Service 3.0
RP2059: 11/25/2012 10:03:55 PM - System Checkpoint
RP2060: 11/27/2012 12:46:45 PM - System Checkpoint
RP2061: 11/30/2012 3:39:45 PM - System Checkpoint
RP2062: 11/30/2012 10:04:49 PM - Installed Microsoft Fix it 50203
RP2063: 11/30/2012 10:24:15 PM - Installed Microsoft Fix it 50687
RP2064: 12/5/2012 1:21:08 PM - System Checkpoint
RP2065: 12/6/2012 6:41:48 AM - Removed Steam
RP2066: 12/9/2012 12:54:34 PM - System Checkpoint
RP2067: 12/13/2012 7:44:33 AM - Restore Operation
RP2068: 12/13/2012 10:41:54 AM - Restore Operation
RP2069: 12/18/2012 8:17:19 AM - System Checkpoint
RP2070: 12/23/2012 8:06:53 PM - System Checkpoint
RP2071: 12/26/2012 12:50:28 PM - System Checkpoint
RP2072: 12/27/2012 6:43:49 PM - System Checkpoint
RP2073: 12/29/2012 10:52:02 AM - System Checkpoint
RP2074: 12/31/2012 2:52:11 PM - System Checkpoint
RP2075: 1/2/2013 10:23:12 AM - System Checkpoint
RP2076: 1/8/2013 7:28:45 AM - System Checkpoint
RP2077: 1/10/2013 12:56:50 PM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
2600
2600_Help
2600Trb
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Age of Empires III
Age of Mythology
Age of Mythology - The Titans Expansion
Ahead Nero BurnRights
AiO_Scan
AiOSoftware
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20030807.3)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
BellSouth Wireless Connection Tool
BIG-IP Edge Client Components (All Users)
Blackhawk Striker from Gateway (remove only)
Blasterball 2 from Gateway (remove only)
Bonjour
Bounce Symphony from Gateway (remove only)
BufferChm
Carnival Cruise Lines Tycoon 2005 - Island Hopping
Copy
CreativeProjects
CreativeProjectsTemplates
CueTour
Cypress USB Mass Storage Driver Installation
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
Director
Disney Pirates of the Caribbean Online
DocProc
DocumentViewer
DoMore
DVD
EA Download Manager
Emperor's New Groove - Groove Center
ESET Online Scanner v3
Excavation from Gateway (remove only)
Fax
Five Card Frenzy from Gateway (remove only)
Frogger2
GameSpy Arcade
Gateway Ink Monitor
GWCares
Harley-Davidson® - Race Around The World
Harry Potter
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Board Games
Hoyle Card Games
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Software Update
HPSystemDiagnostics
InstantShare
Intel® 537EP Data Fax Modem
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
iolo technologies' System Mechanic
iTunes
Java Auto Updater
Java™ 6 Update 30
JumpStart Explorers
KODAK Share Button App
Learn2 Player (Uninstall Only)
Lock On: Modern Air Combat
LockOn Flaming Cliffs 2
Logitech Gaming Software
Mass Effect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Age of Empires II
Microsoft Application Error Reporting
Microsoft CART Precision Racing Trial
Microsoft Combat Flight Simulator 3.1
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Halo
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Learning and Research Plus Support Files
Microsoft Midtown Madness
Microsoft Midtown Madness 2
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Monster Truck Madness 2
Microsoft Motocross Madness
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Picture It! Express 7.0
Microsoft Picture It! Photo Premium 9
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 14
Microsoft Streets and Trips 2004
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft Works 2004 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Monster Jam
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN Internet Software
MSN Messenger 5.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4 Parser
MUSICMATCH® Jukebox
My Disney Kitchen
Napster
NASCAR SimRacing
Nero OEM
Network Play System (Patching)
NVIDIA Drivers
Orbital from Gateway (remove only)
Otto from Gateway (remove only)
Overball from Gateway (remove only)
Overland
ParaWorld
PC-Doctor for Windows
Pearl Harbor
PhotoGallery
Polar Bowler from Gateway (remove only)
PrintScreen
ProductContext
QFolder
Quicken 2004
QuickProjects
QuickTime
Readme
RealPlayer Basic
Rise of Nations Gold
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 2: Wacky Worlds
RollerCoaster Tycoon® 3
Roxio Burn Engine
Scan
Scratches
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Sierra Utilities
SimCoaster
SkinsHP1
Slyder from Gateway (remove only)
SPORE™
SPORE™ Creepy & Cute Parts Pack
SPORE™ Galactic Adventures
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
System Requirements Lab
Tarzan Activity Center
The Office
The Sims 2
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Superstar
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Celebration! Stuff
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
Thomas & Friends - The Great Festival Adventure
Toy Story 2
Toy Story 2 Activity Center
TrayApp
Ultimate Ride Disney Coaster
Uninstall Best Reading Program
Unload
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Storage Adapter FX (SM1)
Virtools 3D Life Player
WebFldrs XP
WebReg
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows XP Service Pack 3
Zoo Tycoon 2
Zoo Tycoon Expanded
.
==== Event Viewer Messages From Past Week ========
.
1/8/2013 7:24:53 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/6/2013 2:04:39 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2838.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:06 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/11/2013 7:02:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/11/2013 2:07:33 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 7:55:18 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/10/2013 7:37:22 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 7:37:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/10/2013 7:36:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/10/2013 7:35:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/10/2013 7:31:28 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/10/2013 7:27:50 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/10/2013 12:39:17 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 1:10:38 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 13 January 2013 - 02:56 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 13 January 2013 - 09:11 PM

Hi Thanks for your time
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 4/16/2004 3:40:00 PM
System Uptime: 1/13/2013 12:06:49 PM (0 hours ago)
.
Motherboard: Intel Corporation | | D865GVLC
Processor: Intel® Pentium® 4 CPU 2.80GHz | J2E1 | 2793/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 22.934 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: Intel® 82865G Graphics Controller
Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_7147107B&REV_02\3&267A616A&0&10
Manufacturer: Intel Corporation
Name: Intel® 82865G Graphics Controller
PNP Device ID: PCI\VEN_8086&DEV_2572&SUBSYS_7147107B&REV_02\3&267A616A&0&10
Service: ialm
.
==== System Restore Points ===================
.
RP2039: 10/13/2012 12:53:40 PM - Software Distribution Service 3.0
RP2040: 10/17/2012 2:17:05 PM - Software Distribution Service 3.0
RP2041: 10/21/2012 12:03:03 PM - Software Distribution Service 3.0
RP2042: 10/24/2012 7:36:30 AM - Software Distribution Service 3.0
RP2043: 10/27/2012 11:58:33 AM - Software Distribution Service 3.0
RP2044: 11/1/2012 7:40:58 AM - Software Distribution Service 3.0
RP2045: 11/2/2012 12:13:13 PM - Software Distribution Service 3.0
RP2046: 11/4/2012 2:54:46 PM - System Checkpoint
RP2047: 11/6/2012 7:13:04 AM - Software Distribution Service 3.0
RP2048: 11/8/2012 2:28:54 PM - System Checkpoint
RP2049: 11/9/2012 6:56:11 PM - Software Distribution Service 3.0
RP2050: 11/13/2012 7:03:52 AM - Software Distribution Service 3.0
RP2051: 11/14/2012 7:26:54 AM - Restore Operation
RP2052: 11/14/2012 7:35:02 AM - Software Distribution Service 3.0
RP2053: 11/15/2012 3:55:39 PM - Software Distribution Service 3.0
RP2054: 11/16/2012 7:16:53 AM - Software Distribution Service 3.0
RP2055: 11/16/2012 11:25:48 AM - Software Distribution Service 3.0
RP2056: 11/16/2012 9:41:32 PM - Installed Steam
RP2057: 11/21/2012 7:33:07 AM - Software Distribution Service 3.0
RP2058: 11/23/2012 12:21:08 PM - Software Distribution Service 3.0
RP2059: 11/25/2012 10:03:55 PM - System Checkpoint
RP2060: 11/27/2012 12:46:45 PM - System Checkpoint
RP2061: 11/30/2012 3:39:45 PM - System Checkpoint
RP2062: 11/30/2012 10:04:49 PM - Installed Microsoft Fix it 50203
RP2063: 11/30/2012 10:24:15 PM - Installed Microsoft Fix it 50687
RP2064: 12/5/2012 1:21:08 PM - System Checkpoint
RP2065: 12/6/2012 6:41:48 AM - Removed Steam
RP2066: 12/9/2012 12:54:34 PM - System Checkpoint
RP2067: 12/13/2012 7:44:33 AM - Restore Operation
RP2068: 12/13/2012 10:41:54 AM - Restore Operation
RP2069: 12/18/2012 8:17:19 AM - System Checkpoint
RP2070: 12/23/2012 8:06:53 PM - System Checkpoint
RP2071: 12/26/2012 12:50:28 PM - System Checkpoint
RP2072: 12/27/2012 6:43:49 PM - System Checkpoint
RP2073: 12/29/2012 10:52:02 AM - System Checkpoint
RP2074: 12/31/2012 2:52:11 PM - System Checkpoint
RP2075: 1/2/2013 10:23:12 AM - System Checkpoint
RP2076: 1/8/2013 7:28:45 AM - System Checkpoint
RP2077: 1/10/2013 12:56:50 PM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
2600
2600_Help
2600Trb
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Age of Empires III
Age of Mythology
Age of Mythology - The Titans Expansion
Ahead Nero BurnRights
AiO_Scan
AiOSoftware
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20030807.3)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
BellSouth Wireless Connection Tool
BIG-IP Edge Client Components (All Users)
Blackhawk Striker from Gateway (remove only)
Blasterball 2 from Gateway (remove only)
Bonjour
Bounce Symphony from Gateway (remove only)
BufferChm
Carnival Cruise Lines Tycoon 2005 - Island Hopping
Copy
CreativeProjects
CreativeProjectsTemplates
CueTour
Cypress USB Mass Storage Driver Installation
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
Director
Disney Pirates of the Caribbean Online
DocProc
DocumentViewer
DoMore
DVD
EA Download Manager
Emperor's New Groove - Groove Center
ESET Online Scanner v3
Excavation from Gateway (remove only)
Fax
Five Card Frenzy from Gateway (remove only)
Frogger2
GameSpy Arcade
Gateway Ink Monitor
GWCares
Harley-Davidson® - Race Around The World
Harry Potter
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Board Games
Hoyle Card Games
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Software Update
HPSystemDiagnostics
InstantShare
Intel® 537EP Data Fax Modem
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
iolo technologies' System Mechanic
iTunes
Java Auto Updater
Java™ 6 Update 30
JumpStart Explorers
KODAK Share Button App
Learn2 Player (Uninstall Only)
Lock On: Modern Air Combat
LockOn Flaming Cliffs 2
Logitech Gaming Software
Mass Effect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Age of Empires II
Microsoft Application Error Reporting
Microsoft CART Precision Racing Trial
Microsoft Combat Flight Simulator 3.1
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Halo
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Learning and Research Plus Support Files
Microsoft Midtown Madness
Microsoft Midtown Madness 2
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Monster Truck Madness 2
Microsoft Motocross Madness
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Picture It! Express 7.0
Microsoft Picture It! Photo Premium 9
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 14
Microsoft Streets and Trips 2004
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft Works 2004 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Monster Jam
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN Internet Software
MSN Messenger 5.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML4 Parser
MUSICMATCH® Jukebox
My Disney Kitchen
Napster
NASCAR SimRacing
Nero OEM
Network Play System (Patching)
NVIDIA Drivers
Orbital from Gateway (remove only)
Otto from Gateway (remove only)
Overball from Gateway (remove only)
Overland
ParaWorld
PC-Doctor for Windows
Pearl Harbor
PhotoGallery
Polar Bowler from Gateway (remove only)
PrintScreen
ProductContext
QFolder
Quicken 2004
QuickProjects
QuickTime
Readme
RealPlayer Basic
Rise of Nations Gold
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 2: Wacky Worlds
RollerCoaster Tycoon® 3
Roxio Burn Engine
Scan
Scratches
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Sierra Utilities
SimCoaster
SkinsHP1
Slyder from Gateway (remove only)
SPORE™
SPORE™ Creepy & Cute Parts Pack
SPORE™ Galactic Adventures
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
System Requirements Lab
Tarzan Activity Center
The Office
The Sims 2
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Superstar
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Celebration! Stuff
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
Thomas & Friends - The Great Festival Adventure
Toy Story 2
Toy Story 2 Activity Center
TrayApp
Ultimate Ride Disney Coaster
Uninstall Best Reading Program
Unload
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Storage Adapter FX (SM1)
Virtools 3D Life Player
WebFldrs XP
WebReg
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows XP Service Pack 3
Zoo Tycoon 2
Zoo Tycoon Expanded
.
==== Event Viewer Messages From Past Week ========
.
1/8/2013 7:24:53 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/6/2013 2:04:39 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2838.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:37:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:18:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9002.0&avdelta=1.141.3245.0&asdelta=1.141.3245.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/13/2013 12:08:06 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/11/2013 7:02:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/11/2013 2:07:33 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 7:55:18 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
1/10/2013 7:37:22 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 7:37:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/10/2013 7:36:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/10/2013 7:35:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/10/2013 7:31:28 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/10/2013 7:27:50 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/10/2013 12:39:17 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/10/2013 1:10:38 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.3245.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x80080005 Error description: Server execution failed
.
==== End Of File ===========================


# AdwCleaner v2.105 - Logfile created 01/13/2013 at 20:38:03
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - KIDS
# Boot Mode : Safe mode
# Running from : J:\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [2357 octets] - [06/12/2012 10:48:17]
AdwCleaner[S2].txt - [687 octets] - [10/01/2013 07:42:30]
AdwCleaner[S3].txt - [619 octets] - [13/01/2013 20:38:03]

########## EOF - C:\AdwCleaner[S3].txt - [678 octets] ##########

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Remove -- Date : 01/13/2013 21:02:51

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] SM1bg.exe -- C:\WINNT\SM1bg.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : SM1BG (C:\WINNT\SM1bg.exe) -> DELETED
[RUN][SUSP PATH] HKUS\.DEFAULT[...]\Run : Identities (rundll32.exe "C:\Documents and Settings\Owner\Local Settings\Application Data\IsolatedStorage\Identities\wcgso.dll",DllRegisterServerW) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : Identities (rundll32.exe "C:\Documents and Settings\Owner\Local Settings\Application Data\IsolatedStorage\Identities\wcgso.dll",DllRegisterServerW) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : Identities (rundll32.exe "C:\Documents and Settings\Owner\Local Settings\Application Data\IsolatedStorage\Identities\wcgso.dll",DllRegisterServerW) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-21-2845982787-255064912-834600775-1003\$036d716129dc061db4d2b5363a0bb3b7\U --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\L\201d3dde --> REMOVED
[Del.Parent][FILE] 4cce1f70 : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\L\4cce1f70 --> REMOVED
[Del.Parent][FILE] 55490ac4 : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\L\55490ac4 --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-18\$036d716129dc061db4d2b5363a0bb3b7\L --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-21-2845982787-255064912-834600775-1003\$036d716129dc061db4d2b5363a0bb3b7\L --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINNT\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1200BB-22DWA0 +++++
--- User ---
[MBR] 971375ff7490e6926a49fb90f6c29ac9
[BSP] d3b7c2b8e550621bc5b14772a048c7ad : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_01132013_02d2102.txt >>
RKreport[1]_S_01132013_02d2045.txt ; RKreport[2]_S_01132013_02d2100.txt ; RKreport[3]_D_01132013_02d2102.txt

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 13 January 2013 - 09:16 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 14 January 2013 - 11:17 AM

I will follow your direction and run combo fix. My concern is the reboots. For instance, i just tried to turn it on to do this combofix and i never made it to the home screen, it just shut off. I feel lucky each time it actually turns on. I cant run it in safe mode and have the internet access required. Any suggestions? Or just run combofix if I manage to get this thing on and cross the reboot bridge if I get to that point?

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 14 January 2013 - 11:23 AM

Hello

things might be getting better as the last scan did remove a rootkit and the only way we can be for sure is to restart the computer


so run the program and at some point if it is malware causing this it will get better




gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 14 January 2013 - 01:01 PM

I am currently running combofix but I couldnt get the comp started in anything but safe mode. I know this means i couldnt get online to get the Recovery Console and this means i am not getting the full benefit of combo fix. Please advise as to whether or not after combo fix finishes, if I am able to start up normally if I should run it again with the internet access open to get the Recovery console update ir if this is a combo fix no no. Also, is there an issue getting internet back after combo fix?

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 14 January 2013 - 01:18 PM

when it is complete send me the report then we will decide what we are going to do



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 14 January 2013 - 01:44 PM

OK here it is


ComboFix 13-01-14.01 - Administrator 01/14/2013 12:51:07.1.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1007.766 [GMT -5:00]
Running from: J:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Owner\WINDOWS
c:\program files\INSTALL.LOG
c:\program files\Shared
c:\winnt\EventSystem.log
c:\winnt\system32\dllcache\wmpvis.dll
c:\winnt\system32\download
c:\winnt\system32\download\ispinfo.csv
c:\winnt\system32\URTTemp
c:\winnt\system32\URTTemp\fusion.dll
c:\winnt\system32\URTTemp\mscoree.dll
c:\winnt\system32\URTTemp\mscoree.dll.local
c:\winnt\system32\URTTemp\mscorsn.dll
c:\winnt\system32\URTTemp\mscorwks.dll
c:\winnt\system32\URTTemp\msvcr71.dll
c:\winnt\system32\URTTemp\regtlib.exe
c:\winnt\wt
c:\winnt\wt\backup\1.6.0.037\_privacy.txt
c:\winnt\wt\backup\1.6.0.037\info.txt
c:\winnt\wt\backup\1.6.0.037\stopwcmdr.bat
c:\winnt\wt\backup\1.6.0.037\updatenow.bat
c:\winnt\wt\backup\1.6.0.037\wcmdmgr.exe
c:\winnt\wt\backup\1.6.0.037\wtcpl.cpl
c:\winnt\wt\backup\1.6.0.037\wtisa.dll
c:\winnt\wt\data.wts
c:\winnt\wt\info.txt
c:\winnt\wt\updater\_privacy.txt
c:\winnt\wt\updater\data.wts
c:\winnt\wt\updater\stopwcmdr.bat
c:\winnt\wt\updater\updatenow.bat
c:\winnt\wt\updater\wt.ini
c:\winnt\wt\updater\wtisa.dll
c:\winnt\wt\updater\wtlog.txt
c:\winnt\wt\updater\wtlog2.txt
c:\winnt\wt\webdriver.dll
c:\winnt\wt\webdriver\actorobject.dll
c:\winnt\wt\webdriver\dx5drv.dll
c:\winnt\wt\webdriver\dx7drv.dll
c:\winnt\wt\webdriver\export.dat
c:\winnt\wt\webdriver\jdriver.dll
c:\winnt\wt\webdriver\objectbundle.dll
c:\winnt\wt\webdriver\rdriver.dll
c:\winnt\wt\webdriver\sound.dll
c:\winnt\wt\webdriver\wdcaps.ded
c:\winnt\wt\webdriver\wdengine.dll
c:\winnt\wt\webdriver\webdriver.dll
c:\winnt\wt\webdriver\wildtangent.jar
c:\winnt\wt\webdriver\wthost.exe
c:\winnt\wt\webdriver\wthostctl.dll
c:\winnt\wt\webdriver\wtmulti.dll
c:\winnt\wt\webdriver\wtmulti.jar
c:\winnt\wt\webdriver\wtwmplug.ax
c:\winnt\wt\webdriver\wtwmplug.ini
c:\winnt\wt\wt3d.dll
c:\winnt\wt\wt3d.ini
c:\winnt\wt\wtupdates\wtupdater\appinfo.dat
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\actorobject.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\dx5drv.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\dx7drv.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\jdriver.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\legacy\data.wts
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\legacy\webdriver.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\legacy\wt3d.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwtplug.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\nsiwthostplugin.xpt
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\objectbundle.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\rdriver.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\sound.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wdcaps.ded
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wdengine.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\webdriver.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wildtangent.jar
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthost.exe
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthost.jar
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wthostctl.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtmulti.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtmulti.jar
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtwmplug.ax
c:\winnt\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtwmplug.ini
c:\winnt\wt\wtupdates\wtwebdriver\update_info\data.wts
c:\winnt\wt\wtvh.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-12-14 to 2013-01-14 )))))))))))))))))))))))))))))))
.
.
2013-01-14 02:00 . 2012-11-19 06:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D0F10F4B-89F1-42F2-B570-5255350D5AC5}\mpengine.dll
2013-01-14 01:59 . 2013-01-14 01:59 15616 ----a-w- c:\winnt\system32\drivers\TrueSight.sys
2013-01-10 17:50 . 2013-01-10 17:50 -------- d-----w- c:\documents and settings\New Folder
2013-01-06 07:10 . 2012-11-19 06:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-18 12:53 . 2012-12-18 12:54 -------- d-----w- c:\program files\Microsoft Security Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 19:31 . 2012-04-18 01:06 697864 ----a-w- c:\winnt\system32\FlashPlayerApp.exe
2013-01-10 19:31 . 2012-03-12 21:48 74248 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2012-12-12 18:02 . 2012-12-12 18:02 74703 ----a-w- c:\winnt\system32\mfc45.dll
2012-12-10 03:46 . 2012-12-10 03:46 74703 ----a-w- c:\winnt\system32\mfc45.dat
2012-11-27 16:56 . 2012-11-27 16:56 1324 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\d3d9caps.tmp
2012-11-13 12:26 . 2012-11-13 12:26 703 ----a-w- c:\winnt\system32\drivers\etc\urh1E.tmp
2012-11-08 21:33 . 2012-11-08 21:33 703 ----a-w- c:\winnt\system32\drivers\etc\urh7.tmp
2012-11-08 18:00 . 2012-11-23 17:21 6812136 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{22426C7B-BA7D-4426-973F-159F23FC8552}\mpengine.dll
2012-11-08 18:00 . 2008-05-29 22:39 6812136 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-10-22 08:37 . 1980-01-01 06:00 1866368 ----a-w- c:\winnt\system32\win32k.sys
2003-08-27 20:19 . 2004-02-17 16:57 36963 -c--a-r- c:\program files\Common Files\SM1updtr.dll
2012-07-14 00:17 . 2012-08-18 15:30 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\winnt\System32\igfxtray.exe" [2003-11-18 155648]
"HotKeysCmds"="c:\winnt\System32\hkcmd.exe" [2003-11-18 118784]
"NvCplDaemon"="c:\winnt\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"BellSouthWCC_McciTrayApp"="c:\program files\BellSouthWCC\McciTrayApp.exe" [2005-11-17 543232]
"NeroFilterCheck"="c:\winnt\System32\NeroCheck.exe" [2001-07-09 155648]
"Gateway Ink Monitor"="c:\program files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe" [2003-11-05 303180]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"KodakShareButtonApp"="c:\program files\Kodak\KODAK Share Button App\Listener.exe" [2010-10-07 106496]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"HPDJ Taskbar Utility"="c:\winnt\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-23 172032]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
backup=c:\winnt\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonUtilities
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
.
S2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [1/11/2012 10:58 AM 1053184]
S3 iatmunin;iatmunin;\??\c:\docume~1\Owner\LOCALS~1\Temp\iatmunin.sys --> c:\docume~1\Owner\LOCALS~1\Temp\iatmunin.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-14 c:\winnt\Tasks\Adobe Flash Player Updater.job
- c:\winnt\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 19:31]
.
2004-04-26 c:\winnt\Tasks\ISP signup reminder 2.job
- c:\winnt\System32\OOBE\oobebaln.exe [2003-10-06 00:12]
.
2004-05-02 c:\winnt\Tasks\ISP signup reminder 3.job
- c:\winnt\System32\OOBE\oobebaln.exe [2003-10-06 00:12]
.
2013-01-14 c:\winnt\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 22:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gateway.net
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
FF - ProfilePath -
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-WinDefend
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-14 13:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2845982787-255064912-834600775-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,5c,09,90,bf,23,d4,4f,8e,d8,47,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,5c,09,90,bf,23,d4,4f,8e,d8,47,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINNT\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINNT\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(216)
c:\winnt\system32\Ati2evxx.dll
.
Completion time: 2013-01-14 13:15:21
ComboFix-quarantined-files.txt 2013-01-14 18:15
.
Pre-Run: 24,501,231,616 bytes free
Post-Run: 25,553,588,224 bytes free
.
- - End Of File - - FBC197BD6EC10CE165360F23F0A9B2AB

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 14 January 2013 - 02:06 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 15 January 2013 - 07:59 AM

To keep up to date, I will tell you what just happened. Ran TDSS killer, got a log, only suspicious, no malicious. While running the update for AswMBR the comp shut itself off. I was not in Safe Mode and was running to updates to the prog. I will try again shortly.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 15 January 2013 - 12:46 PM

ok I will be waiting
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 15 January 2013 - 01:29 PM

07:29:27.0187 1572 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:29:27.0234 1572 ============================================================
07:29:27.0234 1572 Current date / time: 2013/01/15 07:29:27.0234
07:29:27.0234 1572 SystemInfo:
07:29:27.0234 1572
07:29:27.0234 1572 OS Version: 5.1.2600 ServicePack: 3.0
07:29:27.0234 1572 Product type: Workstation
07:29:27.0234 1572 ComputerName: KIDS
07:29:27.0234 1572 UserName: Owner
07:29:27.0234 1572 Windows directory: C:\WINNT
07:29:27.0234 1572 System windows directory: C:\WINNT
07:29:27.0234 1572 Processor architecture: Intel x86
07:29:27.0234 1572 Number of processors: 2
07:29:27.0234 1572 Page size: 0x1000
07:29:27.0234 1572 Boot type: Normal boot
07:29:27.0234 1572 ============================================================
07:29:31.0265 1572 BG loaded
07:29:32.0000 1572 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:29:32.0046 1572 Drive \Device\Harddisk5\DR10 - Size: 0x7A900000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:29:32.0046 1572 ============================================================
07:29:32.0046 1572 \Device\Harddisk0\DR0:
07:29:32.0062 1572 MBR partitions:
07:29:32.0062 1572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
07:29:32.0062 1572 \Device\Harddisk5\DR10:
07:29:32.0062 1572 MBR partitions:
07:29:32.0062 1572 \Device\Harddisk5\DR10\Partition1: MBR, Type 0x6, StartLBA 0x1F0, BlocksNum 0x3D4610
07:29:32.0062 1572 ============================================================
07:29:32.0109 1572 C: <-> \Device\Harddisk0\DR0\Partition1
07:29:32.0109 1572 ============================================================
07:29:32.0109 1572 Initialize success
07:29:32.0109 1572 ============================================================
07:30:16.0718 3284 ============================================================
07:30:16.0718 3284 Scan started
07:30:16.0718 3284 Mode: Manual; SigCheck; TDLFS;
07:30:16.0718 3284 ============================================================
07:30:19.0546 3284 ================ Scan system memory ========================
07:30:19.0546 3284 System memory - ok
07:30:19.0546 3284 ================ Scan services =============================
07:30:20.0468 3284 Abiosdsk - ok
07:30:20.0484 3284 abp480n5 - ok
07:30:20.0546 3284 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINNT\system32\drivers\ac97intc.sys
07:30:23.0421 3284 ac97intc - ok
07:30:23.0468 3284 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINNT\system32\DRIVERS\ACPI.sys
07:30:23.0718 3284 ACPI - ok
07:30:23.0781 3284 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINNT\system32\drivers\ACPIEC.sys
07:30:24.0000 3284 ACPIEC - ok
07:30:24.0093 3284 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINNT\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:30:24.0140 3284 AdobeFlashPlayerUpdateSvc - ok
07:30:24.0203 3284 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINNT\system32\DRIVERS\adpu160m.sys
07:30:24.0437 3284 adpu160m - ok
07:30:24.0484 3284 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINNT\system32\drivers\aeaudio.sys
07:30:24.0546 3284 aeaudio - ok
07:30:24.0593 3284 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINNT\system32\drivers\aec.sys
07:30:24.0843 3284 aec - ok
07:30:24.0906 3284 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINNT\System32\drivers\afd.sys
07:30:25.0000 3284 AFD - ok
07:30:25.0046 3284 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINNT\system32\DRIVERS\agp440.sys
07:30:25.0328 3284 agp440 - ok
07:30:25.0343 3284 Aha154x - ok
07:30:25.0359 3284 aic78u2 - ok
07:30:25.0390 3284 aic78xx - ok
07:30:25.0437 3284 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINNT\system32\alrsvc.dll
07:30:25.0718 3284 Alerter - ok
07:30:25.0812 3284 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINNT\System32\alg.exe
07:30:25.0906 3284 ALG - ok
07:30:25.0921 3284 AliIde - ok
07:30:25.0953 3284 amsint - ok
07:30:26.0375 3284 [ 73D675514F148B1E69429E1D95E22ADC ] AOL ACS C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
07:30:26.0750 3284 AOL ACS ( UnsignedFile.Multi.Generic ) - warning
07:30:26.0750 3284 AOL ACS - detected UnsignedFile.Multi.Generic (1)
07:30:28.0078 3284 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
07:30:32.0015 3284 Apple Mobile Device - ok
07:30:32.0031 3284 AppMgmt - ok
07:30:32.0078 3284 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINNT\system32\DRIVERS\arp1394.sys
07:30:32.0343 3284 Arp1394 - ok
07:30:32.0375 3284 asc - ok
07:30:32.0375 3284 asc3350p - ok
07:30:32.0406 3284 asc3550 - ok
07:30:32.0468 3284 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINNT\system32\drivers\ASCTRM.sys
07:30:32.0531 3284 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
07:30:32.0531 3284 ASCTRM - detected UnsignedFile.Multi.Generic (1)
07:30:32.0718 3284 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
07:30:32.0781 3284 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
07:30:32.0781 3284 aspnet_state - detected UnsignedFile.Multi.Generic (1)
07:30:32.0812 3284 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINNT\system32\DRIVERS\asyncmac.sys
07:30:33.0078 3284 AsyncMac - ok
07:30:33.0109 3284 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINNT\system32\DRIVERS\atapi.sys
07:30:33.0359 3284 atapi - ok
07:30:33.0375 3284 Atdisk - ok
07:30:33.0437 3284 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\WINNT\system32\Ati2evxx.exe
07:30:33.0562 3284 Ati HotKey Poller - ok
07:30:33.0609 3284 [ 312A17DFF710A0F4E6D4DD1D52EAD1A8 ] ATI Smart C:\WINNT\system32\ati2sgag.exe
07:30:33.0671 3284 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
07:30:33.0671 3284 ATI Smart - detected UnsignedFile.Multi.Generic (1)
07:30:33.0843 3284 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\WINNT\system32\DRIVERS\ati2mtag.sys
07:30:33.0937 3284 ati2mtag - ok
07:30:34.0000 3284 [ 5B80E84AF6B02ECAB72DAE9AFEE06309 ] atksgt C:\WINNT\system32\DRIVERS\atksgt.sys
07:30:34.0031 3284 atksgt ( UnsignedFile.Multi.Generic ) - warning
07:30:34.0031 3284 atksgt - detected UnsignedFile.Multi.Generic (1)
07:30:34.0078 3284 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINNT\system32\DRIVERS\atmarpc.sys
07:30:34.0312 3284 Atmarpc - ok
07:30:34.0375 3284 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINNT\System32\audiosrv.dll
07:30:34.0656 3284 AudioSrv - ok
07:30:34.0718 3284 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINNT\system32\DRIVERS\audstub.sys
07:30:34.0984 3284 audstub - ok
07:30:35.0046 3284 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINNT\system32\drivers\Beep.sys
07:30:35.0343 3284 Beep - ok
07:30:35.0484 3284 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINNT\system32\qmgr.dll
07:30:36.0125 3284 BITS - ok
07:30:36.0234 3284 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:30:36.0265 3284 Bonjour Service - ok
07:30:36.0328 3284 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINNT\System32\browser.dll
07:30:36.0515 3284 Browser - ok
07:30:36.0765 3284 catchme - ok
07:30:37.0093 3284 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINNT\system32\drivers\cbidf2k.sys
07:30:37.0390 3284 cbidf2k - ok
07:30:37.0406 3284 cd20xrnt - ok
07:30:37.0484 3284 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINNT\system32\drivers\Cdaudio.sys
07:30:37.0765 3284 Cdaudio - ok
07:30:37.0843 3284 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINNT\system32\drivers\Cdfs.sys
07:30:38.0375 3284 Cdfs - ok
07:30:38.0953 3284 [ 8B68B071B2BFB89C71508D588049AC74 ] Cdr4_xp C:\WINNT\system32\drivers\Cdr4_xp.sys
07:30:39.0046 3284 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
07:30:39.0046 3284 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
07:30:39.0109 3284 [ A639398D54889DF9D5EED609849B2A4A ] Cdralw2k C:\WINNT\system32\drivers\Cdralw2k.sys
07:30:39.0203 3284 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
07:30:39.0203 3284 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
07:30:39.0468 3284 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINNT\system32\DRIVERS\cdrom.sys
07:30:39.0765 3284 Cdrom - ok
07:30:39.0765 3284 Changer - ok
07:30:40.0000 3284 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINNT\system32\cisvc.exe
07:30:40.0281 3284 CiSvc - ok
07:30:40.0937 3284 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINNT\system32\clipsrv.exe
07:30:41.0187 3284 ClipSrv - ok
07:30:41.0203 3284 CmdIde - ok
07:30:41.0234 3284 COMSysApp - ok
07:30:41.0281 3284 Cpqarray - ok
07:30:41.0421 3284 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINNT\System32\cryptsvc.dll
07:30:41.0609 3284 CryptSvc - ok
07:30:41.0625 3284 dac2w2k - ok
07:30:41.0640 3284 dac960nt - ok
07:30:42.0390 3284 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINNT\system32\rpcss.dll
07:30:42.0640 3284 DcomLaunch - ok
07:30:42.0781 3284 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINNT\System32\dhcpcsvc.dll
07:30:42.0953 3284 Dhcp - ok
07:30:43.0421 3284 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINNT\system32\DRIVERS\disk.sys
07:30:43.0640 3284 Disk - ok
07:30:43.0656 3284 dmadmin - ok
07:30:44.0031 3284 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINNT\system32\drivers\dmboot.sys
07:30:44.0625 3284 dmboot - ok
07:30:44.0718 3284 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINNT\system32\drivers\dmio.sys
07:30:45.0000 3284 dmio - ok
07:30:45.0031 3284 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINNT\system32\drivers\dmload.sys
07:30:45.0296 3284 dmload - ok
07:30:45.0375 3284 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINNT\System32\dmserver.dll
07:30:45.0671 3284 dmserver - ok
07:30:45.0718 3284 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINNT\system32\drivers\DMusic.sys
07:30:45.0953 3284 DMusic - ok
07:30:46.0031 3284 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINNT\System32\dnsrslvr.dll
07:30:46.0296 3284 Dnscache - ok
07:30:46.0390 3284 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINNT\System32\dot3svc.dll
07:30:46.0765 3284 Dot3svc - ok
07:30:46.0781 3284 dpti2o - ok
07:30:46.0828 3284 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINNT\system32\drivers\drmkaud.sys
07:30:47.0078 3284 drmkaud - ok
07:30:47.0203 3284 [ 98B46B331404A951CABAD8B4877E1276 ] E100B C:\WINNT\system32\DRIVERS\e100b325.sys
07:30:47.0312 3284 E100B - ok
07:30:47.0390 3284 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINNT\System32\eapsvc.dll
07:30:47.0687 3284 EapHost - ok
07:30:47.0750 3284 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINNT\System32\ersvc.dll
07:30:47.0984 3284 ERSvc - ok
07:30:48.0062 3284 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINNT\system32\services.exe
07:30:48.0109 3284 Eventlog - ok
07:30:48.0203 3284 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINNT\System32\es.dll
07:30:48.0312 3284 EventSystem - ok
07:30:48.0406 3284 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINNT\system32\drivers\Fastfat.sys
07:30:48.0625 3284 Fastfat - ok
07:30:48.0781 3284 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINNT\System32\shsvcs.dll
07:30:48.0921 3284 FastUserSwitchingCompatibility - ok
07:30:48.0953 3284 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINNT\system32\DRIVERS\fdc.sys
07:30:49.0156 3284 Fdc - ok
07:30:49.0375 3284 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINNT\system32\drivers\Fips.sys
07:30:49.0578 3284 Fips - ok
07:30:49.0656 3284 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINNT\system32\DRIVERS\flpydisk.sys
07:30:49.0890 3284 Flpydisk - ok
07:30:49.0937 3284 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINNT\system32\drivers\fltmgr.sys
07:30:50.0421 3284 FltMgr - ok
07:30:50.0453 3284 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINNT\system32\drivers\Fs_Rec.sys
07:30:50.0656 3284 Fs_Rec - ok
07:30:50.0875 3284 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINNT\system32\DRIVERS\ftdisk.sys
07:30:51.0078 3284 Ftdisk - ok
07:30:51.0187 3284 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINNT\system32\DRIVERS\GEARAspiWDM.sys
07:30:51.0218 3284 GEARAspiWDM - ok
07:30:51.0359 3284 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINNT\system32\DRIVERS\msgpc.sys
07:30:51.0625 3284 Gpc - ok
07:30:51.0812 3284 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:30:52.0046 3284 helpsvc - ok
07:30:52.0125 3284 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINNT\System32\hidserv.dll
07:30:52.0328 3284 HidServ - ok
07:30:52.0375 3284 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINNT\system32\DRIVERS\hidusb.sys
07:30:52.0562 3284 HidUsb - ok
07:30:52.0640 3284 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINNT\System32\kmsvc.dll
07:30:52.0890 3284 hkmsvc - ok
07:30:52.0906 3284 hpn - ok
07:30:52.0953 3284 [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412 C:\WINNT\system32\DRIVERS\HPZid412.sys
07:30:53.0140 3284 HPZid412 - ok
07:30:53.0234 3284 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINNT\system32\DRIVERS\HPZipr12.sys
07:30:53.0468 3284 HPZipr12 - ok
07:30:53.0562 3284 [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12 C:\WINNT\system32\DRIVERS\HPZius12.sys
07:30:53.0828 3284 HPZius12 - ok
07:30:53.0937 3284 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINNT\system32\Drivers\HTTP.sys
07:30:54.0171 3284 HTTP - ok
07:30:54.0265 3284 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINNT\System32\w3ssl.dll
07:30:54.0562 3284 HTTPFilter - ok
07:30:54.0578 3284 i2omgmt - ok
07:30:54.0593 3284 i2omp - ok
07:30:54.0656 3284 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINNT\system32\DRIVERS\i8042prt.sys
07:30:54.0921 3284 i8042prt - ok
07:30:54.0984 3284 [ 537EFE2F9ADCD01073F59E9D3D24164E ] ialm C:\WINNT\system32\DRIVERS\ialmnt5.sys
07:30:55.0984 3284 ialm - ok
07:30:56.0046 3284 [ 50B56E7DE809BE4B8F4D24B3F0381520 ] iaStor C:\WINNT\system32\DRIVERS\iaStor.sys
07:30:56.0328 3284 iaStor ( UnsignedFile.Multi.Generic ) - warning
07:30:56.0328 3284 iaStor - detected UnsignedFile.Multi.Generic (1)
07:30:56.0640 3284 iatmunin - ok
07:30:56.0781 3284 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
07:30:56.0828 3284 IDriverT ( UnsignedFile.Multi.Generic ) - warning
07:30:56.0828 3284 IDriverT - detected UnsignedFile.Multi.Generic (1)
07:30:56.0875 3284 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINNT\system32\DRIVERS\imapi.sys
07:30:57.0171 3284 Imapi - ok
07:30:57.0234 3284 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINNT\system32\imapi.exe
07:30:57.0500 3284 ImapiService - ok
07:30:57.0531 3284 ini910u - ok
07:30:57.0765 3284 [ DD476200776D9BD8B693AD733D33CDFD ] IntelC51 C:\WINNT\system32\DRIVERS\IntelC51.sys
07:30:57.0984 3284 IntelC51 - ok
07:30:58.0109 3284 [ 633CE6C73ADD83B2CBD3D121978D74C4 ] IntelC52 C:\WINNT\system32\DRIVERS\IntelC52.sys
07:30:58.0203 3284 IntelC52 - ok
07:30:58.0234 3284 [ DDC319760DFC9F898682599F4AE025EA ] IntelC53 C:\WINNT\system32\DRIVERS\IntelC53.sys
07:30:58.0312 3284 IntelC53 - ok
07:30:58.0375 3284 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINNT\system32\DRIVERS\intelide.sys
07:30:58.0687 3284 IntelIde - ok
07:30:58.0750 3284 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINNT\system32\DRIVERS\intelppm.sys
07:30:59.0000 3284 intelppm - ok
07:30:59.0343 3284 [ 1A0A8D69CF1486F7B722F4779E7A314E ] ioloSystemService C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
07:30:59.0921 3284 ioloSystemService - ok
07:30:59.0953 3284 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINNT\system32\drivers\ip6fw.sys
07:31:04.0703 3284 ip6fw - ok
07:31:04.0828 3284 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINNT\system32\DRIVERS\ipfltdrv.sys
07:31:05.0046 3284 IpFilterDriver - ok
07:31:05.0140 3284 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINNT\system32\DRIVERS\ipinip.sys
07:31:05.0359 3284 IpInIp - ok
07:31:05.0484 3284 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINNT\system32\DRIVERS\ipnat.sys
07:31:05.0687 3284 IpNat - ok
07:31:06.0218 3284 [ 1E6F080D5EDB4C3B4C4EB787A0848DCC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:31:06.0281 3284 iPod Service - ok
07:31:06.0390 3284 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINNT\system32\DRIVERS\ipsec.sys
07:31:06.0578 3284 IPSec - ok
07:31:06.0703 3284 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINNT\system32\DRIVERS\irenum.sys
07:31:06.0828 3284 IRENUM - ok
07:31:06.0875 3284 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINNT\system32\DRIVERS\isapnp.sys
07:31:07.0078 3284 isapnp - ok
07:31:07.0468 3284 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:31:07.0796 3284 JavaQuickStarterService - ok
07:31:07.0828 3284 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINNT\system32\DRIVERS\kbdclass.sys
07:31:08.0015 3284 Kbdclass - ok
07:31:08.0062 3284 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINNT\system32\DRIVERS\kbdhid.sys
07:31:08.0312 3284 kbdhid - ok
07:31:08.0468 3284 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINNT\system32\drivers\kmixer.sys
07:31:08.0703 3284 kmixer - ok
07:31:08.0781 3284 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINNT\system32\drivers\KSecDD.sys
07:31:09.0015 3284 KSecDD - ok
07:31:09.0062 3284 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINNT\System32\srvsvc.dll
07:31:09.0171 3284 lanmanserver - ok
07:31:09.0234 3284 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINNT\System32\wkssvc.dll
07:31:09.0312 3284 lanmanworkstation - ok
07:31:09.0328 3284 lbrtfdc - ok
07:31:09.0421 3284 [ 975B6CF65F44E95883F3855BAE8CECAF ] lirsgt C:\WINNT\system32\DRIVERS\lirsgt.sys
07:31:09.0437 3284 lirsgt ( UnsignedFile.Multi.Generic ) - warning
07:31:09.0437 3284 lirsgt - detected UnsignedFile.Multi.Generic (1)
07:31:09.0515 3284 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINNT\System32\lmhsvc.dll
07:31:09.0750 3284 LmHosts - ok
07:31:09.0812 3284 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINNT\System32\msgsvc.dll
07:31:10.0062 3284 Messenger - ok
07:31:10.0109 3284 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINNT\system32\drivers\mnmdd.sys
07:31:10.0328 3284 mnmdd - ok
07:31:10.0359 3284 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINNT\System32\mnmsrvc.exe
07:31:10.0593 3284 mnmsrvc - ok
07:31:10.0656 3284 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINNT\system32\drivers\Modem.sys
07:31:10.0906 3284 Modem - ok
07:31:10.0937 3284 [ B23378126AF4E02DC691E9F5880F2ACD ] mohfilt C:\WINNT\system32\DRIVERS\mohfilt.sys
07:31:10.0968 3284 mohfilt - ok
07:31:11.0000 3284 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINNT\system32\DRIVERS\mouclass.sys
07:31:11.0250 3284 Mouclass - ok
07:31:11.0296 3284 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINNT\system32\DRIVERS\mouhid.sys
07:31:11.0562 3284 mouhid - ok
07:31:11.0593 3284 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINNT\system32\drivers\MountMgr.sys
07:31:11.0875 3284 MountMgr - ok
07:31:11.0906 3284 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:31:11.0953 3284 MozillaMaintenance - ok
07:31:12.0031 3284 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINNT\system32\DRIVERS\MpFilter.sys
07:31:12.0078 3284 MpFilter - ok
07:31:12.0281 3284 [ A69630D039C38018689190234F866D77 ] MpKsl66edf96e c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DD278E0-A9F4-413D-AD6A-0E8B136DA920}\MpKsl66edf96e.sys
07:31:12.0312 3284 MpKsl66edf96e - ok
07:31:12.0328 3284 mraid35x - ok
07:31:12.0406 3284 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
07:31:12.0500 3284 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
07:31:12.0500 3284 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
07:31:12.0578 3284 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINNT\system32\DRIVERS\mrxdav.sys
07:31:12.0812 3284 MRxDAV - ok
07:31:12.0953 3284 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINNT\system32\DRIVERS\mrxsmb.sys
07:31:13.0093 3284 MRxSmb - ok
07:31:13.0156 3284 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINNT\System32\msdtc.exe
07:31:13.0359 3284 MSDTC - ok
07:31:13.0406 3284 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINNT\system32\drivers\Msfs.sys
07:31:13.0593 3284 Msfs - ok
07:31:13.0609 3284 MSIServer - ok
07:31:13.0671 3284 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINNT\system32\drivers\MSKSSRV.sys
07:31:13.0875 3284 MSKSSRV - ok
07:31:14.0625 3284 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:31:14.0671 3284 MsMpSvc - ok
07:31:14.0734 3284 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINNT\system32\drivers\MSPCLOCK.sys
07:31:14.0937 3284 MSPCLOCK - ok
07:31:15.0250 3284 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINNT\system32\drivers\MSPQM.sys
07:31:15.0437 3284 MSPQM - ok
07:31:15.0546 3284 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINNT\system32\DRIVERS\mssmbios.sys
07:31:15.0765 3284 mssmbios - ok
07:31:15.0828 3284 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINNT\system32\drivers\Mup.sys
07:31:15.0921 3284 Mup - ok
07:31:15.0984 3284 [ C6EEE2261681396E36F3D8A003582C9E ] MxlW2k C:\WINNT\system32\drivers\MxlW2k.sys
07:31:16.0109 3284 MxlW2k ( UnsignedFile.Multi.Generic ) - warning
07:31:16.0109 3284 MxlW2k - detected UnsignedFile.Multi.Generic (1)
07:31:16.0375 3284 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINNT\System32\qagentrt.dll
07:31:16.0843 3284 napagent - ok
07:31:17.0250 3284 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINNT\system32\drivers\NDIS.sys
07:31:17.0468 3284 NDIS - ok
07:31:17.0796 3284 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINNT\system32\DRIVERS\ndistapi.sys
07:31:17.0968 3284 NdisTapi - ok
07:31:18.0000 3284 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINNT\system32\DRIVERS\ndisuio.sys
07:31:18.0171 3284 Ndisuio - ok
07:31:18.0437 3284 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINNT\system32\DRIVERS\ndiswan.sys
07:31:18.0625 3284 NdisWan - ok
07:31:18.0750 3284 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINNT\system32\drivers\NDProxy.sys
07:31:18.0890 3284 NDProxy - ok
07:31:19.0421 3284 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINNT\system32\DRIVERS\netbios.sys
07:31:19.0593 3284 NetBIOS - ok
07:31:20.0171 3284 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINNT\system32\DRIVERS\netbt.sys
07:31:20.0343 3284 NetBT - ok
07:31:20.0406 3284 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINNT\system32\netdde.exe
07:31:20.0640 3284 NetDDE - ok
07:31:20.0687 3284 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINNT\system32\netdde.exe
07:31:20.0843 3284 NetDDEdsdm - ok
07:31:20.0906 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINNT\system32\lsass.exe
07:31:21.0109 3284 Netlogon - ok
07:31:21.0218 3284 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINNT\System32\netman.dll
07:31:21.0484 3284 Netman - ok
07:31:21.0531 3284 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINNT\system32\DRIVERS\nic1394.sys
07:31:21.0765 3284 NIC1394 - ok
07:31:21.0812 3284 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINNT\System32\mswsock.dll
07:31:21.0890 3284 Nla - ok
07:31:21.0921 3284 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINNT\system32\drivers\Npfs.sys
07:31:22.0156 3284 Npfs - ok
07:31:22.0234 3284 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINNT\system32\drivers\Ntfs.sys
07:31:22.0562 3284 Ntfs - ok
07:31:22.0593 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINNT\System32\lsass.exe
07:31:22.0796 3284 NtLmSsp - ok
07:31:22.0875 3284 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINNT\system32\ntmssvc.dll
07:31:23.0140 3284 NtmsSvc - ok
07:31:23.0171 3284 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINNT\system32\drivers\Null.sys
07:31:23.0406 3284 Null - ok
07:31:24.0843 3284 [ 9F4384AA43548DDD438F7B7825D11699 ] nv C:\WINNT\system32\DRIVERS\nv4_mini.sys
07:31:30.0750 3284 nv - ok
07:31:31.0109 3284 [ 0C41C4ACFE00D826DB479C40C1D9EDC8 ] NVSvc C:\WINNT\system32\nvsvc32.exe
07:31:31.0140 3284 NVSvc - ok
07:31:31.0296 3284 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINNT\system32\DRIVERS\nwlnkflt.sys
07:31:31.0546 3284 NwlnkFlt - ok
07:31:31.0656 3284 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
07:31:32.0281 3284 NwlnkFwd - ok
07:31:32.0359 3284 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINNT\system32\DRIVERS\ohci1394.sys
07:31:32.0578 3284 ohci1394 - ok
07:31:32.0703 3284 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:31:32.0765 3284 ose - ok
07:31:33.0421 3284 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:31:34.0859 3284 osppsvc - ok
07:31:35.0062 3284 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINNT\system32\DRIVERS\parport.sys
07:31:35.0312 3284 Parport - ok
07:31:35.0390 3284 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINNT\system32\drivers\PartMgr.sys
07:31:35.0906 3284 PartMgr - ok
07:31:35.0953 3284 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINNT\system32\drivers\ParVdm.sys
07:31:36.0875 3284 ParVdm - ok
07:31:36.0921 3284 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINNT\system32\DRIVERS\pci.sys
07:31:37.0671 3284 PCI - ok
07:31:37.0687 3284 PCIDump - ok
07:31:37.0734 3284 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINNT\system32\DRIVERS\pciide.sys
07:31:38.0093 3284 PCIIde - ok
07:31:38.0140 3284 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINNT\system32\drivers\Pcmcia.sys
07:31:38.0812 3284 Pcmcia - ok
07:31:38.0843 3284 PDCOMP - ok
07:31:38.0859 3284 PDFRAME - ok
07:31:38.0890 3284 PDRELI - ok
07:31:38.0921 3284 PDRFRAME - ok
07:31:38.0937 3284 perc2 - ok
07:31:38.0968 3284 perc2hib - ok
07:31:39.0078 3284 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINNT\system32\services.exe
07:31:39.0406 3284 PlugPlay - ok
07:31:39.0453 3284 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINNT\system32\HPZipm12.exe
07:31:39.0640 3284 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:31:39.0640 3284 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:31:39.0687 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINNT\system32\lsass.exe
07:31:40.0296 3284 PolicyAgent - ok
07:31:40.0343 3284 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINNT\system32\DRIVERS\raspptp.sys
07:31:41.0015 3284 PptpMiniport - ok
07:31:41.0046 3284 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINNT\system32\DRIVERS\processr.sys
07:31:41.0531 3284 Processor - ok
07:31:41.0578 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINNT\system32\lsass.exe
07:31:42.0140 3284 ProtectedStorage - ok
07:31:42.0171 3284 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINNT\system32\DRIVERS\psched.sys
07:31:42.0640 3284 PSched - ok
07:31:42.0703 3284 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINNT\system32\DRIVERS\ptilink.sys
07:31:42.0953 3284 Ptilink - ok
07:31:42.0968 3284 ql1080 - ok
07:31:43.0000 3284 Ql10wnt - ok
07:31:43.0015 3284 ql12160 - ok
07:31:43.0046 3284 ql1240 - ok
07:31:43.0078 3284 ql1280 - ok
07:31:43.0125 3284 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINNT\system32\DRIVERS\rasacd.sys
07:31:44.0203 3284 RasAcd - ok
07:31:44.0250 3284 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINNT\System32\rasauto.dll
07:31:44.0875 3284 RasAuto - ok
07:31:44.0906 3284 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINNT\system32\DRIVERS\rasl2tp.sys
07:31:45.0171 3284 Rasl2tp - ok
07:31:45.0218 3284 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINNT\System32\rasmans.dll
07:31:45.0453 3284 RasMan - ok
07:31:45.0500 3284 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINNT\system32\DRIVERS\raspppoe.sys
07:31:45.0968 3284 RasPppoe - ok
07:31:46.0000 3284 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINNT\system32\DRIVERS\raspti.sys
07:31:46.0593 3284 Raspti - ok
07:31:46.0703 3284 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINNT\system32\DRIVERS\rdbss.sys
07:31:47.0015 3284 Rdbss - ok
07:31:47.0031 3284 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINNT\system32\DRIVERS\RDPCDD.sys
07:31:47.0406 3284 RDPCDD - ok
07:31:47.0484 3284 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINNT\system32\drivers\RDPWD.sys
07:31:47.0671 3284 RDPWD - ok
07:31:47.0734 3284 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINNT\system32\sessmgr.exe
07:31:48.0328 3284 RDSessMgr - ok
07:31:48.0375 3284 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINNT\system32\DRIVERS\redbook.sys
07:31:48.0828 3284 redbook - ok
07:31:48.0875 3284 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINNT\System32\mprdim.dll
07:31:49.0531 3284 RemoteAccess - ok
07:31:49.0578 3284 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINNT\System32\locator.exe
07:31:50.0687 3284 RpcLocator - ok
07:31:50.0750 3284 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINNT\System32\rpcss.dll
07:31:50.0859 3284 RpcSs - ok
07:31:50.0937 3284 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINNT\System32\rsvp.exe
07:31:51.0156 3284 RSVP - ok
07:31:51.0296 3284 [ 918CC067FFF88A3C063A79952B82C1C7 ] RT2500USB C:\WINNT\system32\DRIVERS\rt2500usb.sys
07:31:51.0453 3284 RT2500USB - ok
07:31:51.0500 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINNT\system32\lsass.exe
07:31:51.0812 3284 SamSs - ok
07:31:51.0843 3284 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINNT\System32\SCardSvr.exe
07:31:52.0218 3284 SCardSvr - ok
07:31:52.0359 3284 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINNT\system32\schedsvc.dll
07:31:54.0234 3284 Schedule - ok
07:31:54.0859 3284 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINNT\system32\DRIVERS\secdrv.sys
07:31:54.0984 3284 Secdrv - ok
07:31:55.0140 3284 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINNT\System32\seclogon.dll
07:31:55.0562 3284 seclogon - ok
07:31:55.0640 3284 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINNT\system32\sens.dll
07:31:59.0812 3284 SENS - ok
07:31:59.0890 3284 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINNT\system32\DRIVERS\serenum.sys
07:32:00.0843 3284 serenum - ok
07:32:00.0890 3284 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINNT\system32\DRIVERS\serial.sys
07:32:01.0171 3284 Serial - ok
07:32:01.0218 3284 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINNT\system32\drivers\Sfloppy.sys
07:32:01.0500 3284 Sfloppy - ok
07:32:01.0562 3284 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINNT\System32\ipnathlp.dll
07:32:01.0921 3284 SharedAccess - ok
07:32:01.0953 3284 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINNT\System32\shsvcs.dll
07:32:02.0000 3284 ShellHWDetection - ok
07:32:02.0015 3284 Simbad - ok
07:32:02.0140 3284 [ EBA50C8F7EFD8178E8C4BDE6B74E744C ] smwdm C:\WINNT\system32\drivers\smwdm.sys
07:32:02.0312 3284 smwdm - ok
07:32:02.0312 3284 Sparrow - ok
07:32:02.0390 3284 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINNT\system32\drivers\splitter.sys
07:32:02.0640 3284 splitter - ok
07:32:02.0703 3284 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINNT\system32\spoolsv.exe
07:32:02.0812 3284 Spooler - ok
07:32:02.0906 3284 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINNT\system32\DRIVERS\sr.sys
07:32:03.0062 3284 sr - ok
07:32:03.0921 3284 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINNT\system32\srsvc.dll
07:32:04.0234 3284 srservice - ok
07:32:05.0125 3284 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINNT\system32\DRIVERS\srv.sys
07:32:05.0500 3284 Srv - ok
07:32:05.0593 3284 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINNT\System32\ssdpsrv.dll
07:32:05.0953 3284 SSDPSRV - ok
07:32:06.0078 3284 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINNT\system32\wiaservc.dll
07:32:06.0515 3284 stisvc - ok
07:32:06.0562 3284 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINNT\system32\DRIVERS\swenum.sys
07:32:06.0906 3284 swenum - ok
07:32:06.0937 3284 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINNT\system32\drivers\swmidi.sys
07:32:07.0203 3284 swmidi - ok
07:32:07.0218 3284 SwPrv - ok
07:32:07.0265 3284 symc810 - ok
07:32:07.0281 3284 symc8xx - ok
07:32:07.0296 3284 sym_hi - ok
07:32:07.0328 3284 sym_u3 - ok
07:32:07.0375 3284 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINNT\system32\drivers\sysaudio.sys
07:32:08.0156 3284 sysaudio - ok
07:32:08.0218 3284 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINNT\system32\smlogsvc.exe
07:32:08.0515 3284 SysmonLog - ok
07:32:08.0625 3284 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINNT\System32\tapisrv.dll
07:32:09.0000 3284 TapiSrv - ok
07:32:09.0062 3284 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINNT\system32\DRIVERS\tcpip.sys
07:32:09.0312 3284 Tcpip - ok
07:32:09.0390 3284 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINNT\system32\drivers\TDPIPE.sys
07:32:09.0781 3284 TDPIPE - ok
07:32:09.0796 3284 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINNT\system32\drivers\TDTCP.sys
07:32:10.0140 3284 TDTCP - ok
07:32:10.0171 3284 [ 88155247177638048422893737429D9E ] TermDD C:\WINNT\system32\DRIVERS\termdd.sys
07:32:10.0500 3284 TermDD - ok
07:32:10.0640 3284 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINNT\System32\termsrv.dll
07:32:10.0921 3284 TermService - ok
07:32:11.0156 3284 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINNT\System32\shsvcs.dll
07:32:11.0218 3284 Themes - ok
07:32:11.0234 3284 TosIde - ok
07:32:11.0359 3284 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINNT\system32\trkwks.dll
07:32:11.0562 3284 TrkWks - ok
07:32:11.0640 3284 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINNT\system32\drivers\TrueSight.sys
07:32:11.0937 3284 TrueSight ( UnsignedFile.Multi.Generic ) - warning
07:32:11.0937 3284 TrueSight - detected UnsignedFile.Multi.Generic (1)
07:32:11.0984 3284 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINNT\system32\drivers\Udfs.sys
07:32:12.0250 3284 Udfs - ok
07:32:12.0281 3284 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINNT\system32\DRIVERS\ultra.sys
07:32:12.0500 3284 ultra - ok
07:32:12.0609 3284 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINNT\system32\DRIVERS\update.sys
07:32:13.0140 3284 Update - ok
07:32:13.0203 3284 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINNT\System32\upnphost.dll
07:32:13.0421 3284 upnphost - ok
07:32:13.0437 3284 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINNT\System32\ups.exe
07:32:13.0750 3284 UPS - ok
07:32:13.0796 3284 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINNT\system32\DRIVERS\usbccgp.sys
07:32:14.0203 3284 usbccgp - ok
07:32:14.0218 3284 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINNT\system32\DRIVERS\usbehci.sys
07:32:14.0640 3284 usbehci - ok
07:32:14.0703 3284 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINNT\system32\DRIVERS\usbhub.sys
07:32:15.0062 3284 usbhub - ok
07:32:15.0109 3284 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINNT\system32\DRIVERS\usbprint.sys
07:32:15.0390 3284 usbprint - ok
07:32:15.0453 3284 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINNT\system32\DRIVERS\usbscan.sys
07:32:15.0703 3284 usbscan - ok
07:32:15.0750 3284 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINNT\system32\DRIVERS\USBSTOR.SYS
07:32:16.0031 3284 USBSTOR - ok
07:32:16.0078 3284 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINNT\system32\DRIVERS\usbuhci.sys
07:32:17.0343 3284 usbuhci - ok
07:32:17.0421 3284 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINNT\System32\drivers\vga.sys
07:32:17.0734 3284 VgaSave - ok
07:32:17.0765 3284 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINNT\system32\DRIVERS\viaide.sys
07:32:18.0015 3284 ViaIde - ok
07:32:18.0046 3284 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINNT\system32\drivers\VolSnap.sys
07:32:18.0296 3284 VolSnap - ok
07:32:18.0359 3284 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINNT\System32\vssvc.exe
07:32:18.0562 3284 VSS - ok
07:32:18.0609 3284 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINNT\system32\w32time.dll
07:32:18.0875 3284 W32Time - ok
07:32:18.0937 3284 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINNT\system32\DRIVERS\wanarp.sys
07:32:19.0187 3284 Wanarp - ok
07:32:19.0250 3284 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINNT\system32\DRIVERS\wanatw4.sys
07:32:19.0421 3284 wanatw - ok
07:32:19.0453 3284 [ 909F2DC0DA7F57D229A05EE90647B2C3 ] WANMiniportService C:\WINNT\wanmpsvc.exe
07:32:23.0187 3284 WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
07:32:23.0187 3284 WANMiniportService - detected UnsignedFile.Multi.Generic (1)
07:32:23.0203 3284 WDICA - ok
07:32:23.0234 3284 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINNT\system32\drivers\wdmaud.sys
07:32:23.0500 3284 wdmaud - ok
07:32:23.0531 3284 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINNT\System32\webclnt.dll
07:32:23.0859 3284 WebClient - ok
07:32:23.0953 3284 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINNT\system32\wbem\WMIsvc.dll
07:32:24.0171 3284 winmgmt - ok
07:32:24.0250 3284 [ BC3ECBCB40147BDAE3AD2FD0B4B346D8 ] WmBEnum C:\WINNT\system32\drivers\WmBEnum.sys
07:32:24.0343 3284 WmBEnum - ok
07:32:24.0437 3284 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINNT\system32\mspmsnsv.dll
07:32:24.0750 3284 WmdmPmSN - ok
07:32:24.0796 3284 [ 19F9881D8B3484FEDB605D0216876898 ] WmFilter C:\WINNT\system32\drivers\WmFilter.sys
07:32:24.0921 3284 WmFilter - ok
07:32:25.0000 3284 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINNT\System32\wbem\wmiapsrv.exe
07:32:25.0296 3284 WmiApSrv - ok
07:32:25.0343 3284 [ 7A51545A6409A25EEDBDBD97D019E8CC ] WmVirHid C:\WINNT\system32\drivers\WmVirHid.sys
07:32:25.0453 3284 WmVirHid - ok
07:32:25.0500 3284 [ 1F083B3BC73017E60C3CA85CF4A70753 ] WmXlCore C:\WINNT\system32\drivers\WmXlCore.sys
07:32:25.0546 3284 WmXlCore - ok
07:32:25.0578 3284 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINNT\System32\drivers\ws2ifsl.sys
07:32:25.0906 3284 WS2IFSL - ok
07:32:25.0953 3284 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINNT\system32\wscsvc.dll
07:32:26.0125 3284 wscsvc - ok
07:32:26.0187 3284 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINNT\system32\wuauserv.dll
07:32:26.0656 3284 wuauserv - ok
07:32:26.0750 3284 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINNT\System32\wzcsvc.dll
07:32:27.0062 3284 WZCSVC - ok
07:32:27.0187 3284 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINNT\System32\xmlprov.dll
07:32:27.0546 3284 xmlprov - ok
07:32:27.0671 3284 [ E6C22D34BAEF5196E1B23A4492C275B7 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINNT\system32\drivers\ialmsbw.sys
07:32:27.0812 3284 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
07:32:27.0890 3284 [ 6E53BD96B0EBAD721CDD6320DBFC3F5F ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINNT\system32\drivers\ialmkchw.sys
07:32:27.0984 3284 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
07:32:28.0000 3284 ================ Scan global ===============================
07:32:28.0031 3284 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINNT\system32\basesrv.dll
07:32:28.0109 3284 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINNT\system32\winsrv.dll
07:32:28.0203 3284 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINNT\system32\winsrv.dll
07:32:28.0234 3284 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINNT\system32\services.exe
07:32:28.0234 3284 [Global] - ok
07:32:28.0234 3284 ================ Scan MBR ==================================
07:32:28.0296 3284 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
07:32:30.0453 3284 \Device\Harddisk0\DR0 - ok
07:32:30.0468 3284 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk5\DR10
07:32:30.0656 3284 \Device\Harddisk5\DR10 - ok
07:32:30.0656 3284 ================ Scan VBR ==================================
07:32:30.0671 3284 [ D32C8C556711F1AF10DE3552FF84B144 ] \Device\Harddisk0\DR0\Partition1
07:32:30.0828 3284 \Device\Harddisk0\DR0\Partition1 - ok
07:32:30.0843 3284 [ 1206C58D53A6A003595586FD330D8E51 ] \Device\Harddisk5\DR10\Partition1
07:32:30.0843 3284 \Device\Harddisk5\DR10\Partition1 - ok
07:32:30.0843 3284 ================ Scan active images ========================
07:32:30.0859 3284 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINNT\system32\drivers\nic1394.sys
07:32:30.0859 3284 C:\WINNT\system32\drivers\nic1394.sys - ok
07:32:30.0890 3284 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINNT\system32\drivers\intelppm.sys
07:32:30.0890 3284 C:\WINNT\system32\drivers\intelppm.sys - ok
07:32:30.0906 3284 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINNT\system32\drivers\usbport.sys
07:32:30.0906 3284 C:\WINNT\system32\drivers\usbport.sys - ok
07:32:30.0937 3284 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINNT\system32\drivers\usbuhci.sys
07:32:30.0937 3284 C:\WINNT\system32\drivers\usbuhci.sys - ok
07:32:30.0953 3284 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINNT\system32\drivers\usbehci.sys
07:32:30.0953 3284 C:\WINNT\system32\drivers\usbehci.sys - ok
07:32:30.0984 3284 [ E28726B72C46821A28830E077D39A55B ] C:\WINNT\system32\drivers\videoprt.sys
07:32:30.0984 3284 C:\WINNT\system32\drivers\videoprt.sys - ok
07:32:31.0000 3284 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] C:\WINNT\system32\drivers\ati2mtag.sys
07:32:31.0000 3284 C:\WINNT\system32\drivers\ati2mtag.sys - ok
07:32:31.0046 3284 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINNT\system32\drivers\ks.sys
07:32:31.0046 3284 C:\WINNT\system32\drivers\ks.sys - ok
07:32:31.0062 3284 [ DDC319760DFC9F898682599F4AE025EA ] C:\WINNT\system32\drivers\IntelC53.sys
07:32:31.0062 3284 C:\WINNT\system32\drivers\IntelC53.sys - ok
07:32:31.0078 3284 [ DD476200776D9BD8B693AD733D33CDFD ] C:\WINNT\system32\drivers\IntelC51.sys
07:32:31.0078 3284 C:\WINNT\system32\drivers\IntelC51.sys - ok
07:32:31.0109 3284 [ 98B46B331404A951CABAD8B4877E1276 ] C:\WINNT\system32\drivers\e100b325.sys
07:32:31.0109 3284 C:\WINNT\system32\drivers\e100b325.sys - ok
07:32:31.0125 3284 [ 633CE6C73ADD83B2CBD3D121978D74C4 ] C:\WINNT\system32\drivers\IntelC52.sys
07:32:31.0125 3284 C:\WINNT\system32\drivers\IntelC52.sys - ok
07:32:31.0156 3284 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINNT\system32\drivers\modem.sys
07:32:31.0156 3284 C:\WINNT\system32\drivers\modem.sys - ok
07:32:31.0171 3284 [ B23378126AF4E02DC691E9F5880F2ACD ] C:\WINNT\system32\drivers\mohfilt.sys
07:32:31.0171 3284 C:\WINNT\system32\drivers\mohfilt.sys - ok
07:32:31.0203 3284 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINNT\system32\drivers\i8042prt.sys
07:32:31.0203 3284 C:\WINNT\system32\drivers\i8042prt.sys - ok
07:32:31.0218 3284 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINNT\system32\drivers\kbdclass.sys
07:32:31.0218 3284 C:\WINNT\system32\drivers\kbdclass.sys - ok
07:32:31.0234 3284 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINNT\system32\drivers\serenum.sys
07:32:31.0234 3284 C:\WINNT\system32\drivers\serenum.sys - ok
07:32:31.0265 3284 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINNT\system32\drivers\serial.sys
07:32:31.0265 3284 C:\WINNT\system32\drivers\serial.sys - ok
07:32:31.0296 3284 [ 8B68B071B2BFB89C71508D588049AC74 ] C:\WINNT\system32\drivers\cdr4_xp.sys
07:32:31.0296 3284 C:\WINNT\system32\drivers\cdr4_xp.sys - ok
07:32:31.0312 3284 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINNT\system32\drivers\imapi.sys
07:32:31.0312 3284 C:\WINNT\system32\drivers\imapi.sys - ok
07:32:31.0343 3284 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINNT\system32\drivers\parport.sys
07:32:31.0343 3284 C:\WINNT\system32\drivers\parport.sys - ok
07:32:31.0359 3284 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINNT\system32\drivers\cdrom.sys
07:32:31.0359 3284 C:\WINNT\system32\drivers\cdrom.sys - ok
07:32:31.0390 3284 [ C6EEE2261681396E36F3D8A003582C9E ] C:\WINNT\system32\drivers\MxlW2k.sys
07:32:31.0390 3284 C:\WINNT\system32\drivers\MxlW2k.sys - ok
07:32:31.0406 3284 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINNT\system32\drivers\redbook.sys
07:32:31.0406 3284 C:\WINNT\system32\drivers\redbook.sys - ok
07:32:31.0437 3284 [ A639398D54889DF9D5EED609849B2A4A ] C:\WINNT\system32\drivers\cdralw2k.sys
07:32:31.0437 3284 C:\WINNT\system32\drivers\cdralw2k.sys - ok
07:32:31.0453 3284 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINNT\system32\drivers\GEARAspiWDM.sys
07:32:31.0453 3284 C:\WINNT\system32\drivers\GEARAspiWDM.sys - ok
07:32:31.0468 3284 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINNT\system32\drivers\drmk.sys
07:32:31.0468 3284 C:\WINNT\system32\drivers\drmk.sys - ok
07:32:31.0500 3284 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINNT\system32\drivers\portcls.sys
07:32:31.0500 3284 C:\WINNT\system32\drivers\portcls.sys - ok
07:32:31.0515 3284 [ EBA50C8F7EFD8178E8C4BDE6B74E744C ] C:\WINNT\system32\drivers\smwdm.sys
07:32:31.0515 3284 C:\WINNT\system32\drivers\smwdm.sys - ok
07:32:31.0546 3284 [ 11C04B17ED2ABBB4833694BCD644AC90 ] C:\WINNT\system32\drivers\aeaudio.sys
07:32:31.0546 3284 C:\WINNT\system32\drivers\aeaudio.sys - ok
07:32:31.0578 3284 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINNT\system32\drivers\audstub.sys
07:32:31.0578 3284 C:\WINNT\system32\drivers\audstub.sys - ok
07:32:31.0593 3284 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINNT\system32\drivers\rasl2tp.sys
07:32:31.0593 3284 C:\WINNT\system32\drivers\rasl2tp.sys - ok
07:32:31.0625 3284 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINNT\system32\drivers\ndistapi.sys
07:32:31.0625 3284 C:\WINNT\system32\drivers\ndistapi.sys - ok
07:32:31.0640 3284 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINNT\system32\drivers\ndiswan.sys
07:32:31.0640 3284 C:\WINNT\system32\drivers\ndiswan.sys - ok
07:32:31.0671 3284 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINNT\system32\drivers\raspppoe.sys
07:32:31.0671 3284 C:\WINNT\system32\drivers\raspppoe.sys - ok
07:32:31.0687 3284 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINNT\system32\drivers\tdi.sys
07:32:31.0703 3284 C:\WINNT\system32\drivers\tdi.sys - ok
07:32:31.0718 3284 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINNT\system32\drivers\raspptp.sys
07:32:31.0718 3284 C:\WINNT\system32\drivers\raspptp.sys - ok
07:32:31.0750 3284 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINNT\system32\drivers\psched.sys
07:32:31.0750 3284 C:\WINNT\system32\drivers\psched.sys - ok
07:32:31.0765 3284 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINNT\system32\drivers\msgpc.sys
07:32:31.0765 3284 C:\WINNT\system32\drivers\msgpc.sys - ok
07:32:31.0796 3284 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINNT\system32\drivers\ptilink.sys
07:32:31.0796 3284 C:\WINNT\system32\drivers\ptilink.sys - ok
07:32:31.0812 3284 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINNT\system32\drivers\raspti.sys
07:32:31.0812 3284 C:\WINNT\system32\drivers\raspti.sys - ok
07:32:31.0843 3284 [ 88155247177638048422893737429D9E ] C:\WINNT\system32\drivers\termdd.sys
07:32:31.0843 3284 C:\WINNT\system32\drivers\termdd.sys - ok
07:32:31.0859 3284 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] C:\WINNT\system32\drivers\wanatw4.sys
07:32:31.0859 3284 C:\WINNT\system32\drivers\wanatw4.sys - ok
07:32:31.0890 3284 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINNT\system32\drivers\mouclass.sys
07:32:31.0890 3284 C:\WINNT\system32\drivers\mouclass.sys - ok
07:32:31.0921 3284 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINNT\system32\drivers\swenum.sys
07:32:31.0921 3284 C:\WINNT\system32\drivers\swenum.sys - ok
07:32:31.0937 3284 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINNT\system32\drivers\update.sys
07:32:31.0937 3284 C:\WINNT\system32\drivers\update.sys - ok
07:32:31.0953 3284 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINNT\system32\drivers\mssmbios.sys
07:32:31.0953 3284 C:\WINNT\system32\drivers\mssmbios.sys - ok
07:32:31.0984 3284 [ BC3ECBCB40147BDAE3AD2FD0B4B346D8 ] C:\WINNT\system32\drivers\WmBEnum.sys
07:32:31.0984 3284 C:\WINNT\system32\drivers\WmBEnum.sys - ok
07:32:32.0000 3284 [ 1F083B3BC73017E60C3CA85CF4A70753 ] C:\WINNT\system32\drivers\WmXlCore.sys
07:32:32.0000 3284 C:\WINNT\system32\drivers\WmXlCore.sys - ok
07:32:32.0031 3284 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINNT\system32\drivers\ndproxy.sys
07:32:32.0031 3284 C:\WINNT\system32\drivers\ndproxy.sys - ok
07:32:32.0046 3284 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINNT\system32\drivers\usbd.sys
07:32:32.0046 3284 C:\WINNT\system32\drivers\usbd.sys - ok
07:32:32.0078 3284 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINNT\system32\drivers\usbhub.sys
07:32:32.0078 3284 C:\WINNT\system32\drivers\usbhub.sys - ok
07:32:32.0093 3284 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINNT\system32\drivers\sfloppy.sys
07:32:32.0093 3284 C:\WINNT\system32\drivers\sfloppy.sys - ok
07:32:32.0125 3284 [ C1B486A7658353D33A10CC15211A873B ] C:\WINNT\system32\drivers\cdaudio.sys
07:32:32.0125 3284 C:\WINNT\system32\drivers\cdaudio.sys - ok
07:32:32.0156 3284 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINNT\system32\drivers\fs_rec.sys
07:32:32.0156 3284 C:\WINNT\system32\drivers\fs_rec.sys - ok
07:32:32.0171 3284 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINNT\system32\drivers\beep.sys
07:32:32.0171 3284 C:\WINNT\system32\drivers\beep.sys - ok
07:32:32.0203 3284 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINNT\system32\drivers\hidparse.sys
07:32:32.0203 3284 C:\WINNT\system32\drivers\hidparse.sys - ok
07:32:32.0203 3284 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINNT\system32\drivers\kbdhid.sys
07:32:32.0203 3284 C:\WINNT\system32\drivers\kbdhid.sys - ok
07:32:32.0234 3284 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINNT\system32\drivers\null.sys
07:32:32.0234 3284 C:\WINNT\system32\drivers\null.sys - ok
07:32:32.0265 3284 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINNT\system32\drivers\vga.sys
07:32:32.0265 3284 C:\WINNT\system32\drivers\vga.sys - ok
07:32:32.0281 3284 [ 918CC067FFF88A3C063A79952B82C1C7 ] C:\WINNT\system32\drivers\rt2500usb.sys
07:32:32.0281 3284 C:\WINNT\system32\drivers\rt2500usb.sys - ok
07:32:32.0312 3284 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINNT\system32\drivers\mnmdd.sys
07:32:32.0312 3284 C:\WINNT\system32\drivers\mnmdd.sys - ok
07:32:32.0328 3284 [ 4912D5B403614CE99C28420F75353332 ] C:\WINNT\system32\drivers\rdpcdd.sys
07:32:32.0328 3284 C:\WINNT\system32\drivers\rdpcdd.sys - ok
07:32:32.0359 3284 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINNT\system32\drivers\usbstor.sys
07:32:32.0359 3284 C:\WINNT\system32\drivers\usbstor.sys - ok
07:32:32.0390 3284 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINNT\system32\drivers\msfs.sys
07:32:32.0390 3284 C:\WINNT\system32\drivers\msfs.sys - ok
07:32:32.0406 3284 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINNT\system32\drivers\npfs.sys
07:32:32.0406 3284 C:\WINNT\system32\drivers\npfs.sys - ok
07:32:32.0437 3284 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINNT\system32\drivers\rasacd.sys
07:32:32.0437 3284 C:\WINNT\system32\drivers\rasacd.sys - ok
07:32:32.0453 3284 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINNT\system32\drivers\ipsec.sys
07:32:32.0453 3284 C:\WINNT\system32\drivers\ipsec.sys - ok
07:32:32.0468 3284 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINNT\system32\drivers\tcpip.sys
07:32:32.0468 3284 C:\WINNT\system32\drivers\tcpip.sys - ok
07:32:32.0500 3284 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINNT\system32\drivers\netbt.sys
07:32:32.0500 3284 C:\WINNT\system32\drivers\netbt.sys - ok
07:32:32.0515 3284 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINNT\system32\drivers\ipnat.sys
07:32:32.0515 3284 C:\WINNT\system32\drivers\ipnat.sys - ok
07:32:32.0546 3284 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINNT\system32\drivers\wanarp.sys
07:32:32.0546 3284 C:\WINNT\system32\drivers\wanarp.sys - ok
07:32:32.0562 3284 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINNT\system32\drivers\afd.sys
07:32:32.0562 3284 C:\WINNT\system32\drivers\afd.sys - ok
07:32:32.0593 3284 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINNT\system32\drivers\ws2ifsl.sys
07:32:32.0593 3284 C:\WINNT\system32\drivers\ws2ifsl.sys - ok
07:32:32.0609 3284 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINNT\system32\drivers\arp1394.sys
07:32:32.0609 3284 C:\WINNT\system32\drivers\arp1394.sys - ok
07:32:32.0640 3284 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINNT\system32\drivers\netbios.sys
07:32:32.0640 3284 C:\WINNT\system32\drivers\netbios.sys - ok
07:32:32.0671 3284 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINNT\system32\drivers\processr.sys
07:32:32.0671 3284 C:\WINNT\system32\drivers\processr.sys - ok
07:32:32.0687 3284 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINNT\system32\drivers\rdbss.sys
07:32:32.0687 3284 C:\WINNT\system32\drivers\rdbss.sys - ok
07:32:32.0703 3284 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINNT\system32\drivers\usbccgp.sys
07:32:32.0703 3284 C:\WINNT\system32\drivers\usbccgp.sys - ok
07:32:32.0734 3284 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINNT\system32\drivers\mrxsmb.sys
07:32:32.0734 3284 C:\WINNT\system32\drivers\mrxsmb.sys - ok
07:32:32.0750 3284 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINNT\system32\drivers\fips.sys
07:32:32.0750 3284 C:\WINNT\system32\drivers\fips.sys - ok
07:32:32.0781 3284 [ 1AF592532532A402ED7C060F6954004F ] C:\WINNT\system32\drivers\hidclass.sys
07:32:32.0781 3284 C:\WINNT\system32\drivers\hidclass.sys - ok
07:32:32.0796 3284 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINNT\system32\drivers\hidusb.sys
07:32:32.0796 3284 C:\WINNT\system32\drivers\hidusb.sys - ok
07:32:32.0828 3284 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINNT\system32\ntdll.dll
07:32:32.0828 3284 C:\WINNT\system32\ntdll.dll - ok
07:32:32.0859 3284 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINNT\system32\smss.exe
07:32:32.0859 3284 C:\WINNT\system32\smss.exe - ok
07:32:32.0890 3284 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINNT\system32\drivers\mouhid.sys
07:32:32.0890 3284 C:\WINNT\system32\drivers\mouhid.sys - ok
07:32:32.0906 3284 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINNT\system32\autochk.exe
07:32:32.0906 3284 C:\WINNT\system32\autochk.exe - ok
07:32:32.0937 3284 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINNT\system32\sfcfiles.dll
07:32:32.0937 3284 C:\WINNT\system32\sfcfiles.dll - ok
07:32:32.0953 3284 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINNT\system32\drivers\cdfs.sys
07:32:32.0953 3284 C:\WINNT\system32\drivers\cdfs.sys - ok
07:32:32.0968 3284 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINNT\system32\drivers\wmilib.sys
07:32:32.0968 3284 C:\WINNT\system32\drivers\wmilib.sys - ok
07:32:32.0984 3284 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINNT\system32\drivers\atapi.sys
07:32:32.0984 3284 C:\WINNT\system32\drivers\atapi.sys - ok
07:32:33.0015 3284 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINNT\system32\drivers\dxapi.sys
07:32:33.0015 3284 C:\WINNT\system32\drivers\dxapi.sys - ok
07:32:33.0046 3284 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINNT\system32\watchdog.sys
07:32:33.0046 3284 C:\WINNT\system32\watchdog.sys - ok
07:32:33.0062 3284 [ 9A5E4D7820FF9A55B4639B32420B10EC ] C:\WINNT\system32\win32k.sys
07:32:33.0062 3284 C:\WINNT\system32\win32k.sys - ok
07:32:33.0093 3284 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINNT\system32\basesrv.dll
07:32:33.0093 3284 C:\WINNT\system32\basesrv.dll - ok
07:32:33.0109 3284 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINNT\system32\csrsrv.dll
07:32:33.0109 3284 C:\WINNT\system32\csrsrv.dll - ok
07:32:33.0140 3284 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINNT\system32\csrss.exe
07:32:33.0140 3284 C:\WINNT\system32\csrss.exe - ok
07:32:33.0171 3284 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINNT\system32\winsrv.dll
07:32:33.0171 3284 C:\WINNT\system32\winsrv.dll - ok
07:32:33.0187 3284 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINNT\system32\gdi32.dll
07:32:33.0187 3284 C:\WINNT\system32\gdi32.dll - ok
07:32:33.0203 3284 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINNT\system32\kernel32.dll
07:32:33.0203 3284 C:\WINNT\system32\kernel32.dll - ok
07:32:33.0234 3284 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINNT\system32\user32.dll
07:32:33.0234 3284 C:\WINNT\system32\user32.dll - ok
07:32:33.0265 3284 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINNT\system32\drivers\dxg.sys
07:32:33.0265 3284 C:\WINNT\system32\drivers\dxg.sys - ok
07:32:33.0296 3284 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINNT\system32\drivers\dxgthk.sys
07:32:33.0296 3284 C:\WINNT\system32\drivers\dxgthk.sys - ok
07:32:33.0328 3284 [ CAF7CE583AD3A14E8623A80E4989A2C2 ] C:\WINNT\system32\ati2cqag.dll
07:32:33.0328 3284 C:\WINNT\system32\ati2cqag.dll - ok
07:32:33.0359 3284 [ EA3652E94B86B75B5B3FC7BB1C13F204 ] C:\WINNT\system32\ati2dvag.dll
07:32:33.0359 3284 C:\WINNT\system32\ati2dvag.dll - ok
07:32:33.0375 3284 [ C12E5ADB4ABD2BFC8B5584D8DAAC297D ] C:\WINNT\system32\atikvmag.dll
07:32:33.0375 3284 C:\WINNT\system32\atikvmag.dll - ok
07:32:33.0406 3284 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINNT\system32\vga.dll
07:32:33.0406 3284 C:\WINNT\system32\vga.dll - ok
07:32:33.0437 3284 [ 9CFF59C72CF6ECE9DA23EFEDBA28D478 ] C:\WINNT\system32\ati3duag.dll
07:32:33.0437 3284 C:\WINNT\system32\ati3duag.dll - ok
07:32:33.0453 3284 [ F6602109544500F92053CEA53ED225E5 ] C:\WINNT\system32\ativvaxx.dll
07:32:33.0453 3284 C:\WINNT\system32\ativvaxx.dll - ok
07:32:33.0484 3284 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINNT\system32\winlogon.exe
07:32:33.0484 3284 C:\WINNT\system32\winlogon.exe - ok
07:32:33.0515 3284 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINNT\system32\advapi32.dll
07:32:33.0515 3284 C:\WINNT\system32\advapi32.dll - ok
07:32:33.0546 3284 [ D4502F124289A31976130CCCB014C9AA ] C:\WINNT\system32\rpcrt4.dll
07:32:33.0546 3284 C:\WINNT\system32\rpcrt4.dll - ok
07:32:33.0562 3284 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINNT\system32\authz.dll
07:32:33.0562 3284 C:\WINNT\system32\authz.dll - ok
07:32:33.0593 3284 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINNT\system32\msvcrt.dll
07:32:33.0593 3284 C:\WINNT\system32\msvcrt.dll - ok
07:32:33.0640 3284 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINNT\system32\secur32.dll
07:32:33.0640 3284 C:\WINNT\system32\secur32.dll - ok
07:32:33.0671 3284 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINNT\system32\crypt32.dll
07:32:33.0671 3284 C:\WINNT\system32\crypt32.dll - ok
07:32:33.0703 3284 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINNT\system32\msasn1.dll
07:32:33.0703 3284 C:\WINNT\system32\msasn1.dll - ok
07:32:33.0734 3284 [ 013C1148C1EC025596896E093F60F608 ] C:\WINNT\system32\nddeapi.dll
07:32:33.0734 3284 C:\WINNT\system32\nddeapi.dll - ok
07:32:33.0750 3284 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINNT\system32\netapi32.dll
07:32:33.0750 3284 C:\WINNT\system32\netapi32.dll - ok
07:32:33.0812 3284 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINNT\system32\profmap.dll
07:32:33.0812 3284 C:\WINNT\system32\profmap.dll - ok
07:32:33.0875 3284 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINNT\system32\userenv.dll
07:32:33.0875 3284 C:\WINNT\system32\userenv.dll - ok
07:32:33.0906 3284 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINNT\system32\psapi.dll
07:32:33.0906 3284 C:\WINNT\system32\psapi.dll - ok
07:32:33.0921 3284 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINNT\system32\regapi.dll
07:32:33.0921 3284 C:\WINNT\system32\regapi.dll - ok
07:32:33.0953 3284 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINNT\system32\setupapi.dll
07:32:33.0953 3284 C:\WINNT\system32\setupapi.dll - ok
07:32:33.0968 3284 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINNT\system32\version.dll
07:32:33.0968 3284 C:\WINNT\system32\version.dll - ok
07:32:33.0984 3284 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINNT\system32\winsta.dll
07:32:33.0984 3284 C:\WINNT\system32\winsta.dll - ok
07:32:34.0015 3284 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINNT\system32\wintrust.dll
07:32:34.0015 3284 C:\WINNT\system32\wintrust.dll - ok
07:32:34.0031 3284 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINNT\system32\imagehlp.dll
07:32:34.0031 3284 C:\WINNT\system32\imagehlp.dll - ok
07:32:34.0062 3284 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINNT\system32\ws2_32.dll
07:32:34.0062 3284 C:\WINNT\system32\ws2_32.dll - ok
07:32:34.0093 3284 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINNT\system32\imm32.dll
07:32:34.0093 3284 C:\WINNT\system32\imm32.dll - ok
07:32:34.0109 3284 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINNT\system32\ws2help.dll
07:32:34.0109 3284 C:\WINNT\system32\ws2help.dll - ok
07:32:34.0125 3284 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINNT\system32\kbdus.dll
07:32:34.0125 3284 C:\WINNT\system32\kbdus.dll - ok
07:32:34.0156 3284 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINNT\system32\msgina.dll
07:32:34.0156 3284 C:\WINNT\system32\msgina.dll - ok
07:32:34.0203 3284 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINNT\system32\comctl32.dll
07:32:34.0203 3284 C:\WINNT\system32\comctl32.dll - ok
07:32:34.0218 3284 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINNT\system32\odbc32.dll
07:32:34.0218 3284 C:\WINNT\system32\odbc32.dll - ok
07:32:34.0250 3284 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINNT\system32\comdlg32.dll
07:32:34.0250 3284 C:\WINNT\system32\comdlg32.dll - ok
07:32:34.0265 3284 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINNT\system32\shell32.dll
07:32:34.0265 3284 C:\WINNT\system32\shell32.dll - ok
07:32:34.0281 3284 [ C448A248B743F5FB935C787A5D97268B ] C:\WINNT\system32\shlwapi.dll
07:32:34.0281 3284 C:\WINNT\system32\shlwapi.dll - ok
07:32:34.0312 3284 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINNT\system32\sxs.dll
07:32:34.0312 3284 C:\WINNT\system32\sxs.dll - ok
07:32:34.0343 3284 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
07:32:34.0343 3284 C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
07:32:34.0359 3284 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINNT\system32\odbcint.dll
07:32:34.0359 3284 C:\WINNT\system32\odbcint.dll - ok
07:32:34.0390 3284 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINNT\system32\shsvcs.dll
07:32:34.0390 3284 C:\WINNT\system32\shsvcs.dll - ok
07:32:34.0406 3284 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINNT\system32\sfc.dll
07:32:34.0406 3284 C:\WINNT\system32\sfc.dll - ok
07:32:34.0437 3284 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINNT\system32\ole32.dll
07:32:34.0437 3284 C:\WINNT\system32\ole32.dll - ok
07:32:34.0453 3284 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINNT\system32\sfc_os.dll
07:32:34.0468 3284 C:\WINNT\system32\sfc_os.dll - ok
07:32:34.0468 3284 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINNT\system32\apphelp.dll
07:32:34.0468 3284 C:\WINNT\system32\apphelp.dll - ok
07:32:34.0500 3284 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINNT\system32\lsass.exe
07:32:34.0500 3284 C:\WINNT\system32\lsass.exe - ok
07:32:34.0515 3284 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINNT\system32\services.exe
07:32:34.0515 3284 C:\WINNT\system32\services.exe - ok
07:32:34.0546 3284 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINNT\system32\lsasrv.dll
07:32:34.0546 3284 C:\WINNT\system32\lsasrv.dll - ok
07:32:34.0578 3284 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINNT\system32\ncobjapi.dll
07:32:34.0578 3284 C:\WINNT\system32\ncobjapi.dll - ok
07:32:34.0593 3284 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINNT\system32\msvcp60.dll
07:32:34.0593 3284 C:\WINNT\system32\msvcp60.dll - ok
07:32:34.0625 3284 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINNT\system32\scesrv.dll
07:32:34.0625 3284 C:\WINNT\system32\scesrv.dll - ok
07:32:34.0640 3284 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINNT\system32\mpr.dll
07:32:34.0640 3284 C:\WINNT\system32\mpr.dll - ok
07:32:34.0671 3284 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINNT\system32\ntdsapi.dll
07:32:34.0671 3284 C:\WINNT\system32\ntdsapi.dll - ok
07:32:34.0687 3284 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINNT\system32\umpnpmgr.dll
07:32:34.0687 3284 C:\WINNT\system32\umpnpmgr.dll - ok
07:32:34.0703 3284 [ 389496118B3B03C2328024AF320132AC ] C:\WINNT\system32\dnsapi.dll
07:32:34.0703 3284 C:\WINNT\system32\dnsapi.dll - ok
07:32:34.0734 3284 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINNT\system32\shimeng.dll
07:32:34.0734 3284 C:\WINNT\system32\shimeng.dll - ok
07:32:34.0750 3284 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINNT\system32\wldap32.dll
07:32:34.0750 3284 C:\WINNT\system32\wldap32.dll - ok
07:32:34.0781 3284 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINNT\AppPatch\acadproc.dll
07:32:34.0781 3284 C:\WINNT\AppPatch\acadproc.dll - ok
07:32:34.0812 3284 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINNT\system32\samlib.dll
07:32:34.0812 3284 C:\WINNT\system32\samlib.dll - ok
07:32:34.0828 3284 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINNT\system32\samsrv.dll
07:32:34.0828 3284 C:\WINNT\system32\samsrv.dll - ok
07:32:34.0859 3284 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINNT\system32\cryptdll.dll
07:32:34.0859 3284 C:\WINNT\system32\cryptdll.dll - ok
07:32:34.0875 3284 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINNT\AppPatch\acgenral.dll
07:32:34.0875 3284 C:\WINNT\AppPatch\acgenral.dll - ok
07:32:34.0906 3284 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINNT\system32\winmm.dll
07:32:34.0906 3284 C:\WINNT\system32\winmm.dll - ok
07:32:34.0921 3284 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINNT\system32\oleaut32.dll
07:32:34.0921 3284 C:\WINNT\system32\oleaut32.dll - ok
07:32:34.0953 3284 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINNT\system32\msacm32.dll
07:32:34.0953 3284 C:\WINNT\system32\msacm32.dll - ok
07:32:34.0968 3284 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINNT\system32\uxtheme.dll
07:32:34.0968 3284 C:\WINNT\system32\uxtheme.dll - ok
07:32:34.0984 3284 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINNT\system32\msapsspc.dll
07:32:34.0984 3284 C:\WINNT\system32\msapsspc.dll - ok
07:32:35.0015 3284 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINNT\system32\msvcrt40.dll
07:32:35.0015 3284 C:\WINNT\system32\msvcrt40.dll - ok
07:32:35.0031 3284 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINNT\system32\schannel.dll
07:32:35.0031 3284 C:\WINNT\system32\schannel.dll - ok
07:32:35.0062 3284 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINNT\system32\digest.dll
07:32:35.0062 3284 C:\WINNT\system32\digest.dll - ok
07:32:35.0093 3284 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINNT\system32\msnsspc.dll
07:32:35.0093 3284 C:\WINNT\system32\msnsspc.dll - ok
07:32:35.0109 3284 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINNT\system32\msctfime.ime
07:32:35.0109 3284 C:\WINNT\system32\msctfime.ime - ok
07:32:35.0156 3284 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINNT\system32\msprivs.dll
07:32:35.0156 3284 C:\WINNT\system32\msprivs.dll - ok
07:32:35.0156 3284 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINNT\system32\kerberos.dll
07:32:35.0156 3284 C:\WINNT\system32\kerberos.dll - ok
07:32:35.0187 3284 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINNT\system32\msv1_0.dll
07:32:35.0187 3284 C:\WINNT\system32\msv1_0.dll - ok
07:32:35.0203 3284 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINNT\system32\iphlpapi.dll
07:32:35.0203 3284 C:\WINNT\system32\iphlpapi.dll - ok
07:32:35.0218 3284 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINNT\system32\netlogon.dll
07:32:35.0218 3284 C:\WINNT\system32\netlogon.dll - ok
07:32:35.0250 3284 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINNT\system32\w32time.dll
07:32:35.0250 3284 C:\WINNT\system32\w32time.dll - ok
07:32:35.0265 3284 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINNT\system32\wdigest.dll
07:32:35.0265 3284 C:\WINNT\system32\wdigest.dll - ok
07:32:35.0296 3284 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINNT\system32\rsaenh.dll
07:32:35.0296 3284 C:\WINNT\system32\rsaenh.dll - ok
07:32:35.0328 3284 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINNT\system32\winscard.dll
07:32:35.0328 3284 C:\WINNT\system32\winscard.dll - ok
07:32:35.0343 3284 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINNT\system32\wtsapi32.dll
07:32:35.0343 3284 C:\WINNT\system32\wtsapi32.dll - ok
07:32:35.0375 3284 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINNT\system32\scecli.dll
07:32:35.0375 3284 C:\WINNT\system32\scecli.dll - ok
07:32:35.0390 3284 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] C:\WINNT\system32\ati2evxx.exe
07:32:35.0390 3284 C:\WINNT\system32\ati2evxx.exe - ok
07:32:35.0421 3284 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINNT\system32\svchost.exe
07:32:35.0421 3284 C:\WINNT\system32\svchost.exe - ok
07:32:35.0437 3284 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINNT\system32\ntmarta.dll
07:32:35.0437 3284 C:\WINNT\system32\ntmarta.dll - ok
07:32:35.0453 3284 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINNT\system32\rpcss.dll
07:32:35.0453 3284 C:\WINNT\system32\rpcss.dll - ok
07:32:35.0484 3284 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINNT\system32\xpsp2res.dll
07:32:35.0484 3284 C:\WINNT\system32\xpsp2res.dll - ok
07:32:35.0500 3284 [ 3B5286E4AE1B4A17F5FCCEC23C240F02 ] C:\WINNT\system32\ati2edxx.dll
07:32:35.0500 3284 C:\WINNT\system32\ati2edxx.dll - ok
07:32:35.0531 3284 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINNT\system32\eventlog.dll
07:32:35.0531 3284 C:\WINNT\system32\eventlog.dll - ok
07:32:35.0546 3284 [ 943337D786A56729263071623BBB9DE5 ] C:\WINNT\system32\mswsock.dll
07:32:35.0546 3284 C:\WINNT\system32\mswsock.dll - ok
07:32:35.0578 3284 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINNT\system32\hnetcfg.dll
07:32:35.0578 3284 C:\WINNT\system32\hnetcfg.dll - ok
07:32:35.0609 3284 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINNT\system32\wshtcpip.dll
07:32:35.0609 3284 C:\WINNT\system32\wshtcpip.dll - ok
07:32:35.0625 3284 [ 292F92469EFB2FD402E00742C06D539D ] C:\Program Files\Bonjour\mdnsNSP.dll
07:32:35.0625 3284 C:\Program Files\Bonjour\mdnsNSP.dll - ok
07:32:35.0656 3284 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINNT\system32\winrnr.dll
07:32:35.0656 3284 C:\WINNT\system32\winrnr.dll - ok
07:32:35.0671 3284 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINNT\system32\rasadhlp.dll
07:32:35.0671 3284 C:\WINNT\system32\rasadhlp.dll - ok
07:32:35.0703 3284 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
07:32:35.0703 3284 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
07:32:35.0718 3284 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
07:32:35.0718 3284 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
07:32:35.0734 3284 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
07:32:35.0734 3284 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
07:32:35.0765 3284 [ F927A4434C5028758A842943EF1A3849 ] C:\WINNT\system32\drivers\ndisuio.sys
07:32:35.0781 3284 C:\WINNT\system32\drivers\ndisuio.sys - ok
07:32:35.0796 3284 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINNT\system32\dhcpcsvc.dll
07:32:35.0796 3284 C:\WINNT\system32\dhcpcsvc.dll - ok
07:32:35.0812 3284 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINNT\system32\dnsrslvr.dll
07:32:35.0812 3284 C:\WINNT\system32\dnsrslvr.dll - ok
07:32:35.0843 3284 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
07:32:35.0843 3284 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
07:32:35.0875 3284 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINNT\system32\lmhsvc.dll
07:32:35.0875 3284 C:\WINNT\system32\lmhsvc.dll - ok
07:32:35.0890 3284 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINNT\system32\wzcsvc.dll
07:32:35.0890 3284 C:\WINNT\system32\wzcsvc.dll - ok
07:32:35.0906 3284 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINNT\system32\fltlib.dll
07:32:35.0906 3284 C:\WINNT\system32\fltlib.dll - ok
07:32:35.0937 3284 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINNT\system32\rtutils.dll
07:32:35.0937 3284 C:\WINNT\system32\rtutils.dll - ok
07:32:35.0953 3284 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DD278E0-A9F4-413D-AD6A-0E8B136DA920}\mpengine.dll
07:32:35.0953 3284 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DD278E0-A9F4-413D-AD6A-0E8B136DA920}\mpengine.dll - ok
07:32:35.0968 3284 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINNT\system32\eapolqec.dll
07:32:35.0968 3284 C:\WINNT\system32\eapolqec.dll - ok
07:32:36.0000 3284 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINNT\system32\wmi.dll
07:32:36.0000 3284 C:\WINNT\system32\wmi.dll - ok
07:32:36.0015 3284 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINNT\system32\atl.dll
07:32:36.0015 3284 C:\WINNT\system32\atl.dll - ok
07:32:36.0046 3284 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINNT\system32\qutil.dll
07:32:36.0046 3284 C:\WINNT\system32\qutil.dll - ok
07:32:36.0078 3284 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINNT\system32\dot3api.dll
07:32:36.0078 3284 C:\WINNT\system32\dot3api.dll - ok
07:32:36.0093 3284 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINNT\system32\esent.dll
07:32:36.0093 3284 C:\WINNT\system32\esent.dll - ok
07:32:36.0125 3284 [ F137A0CA70003DB20448D540651FA003 ] C:\WINNT\system32\clbcatq.dll
07:32:36.0125 3284 C:\WINNT\system32\clbcatq.dll - ok
07:32:36.0140 3284 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINNT\system32\comres.dll
07:32:36.0140 3284 C:\WINNT\system32\comres.dll - ok
07:32:36.0171 3284 [ B714735C12A70171DE28657948FD91F1 ] C:\WINNT\system32\mlang.dll
07:32:36.0171 3284 C:\WINNT\system32\mlang.dll - ok
07:32:36.0187 3284 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINNT\system32\rastls.dll
07:32:36.0187 3284 C:\WINNT\system32\rastls.dll - ok
07:32:36.0203 3284 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINNT\system32\cryptui.dll
07:32:36.0203 3284 C:\WINNT\system32\cryptui.dll - ok
07:32:36.0234 3284 [ FF1C14BCA1A797CE45DD359FA2C9EDA8 ] C:\WINNT\system32\wininet.dll
07:32:36.0234 3284 C:\WINNT\system32\wininet.dll - ok
07:32:36.0250 3284 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINNT\system32\normaliz.dll
07:32:36.0250 3284 C:\WINNT\system32\normaliz.dll - ok
07:32:36.0281 3284 [ 9371862D37E8F0AF21E4DEA95E867C39 ] C:\WINNT\system32\urlmon.dll
07:32:36.0281 3284 C:\WINNT\system32\urlmon.dll - ok
07:32:36.0296 3284 [ 0579CC3B95EDD1CE664A35E016F3DD58 ] C:\WINNT\system32\iertutil.dll
07:32:36.0296 3284 C:\WINNT\system32\iertutil.dll - ok
07:32:36.0328 3284 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINNT\system32\mprapi.dll
07:32:36.0328 3284 C:\WINNT\system32\mprapi.dll - ok
07:32:36.0359 3284 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINNT\system32\activeds.dll
07:32:36.0359 3284 C:\WINNT\system32\activeds.dll - ok
07:32:36.0375 3284 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINNT\system32\adsldpc.dll
07:32:36.0375 3284 C:\WINNT\system32\adsldpc.dll - ok
07:32:36.0406 3284 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINNT\system32\rasapi32.dll
07:32:36.0406 3284 C:\WINNT\system32\rasapi32.dll - ok
07:32:36.0421 3284 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINNT\system32\rasman.dll
07:32:36.0421 3284 C:\WINNT\system32\rasman.dll - ok
07:32:36.0453 3284 [ 00AABF131B4823785818DB99A075A313 ] C:\WINNT\system32\tapi32.dll
07:32:36.0453 3284 C:\WINNT\system32\tapi32.dll - ok
07:32:36.0468 3284 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINNT\system32\riched20.dll
07:32:36.0468 3284 C:\WINNT\system32\riched20.dll - ok
07:32:36.0484 3284 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINNT\system32\logonui.exe
07:32:36.0484 3284 C:\WINNT\system32\logonui.exe - ok
07:32:36.0515 3284 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINNT\system32\raschap.dll
07:32:36.0515 3284 C:\WINNT\system32\raschap.dll - ok
07:32:36.0546 3284 [ 0DC29A1FA52D445DB14DDF16E272E6D1 ] C:\WINNT\system32\ati2evxx.dll
07:32:36.0546 3284 C:\WINNT\system32\ati2evxx.dll - ok
07:32:36.0562 3284 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINNT\system32\cscdll.dll
07:32:36.0562 3284 C:\WINNT\system32\cscdll.dll - ok
07:32:36.0593 3284 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINNT\system32\xmlprovi.dll
07:32:36.0593 3284 C:\WINNT\system32\xmlprovi.dll - ok
07:32:36.0609 3284 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINNT\system32\dimsntfy.dll
07:32:36.0609 3284 C:\WINNT\system32\dimsntfy.dll - ok
07:32:36.0640 3284 [ 767FF54A552732CE772C2302025FA82F ] C:\WINNT\system32\wzcsapi.dll
07:32:36.0640 3284 C:\WINNT\system32\wzcsapi.dll - ok
07:32:36.0656 3284 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINNT\system32\wlnotify.dll
07:32:36.0656 3284 C:\WINNT\system32\wlnotify.dll - ok
07:32:36.0687 3284 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINNT\system32\duser.dll
07:32:36.0687 3284 C:\WINNT\system32\duser.dll - ok
07:32:36.0703 3284 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINNT\system32\schedsvc.dll
07:32:36.0703 3284 C:\WINNT\system32\schedsvc.dll - ok
07:32:36.0718 3284 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINNT\system32\winspool.drv
07:32:36.0718 3284 C:\WINNT\system32\winspool.drv - ok
07:32:36.0750 3284 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINNT\system32\msimg32.dll
07:32:36.0750 3284 C:\WINNT\system32\msimg32.dll - ok
07:32:36.0765 3284 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINNT\system32\oleacc.dll
07:32:36.0765 3284 C:\WINNT\system32\oleacc.dll - ok
07:32:36.0796 3284 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINNT\system32\shgina.dll
07:32:36.0796 3284 C:\WINNT\system32\shgina.dll - ok
07:32:36.0828 3284 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINNT\system32\msidle.dll
07:32:36.0828 3284 C:\WINNT\system32\msidle.dll - ok
07:32:36.0843 3284 [ 60784F891563FB1B767F70117FC2428F ] C:\WINNT\system32\spoolsv.exe
07:32:36.0843 3284 C:\WINNT\system32\spoolsv.exe - ok
07:32:36.0875 3284 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINNT\system32\audiosrv.dll
07:32:36.0875 3284 C:\WINNT\system32\audiosrv.dll - ok
07:32:36.0890 3284 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINNT\system32\cscui.dll
07:32:36.0890 3284 C:\WINNT\system32\cscui.dll - ok
07:32:36.0921 3284 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINNT\system32\wkssvc.dll
07:32:36.0921 3284 C:\WINNT\system32\wkssvc.dll - ok
07:32:36.0953 3284 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINNT\system32\drivers\mrxdav.sys
07:32:36.0953 3284 C:\WINNT\system32\drivers\mrxdav.sys - ok
07:32:36.0953 3284 [ 50A166237A0FA771261275A405646CC0 ] C:\WINNT\system32\powrprof.dll
07:32:36.0953 3284 C:\WINNT\system32\powrprof.dll - ok
07:32:36.0984 3284 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINNT\system32\dpcdll.dll
07:32:36.0984 3284 C:\WINNT\system32\dpcdll.dll - ok
07:32:37.0000 3284 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINNT\system32\wdmaud.drv
07:32:37.0000 3284 C:\WINNT\system32\wdmaud.drv - ok
07:32:37.0031 3284 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINNT\system32\drivers\wdmaud.sys
07:32:37.0031 3284 C:\WINNT\system32\drivers\wdmaud.sys - ok
07:32:37.0062 3284 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINNT\system32\drivers\sysaudio.sys
07:32:37.0062 3284 C:\WINNT\system32\drivers\sysaudio.sys - ok
07:32:37.0078 3284 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINNT\system32\userinit.exe
07:32:37.0078 3284 C:\WINNT\system32\userinit.exe - ok
07:32:37.0109 3284 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINNT\system32\drivers\splitter.sys
07:32:37.0109 3284 C:\WINNT\system32\drivers\splitter.sys - ok
07:32:37.0125 3284 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINNT\system32\webclnt.dll
07:32:37.0125 3284 C:\WINNT\system32\webclnt.dll - ok
07:32:37.0156 3284 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINNT\system32\drivers\aec.sys
07:32:37.0156 3284 C:\WINNT\system32\drivers\aec.sys - ok
07:32:37.0171 3284 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINNT\system32\drivers\swmidi.sys
07:32:37.0171 3284 C:\WINNT\system32\drivers\swmidi.sys - ok
07:32:37.0203 3284 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINNT\system32\drivers\dmusic.sys
07:32:37.0203 3284 C:\WINNT\system32\drivers\dmusic.sys - ok
07:32:37.0218 3284 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINNT\explorer.exe
07:32:37.0218 3284 C:\WINNT\explorer.exe - ok
07:32:37.0234 3284 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINNT\system32\wbem\wbemprox.dll
07:32:37.0234 3284 C:\WINNT\system32\wbem\wbemprox.dll - ok
07:32:37.0265 3284 [ 692BCF44383D056AED41B045A323D378 ] C:\WINNT\system32\drivers\kmixer.sys
07:32:37.0265 3284 C:\WINNT\system32\drivers\kmixer.sys - ok
07:32:37.0296 3284 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINNT\system32\wbem\wbemcomn.dll
07:32:37.0296 3284 C:\WINNT\system32\wbem\wbemcomn.dll - ok
07:32:37.0312 3284 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINNT\system32\drivers\drmkaud.sys
07:32:37.0312 3284 C:\WINNT\system32\drivers\drmkaud.sys - ok
07:32:37.0343 3284 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINNT\system32\drivers\parvdm.sys
07:32:37.0343 3284 C:\WINNT\system32\drivers\parvdm.sys - ok
07:32:37.0359 3284 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINNT\system32\browseui.dll
07:32:37.0359 3284 C:\WINNT\system32\browseui.dll - ok
07:32:37.0390 3284 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINNT\system32\msacm32.drv
07:32:37.0390 3284 C:\WINNT\system32\msacm32.drv - ok
07:32:37.0406 3284 [ 73D675514F148B1E69429E1D95E22ADC ] C:\Program Files\Common Files\AOL\ACS\acsd.exe
07:32:37.0406 3284 C:\Program Files\Common Files\AOL\ACS\acsd.exe - ok
07:32:37.0437 3284 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINNT\system32\midimap.dll
07:32:37.0437 3284 C:\WINNT\system32\midimap.dll - ok
07:32:37.0453 3284 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINNT\system32\shdocvw.dll
07:32:37.0453 3284 C:\WINNT\system32\shdocvw.dll - ok
07:32:37.0468 3284 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINNT\system32\snmpapi.dll
07:32:37.0468 3284 C:\WINNT\system32\snmpapi.dll - ok
07:32:37.0500 3284 [ 8353FAE91B2F8FC42FA438866E267000 ] C:\PROGRA~1\COMMON~1\AOL\ACS\shfolder.dll
07:32:37.0500 3284 C:\PROGRA~1\COMMON~1\AOL\ACS\shfolder.dll - ok
07:32:37.0531 3284 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
07:32:37.0531 3284 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
07:32:37.0546 3284 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINNT\system32\wsock32.dll
07:32:37.0546 3284 C:\WINNT\system32\wsock32.dll - ok
07:32:37.0578 3284 [ 312A17DFF710A0F4E6D4DD1D52EAD1A8 ] C:\WINNT\system32\ati2sgag.exe
07:32:37.0578 3284 C:\WINNT\system32\ati2sgag.exe - ok
07:32:37.0593 3284 [ D880831279ED91F9A4190A2DB9539EA9 ] C:\WINNT\system32\drivers\asctrm.sys
07:32:37.0593 3284 C:\WINNT\system32\drivers\asctrm.sys - ok
07:32:37.0671 3284 [ 5B80E84AF6B02ECAB72DAE9AFEE06309 ] C:\WINNT\system32\drivers\atksgt.sys
07:32:37.0671 3284 C:\WINNT\system32\drivers\atksgt.sys - ok
07:32:37.0718 3284 [ 3F56903E124E820AEECE6D471583C6C1 ] C:\Program Files\Bonjour\mDNSResponder.exe
07:32:37.0718 3284 C:\Program Files\Bonjour\mDNSResponder.exe - ok
07:32:37.0734 3284 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINNT\system32\qmgr.dll
07:32:37.0734 3284 C:\WINNT\system32\qmgr.dll - ok
07:32:37.0765 3284 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINNT\system32\desk.cpl
07:32:37.0765 3284 C:\WINNT\system32\desk.cpl - ok
07:32:37.0859 3284 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
07:32:37.0859 3284 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
07:32:37.0890 3284 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINNT\system32\shfolder.dll
07:32:37.0890 3284 C:\WINNT\system32\shfolder.dll - ok
07:32:37.0937 3284 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINNT\system32\themeui.dll
07:32:37.0937 3284 C:\WINNT\system32\themeui.dll - ok
07:32:37.0968 3284 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINNT\system32\cryptsvc.dll
07:32:37.0968 3284 C:\WINNT\system32\cryptsvc.dll - ok
07:32:38.0031 3284 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINNT\system32\winhttp.dll
07:32:38.0031 3284 C:\WINNT\system32\winhttp.dll - ok
07:32:38.0046 3284 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINNT\system32\certcli.dll
07:32:38.0046 3284 C:\WINNT\system32\certcli.dll - ok
07:32:38.0093 3284 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINNT\system32\ersvc.dll
07:32:38.0093 3284 C:\WINNT\system32\ersvc.dll - ok
07:32:38.0125 3284 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINNT\system32\es.dll
07:32:38.0125 3284 C:\WINNT\system32\es.dll - ok
07:32:38.0187 3284 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINNT\system32\cabinet.dll
07:32:38.0187 3284 C:\WINNT\system32\cabinet.dll - ok
07:32:38.0203 3284 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINNT\system32\actxprxy.dll
07:32:38.0203 3284 C:\WINNT\system32\actxprxy.dll - ok
07:32:38.0218 3284 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINNT\system32\hidserv.dll
07:32:38.0218 3284 C:\WINNT\system32\hidserv.dll - ok
07:32:38.0250 3284 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINNT\system32\hid.dll
07:32:38.0250 3284 C:\WINNT\system32\hid.dll - ok
07:32:38.0265 3284 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:32:38.0265 3284 C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
07:32:38.0296 3284 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
07:32:38.0296 3284 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
07:32:38.0312 3284 [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WIFD1F~1\MpShHook.dll
07:32:38.0312 3284 C:\PROGRA~1\WIFD1F~1\MpShHook.dll - ok
07:32:38.0343 3284 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
07:32:38.0343 3284 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
07:32:38.0359 3284 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINNT\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
07:32:38.0359 3284 C:\WINNT\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
07:32:38.0390 3284 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINNT\system32\netman.dll
07:32:38.0390 3284 C:\WINNT\system32\netman.dll - ok
07:32:38.0406 3284 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINNT\system32\netshell.dll
07:32:38.0406 3284 C:\WINNT\system32\netshell.dll - ok
07:32:38.0437 3284 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINNT\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
07:32:38.0437 3284 C:\WINNT\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
07:32:38.0468 3284 [ 235892E493845D64D890163CFEF90E97 ] C:\WINNT\system32\credui.dll
07:32:38.0468 3284 C:\WINNT\system32\credui.dll - ok
07:32:38.0468 3284 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINNT\system32\dot3dlg.dll
07:32:38.0468 3284 C:\WINNT\system32\dot3dlg.dll - ok
07:32:38.0500 3284 [ CA04959077AFE36369D37B3504740C87 ] C:\WINNT\system32\onex.dll
07:32:38.0500 3284 C:\WINNT\system32\onex.dll - ok
07:32:38.0531 3284 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINNT\system32\eappcfg.dll
07:32:38.0531 3284 C:\WINNT\system32\eappcfg.dll - ok
07:32:38.0546 3284 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINNT\system32\eappprxy.dll
07:32:38.0546 3284 C:\WINNT\system32\eappprxy.dll - ok
07:32:38.0578 3284 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINNT\system32\cmd.exe
07:32:38.0578 3284 C:\WINNT\system32\cmd.exe - ok
07:32:38.0593 3284 [ D573DEB87CB2DF4E5116D2A4E284EAB4 ] C:\WINNT\system32\ieframe.dll
07:32:38.0593 3284 C:\WINNT\system32\ieframe.dll - ok
07:32:38.0625 3284 [ 1A0A8D69CF1486F7B722F4779E7A314E ] C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
07:32:38.0625 3284 C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe - ok
07:32:38.0656 3284 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINNT\system32\olepro32.dll
07:32:38.0656 3284 C:\WINNT\system32\olepro32.dll - ok
07:32:38.0671 3284 [ 975B6CF65F44E95883F3855BAE8CECAF ] C:\WINNT\system32\drivers\lirsgt.sys
07:32:38.0671 3284 C:\WINNT\system32\drivers\lirsgt.sys - ok
07:32:38.0703 3284 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINNT\system32\srvsvc.dll
07:32:38.0703 3284 C:\WINNT\system32\srvsvc.dll - ok
07:32:38.0718 3284 [ A0AE7F043497C9971E9D7FE291099D40 ] C:\WINNT\system32\msxml6.dll
07:32:38.0718 3284 C:\WINNT\system32\msxml6.dll - ok
07:32:38.0734 3284 [ 0C41C4ACFE00D826DB479C40C1D9EDC8 ] C:\WINNT\system32\nvsvc32.exe
07:32:38.0734 3284 C:\WINNT\system32\nvsvc32.exe - ok
07:32:38.0750 3284 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINNT\system32\netmsg.dll
07:32:38.0750 3284 C:\WINNT\system32\netmsg.dll - ok
07:32:38.0781 3284 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINNT\system32\ipsecsvc.dll
07:32:38.0781 3284 C:\WINNT\system32\ipsecsvc.dll - ok
07:32:38.0812 3284 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINNT\system32\drivers\secdrv.sys
07:32:38.0812 3284 C:\WINNT\system32\drivers\secdrv.sys - ok
07:32:38.0828 3284 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINNT\system32\oakley.dll
07:32:38.0828 3284 C:\WINNT\system32\oakley.dll - ok
07:32:38.0859 3284 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINNT\system32\drivers\srv.sys
07:32:38.0859 3284 C:\WINNT\system32\drivers\srv.sys - ok
07:32:38.0875 3284 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINNT\system32\seclogon.dll
07:32:38.0875 3284 C:\WINNT\system32\seclogon.dll - ok
07:32:38.0906 3284 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINNT\system32\winipsec.dll
07:32:38.0906 3284 C:\WINNT\system32\winipsec.dll - ok
07:32:38.0937 3284 [ 4D8E9C2FB7E234A7FDFA6EC54794217F ] C:\WINNT\system32\nvcpl.dll
07:32:38.0937 3284 C:\WINNT\system32\nvcpl.dll - ok
07:32:38.0953 3284 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINNT\system32\pstorsvc.dll
07:32:38.0953 3284 C:\WINNT\system32\pstorsvc.dll - ok
07:32:38.0968 3284 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINNT\system32\sens.dll
07:32:38.0968 3284 C:\WINNT\system32\sens.dll - ok
07:32:39.0000 3284 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINNT\system32\psbase.dll
07:32:39.0000 3284 C:\WINNT\system32\psbase.dll - ok
07:32:39.0015 3284 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINNT\system32\srsvc.dll
07:32:39.0015 3284 C:\WINNT\system32\srsvc.dll - ok
07:32:39.0093 3284 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINNT\system32\dssenh.dll
07:32:39.0093 3284 C:\WINNT\system32\dssenh.dll - ok
07:32:39.0109 3284 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINNT\system32\wiaservc.dll
07:32:39.0109 3284 C:\WINNT\system32\wiaservc.dll - ok
07:32:39.0125 3284 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINNT\system32\trkwks.dll
07:32:39.0125 3284 C:\WINNT\system32\trkwks.dll - ok
07:32:39.0156 3284 [ 6FCD74011AFD5843456F3ED9B4C4D909 ] C:\Program Files\iolo\Common\Lib\fbembed.dll
07:32:39.0156 3284 C:\Program Files\iolo\Common\Lib\fbembed.dll - ok
07:32:39.0171 3284 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINNT\system32\cfgmgr32.dll
07:32:39.0171 3284 C:\WINNT\system32\cfgmgr32.dll - ok
07:32:39.0218 3284 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINNT\system32\mscms.dll
07:32:39.0218 3284 C:\WINNT\system32\mscms.dll - ok
07:32:39.0265 3284 [ 909F2DC0DA7F57D229A05EE90647B2C3 ] C:\WINNT\wanmpsvc.exe
07:32:39.0265 3284 C:\WINNT\wanmpsvc.exe - ok
07:32:39.0281 3284 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINNT\system32\wbem\wmisvc.dll
07:32:39.0281 3284 C:\WINNT\system32\wbem\wmisvc.dll - ok
07:32:39.0343 3284 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINNT\system32\vssapi.dll
07:32:39.0343 3284 C:\WINNT\system32\vssapi.dll - ok
07:32:39.0375 3284 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINNT\system32\wuauserv.dll
07:32:39.0375 3284 C:\WINNT\system32\wuauserv.dll - ok
07:32:39.0390 3284 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\1F3A09CA-BA58-483D-A7ED-E3097A49DEB4.exe
07:32:39.0390 3284 C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\1F3A09CA-BA58-483D-A7ED-E3097A49DEB4.exe - ok
07:32:39.0421 3284 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINNT\system32\wuaueng.dll
07:32:39.0421 3284 C:\WINNT\system32\wuaueng.dll - ok
07:32:39.0453 3284 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINNT\system32\mspatcha.dll
07:32:39.0453 3284 C:\WINNT\system32\mspatcha.dll - ok
07:32:39.0484 3284 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINNT\system32\wscsvc.dll
07:32:39.0484 3284 C:\WINNT\system32\wscsvc.dll - ok
07:32:39.0531 3284 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINNT\system32\spoolss.dll
07:32:39.0531 3284 C:\WINNT\system32\spoolss.dll - ok
07:32:39.0546 3284 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINNT\system32\msi.dll
07:32:39.0546 3284 C:\WINNT\system32\msi.dll - ok
07:32:39.0578 3284 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINNT\system32\linkinfo.dll
07:32:39.0578 3284 C:\WINNT\system32\linkinfo.dll - ok
07:32:39.0593 3284 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINNT\system32\ntshrui.dll
07:32:39.0593 3284 C:\WINNT\system32\ntshrui.dll - ok
07:32:39.0625 3284 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINNT\system32\localspl.dll
07:32:39.0625 3284 C:\WINNT\system32\localspl.dll - ok
07:32:39.0656 3284 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINNT\system32\cnbjmon.dll
07:32:39.0656 3284 C:\WINNT\system32\cnbjmon.dll - ok
07:32:39.0671 3284 [ 2030AF1F7504A82E31C892D14BE55D6F ] C:\WINNT\system32\hpzlnt10.dll
07:32:39.0671 3284 C:\WINNT\system32\hpzlnt10.dll - ok
07:32:39.0703 3284 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINNT\system32\wbem\wbemcore.dll
07:32:39.0703 3284 C:\WINNT\system32\wbem\wbemcore.dll - ok
07:32:39.0718 3284 [ E4616430709F440CF1809D88DC2366EA ] C:\WINNT\system32\wbem\esscli.dll
07:32:39.0718 3284 C:\WINNT\system32\wbem\esscli.dll - ok
07:32:39.0734 3284 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINNT\system32\wbem\fastprox.dll
07:32:39.0734 3284 C:\WINNT\system32\wbem\fastprox.dll - ok
07:32:39.0765 3284 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINNT\system32\ipnathlp.dll
07:32:39.0765 3284 C:\WINNT\system32\ipnathlp.dll - ok
07:32:39.0781 3284 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINNT\system32\pjlmon.dll
07:32:39.0781 3284 C:\WINNT\system32\pjlmon.dll - ok
07:32:39.0812 3284 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINNT\system32\tcpmon.dll
07:32:39.0812 3284 C:\WINNT\system32\tcpmon.dll - ok
07:32:39.0828 3284 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINNT\system32\wbem\wbemsvc.dll
07:32:39.0828 3284 C:\WINNT\system32\wbem\wbemsvc.dll - ok
07:32:39.0859 3284 [ E639279A5EF179BA87EC70B5BCC315D1 ] C:\WINNT\system32\nvapi.dll
07:32:39.0859 3284 C:\WINNT\system32\nvapi.dll - ok
07:32:39.0875 3284 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINNT\system32\usbmon.dll
07:32:39.0875 3284 C:\WINNT\system32\usbmon.dll - ok
07:32:39.0906 3284 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINNT\system32\comsvcs.dll
07:32:39.0906 3284 C:\WINNT\system32\comsvcs.dll - ok
07:32:39.0937 3284 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINNT\system32\win32spl.dll
07:32:39.0937 3284 C:\WINNT\system32\win32spl.dll - ok
07:32:39.0953 3284 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINNT\system32\netrap.dll
07:32:39.0953 3284 C:\WINNT\system32\netrap.dll - ok
07:32:39.0984 3284 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINNT\system32\inetpp.dll
07:32:39.0984 3284 C:\WINNT\system32\inetpp.dll - ok
07:32:40.0000 3284 [ 690D97864735E8ECD87F55777E266690 ] C:\WINNT\system32\colbact.dll
07:32:40.0000 3284 C:\WINNT\system32\colbact.dll - ok
07:32:40.0046 3284 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINNT\system32\mtxclu.dll
07:32:40.0046 3284 C:\WINNT\system32\mtxclu.dll - ok
07:32:40.0062 3284 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINNT\system32\clusapi.dll
07:32:40.0062 3284 C:\WINNT\system32\clusapi.dll - ok
07:32:40.0078 3284 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINNT\system32\resutils.dll
07:32:40.0078 3284 C:\WINNT\system32\resutils.dll - ok
07:32:40.0109 3284 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINNT\system32\wbem\wmiutils.dll
07:32:40.0109 3284 C:\WINNT\system32\wbem\wmiutils.dll - ok
07:32:40.0125 3284 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINNT\system32\wbem\repdrvfs.dll
07:32:40.0125 3284 C:\WINNT\system32\wbem\repdrvfs.dll - ok
07:32:40.0156 3284 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINNT\system32\wups.dll
07:32:40.0156 3284 C:\WINNT\system32\wups.dll - ok
07:32:40.0171 3284 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINNT\system32\wups2.dll
07:32:40.0171 3284 C:\WINNT\system32\wups2.dll - ok
07:32:40.0203 3284 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINNT\system32\verclsid.exe
07:32:40.0203 3284 C:\WINNT\system32\verclsid.exe - ok
07:32:40.0218 3284 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINNT\system32\wbem\wmiprvsd.dll
07:32:40.0218 3284 C:\WINNT\system32\wbem\wmiprvsd.dll - ok
07:32:40.0234 3284 [ BAF0DDB9436EFB8B2DB3BAFE5DE3FDC5 ] C:\Program Files\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll
07:32:40.0234 3284 C:\Program Files\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll - ok
07:32:40.0281 3284 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINNT\system32\wbem\wbemess.dll
07:32:40.0281 3284 C:\WINNT\system32\wbem\wbemess.dll - ok
07:32:40.0328 3284 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINNT\system32\drivers\66370865.sys
07:32:40.0328 3284 C:\WINNT\system32\drivers\66370865.sys - ok
07:32:40.0359 3284 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINNT\system32\wuapi.dll
07:32:40.0359 3284 C:\WINNT\system32\wuapi.dll - ok
07:32:40.0406 3284 [ 38D332A6D56AF32635675F132548343E ] C:\WINNT\system32\drivers\fastfat.sys
07:32:40.0406 3284 C:\WINNT\system32\drivers\fastfat.sys - ok
07:32:40.0453 3284 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINNT\system32\webcheck.dll
07:32:40.0453 3284 C:\WINNT\system32\webcheck.dll - ok
07:32:40.0500 3284 [ 52CC401BD42AA571610FF57B418C3458 ] C:\Program Files\iolo\Common\Lib\Corvus.dll
07:32:40.0500 3284 C:\Program Files\iolo\Common\Lib\Corvus.dll - ok
07:32:40.0531 3284 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINNT\system32\stobject.dll
07:32:40.0531 3284 C:\WINNT\system32\stobject.dll - ok
07:32:40.0546 3284 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINNT\system32\batmeter.dll
07:32:40.0546 3284 C:\WINNT\system32\batmeter.dll - ok
07:32:40.0609 3284 [ BA96711E180C47D748805F37E1B5406A ] C:\WINNT\system32\igfxtray.exe
07:32:40.0609 3284 C:\WINNT\system32\igfxtray.exe - ok
07:32:40.0640 3284 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINNT\system32\wuauclt.exe
07:32:40.0640 3284 C:\WINNT\system32\wuauclt.exe - ok
07:32:40.0671 3284 [ A7BE6761667A364687B5219B574EEB12 ] C:\WINNT\system32\hkcmd.exe
07:32:40.0671 3284 C:\WINNT\system32\hkcmd.exe - ok
07:32:40.0703 3284 [ 762DCF620D8B13F8500F9E00B8A27B92 ] C:\WINNT\system32\hccutils.dll
07:32:40.0703 3284 C:\WINNT\system32\hccutils.dll - ok
07:32:40.0718 3284 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINNT\system32\upnp.dll
07:32:40.0718 3284 C:\WINNT\system32\upnp.dll - ok
07:32:40.0750 3284 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINNT\system32\rundll32.exe
07:32:40.0750 3284 C:\WINNT\system32\rundll32.exe - ok
07:32:40.0765 3284 [ 3860B249BF5AF7B28D11F2731FCF6088 ] C:\WINNT\system32\nwiz.exe
07:32:40.0765 3284 C:\WINNT\system32\nwiz.exe - ok
07:32:40.0781 3284 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINNT\system32\ssdpapi.dll
07:32:40.0781 3284 C:\WINNT\system32\ssdpapi.dll - ok
07:32:40.0812 3284 [ 0163375AEACBAE85FDFCB530B1AF3AD2 ] C:\WINNT\system32\nview.dll
07:32:40.0812 3284 C:\WINNT\system32\nview.dll - ok
07:32:40.0828 3284 [ EE61479B05BEB9204B293280ECB10B77 ] C:\Program Files\BellSouthWCC\McciTrayApp.exe
07:32:40.0828 3284 C:\Program Files\BellSouthWCC\McciTrayApp.exe - ok
07:32:40.0859 3284 [ 3E4C03CEFAD8DE135263236B61A49C90 ] C:\WINNT\system32\NeroCheck.exe
07:32:40.0859 3284 C:\WINNT\system32\NeroCheck.exe - ok
07:32:40.0875 3284 [ F1E9510A859E7ED2A050F8E7BF022D5C ] C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe
07:32:40.0875 3284 C:\Program Files\Gateway\Gateway Ink Monitor\GWInkMonitor.exe - ok
07:32:40.0906 3284 [ 274BFF4E31824D91C5971228DFAF004E ] C:\WINNT\system32\nvwddi.dll
07:32:40.0906 3284 C:\WINNT\system32\nvwddi.dll - ok
07:32:40.0937 3284 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINNT\system32\netcfgx.dll
07:32:40.0937 3284 C:\WINNT\system32\netcfgx.dll - ok
07:32:40.0953 3284 [ 4B8FC0E6BE9B03C7E46FFACE8D2937DA ] C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll
07:32:40.0953 3284 C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll - ok
07:32:40.0984 3284 [ B9BC2CE6EAC373F4117DC342AA1575CD ] C:\Program Files\Gateway\Gateway Ink Monitor\inkpeek.dll
07:32:40.0984 3284 C:\Program Files\Gateway\Gateway Ink Monitor\inkpeek.dll - ok
07:32:41.0000 3284 [ 8DC7685764B22DB97891012026FA7ED1 ] C:\Program Files\iTunes\iTunesHelper.exe
07:32:41.0000 3284 C:\Program Files\iTunes\iTunesHelper.exe - ok
07:32:41.0015 3284 [ 1A3E2D7C7EC0F4F7158F908E4B3805D8 ] C:\Program Files\iTunes\iTunesHelper.dll
07:32:41.0015 3284 C:\Program Files\iTunes\iTunesHelper.dll - ok
07:32:41.0046 3284 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINNT\system32\rasmans.dll
07:32:41.0046 3284 C:\WINNT\system32\rasmans.dll - ok
07:32:41.0062 3284 [ DAE7B6E8690DAF099F73CEB9AD6BA4A7 ] C:\Program Files\Common Files\Motive\McciWirelessClientAppLib_4-1-3_DDR.dll
07:32:41.0062 3284 C:\Program Files\Common Files\Motive\McciWirelessClientAppLib_4-1-3_DDR.dll - ok
07:32:41.0093 3284 [ 76A7A2522603D07A87F6B296D5218713 ] C:\Program Files\Common Files\Apple\Apple Application

Support\CoreFoundation.dll
07:32:41.0093 3284 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
07:32:41.0109 3284 [ C6605B03BEC6E5FBD98AD5DC4E139DE0 ] C:\Program Files\Common Files\Motive\McciLogLib_4-0-0_DDR.dll
07:32:41.0109 3284 C:\Program Files\Common Files\Motive\McciLogLib_4-0-0_DDR.dll - ok
07:32:41.0140 3284 [ 15530639789C990827E594344EACC465 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
07:32:41.0140 3284 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
07:32:41.0171 3284 [ AFA686AA5B86B971D44A1A0099267C72 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
07:32:41.0171 3284 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
07:32:41.0187 3284 [ 9AA9EE780A31B6A4AC5449D84FC4F47A ] C:\Program Files\Common Files\Motive\McciMTLib_4-0-0_DDR.dll
07:32:41.0187 3284 C:\Program Files\Common Files\Motive\McciMTLib_4-0-0_DDR.dll - ok
07:32:41.0218 3284 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Common Files\Motive\msvcr71.dll
07:32:41.0218 3284 C:\Program Files\Common Files\Motive\msvcr71.dll - ok
07:32:41.0234 3284 [ 99C7D3DE3B2708BF45F02E495A86A971 ] C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
07:32:41.0234 3284 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll - ok
07:32:41.0250 3284 [ F07F5DD69E34DD5EC8F870371428F89D ] C:\WINNT\system32\igfxdev.dll
07:32:41.0250 3284 C:\WINNT\system32\igfxdev.dll - ok
07:32:41.0281 3284 [ 5419E71A08A660AC55206A2092F66E0A ] C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
07:32:41.0281 3284 C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
07:32:41.0296 3284 [ C5D16BDCD6DE6793CE8CB8676E3C2176 ] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
07:32:41.0296 3284 C:\Program Files\Kodak\KODAK Share Button App\Listener.exe - ok
07:32:41.0328 3284 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINNT\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
07:32:41.0328 3284 C:\WINNT\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll - ok
07:32:41.0343 3284 [ 1836546A3F9B09CCB93FCC1B5E041E0F ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
07:32:41.0343 3284 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll - ok
07:32:41.0375 3284 [ 8284123549EC8A272391F3846AD071A3 ] C:\Program Files\Common Files\Motive\McciSysLib_4-0-0_DDR.dll
07:32:41.0375 3284 C:\Program Files\Common Files\Motive\McciSysLib_4-0-0_DDR.dll - ok
07:32:41.0390 3284 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
07:32:41.0390 3284 C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
07:32:41.0421 3284 [ 5046F135BB97A68BFE485AB039E605C0 ] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
07:32:41.0421 3284 C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe - ok
07:32:41.0453 3284 [ FD32127449AF0B96EBECA3CAAB74E423 ] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe
07:32:41.0453 3284 C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe - ok
07:32:41.0468 3284 [ 5468859B5DC0F3291D7EEC960B569142 ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
07:32:41.0468 3284 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
07:32:41.0500 3284 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
07:32:41.0500 3284 C:\WINNT\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
07:32:41.0515 3284 [ F5F1A8CDD473D55F9BF6FE23F715B0FA ] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
07:32:41.0515 3284 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - ok
07:32:41.0531 3284 [ F76685E1E9F1A1E342CE5ADC4ED1FEC2 ] C:\Program Files\Common Files\Motive\McciUtilsLib_4-0-0_DDR.dll
07:32:41.0531 3284 C:\Program Files\Common Files\Motive\McciUtilsLib_4-0-0_DDR.dll - ok
07:32:41.0562 3284 [ 64C4C17BF6A40FF1CD21205E6FD415B8 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
07:32:41.0562 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe - ok
07:32:41.0578 3284 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINNT\system32\mscoree.dll
07:32:41.0578 3284 C:\WINNT\system32\mscoree.dll - ok
07:32:41.0625 3284 [ 55D7A219AD8D0DB8980528944152A6FD ] C:\Program Files\QuickTime\QTTask.exe
07:32:41.0625 3284 C:\Program Files\QuickTime\QTTask.exe - ok
07:32:41.0640 3284 [ A49D4637796E347FB41ACA5E056151C3 ] C:\WINNT\system32\spool\drivers\w32x86\3\hpzr3210.dll
07:32:41.0640 3284 C:\WINNT\system32\spool\drivers\w32x86\3\hpzr3210.dll - ok
07:32:41.0656 3284 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
07:32:41.0656 3284 C:\Program Files\Microsoft Security Client\msseces.exe - ok
07:32:41.0687 3284 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINNT\system32\ctfmon.exe
07:32:41.0687 3284 C:\WINNT\system32\ctfmon.exe - ok
07:32:41.0703 3284 [ 3E930C641079443D4DE036167A69CAA2 ] C:\Program Files\Messenger\msmsgs.exe
07:32:41.0703 3284 C:\Program Files\Messenger\msmsgs.exe - ok
07:32:41.0734 3284 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINNT\system32\msctf.dll
07:32:41.0734 3284 C:\WINNT\system32\msctf.dll - ok
07:32:41.0750 3284 [ 13BB437592082C824588C17D5409B083 ] C:\Program Files\Electronic Arts\EADM\Core.exe
07:32:41.0750 3284 C:\Program Files\Electronic Arts\EADM\Core.exe - ok
07:32:41.0765 3284 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINNT\system32\msisip.dll
07:32:41.0765 3284 C:\WINNT\system32\msisip.dll - ok
07:32:41.0796 3284 [ A940874B1904F1C48D09F9196F9BC178 ] C:\Program Files\HP\hpcoretech\hpvcr70.dll
07:32:41.0796 3284 C:\Program Files\HP\hpcoretech\hpvcr70.dll - ok
07:32:41.0812 3284 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINNT\system32\wshext.dll
07:32:41.0812 3284 C:\WINNT\system32\wshext.dll - ok
07:32:41.0843 3284 [ 4507F32451334E0832F6DAE85E331C5F ] C:\Program Files\Common Files\Motive\McciSysNetLib_4-1-3_DDR.dll
07:32:41.0843 3284 C:\Program Files\Common Files\Motive\McciSysNetLib_4-1-3_DDR.dll - ok
07:32:41.0875 3284 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINNT\system32\msxml4.dll
07:32:41.0875 3284 C:\WINNT\system32\msxml4.dll - ok
07:32:41.0890 3284 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINNT\system32\msutb.dll
07:32:41.0890 3284 C:\WINNT\system32\msutb.dll - ok
07:32:41.0921 3284 [ BC52F54AF3EDA4D3AD55D220D43A7060 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
07:32:41.0921 3284 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
07:32:41.0937 3284 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINNT\system32\advpack.dll
07:32:41.0937 3284 C:\WINNT\system32\advpack.dll - ok
07:32:41.0968 3284 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINNT\system32\oledlg.dll
07:32:41.0968 3284 C:\WINNT\system32\oledlg.dll - ok
07:32:41.0984 3284 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINNT\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
07:32:41.0984 3284 C:\WINNT\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
07:32:42.0000 3284 [ 195AFC64CCDDDC0D35D10D67D91226FB ] C:\Program Files\Common Files\Motive\McciNDISLib_4-1-3_DDR.dll
07:32:42.0000 3284 C:\Program Files\Common Files\Motive\McciNDISLib_4-1-3_DDR.dll - ok
07:32:42.0031 3284 [ 16E91805CC071039372AE0037AAA9A2B ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
07:32:42.0031 3284 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
07:32:42.0046 3284 [ 1055F84CABFB800B538FAE70F71D5BF5 ] C:\Program Files\Common Files\Motive\MREW32N5_503-1658-1_DSR.dll
07:32:42.0046 3284 C:\Program Files\Common Files\Motive\MREW32N5_503-1658-1_DSR.dll - ok
07:32:42.0078 3284 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINNT\ime\sptip.dll
07:32:42.0078 3284 C:\WINNT\ime\sptip.dll - ok
07:32:42.0093 3284 [ 322047A60EB358A9F93475415C5EDB38 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
07:32:42.0093 3284 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
07:32:42.0125 3284 [ 91C0436BD6CB73370895EF33C1C9CB47 ] C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
07:32:42.0125 3284 C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - ok
07:32:42.0156 3284 [ E9D03C3357EF137AA5B896A39ECA896C ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
07:32:42.0156 3284 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
07:32:42.0171 3284 [ 0941D03D849ABD968FD8500460B02C21 ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
07:32:42.0171 3284 C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok
07:32:42.0203 3284 [ 7E57B6D3D74CB9EF3055BA4E89F038D4 ] C:\WINNT\system32\Macromed\Flash\Flash32_11_5_502_146.ocx
07:32:42.0203 3284 C:\WINNT\system32\Macromed\Flash\Flash32_11_5_502_146.ocx - ok
07:32:42.0218 3284 [ 043FE3C9088BEADC6A9FFC033C84F20F ] C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
07:32:42.0218 3284 C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE - ok
07:32:42.0250 3284 [ 286AAA761254F247A09DF75A5ED4EF18 ] C:\Program Files\HP\hpcoretech\hpcmpmgr.dll
07:32:42.0250 3284 C:\Program Files\HP\hpcoretech\hpcmpmgr.dll - ok
07:32:42.0265 3284 [ BDD19073FCDDB86EA90E164DB78E7943 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
07:32:42.0265 3284 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
07:32:42.0281 3284 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
07:32:42.0281 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
07:32:42.0312 3284 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
07:32:42.0312 3284 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
07:32:42.0328 3284 [ FC19F3D46E21EF65EEA990B8AF2076F6 ] C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL
07:32:42.0328 3284 C:\Program Files\Microsoft Office\Office14\1033\ONINTL.DLL - ok
07:32:42.0359 3284 [ 4DF395BDDC8F3C53CB23205FBAA0BEB3 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
07:32:42.0359 3284 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
07:32:42.0390 3284 [ D35A78B8212372E3483F70AD300B2C28 ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
07:32:42.0390 3284 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
07:32:42.0406 3284 [ 86D32BB043C88FD79194FF7AB2AB3434 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
07:32:42.0406 3284 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
07:32:42.0437 3284 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
07:32:42.0437 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
07:32:42.0468 3284 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\fusion.dll
07:32:42.0468 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
07:32:42.0484 3284 [ E01B1D5CF6EB31BBA419D90DDFA0FE74 ] C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
07:32:42.0484 3284 C:\Program Files\HP\hpcoretech\soln\HPOSM.exe - ok
07:32:42.0500 3284 [ 7FACB452456EF5C053AF3EE4B228FE0D ] C:\WINNT\system32\xpob2res.dll
07:32:42.0500 3284 C:\WINNT\system32\xpob2res.dll - ok
07:32:42.0531 3284 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINNT\system32\dsound.dll
07:32:42.0531 3284 C:\WINNT\system32\dsound.dll - ok
07:32:42.0546 3284 [ CB41F8C8DE2D846CEA58CA82AC7D1687 ] C:\WINNT\system32\hpvaut32.dll
07:32:42.0546 3284 C:\WINNT\system32\hpvaut32.dll - ok
07:32:42.0578 3284 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINNT\system32\mmcshext.dll
07:32:42.0578 3284 C:\WINNT\system32\mmcshext.dll - ok
07:32:42.0593 3284 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
07:32:42.0593 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
07:32:42.0625 3284 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINNT\system32\hhsetup.dll
07:32:42.0625 3284 C:\WINNT\system32\hhsetup.dll - ok
07:32:42.0656 3284 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
07:32:42.0656 3284 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
07:32:42.0671 3284 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINNT\system32\msxml3.dll
07:32:42.0671 3284 C:\WINNT\system32\msxml3.dll - ok
07:32:42.0703 3284 [ A940874B1904F1C48D09F9196F9BC178 ] C:\WINNT\system32\hpvcr70.dll
07:32:42.0703 3284 C:\WINNT\system32\hpvcr70.dll - ok
07:32:42.0718 3284 [ A274F039FBA993284024684D04647587 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
07:32:42.0718 3284 C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
07:32:42.0750 3284 [ FB564FF2C5AEC5850176E59517400E41 ] C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
07:32:42.0750 3284 C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe - ok
07:32:42.0750 3284 [ 84F6B3AE2BBBFC146A27EDE853ECCB6B ] C:\Program Files\QuickTime\QTSystem\QTCF.dll
07:32:42.0750 3284 C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok
07:32:42.0781 3284 [ ADA23DCD5DD87CA957AAF1DE9D6CE292 ] C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
07:32:42.0781 3284 C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
07:32:42.0812 3284 [ 464BE9D92A84B23DEF9E07DCDD907E96 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
07:32:42.0812 3284 C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
07:32:42.0828 3284 [ 69539DC5EE4E99EA1D6757751D55374D ] C:\WINNT\system32\hpvcp70.dll
07:32:42.0828 3284 C:\WINNT\system32\hpvcp70.dll - ok
07:32:42.0859 3284 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINNT\system32\msftedit.dll
07:32:42.0859 3284 C:\WINNT\system32\msftedit.dll - ok
07:32:42.0875 3284 [ 327892A646DE45032F6FEF23D7DC2BF9 ] C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll
07:32:42.0875 3284 C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll - ok
07:32:42.0906 3284 [ B1AADAEF069AD9DA4FE5FD65FE7E1BEA ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
07:32:42.0906 3284 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
07:32:42.0937 3284 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINNT\system32\termsrv.dll
07:32:42.0937 3284 C:\WINNT\system32\termsrv.dll - ok
07:32:42.0953 3284 [ 18628BB3EEA95E17EDB4C79193FD9189 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
07:32:42.0953 3284 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
07:32:42.0984 3284 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
07:32:42.0984 3284 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
07:32:43.0000 3284 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINNT\system32\icaapi.dll
07:32:43.0000 3284 C:\WINNT\system32\icaapi.dll - ok
07:32:43.0015 3284 [ EB032CF179411874F99127B4F8737150 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
07:32:43.0015 3284 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
07:32:43.0046 3284 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINNT\system32\mstlsapi.dll
07:32:43.0046 3284 C:\WINNT\system32\mstlsapi.dll - ok
07:32:43.0062 3284 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINNT\system32\sensapi.dll
07:32:43.0062 3284 C:\WINNT\system32\sensapi.dll - ok
07:32:43.0093 3284 [ 2322C2D10ABC28C124B10D79140B2284 ] C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2403d395\mscorlib.dll
07:32:43.0093 3284 C:\WINNT\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2403d395\mscorlib.dll - ok
07:32:43.0109 3284 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINNT\system32\imapi.exe
07:32:43.0109 3284 C:\WINNT\system32\imapi.exe - ok
07:32:43.0140 3284 [ 515383A387685564CA99542739D48E55 ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
07:32:43.0140 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
07:32:43.0156 3284 [ 6AA3443F3CADBACAF777466148190B46 ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
07:32:43.0171 3284 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
07:32:43.0187 3284 [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINNT\system32\ddraw.dll
07:32:43.0187 3284 C:\WINNT\system32\ddraw.dll - ok
07:32:43.0218 3284 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINNT\system32\dciman32.dll
07:32:43.0218 3284 C:\WINNT\system32\dciman32.dll - ok
07:32:43.0234 3284 [ 12523A379FEE3E813628DAB33229A3F8 ] C:\Program Files\HP\Digital Imaging\bin\hpostd08.dll
07:32:43.0234 3284 C:\Program Files\HP\Digital Imaging\bin\hpostd08.dll - ok
07:32:43.0250 3284 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINNT\system32\wbem\wmiprvse.exe
07:32:43.0250 3284 C:\WINNT\system32\wbem\wmiprvse.exe - ok
07:32:43.0281 3284 [ 364F8161F3F708674106CD8B9E666005 ] C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll
07:32:43.0281 3284 C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll - ok
07:32:43.0296 3284 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINNT\system32\mfc42.dll
07:32:43.0296 3284 C:\WINNT\system32\mfc42.dll - ok
07:32:43.0328 3284 [ B63A750AB385A44D4F888751DA6703AE ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll
07:32:43.0328 3284 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll - ok
07:32:43.0343 3284 [ 787BE5622A9061AE3EF1FDA3BC09042D ] C:\Program Files\HP\Digital Imaging\bin\hpostd08.rsc
07:32:43.0343 3284 C:\Program Files\HP\Digital Imaging\bin\hpostd08.rsc - ok
07:32:43.0375 3284 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINNT\system32\tapisrv.dll
07:32:43.0375 3284 C:\WINNT\system32\tapisrv.dll - ok
07:32:43.0406 3284 [ 40AA9795F60E730FE10434AA11960ECB ] C:\WINNT\system32\HPZidr12.dll
07:32:43.0406 3284 C:\WINNT\system32\HPZidr12.dll - ok
07:32:43.0421 3284 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.sys
07:32:43.0421 3284 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.sys - ok
07:32:43.0453 3284 [ 8C515081584A38AA007909CD02020B3D ] C:\WINNT\system32\alg.exe
07:32:43.0453 3284 C:\WINNT\system32\alg.exe - ok
07:32:43.0468 3284 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINNT\system32\rastapi.dll
07:32:43.0468 3284 C:\WINNT\system32\rastapi.dll - ok
07:32:43.0500 3284 [ C759B42B15D2C617DB3CBA91F4122B61 ] C:\WINNT\system32\HPZipr12.dll
07:32:43.0500 3284 C:\WINNT\system32\HPZipr12.dll - ok
07:32:43.0515 3284 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINNT\system32\unimdm.tsp
07:32:43.0515 3284 C:\WINNT\system32\unimdm.tsp - ok
07:32:43.0531 3284 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINNT\system32\uniplat.dll
07:32:43.0531 3284 C:\WINNT\system32\uniplat.dll - ok
07:32:43.0562 3284 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DD278E0-A9F4-413D-AD6A-0E8B136DA920}\MpKsl66edf96e.sys
07:32:43.0562 3284 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9DD278E0-A9F4-413D-AD6A-0E8B136DA920}\MpKsl66edf96e.sys - ok
07:32:43.0578 3284 [ 1E6F080D5EDB4C3B4C4EB787A0848DCC ] C:\Program Files\iPod\bin\iPodService.exe
07:32:43.0578 3284 C:\Program Files\iPod\bin\iPodService.exe - ok
07:32:43.0609 3284 [ 28BD81378C1D1B267E66827B628114DD ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
07:32:43.0609 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
07:32:43.0640 3284 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\WINNT\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
07:32:43.0640 3284 C:\WINNT\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok
07:32:43.0656 3284 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
07:32:43.0656 3284 C:\WINNT\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
07:32:43.0687 3284 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINNT\system32\licwmi.dll
07:32:43.0687 3284 C:\WINNT\system32\licwmi.dll - ok
07:32:43.0703 3284 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINNT\system32\wbem\framedyn.dll
07:32:43.0703 3284 C:\WINNT\system32\wbem\framedyn.dll - ok
07:32:43.0734 3284 [ 2F571432B09808A245826D970C05CE16 ] C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3dacffa8\System.dll
07:32:43.0734 3284 C:\WINNT\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3dacffa8\System.dll - ok
07:32:43.0750 3284 [ 901C43516504CBE582E4C4193E00876A ] C:\WINNT\system32\HPZipm12.exe
07:32:43.0750 3284 C:\WINNT\system32\HPZipm12.exe - ok
07:32:43.0765 3284 [ C5FD6567485EE5B0F90DE9C0A94C0221 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
07:32:43.0765 3284 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
07:32:43.0796 3284 [ F36542F2EDC7BB0EE1A47157A7883EA6 ] C:\Program Files\HP\hpcoretech\comp\hpschedr.dll
07:32:43.0796 3284 C:\Program Files\HP\hpcoretech\comp\hpschedr.dll - ok
07:32:43.0812 3284 [ 51CD1CBF74EBD9714E3B745872D8ACA0 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
07:32:43.0812 3284 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
07:32:43.0843 3284 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINNT\system32\unimdmat.dll
07:32:43.0843 3284 C:\WINNT\system32\unimdmat.dll - ok
07:32:43.0875 3284 [ AB004EAC3B14C4F2141FC3AC2EC65105 ] C:\Program Files\HP\Digital Imaging\bin\hpqsarsc.dll
07:32:43.0875 3284 C:\Program Files\HP\Digital Imaging\bin\hpqsarsc.dll - ok
07:32:43.0890 3284 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINNT\system32\licdll.dll
07:32:43.0890 3284 C:\WINNT\system32\licdll.dll - ok
07:32:43.0921 3284 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINNT\system32\modemui.dll
07:32:43.0921 3284 C:\WINNT\system32\modemui.dll - ok
07:32:43.0937 3284 [ F20378B76C206F91352A029F01F5E64D ] C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_8290670b\System.Windows.Forms.dll
07:32:43.0937 3284 C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_8290670b\System.Windows.Forms.dll - ok
07:32:43.0968 3284 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINNT\system32\kmddsp.tsp
07:32:43.0968 3284 C:\WINNT\system32\kmddsp.tsp - ok
07:32:44.0000 3284 [ 02232CE70996A59A8A74EDEDCE5DDAC4 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll
07:32:44.0000 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll - ok
07:32:44.0000 3284 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINNT\system32\wbem\wmiprov.dll
07:32:44.0000 3284 C:\WINNT\system32\wbem\wmiprov.dll - ok
07:32:44.0031 3284 [ 963158EBB0701EC0E93E09CBB4B75C9E ] C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll
07:32:44.0031 3284 C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll - ok
07:32:44.0062 3284 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINNT\system32\ndptsp.tsp
07:32:44.0062 3284 C:\WINNT\system32\ndptsp.tsp - ok
07:32:44.0078 3284 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINNT\system32\ipconf.tsp
07:32:44.0078 3284 C:\WINNT\system32\ipconf.tsp - ok
07:32:44.0109 3284 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINNT\system32\h323.tsp
07:32:44.0109 3284 C:\WINNT\system32\h323.tsp - ok
07:32:44.0125 3284 [ C198EBF19B85F182F2515F4C926EF30E ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll
07:32:44.0125 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll - ok
07:32:44.0156 3284 [ 3385E2B11DD61D6065CF58035CCA20B8 ] C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll
07:32:44.0156 3284 C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll - ok
07:32:44.0171 3284 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINNT\system32\hidphone.tsp
07:32:44.0171 3284 C:\WINNT\system32\hidphone.tsp - ok
07:32:44.0203 3284 [ E7BAA541793F289F71AB1E32D7BF9360 ] C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll
07:32:44.0203 3284 C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll - ok
07:32:44.0218 3284 [ 05F5623B1286B86761D0A7040E7AD3A8 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll
07:32:44.0234 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll - ok
07:32:44.0250 3284 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINNT\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
07:32:44.0250 3284 C:\WINNT\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
07:32:44.0281 3284 [ B828B8620CAB7FC4D6865A30FB650049 ] C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
07:32:44.0281 3284 C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - ok
07:32:44.0296 3284 [ B478BEAD294B518949F5926E680AE350 ] C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_abd9d92d\System.Xml.dll
07:32:44.0296 3284 C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_abd9d92d\System.Xml.dll - ok
07:32:44.0328 3284 [ 1E1B73FC9C17EFFE04F5676A40C82026 ] C:\WINNT\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
07:32:44.0328 3284 C:\WINNT\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
07:32:44.0343 3284 [ D0545A010ED2259A740C8414899A938F ] C:\WINNT\system32\rasppp.dll
07:32:44.0343 3284 C:\WINNT\system32\rasppp.dll - ok
07:32:44.0375 3284 [ B4B711AF21A7844FF626031EF3E38FAF ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll
07:32:44.0375 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll - ok
07:32:44.0406 3284 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINNT\system32\ntlsapi.dll
07:32:44.0437 3284 C:\WINNT\system32\ntlsapi.dll - ok
07:32:44.0437 3284 [ FC94D575B91692432A1400F569A0F98B ] C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll
07:32:44.0437 3284 C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll - ok
07:32:44.0453 3284 [ 71652EC3797708BC7D86674E4F26EC15 ] C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll
07:32:44.0453 3284 C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll - ok
07:32:44.0484 3284 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINNT\system32\rasqec.dll
07:32:44.0484 3284 C:\WINNT\system32\rasqec.dll - ok
07:32:44.0500 3284 [ DF695E9850F66CCCC70659975184DF2A ] C:\WINNT\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
07:32:44.0500 3284 C:\WINNT\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
07:32:44.0515 3284 [ C7968E26F2EA5393E720F24164B7FA37 ] C:\WINNT\assembly\GAC\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
07:32:44.0515 3284 C:\WINNT\assembly\GAC\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll - ok
07:32:44.0546 3284 [ EE47787D2A09F01796AB1CF7D0CE8120 ] C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7237ea9\System.Drawing.dll
07:32:44.0546 3284 C:\WINNT\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7237ea9\System.Drawing.dll - ok
07:32:44.0578 3284 [ FFDF18891FBEDC0920300FEB2FB3FBBD ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll
07:32:44.0578 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll - ok
07:32:44.0593 3284 [ 79FD6D7ECBC36E0274C68E5015DC256C ] C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll
07:32:44.0593 3284 C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll - ok
07:32:44.0625 3284 [ F991B99D8F1DEB23D0E3814DAA74100D ] C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll
07:32:44.0625 3284 C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll - ok
07:32:44.0640 3284 [ 7A6BCFC7E1C0EA19514D4A6EACBA36C2 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.dll
07:32:44.0640 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.dll - ok
07:32:44.0671 3284 [ 5F0B7C746935E585BB9ABD0DF20DF600 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.Shared.dll
07:32:44.0671 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.Shared.dll - ok
07:32:44.0687 3284 [ FD3FC2325CB338CC06760DDA23647457 ] C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll
07:32:44.0687 3284 C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll - ok
07:32:44.0718 3284 [ 32CE7014A0E11A2D04DF69CA3BA8D6C8 ] C:\Program Files\ATI Technologies\ATI.ACE\DEM.Foundation.dll
07:32:44.0718 3284 C:\Program Files\ATI Technologies\ATI.ACE\DEM.Foundation.dll - ok
07:32:44.0750 3284 [ 196F5C5A8537EE4E4C4661B9C8E8D028 ] C:\WINNT\assembly\GAC\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
07:32:44.0750 3284 C:\WINNT\assembly\GAC\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll - ok
07:32:44.0765 3284 [ 734D79161E3E0F9DE81582D1249C6989 ] C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0601.dll
07:32:44.0765 3284 C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0601.dll - ok
07:32:44.0796 3284 [ E99E5A7B19E31E8713C5BE557894509F ] C:\WINNT\assembly\GAC\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
07:32:44.0796 3284 C:\WINNT\assembly\GAC\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll - ok
07:32:44.0812 3284 [ ECA1C909A54EAE908B91BC4A7217FC35 ] C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll
07:32:44.0812 3284 C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll - ok
07:32:44.0843 3284 [ B51D29A14B4EDEB4ED0AD864A3FF9556 ] C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll
07:32:44.0843 3284 C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll - ok
07:32:44.0859 3284 [ 3838A46B043209D6113E1DB6E0A82975 ] C:\WINNT\assembly\GAC\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
07:32:44.0859 3284 C:\WINNT\assembly\GAC\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll - ok
07:32:44.0890 3284 [ D6FDFE5B352403AD6C0DE3293BA669FF ] C:\WINNT\assembly\GAC\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
07:32:44.0890 3284 C:\WINNT\assembly\GAC\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll - ok
07:32:44.0921 3284 [ 0E8254639DEDEF3F5387E1F05C305CA5 ] C:\WINNT\assembly\GAC\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
07:32:44.0921 3284 C:\WINNT\assembly\GAC\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll - ok
07:32:44.0937 3284 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINNT\system32\rasdlg.dll
07:32:44.0937 3284 C:\WINNT\system32\rasdlg.dll - ok
07:32:44.0968 3284 [ C1561312448395907CBFC0A2D9B98C62 ] C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
07:32:44.0968 3284 C:\WINNT\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok
07:32:44.0984 3284 [ C0C1EAB9CC9B3B9511AE2F2BE17056E4 ] C:\Program Files\HP\Digital Imaging\bin\en\hpqgalry.resources.dll
07:32:44.0984 3284 C:\Program Files\HP\Digital Imaging\bin\en\hpqgalry.resources.dll - ok
07:32:45.0000 3284 [ B1A5CC969574DAC8FBD49B1164823D5F ] C:\WINNT\system32\ATIDEMGR.dll
07:32:45.0000 3284 C:\WINNT\system32\ATIDEMGR.dll - ok
07:32:45.0031 3284 [ 7A9DFD6D5E2EFCA43AC1F231DF2E1D96 ] C:\WINNT\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
07:32:45.0031 3284 C:\WINNT\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll - ok
07:32:45.0046 3284 [ 99EC655E7D79FF515991FF322F30CB70 ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
07:32:45.0046 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll - ok
07:32:45.0078 3284 [ 77A6B4360966CFEE517ADAD807892792 ] C:\WINNT\assembly\GAC\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
07:32:45.0078 3284 C:\WINNT\assembly\GAC\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll - ok
07:32:45.0109 3284 [ EC5C685ACAD87936B790064AAF87788E ] C:\WINNT\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll
07:32:45.0109 3284 C:\WINNT\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll - ok
07:32:45.0125 3284 [ E837FDBB92E9873E538395B623F45462 ] C:\WINNT\system32\wbem\cimwin32.dll
07:32:45.0125 3284 C:\WINNT\system32\wbem\cimwin32.dll - ok
07:32:45.0156 3284 [ 26AAF8560AF2857B411E16587F5E21A4 ] C:\WINNT\assembly\GAC\LEAD\13.0.0.66__9cf889f53ea9b907\LEAD.dll
07:32:45.0156 3284 C:\WINNT\assembly\GAC\LEAD\13.0.0.66__9cf889f53ea9b907\LEAD.dll - ok
07:32:45.0171 3284 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINNT\system32\security.dll
07:32:45.0171 3284 C:\WINNT\system32\security.dll - ok
07:32:45.0203 3284 [ 1497069481FDA6967436CF5096E93B05 ] C:\WINNT\assembly\GAC\LEAD.Wrapper\13.0.0.66__9cf889f53ea9b907\LEAD.Wrapper.dll
07:32:45.0203 3284 C:\WINNT\assembly\GAC\LEAD.Wrapper\13.0.0.66__9cf889f53ea9b907\LEAD.Wrapper.dll - ok
07:32:45.0234 3284 [ CB7BBA5413CB8EE3E13C240BFA119715 ] C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll
07:32:45.0234 3284 C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll - ok
07:32:45.0250 3284 [ 5F2599319F6622F311A6AE4E590FD81A ] C:\WINNT\assembly\GAC\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
07:32:45.0250 3284 C:\WINNT\assembly\GAC\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll - ok
07:32:45.0265 3284 [ DDBFF36C9C1FE06198F6B58D26BF4E15 ] C:\WINNT\assembly\GAC\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
07:32:45.0265 3284 C:\WINNT\assembly\GAC\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll - ok
07:32:45.0296 3284 [ 64C95FA25EE226D60ABE723C1D1E4FB2 ] C:\WINNT\assembly\GAC\hpqtray.resources\3.0.0.0_en_a53cf5803f4c3827\hpqtray.resources.dll
07:32:45.0296 3284 C:\WINNT\assembly\GAC\hpqtray.resources\3.0.0.0_en_a53cf5803f4c3827\hpqtray.resources.dll - ok
07:32:45.0312 3284 [ 656421105E87F4ECE5633D0061412A88 ] C:\WINNT\assembly\GAC\LEAD.Windows.Forms\13.0.0.66__9cf889f53ea9b907\LEAD.Windows.Forms.dll
07:32:45.0312 3284 C:\WINNT\assembly\GAC\LEAD.Windows.Forms\13.0.0.66__9cf889f53ea9b907\LEAD.Windows.Forms.dll - ok
07:32:45.0343 3284 [ F27508B6DA412E005A732767DCB2B32F ] C:\WINNT\assembly\GAC\LEAD.Drawing\13.0.0.66__9cf889f53ea9b907\LEAD.Drawing.dll
07:32:45.0343 3284 C:\WINNT\assembly\GAC\LEAD.Drawing\13.0.0.66__9cf889f53ea9b907\LEAD.Drawing.dll - ok
07:32:45.0359 3284 [ 2B855F89FCA1DF10353F108AC2B55B4E ] C:\WINNT\assembly\GAC\hpqfmrsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqfmrsc.resources.dll
07:32:45.0359 3284 C:\WINNT\assembly\GAC\hpqfmrsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqfmrsc.resources.dll - ok
07:32:45.0390 3284 [ 3DFE9B36B310582160BF0F081E51BC04 ] C:\WINNT\assembly\GAC\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
07:32:45.0390 3284 C:\WINNT\assembly\GAC\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll - ok
07:32:45.0406 3284 [ FA9022DF1C1BE272BA6BDF712C36A2FC ] C:\Program Files\HP\Digital Imaging\bin\hpodev08.dll
07:32:45.0421 3284 C:\Program Files\HP\Digital Imaging\bin\hpodev08.dll - ok
07:32:45.0437 3284 [ EC42DE0442C9CB52766C3320ACD2A0C5 ] C:\Program Files\HP\Digital Imaging\bin\hpodeb08.dll
07:32:45.0437 3284 C:\Program Files\HP\Digital Imaging\bin\hpodeb08.dll - ok
07:32:45.0468 3284 [ 7B56CF8A157D655A4C0700DB06EEFC4E ] C:\Program Files\HP\Digital Imaging\bin\hposcn08.dll
07:32:45.0468 3284 C:\Program Files\HP\Digital Imaging\bin\hposcn08.dll - ok
07:32:45.0484 3284 [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINNT\system32\sti.dll
07:32:45.0484 3284 C:\WINNT\system32\sti.dll - ok
07:32:45.0500 3284 [ 11ADF091EF578D211793BD57ADE967E4 ] C:\Program Files\HP\Digital Imaging\bin\hposcn08.rsc
07:32:45.0500 3284 C:\Program Files\HP\Digital Imaging\bin\hposcn08.rsc - ok
07:32:45.0515 3284 [ A5261C4E83D9B53C1815F7503199AF35 ] C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll
07:32:45.0531 3284 C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll - ok
07:32:45.0546 3284 [ 4B1BC262B76232056F3B247C37F26940 ] C:\WINNT\system32\MFC71.DLL
07:32:45.0546 3284 C:\WINNT\system32\MFC71.DLL - ok
07:32:45.0578 3284 [ 8F2097E8B174F38178570C611464935F ] C:\WINNT\system32\atl71.dll
07:32:45.0578 3284 C:\WINNT\system32\atl71.dll - ok
07:32:45.0593 3284 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\WINNT\system32\MSVCP71.DLL
07:32:45.0593 3284 C:\WINNT\system32\MSVCP71.DLL - ok
07:32:45.0625 3284 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\WINNT\system32\MFC71ENU.DLL
07:32:45.0625 3284 C:\WINNT\system32\MFC71ENU.DLL - ok
07:32:45.0640 3284 [ BC77758DED7A9E0128937A490BE11BEA ] C:\WINNT\assembly\GAC\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
07:32:45.0640 3284 C:\WINNT\assembly\GAC\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll - ok
07:32:45.0671 3284 [ 597A11165ED1B357C6776C52DE3F608C ] C:\WINNT\assembly\GAC\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
07:32:45.0671 3284 C:\WINNT\assembly\GAC\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll - ok
07:32:45.0703 3284 [ A1B44C0A1AD71F86579A4521D5B1C024 ] C:\WINNT\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
07:32:45.0703 3284 C:\WINNT\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll - ok
07:32:45.0718 3284 [ 95E92090394C815F82B0AED330500B1A ] C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll
07:32:45.0718 3284 C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll - ok
07:32:45.0750 3284 [ A34C780AD37DFF4FB363A8E5AD1FC175 ] C:\Program Files\HP\Digital Imaging\bin\en\hpqmirsc.resources.dll
07:32:45.0750 3284 C:\Program Files\HP\Digital Imaging\bin\en\hpqmirsc.resources.dll - ok
07:32:45.0765 3284 [ 16105FE2451F233E547303034E2618E0 ] C:\WINNT\assembly\GAC\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
07:32:45.0765 3284 C:\WINNT\assembly\GAC\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll - ok
07:32:45.0781 3284 [ 775F9AF75DFBDBF74A8CD0FBF2F1C328 ] C:\WINNT\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
07:32:45.0781 3284 C:\WINNT\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll - ok
07:32:45.0812 3284 [ A67A023557323E5CA568383228506167 ] C:\WINNT\assembly\GAC\hpqcprsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqcprsc.resources.dll
07:32:45.0812 3284 C:\WINNT\assembly\GAC\hpqcprsc.resources\3.0.0.0_en_a53cf5803f4c3827\hpqcprsc.resources.dll - ok
07:32:45.0828 3284 [ 292A4B5BE5DB485E7088955F34586878 ] C:\WINNT\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
07:32:45.0828 3284 C:\WINNT\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll - ok
07:32:45.0859 3284 [ 0BA7450557844966591FF53962612514 ] C:\WINNT\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
07:32:45.0859 3284 C:\WINNT\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll - ok
07:32:45.0890 3284 [ B3AD3F5190A1D12A6BF5CBEF4F5C8C39 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Runtime.dll
07:32:45.0890 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Runtime.dll - ok
07:32:45.0906 3284 [ D3D9693161A8EEF2102B032D5669EA23 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
07:32:45.0906 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Shared.dll - ok
07:32:45.0937 3284 [ 4E9F72A66641BAB10EE86AECE5384616 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Runtime.dll
07:32:45.0937 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Runtime.dll - ok
07:32:45.0953 3284 [ 1649E7247D5644CC058ED101C917DC62 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Shared.dll
07:32:45.0953 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Shared.dll - ok
07:32:45.0984 3284 [ 1EACE5D1A04200882B4A8BA11259B2A3 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.dll
07:32:45.0984 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.dll - ok
07:32:46.0015 3284 [ CED3DE6514D23ACA10A70111150C3D4E ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.dll
07:32:46.0015 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.dll - ok
07:32:46.0031 3284 [ AF91DBE7F99339A8979B1C35D1E19496 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
07:32:46.0031 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Runtime.dll - ok
07:32:46.0062 3284 [ 0F014D9D66E7D1B74591A92373995AAE ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Runtime.dll
07:32:46.0062 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Runtime.dll - ok
07:32:46.0093 3284 [ B5FCF44501BE11B819000EB7654B74A9 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
07:32:46.0093 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll - ok
07:32:46.0109 3284 [ DC664EF28F755A383B46F2005CC46BBA ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
07:32:46.0109 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll - ok
07:32:46.0140 3284 [ 7EC34D9C9EC55B184F83325C1EB111B3 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Runtime.dll
07:32:46.0140 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Runtime.dll - ok
07:32:46.0156 3284 [ C326B58A26A6E8E564B66762AF14D7A5 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll
07:32:46.0156 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll - ok
07:32:46.0187 3284 [ 9179A07F62B6ABEAF28669768CE2DE77 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Runtime.dll
07:32:46.0187 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Runtime.dll - ok
07:32:46.0218 3284 [ 65D39D2F8205F901DC8B1A43735CFD49 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll
07:32:46.0218 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll - ok
07:32:46.0234 3284 [ 1714AC80DB95F809E839A4ECA225E280 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.dll
07:32:46.0234 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.dll - ok
07:32:46.0265 3284 [ 8F64F1DBF00F1921A5D346BCE4842CBE ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll
07:32:46.0265 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll - ok
07:32:46.0281 3284 [ 535625AE679F3A34FB5C52EA25D409FA ] C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.VideoOverlay.Shared.dll
07:32:46.0281 3284 C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.VideoOverlay.Shared.dll - ok
07:32:46.0296 3284 [ 5C2C3E5E19FA0D223E5C5529A05F2923 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Runtime.dll
07:32:46.0296 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Runtime.dll - ok
07:32:46.0328 3284 [ 55D36852C4F14009EE957AFB2763021D ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.dll
07:32:46.0328 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.dll - ok
07:32:46.0343 3284 [ BDF109A414DA6BC415F8B13B88E5A18F ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll
07:32:46.0343 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll - ok
07:32:46.0375 3284 [ 18C0F0333602B762986EFFECBC3F9DC0 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Runtime.dll
07:32:46.0375 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Runtime.dll - ok
07:32:46.0406 3284 [ D9816BEEBDAD867ACCCA33B71266BE4C ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
07:32:46.0406 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll - ok
07:32:46.0421 3284 [ 7604C29D87E6623A75A442BA20E8465B ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
07:32:46.0421 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Shared.dll - ok
07:32:46.0453 3284 [ 014F929DB421E20F00EF72B5BDF106B0 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Runtime.dll
07:32:46.0453 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Runtime.dll - ok
07:32:46.0468 3284 [ 16D3373FE82561C16B7C119686E66A3B ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Shared.dll
07:32:46.0468 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Shared.dll - ok
07:32:46.0500 3284 [ F97AFAF98B949A5D5C2F48532414EB11 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
07:32:46.0500 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll - ok
07:32:46.0515 3284 [ 0267397F18A15C5952C2797C1DFF6D09 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
07:32:46.0515 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll - ok
07:32:46.0531 3284 [ 108331740AB22382C9F563F48E7E6E31 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Runtime.dll
07:32:46.0531 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Runtime.dll - ok
07:32:46.0562 3284 [ 2E1E7DAFA74D129551C8A1B6CF445428 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll
07:32:46.0562 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll - ok
07:32:46.0593 3284 [ A2D4BFDD0FF18A833A39ACB080033946 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
07:32:46.0593 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.dll - ok
07:32:46.0609 3284 [ 8F3BFD57A5436636264441928CEA0B7C ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll
07:32:46.0609 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll - ok
07:32:46.0640 3284 [ 7DFAF6FB2EF80E3C6760547E1AD4D8C5 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.CustomFormats.Graphics.Shared.dll
07:32:46.0640 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.CustomFormats.Graphics.Shared.dll - ok
07:32:46.0656 3284 [ 143D63AA20B5741A11F0D90C878E27D7 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Runtime.dll
07:32:46.0656 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Runtime.dll - ok
07:32:46.0687 3284 [ 6FAAD8A1E61B00071BE9D8C192D3085B ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll
07:32:46.0687 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll - ok
07:32:46.0703 3284 [ AD0C0D98CCD60B639AE1D0AC91EF2D60 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Runtime.dll
07:32:46.0703 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Runtime.dll - ok
07:32:46.0734 3284 [ 33C05A3827A8863063763BC60BE1FBEC ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
07:32:46.0734 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Runtime.dll - ok
07:32:46.0765 3284 [ EEDD03445836EB7261D329D98B80C396 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
07:32:46.0765 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll - ok
07:32:46.0781 3284 [ 638C3D76E6EB86A5C4444459241154E6 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
07:32:46.0781 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Shared.dll - ok
07:32:46.0812 3284 [ 6CDC12F94F64FFE78EA14E99C9244CE8 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Runtime.dll
07:32:46.0812 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Runtime.dll - ok
07:32:46.0828 3284 [ 25BD09EA63673F2DF45FD05CF5A028CF ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Shared.dll
07:32:46.0828 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Shared.dll - ok
07:32:46.0859 3284 [ C25CCB77B377D7A0B5AAB11ABABA4656 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
07:32:46.0859 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Runtime.dll - ok
07:32:46.0890 3284 [ 7A0AEF7903C829B2CB15D2859425660D ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll
07:32:46.0890 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll - ok
07:32:46.0906 3284 [ 84526FB4076FA93DC18249D62193C6F3 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Runtime.dll
07:32:46.0906 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Runtime.dll - ok
07:32:46.0937 3284 [ E4F3020B0BC9FBC3AB504E4246566D21 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll
07:32:46.0937 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll - ok
07:32:46.0953 3284 [ 3C33B6903EC9749E20875BF87A2AB46C ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Shared.dll
07:32:46.0953 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Shared.dll - ok
07:32:46.0984 3284 [ E4868C0243860745E82D1871ABAD1FC4 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
07:32:46.0984 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll - ok
07:32:47.0000 3284 [ 7E83DA4E75E3CD90EABB3530EC05AC6C ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll
07:32:47.0000 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll - ok
07:32:47.0015 3284 [ 0A250CD7C03F900B5ACC1ADD6A2AA4A9 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
07:32:47.0015 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Runtime.dll - ok
07:32:47.0046 3284 [ F53D7142A810C8B4CCECE284F0A4ABF5 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll
07:32:47.0046 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll - ok
07:32:47.0062 3284 [ 6EECB091CE0FDDF36E76A60CABE00382 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
07:32:47.0062 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll - ok
07:32:47.0093 3284 [ 33B9257FBD96E6CA1DDD5921335A9680 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
07:32:47.0093 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll - ok
07:32:47.0109 3284 [ B1E405D0706B464CD3E064FA770FE4C7 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll
07:32:47.0109 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll - ok
07:32:47.0140 3284 [ 601C6ECF58491E1190E9C2777421A733 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Shared.dll
07:32:47.0140 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Shared.dll - ok
07:32:47.0171 3284 [ B679AA0E8454A5076064140F33BE11F6 ] C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0600.dll
07:32:47.0171 3284 C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0600.dll - ok
07:32:47.0187 3284 [ CCE066EA2F7DB17B6DFF7855ADBAF3EC ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll
07:32:47.0187 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll - ok
07:32:47.0218 3284 [ 209CF6282C9966B2C0519898679614F6 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Shared.dll
07:32:47.0218 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Shared.dll - ok
07:32:47.0234 3284 [ A87E956BC090F889920C521845A58A05 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
07:32:47.0234 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll - ok
07:32:47.0265 3284 [ A6FEB6CB256EC4FFEEE749938C99C30F ] C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0602.dll
07:32:47.0265 3284 C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0602.dll - ok
07:32:47.0281 3284 [ BEEADC2EFDF152B8A519ED501D51721B ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll
07:32:47.0281 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll - ok
07:32:47.0296 3284 [ E5255E7FEE8D74DBA67F7A8AED07C56E ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll
07:32:47.0296 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll - ok
07:32:47.0328 3284 [ A240CCFF967AD3915E05B9D7195C5BCB ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll
07:32:47.0328 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll - ok
07:32:47.0359 3284 [ 31FB4B337DD09BDF99429D7DBB5FDD48 ] C:\WINNT\system32\netfxperf.dll
07:32:47.0359 3284 C:\WINNT\system32\netfxperf.dll - ok
07:32:47.0375 3284 [ FFFB49BA718EB2D100E58129265D002C ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
07:32:47.0375 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll - ok
07:32:47.0406 3284 [ 4CB954AB77A04452B2A997070ECF9D7A ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
07:32:47.0406 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - ok
07:32:47.0421 3284 [ 48C66D75C4073322B335F5080575711C ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Shared.dll
07:32:47.0421 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Shared.dll - ok
07:32:47.0453 3284 [ 924639F31CBB6A9FF198EC1B970D2965 ] C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
07:32:47.0453 3284 C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - ok
07:32:47.0484 3284 [ 6596C86F80CBD2CF831383CA7210876D ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
07:32:47.0484 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll - ok
07:32:47.0500 3284 [ D95D875405BA657A6C21BE65ABA589D1 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll
07:32:47.0500 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll - ok
07:32:47.0515 3284 [ 43E4758953F454090CAD65C303796ED5 ] C:\WINNT\system32\query.dll
07:32:47.0515 3284 C:\WINNT\system32\query.dll - ok
07:32:47.0546 3284 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINNT\system32\perfdisk.dll
07:32:47.0546 3284 C:\WINNT\system32\perfdisk.dll - ok
07:32:47.0562 3284 [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINNT\system32\perfnet.dll
07:32:47.0562 3284 C:\WINNT\system32\perfnet.dll - ok
07:32:47.0593 3284 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINNT\system32\perfos.dll
07:32:47.0593 3284 C:\WINNT\system32\perfos.dll - ok
07:32:47.0609 3284 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINNT\system32\perfproc.dll
07:32:47.0609 3284 C:\WINNT\system32\perfproc.dll - ok
07:32:47.0640 3284 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINNT\system32\cryptnet.dll
07:32:47.0640 3284 C:\WINNT\system32\cryptnet.dll - ok
07:32:47.0671 3284 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINNT\system32\pschdprf.dll
07:32:47.0671 3284 C:\WINNT\system32\pschdprf.dll - ok
07:32:47.0703 3284 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINNT\system32\traffic.dll
07:32:47.0703 3284 C:\WINNT\system32\traffic.dll - ok
07:32:47.0718 3284 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINNT\system32\rasctrs.dll
07:32:47.0718 3284 C:\WINNT\system32\rasctrs.dll - ok
07:32:47.0734 3284 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINNT\system32\rsvpperf.dll
07:32:47.0734 3284 C:\WINNT\system32\rsvpperf.dll - ok
07:32:47.0765 3284 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINNT\system32\tapiperf.dll
07:32:47.0765 3284 C:\WINNT\system32\tapiperf.dll - ok
07:32:47.0781 3284 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINNT\system32\perfctrs.dll
07:32:47.0781 3284 C:\WINNT\system32\perfctrs.dll - ok
07:32:47.0812 3284 [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINNT\system32\perfts.dll
07:32:47.0812 3284 C:\WINNT\system32\perfts.dll - ok
07:32:47.0828 3284 [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINNT\system32\utildll.dll
07:32:47.0828 3284 C:\WINNT\system32\utildll.dll - ok
07:32:47.0859 3284 [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINNT\system32\wbem\wmiaprpl.dll
07:32:47.0859 3284 C:\WINNT\system32\wbem\wmiaprpl.dll - ok
07:32:47.0890 3284 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINNT\system32\loadperf.dll
07:32:47.0890 3284 C:\WINNT\system32\loadperf.dll - ok
07:32:47.0921 3284 [ E0673F1106E62A68D2257E376079F821 ] C:\WINNT\system32\wbem\wmiapsrv.exe
07:32:47.0921 3284 C:\WINNT\system32\wbem\wmiapsrv.exe - ok
07:32:47.0937 3284 [ 2786AEC3D77234997DF81C658F50F572 ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
07:32:47.0937 3284 C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok
07:32:47.0953 3284 [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINNT\system32\wbem\wmiapres.dll
07:32:47.0953 3284 C:\WINNT\system32\wbem\wmiapres.dll - ok
07:32:47.0984 3284 [ C6F64AE6F9F7DE23EE538D5C80A5C362 ] C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll
07:32:47.0984 3284 C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll - ok
07:32:48.0000 3284 [ A125CBFE55C05735417786DD15A5BE76 ] C:\WINNT\system32\tscfgwmi.dll
07:32:48.0000 3284 C:\WINNT\system32\tscfgwmi.dll - ok
07:32:48.0015 3284 [ 8B096963C4970DE85E85F92FA3556654 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Systemtray.dll
07:32:48.0015 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Systemtray.dll - ok
07:32:48.0046 3284 [ E28A4BFAB97380E589341D31D4609A37 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.dll
07:32:48.0046 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.dll - ok
07:32:48.0078 3284 [ 64B6786CE471A956ED85560A70089F46 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.Clients.dll
07:32:48.0078 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.Clients.dll - ok
07:32:48.0109 3284 [ 621822F2F2BDE521D3FC687B62659B76 ] C:\WINNT\system32\mnmdd.dll
07:32:48.0109 3284 C:\WINNT\system32\mnmdd.dll - ok
07:32:48.0140 3284 [ 179DE25B564BFE4875E6FA2E49DDBE8A ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.Shared.dll
07:32:48.0140 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.Shared.dll - ok
07:32:48.0156 3284 [ A3C0A42C88C7C1E3C65AB2DA3A5E6B0C ] C:\WINNT\system32\rdpdd.dll
07:32:48.0156 3284 C:\WINNT\system32\rdpdd.dll - ok
07:32:48.0187 3284 [ 117E243C294FAA83F9AB68A6A55C393A ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.dll
07:32:48.0187 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.dll - ok
07:32:48.0203 3284 [ 367A206BD7874183E272B08096C839DC ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.Shared.dll
07:32:48.0203 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.Shared.dll - ok
07:32:48.0234 3284 [ 23EFFAFD53040643C64641738BC12D39 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
07:32:48.0234 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Wizard.dll - ok
07:32:48.0265 3284 [ CE3CD758094A18474F615502E9272279 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Wizard.dll
07:32:48.0265 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Wizard.dll - ok
07:32:48.0265 3284 [ 6DFD192BA4E3F23EBD75322FA066FF9F ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
07:32:48.0265 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll - ok
07:32:48.0296 3284 [ 666DA8DDCB4AEA7A2A918E2513FC49E0 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Wizard.dll
07:32:48.0296 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Wizard.dll - ok
07:32:48.0328 3284 [ 899D2E452B0C11D8B38441C37DAFA532 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
07:32:48.0328 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Wizard.dll - ok
07:32:48.0359 3284 [ 347601BEE80BCAEDCFE2E52A37B9310A ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Wizard.dll
07:32:48.0359 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Wizard.dll - ok
07:32:48.0375 3284 [ E32BEBFE4A591B5E3CBBA4B561CC3E13 ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
07:32:48.0375 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll - ok
07:32:48.0421 3284 [ 9CE43FA89D3D0429293493E3573DA44F ] C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
07:32:48.0421 3284 C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Wizard.dll - ok
07:32:48.0453 3284 ============================================================
07:32:48.0453 3284 Scan finished
07:32:48.0453 3284 ============================================================
07:32:48.0578 3264 Detected object count: 15
07:32:48.0578 3264 Actual detected object count: 15
07:33:36.0046 3264 AOL ACS ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0046 3264 AOL ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0046 3264 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0046 3264 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0062 3264 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0062 3264 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0062 3264 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0062 3264 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0062 3264 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0062 3264 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0078 3264 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0078 3264 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0078 3264 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0078 3264 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0078 3264 iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0078 3264 iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0078 3264 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0078 3264 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0093 3264 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0093 3264 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0093 3264 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0093 3264 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0109 3264 MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0109 3264 MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0109 3264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0109 3264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0125 3264 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0125 3264 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:33:36.0125 3264 WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
07:33:36.0125 3264 WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip

#14 Pere92

Pere92
  • Topic Starter

  • Members
  • 60 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 15 January 2013 - 01:31 PM

Had to run this in safe mode so I couldn't get updates BUT i recently ran it for another member in another forum prior to coming here so hopefully it isn't too out of date.


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-15 13:11:52
-----------------------------
13:11:52.187 OS Version: Windows 5.1.2600 Service Pack 3
13:11:52.187 Number of processors: 2 586 0x303
13:11:52.187 ComputerName: KIDS UserName:
13:11:53.875 Initialize success
13:12:01.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:12:01.343 Disk 0 Vendor: WDC_WD1200BB-22DWA0 15.05R15 Size: 114473MB BusType: 3
13:12:01.375 Disk 0 MBR read successfully
13:12:01.390 Disk 0 MBR scan
13:12:01.406 Disk 0 Windows XP default MBR code
13:12:01.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114470 MB offset 63
13:12:01.453 Disk 0 scanning sectors +234436545
13:12:01.546 Disk 0 scanning C:\WINNT\system32\drivers
13:12:20.640 Service scanning
13:12:57.453 Modules scanning
13:13:10.250 Disk 0 trace - called modules:
13:13:10.296 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
13:13:10.312 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b78030]
13:13:10.328 3 CLASSPNP.SYS[f7643fd7] -> nt!IofCallDriver -> \Device\0000006d[0x86b529e8]
13:13:15.343 5 ACPI.sys[f75aa620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b53d98]
13:13:15.625 Scan finished successfully
13:15:18.171 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
13:15:18.218 The log file has been saved successfully to "J:\aswMBR2.txt"

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:21 PM

Posted 15 January 2013 - 04:24 PM

if you still have to go into safe mode - go into safemode with networking so our tools may update

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users