Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worm.DorkBot Infection


  • This topic is locked This topic is locked
24 replies to this topic

#1 wgrogers

wgrogers

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 11 February 2013 - 09:48 PM

A friend on skype sent over a link.  She said something about our funny avi's which we just changed on the weekend.  There was a link, and I didn't think twice and clicked it.  I was so convinced she had seen what we did, and as I opened the file, she sent a second and a third.  I wrote back and asked if she really sent it.  You can guess the answer.
 
I think I caught it but I read this is a nasty so posting a DDS.txt file to start things off.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2
Run by Greg at 18:40:15 on 2013-02-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1236 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = file:///C:/Documents%20and%20Settings/Greg/Desktop/DESKTOP%20FOLDERS/newindex.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SigmaTel StacMon] c:\program files\sigmatel\sigmatel ac97 audio drivers\stacmon.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\docume~1\greg\startm~1\programs\startup\remindme.lnk - c:\documents and settings\greg\my documents\downloads\remindme\remindme\RemindMe.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} - hxxp://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.5.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269471504921
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1347713975906
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{09A569D0-4A75-448B-AE17-5A5FF51BE181} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{6FBD2671-6449-46BD-8D5C-845B368A6CE4} : DHCPNameServer = 192.168.2.1 216.148.227.68
TCP: Interfaces\{71454660-66F5-40B4-AF9F-580DF373B065} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{891E6D80-13CA-42F7-BBC4-5890410641CD} : DHCPNameServer = 192.168.2.1 216.148.227.68
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\greg\application data\mozilla\firefox\profiles\4z6w6jpl.default-1347518965859\
FF - prefs.js: browser.startup.homepage - file:///C:/Documents%20and%20Settings/Greg/Desktop/DESKTOP%20FOLDERS/newindex.html
FF - plugin: c:\documents and settings\greg\application data\mozilla\firefox\profiles\4z6w6jpl.default-1347518965859\extensions\{9eb34849-81d3-4841-939d-666d522b889a}\plugins\npSlingPlayer.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - ExtSQL: 2013-01-05 17:40; {9EB34849-81D3-4841-939D-666D522B889A}; c:\documents and settings\greg\application data\mozilla\firefox\profiles\4z6w6jpl.default-1347518965859\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 193552]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver;c:\windows\system32\drivers\AvgAsCln.sys [2007-6-28 10872]
R1 MpKsle54f344f;MpKsle54f344f;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b4875f2d-ce6a-478c-8cc8-57555ad1821b}\MpKsle54f344f.sys [2013-2-11 29904]
R2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files\splashtop\splashtop remote\server\SRService.exe [2013-1-28 551264]
R2 SSUService;Splashtop Software Updater Service;c:\program files\splashtop\splashtop software updater\SSUService.exe [2013-1-24 583456]
R2 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2007-8-22 598856]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2004-5-4 80384]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2010-3-18 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2010-3-18 10448]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;\??\c:\program files\grisoft\avg anti-spyware 7.5\guard.sys --> c:\program files\grisoft\avg anti-spyware 7.5\guard.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-8-5 10448]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 GTICARD;GTICARD;c:\windows\system32\drivers\gticard.sys [2003-2-6 59328]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: THELOG~1.EXE: Open=c:\progra~1\thelog~1\THELOG~1.EXE
.
=============== Created Last 30 ================
.
2013-02-11 23:52:32 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b4875f2d-ce6a-478c-8cc8-57555ad1821b}\offreg.dll
2013-02-11 23:52:32 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b4875f2d-ce6a-478c-8cc8-57555ad1821b}\MpKsle54f344f.sys
2013-02-11 23:32:05 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b4875f2d-ce6a-478c-8cc8-57555ad1821b}\mpengine.dll
2013-02-11 22:46:09 98816 ----a-w- c:\windows\sed.exe
2013-02-11 22:46:09 256000 ----a-w- c:\windows\PEV.exe
2013-02-11 22:46:09 208896 ----a-w- c:\windows\MBR.exe
2013-02-11 14:24:38 -------- d-----w- c:\documents and settings\all users\application data\Splashtop
2013-02-11 14:23:30 -------- d-----w- c:\documents and settings\greg\local settings\application data\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
2013-02-09 19:59:18 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-06 23:34:33 98304 ----a-w- c:\windows\system32\AliasELM100.dll
2013-02-06 23:34:32 -------- d-----w- c:\program files\AliasELM100
2013-02-01 21:47:31 -------- d-----w- c:\program files\WinMerge
.
==================== Find3M ====================
.
2013-02-11 15:26:40 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2013-02-08 15:46:47 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-08 15:46:46 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-15 00:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 18:40:52.23 ===============



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 11 February 2013 - 09:59 PM


Greetings and Welcome Back to The Forums!!

I don't see anything but lets do some checking anyway smile.png

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-
  • Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-AdwCleaner-
  • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 11 February 2013 - 10:41 PM

As per your instructions:
 
########################### 1. checkup.txt ###########################

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
JavaFX 2.1.1
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.5.502.149
Adobe Reader XI
Mozilla Firefox 14.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 3%
````````````````````End of Log``````````````````````

 
########################### 2. AdwCleaner[s1].txt ###########################

# AdwCleaner v2.112 - Logfile created 02/11/2013 at 19:27:58
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Greg - PRIMARY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Greg\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Greg\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Common Files\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

File : C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\4z6w6jpl.default-1347518965859\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\g9ew7f7y.default\prefs.js

C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\g9ew7f7y.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3788 octets] - [11/02/2013 19:27:58]

########## EOF - C:\AdwCleaner[S1].txt - [3848 octets] ##########

 
########################### 3.  RKreport.txt ###########################
RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Greg [Admin rights]
Mode : Remove -- Date : 02/11/2013 19:35:59
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 75869002752c4239268084e6441751c3
[BSP] 77939d4a78d2181219f931fe43f676a3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 95393 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_02112013_02d1935.txt >>
RKreport[1]_S_02112013_02d1933.txt ; RKreport[2]_D_02112013_02d1935.txt


 



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 11 February 2013 - 10:50 PM


Hello Greg

The board has change a little since the last we worked together smile.png

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

  • Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 11 February 2013 - 11:21 PM

Here is combo fix.

ComboFix 13-02-07.02 - Greg n 02/11/13 20:05:48.9.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1539 [GMT -8:00]
Running from: c:\documents and settings\Greg\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2013-01-12 to 2013-02-12 )))))))))))))))))))))))))))))))
.
.
2013-02-11 14:24 . 2013-02-11 14:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Splashtop
2013-02-11 14:23 . 2013-02-11 14:23 -------- d-----w- c:\documents and settings\Greg\Local Settings\Application Data\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
2013-02-09 19:59 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 23:34 . 2006-06-21 01:18 98304 ----a-w- c:\windows\system32\AliasELM100.dll
2013-02-06 23:34 . 2013-02-06 23:53 -------- d-----w- c:\program files\AliasELM100
2013-02-01 21:47 . 2013-02-01 22:34 -------- d-----w- c:\program files\WinMerge
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 15:46 . 2012-04-04 14:55 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-08 15:46 . 2011-05-14 13:05 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2012-09-15 02:28 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-15 00:49 . 2008-11-29 21:06 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-14 00:17 . 2012-09-15 02:23 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmaTel StacMon"="c:\program files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe" [2004-04-29 90169]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-11-10 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-10 602182]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 947176]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
RemindMe.lnk - c:\documents and settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe [2007-6-13 228334]
.
c:\documents and settings\Greg\Start Menu\Programs\Startup\
RemindMe.lnk - c:\documents and settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe [2007-6-13 228334]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2005-10-07 22:13 176128 ----a-r- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX500]
2003-06-01 20:00 99840 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_S4I2K1.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX580 Series]
2006-05-23 12:00 139264 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIBPA.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-05-18 20:41 1311312 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-14 01:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-11 17:39 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\Splashtop\\Splashtop Remote\\Server\\SRServer.exe"=
"c:\\Program Files\\Splashtop\\Splashtop Remote\\Server\\SRFeature.exe"=
"c:\\Program Files\\Splashtop\\Splashtop Remote\\Server\\DataProxy.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files\Splashtop\Splashtop Remote\Server\SRService.exe [1/28/13 3:22 PM 551264]
R2 SSUService;Splashtop Software Updater Service;c:\program files\Splashtop\Splashtop Software Updater\SSUService.exe [1/24/13 6:48 PM 583456]
R2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [8/22/07 12:48 AM 598856]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [5/4/04 12:26 AM 80384]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [3/18/10 1:01 AM 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [3/18/10 1:01 AM 10448]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [8/5/11 4:23 PM 10448]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/11 10:08 AM 11336]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 GTICARD;GTICARD;c:\windows\system32\drivers\gticard.sys [2/6/03 6:23 PM 59328]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/4/04 4:00 AM 14336]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 20:34]
.
2013-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 00:57]
.
2013-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 00:57]
.
2013-02-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1390067357-920026266-854245398-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 06:09]
.
2013-01-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1390067357-920026266-854245398-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 06:09]
.
2011-12-21 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2007-09-29 23:31]
.
.
------- Supplementary Scan -------
.
uStart Page = file:///C:/Documents%20and%20Settings/Greg/Desktop/DESKTOP%20FOLDERS/newindex.html
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Greg\Application Data\Mozilla\Firefox\Profiles\4z6w6jpl.default-1347518965859\
FF - prefs.js: browser.startup.homepage - file:///C:/Documents%20and%20Settings/Greg/Desktop/DESKTOP%20FOLDERS/newindex.html
FF - ExtSQL: 2013-01-05 17:40; {9EB34849-81D3-4841-939D-666D522B889A}; c:\documents and settings\Greg\Application Data\Mozilla\Firefox\Profiles\4z6w6jpl.default-1347518965859\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-11 20:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|.W .¤Ý§]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|.W .¤Ý§\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|¾Z0~¨]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|¾Z0~¨\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|¾ZŠ³FÅ]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1390067357-920026266-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*Öš€|¾ZŠ³FÅ\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(2732)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-02-11 20:18:05
ComboFix-quarantined-files.txt 2013-02-12 04:18
ComboFix2.txt 2013-02-11 23:00
.
Pre-Run: 53,410,201,600 bytes free
Post-Run: 53,393,219,584 bytes free
.
- - End Of File - - 1FCF27A8A6333319177D9F9A34E947F2

As far as how the computer is running, I don't notice anything but I've been cautious
about doing anything with it. I'm not getting any VBS popups, seems to be running okay.
You seeing anything here in combofix?

Thanks
Greg

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 11 February 2013 - 11:28 PM

Greetings

Don't see anything out of place yet lets run these two scans and if they come up clean then I think you are doing good

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it or you can upload it here and send me the link - http://www.2shared.com/
  • Malwarebytes Anti-Rootkit

    1.Download Malwarebytes Anti-Rootkit
    2.Unzip the contents to a folder in a convenient location.
    3.Open the folder where the contents were unzipped and run mbar.exe
    4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    6.Wait while the system shuts down and the cleanup process is performed.
    7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • •Internet access
      •Windows Update
      •Windows Firewall
    9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
    10.Verify that your system is now functioning normally.

    Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 12 February 2013 - 05:31 AM

I ran the Anti-Rootkit a few times. It kept showing one driver file that it said was suspicious, in system32\drivers\w29n51.sys. It would not or could not

delete it so I finally opened the folder to see. It shows up in the C:\WINDOWS\system32\drivers folder, date modified September 12, 2005 & 3.14MB.


It also appears in folder C:\WINDOWS\system32\DRVSTORE\w29n51_B4DB085D140C6265DCA5E78CC26122444CD2D577 and with the same date,

time and size. It looks like it is a driver for the Intel PRO/Wireless 2200BG Network Hardware, see this page:
http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00001&languageid=en-fr  that talks about a vunerability and says that version is no longer

supported, see http://www.intel.com/p/en_US/support/highlights/wireless/pro2200bg for details.

So maybe that's why Anti-Rootkit kept trying to delete it? Before today, about a month ago, I had to hardwire the laptop to the router because I couldn't

keep the connection. I'm guessing I need to go to intel and download the driver? Anyway, below is the TDSSKiller log. Looks like it is going to fit:

20:45:55.0187 1988 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:45:56.0218 1988 ============================================================
20:45:56.0218 1988 Current date / time: 2013/02/11 20:45:56.0218
20:45:56.0218 1988 SystemInfo:
20:45:56.0250 1988
20:45:56.0250 1988 OS Version: 5.1.2600 ServicePack: 3.0
20:45:56.0250 1988 Product type: Workstation
20:45:56.0250 1988 ComputerName: PRIMARY
20:45:56.0250 1988 UserName: Greg
20:45:56.0250 1988 Windows directory: C:\WINDOWS
20:45:56.0250 1988 System windows directory: C:\WINDOWS
20:45:56.0250 1988 Processor architecture: Intel x86
20:45:56.0281 1988 Number of processors: 1
20:45:56.0281 1988 Page size: 0x1000
20:45:56.0281 1988 Boot type: Normal boot
20:45:56.0281 1988 ============================================================
20:45:58.0781 1988 BG loaded
20:45:59.0296 1988 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:45:59.0359 1988 ============================================================
20:45:59.0359 1988 \Device\Harddisk0\DR0:
20:45:59.0359 1988 MBR partitions:
20:45:59.0359 1988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA50E02
20:45:59.0359 1988 ============================================================
20:45:59.0437 1988 C: <-> \Device\Harddisk0\DR0\Partition1
20:45:59.0437 1988 ============================================================
20:45:59.0437 1988 Initialize success
20:45:59.0437 1988 ============================================================
20:46:55.0781 2228 ============================================================
20:46:55.0781 2228 Scan started
20:46:55.0781 2228 Mode: Manual; SigCheck; TDLFS;
20:46:55.0781 2228 ============================================================
20:47:01.0765 2228 ================ Scan system memory ========================
20:47:04.0015 2228 System memory - ok
20:47:04.0015 2228 ================ Scan services =============================
20:47:04.0125 2228 Abiosdsk - ok
20:47:04.0125 2228 abp480n5 - ok
20:47:04.0187 2228 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:47:06.0031 2228 ACPI - ok
20:47:06.0078 2228 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:47:06.0250 2228 ACPIEC - ok
20:47:06.0250 2228 adpu160m - ok
20:47:06.0296 2228 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:47:06.0437 2228 aec - ok
20:47:06.0484 2228 [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:47:06.0515 2228 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:47:06.0515 2228 AegisP - detected UnsignedFile.Multi.Generic (1)
20:47:06.0546 2228 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
20:47:06.0562 2228 Afc ( UnsignedFile.Multi.Generic ) - warning
20:47:06.0562 2228 Afc - detected UnsignedFile.Multi.Generic (1)
20:47:06.0609 2228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:47:06.0656 2228 AFD - ok
20:47:06.0687 2228 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:47:06.0828 2228 agp440 - ok
20:47:06.0828 2228 Aha154x - ok
20:47:06.0828 2228 aic78u2 - ok
20:47:06.0843 2228 aic78xx - ok
20:47:06.0875 2228 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:47:06.0984 2228 Alerter - ok
20:47:07.0015 2228 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:47:07.0109 2228 ALG - ok
20:47:07.0125 2228 AliIde - ok
20:47:07.0125 2228 amsint - ok
20:47:07.0171 2228 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
20:47:07.0218 2228 ApfiltrService - ok
20:47:07.0375 2228 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:47:07.0390 2228 Apple Mobile Device - ok
20:47:07.0437 2228 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:47:07.0546 2228 AppMgmt - ok
20:47:07.0578 2228 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:47:07.0812 2228 Arp1394 - ok
20:47:07.0828 2228 asc - ok
20:47:07.0843 2228 asc3350p - ok
20:47:07.0843 2228 asc3550 - ok
20:47:07.0906 2228 [ ED8CEE58C1E4C5893F5B2FD686A272BF ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
20:47:07.0906 2228 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
20:47:07.0906 2228 Aspi32 - detected UnsignedFile.Multi.Generic (1)
20:47:08.0031 2228 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:47:08.0109 2228 aspnet_state - ok
20:47:08.0140 2228 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:47:08.0281 2228 AsyncMac - ok
20:47:08.0328 2228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:47:08.0468 2228 atapi - ok
20:47:08.0468 2228 Atdisk - ok
20:47:08.0531 2228 [ DFEA480EE09BDEB7F51244900170E173 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
20:47:08.0609 2228 Ati HotKey Poller - ok
20:47:08.0671 2228 [ 2A6C99CFDC23C9C26D0E30B1C99748D4 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:47:08.0781 2228 ati2mtag - ok
20:47:08.0812 2228 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:47:09.0015 2228 Atmarpc - ok
20:47:09.0062 2228 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:47:09.0296 2228 AudioSrv - ok
20:47:09.0328 2228 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:47:09.0453 2228 audstub - ok
20:47:09.0468 2228 AVG Anti-Spyware Driver - ok
20:47:09.0500 2228 [ 856B0CEE009946BF2D327E6B24FE7E3F ] AvgAsCln C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys
20:47:18.0375 2228 AvgAsCln - ok
20:47:18.0484 2228 [ 2ACF06176B9D011567D7F25B83DDD066 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:47:18.0562 2228 b57w2k - ok
20:47:18.0671 2228 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:47:18.0984 2228 Beep - ok
20:47:19.0046 2228 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:47:19.0375 2228 BITS - ok
20:47:19.0515 2228 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:47:19.0578 2228 Bonjour Service - ok
20:47:19.0640 2228 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:47:19.0703 2228 Browser - ok
20:47:20.0015 2228 catchme - ok
20:47:20.0062 2228 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:47:20.0390 2228 cbidf2k - ok
20:47:20.0406 2228 cd20xrnt - ok
20:47:20.0453 2228 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:47:20.0593 2228 Cdaudio - ok
20:47:20.0640 2228 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:47:20.0812 2228 Cdfs - ok
20:47:20.0843 2228 [ 837EEF65AF62D4E8A37C41D3879F7274 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
20:47:20.0859 2228 Cdr4_xp - ok
20:47:20.0890 2228 [ 579DA2F9F5401F55DAE2CF8779D61DFC ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
20:47:20.0906 2228 Cdralw2k - ok
20:47:20.0953 2228 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:47:21.0109 2228 Cdrom - ok
20:47:21.0171 2228 [ CFD81F2140193FC7F1812E6D6EAF6795 ] cdudf_xp C:\WINDOWS\system32\drivers\cdudf_xp.sys
20:47:21.0265 2228 cdudf_xp ( UnsignedFile.Multi.Generic ) - warning
20:47:21.0265 2228 cdudf_xp - detected UnsignedFile.Multi.Generic (1)
20:47:21.0265 2228 Changer - ok
20:47:21.0343 2228 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:47:21.0546 2228 CiSvc - ok
20:47:21.0562 2228 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:47:21.0859 2228 ClipSrv - ok
20:47:22.0000 2228 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:22.0046 2228 clr_optimization_v2.0.50727_32 - ok
20:47:22.0093 2228 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:47:22.0265 2228 clr_optimization_v4.0.30319_32 - ok
20:47:22.0328 2228 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:47:22.0578 2228 CmBatt - ok
20:47:22.0593 2228 CmdIde - ok
20:47:22.0656 2228 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:47:22.0921 2228 Compbatt - ok
20:47:22.0937 2228 COMSysApp - ok
20:47:22.0953 2228 Cpqarray - ok
20:47:23.0031 2228 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
20:47:23.0046 2228 cpudrv - ok
20:47:23.0093 2228 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:47:23.0265 2228 CryptSvc - ok
20:47:23.0281 2228 dac2w2k - ok
20:47:23.0281 2228 dac960nt - ok
20:47:23.0343 2228 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:47:23.0406 2228 DcomLaunch - ok
20:47:23.0453 2228 [ 913938A5382BFB2487AACAEA408A14D2 ] DevUpper C:\WINDOWS\system32\DRIVERS\tiumflt.sys
20:47:23.0515 2228 DevUpper - ok
20:47:23.0609 2228 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:47:23.0796 2228 Dhcp - ok
20:47:23.0843 2228 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:47:24.0078 2228 Disk - ok
20:47:24.0093 2228 dmadmin - ok
20:47:24.0203 2228 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:47:24.0453 2228 dmboot - ok
20:47:24.0500 2228 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:47:24.0734 2228 dmio - ok
20:47:24.0781 2228 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:47:25.0015 2228 dmload - ok
20:47:25.0046 2228 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:47:25.0234 2228 dmserver - ok
20:47:25.0265 2228 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:47:25.0406 2228 DMusic - ok
20:47:25.0453 2228 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:47:25.0562 2228 Dnscache - ok
20:47:25.0593 2228 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:47:25.0765 2228 Dot3svc - ok
20:47:25.0765 2228 dpti2o - ok
20:47:25.0828 2228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:47:26.0000 2228 drmkaud - ok
20:47:26.0015 2228 [ 677829F7010768EEEED8D0083E510DAB ] dvd_2K C:\WINDOWS\system32\drivers\dvd_2K.sys
20:47:26.0062 2228 dvd_2K ( UnsignedFile.Multi.Generic ) - warning
20:47:26.0062 2228 dvd_2K - detected UnsignedFile.Multi.Generic (1)
20:47:26.0156 2228 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:47:26.0390 2228 EapHost - ok
20:47:26.0484 2228 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:47:26.0718 2228 ERSvc - ok
20:47:26.0734 2228 esgiguard - ok
20:47:26.0781 2228 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:47:26.0859 2228 Eventlog - ok
20:47:26.0921 2228 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:47:27.0031 2228 EventSystem - ok
20:47:27.0296 2228 [ F8AF9BA55E23599FFF540E976194F546 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
20:47:27.0375 2228 EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:47:27.0375 2228 EvtEng - detected UnsignedFile.Multi.Generic (1)
20:47:27.0421 2228 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:47:27.0734 2228 Fastfat - ok
20:47:27.0843 2228 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:47:28.0062 2228 FastUserSwitchingCompatibility - ok
20:47:28.0093 2228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
20:47:28.0250 2228 Fdc - ok
20:47:28.0421 2228 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:47:28.0640 2228 Fips - ok
20:47:28.0734 2228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
20:47:28.0937 2228 Flpydisk - ok
20:47:29.0265 2228 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:47:29.0531 2228 FltMgr - ok
20:47:29.0781 2228 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:47:29.0859 2228 FontCache3.0.0.0 - ok
20:47:29.0906 2228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:47:30.0171 2228 Fs_Rec - ok
20:47:30.0218 2228 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:47:30.0453 2228 Ftdisk - ok
20:47:30.0515 2228 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:47:30.0531 2228 GEARAspiWDM - ok
20:47:30.0609 2228 [ 78494AE0F93358179B97571B9E76997C ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
20:47:30.0703 2228 getPlus® Helper - ok
20:47:30.0750 2228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:47:30.0984 2228 Gpc - ok
20:47:31.0015 2228 [ B14D8F5DEDF7C495C7D3104D58E1D31C ] GTICARD C:\WINDOWS\system32\DRIVERS\gticard.sys
20:47:31.0125 2228 GTICARD - ok
20:47:31.0171 2228 [ 7D074058804AD398F93CA0A08AF83FF2 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys
20:47:31.0296 2228 GTIPCI21 - ok
20:47:31.0484 2228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:47:31.0515 2228 gupdate - ok
20:47:31.0546 2228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:47:31.0578 2228 gupdatem - ok
20:47:31.0734 2228 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:47:31.0921 2228 helpsvc - ok
20:47:32.0000 2228 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:47:32.0156 2228 HidServ - ok
20:47:32.0203 2228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:47:32.0421 2228 HidUsb - ok
20:47:32.0468 2228 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:47:32.0703 2228 hkmsvc - ok
20:47:32.0703 2228 hpn - ok
20:47:32.0781 2228 [ A84BBBDD125D370593004F6429F8445C ] HSFHWICH C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
20:47:32.0859 2228 HSFHWICH - ok
20:47:33.0093 2228 [ 272914D8E356BBBFFBE7E88871A188EF ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:47:33.0437 2228 HSF_DP - ok
20:47:33.0671 2228 [ B678FA91CF4A1C19B462D8DB04CD02AB ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
20:47:33.0796 2228 HSF_DPV - ok
20:47:33.0906 2228 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:47:33.0984 2228 HTTP - ok
20:47:34.0031 2228 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:47:34.0312 2228 HTTPFilter - ok
20:47:34.0328 2228 i2omgmt - ok
20:47:34.0328 2228 i2omp - ok
20:47:34.0390 2228 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:47:34.0531 2228 i8042prt - ok
20:47:34.0609 2228 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:47:34.0640 2228 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:47:34.0640 2228 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:47:34.0890 2228 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:47:35.0062 2228 idsvc - ok
20:47:35.0109 2228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:47:35.0359 2228 Imapi - ok
20:47:35.0437 2228 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:47:35.0656 2228 ImapiService - ok
20:47:35.0656 2228 ini910u - ok
20:47:35.0718 2228 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:47:35.0937 2228 IntelIde - ok
20:47:36.0046 2228 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:47:36.0265 2228 intelppm - ok
20:47:36.0296 2228 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:47:36.0468 2228 Ip6Fw - ok
20:47:36.0484 2228 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:47:36.0625 2228 IpFilterDriver - ok
20:47:36.0687 2228 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:47:36.0843 2228 IpInIp - ok
20:47:36.0859 2228 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:47:37.0000 2228 IpNat - ok
20:47:37.0031 2228 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:47:37.0312 2228 IPSec - ok
20:47:37.0406 2228 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:47:37.0500 2228 IRENUM - ok
20:47:37.0593 2228 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:47:37.0796 2228 isapnp - ok
20:47:37.0921 2228 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
20:47:37.0953 2228 JavaQuickStarterService - ok
20:47:38.0000 2228 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:47:38.0203 2228 Kbdclass - ok
20:47:38.0250 2228 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:47:38.0484 2228 kbdhid - ok
20:47:38.0609 2228 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:47:38.0875 2228 kmixer - ok
20:47:39.0000 2228 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:47:39.0218 2228 KSecDD - ok
20:47:39.0312 2228 [ 20C919B52897B72EBCB2AD2FC29D8EF0 ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
20:47:39.0359 2228 L8042mou ( UnsignedFile.Multi.Generic ) - warning
20:47:39.0359 2228 L8042mou - detected UnsignedFile.Multi.Generic (1)
20:47:39.0593 2228 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:47:39.0953 2228 lanmanserver - ok
20:47:40.0000 2228 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:47:40.0156 2228 lanmanworkstation - ok
20:47:40.0187 2228 [ CA63FE81705AD660E482BEF210BF2C73 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
20:47:40.0296 2228 LBeepKE - ok
20:47:40.0296 2228 lbrtfdc - ok
20:47:40.0421 2228 [ AB097D0F93B30A6D79D430422AC6A7E8 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:47:40.0531 2228 LBTServ - ok
20:47:40.0578 2228 [ ED8F9311CAE12C41A58DAE2EA6D6C849 ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
20:47:40.0625 2228 LEqdUsb - ok
20:47:40.0640 2228 [ 9943F10C60EAF714C7010B37025A5AC5 ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
20:47:40.0656 2228 LHidEqd - ok
20:47:40.0671 2228 [ B68309F25C5787385DA842EB5B496958 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:47:40.0703 2228 LHidFilt - ok
20:47:40.0750 2228 [ 31B582394DA3290DFF300F10952E9A4D ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
20:47:40.0796 2228 LHidKe ( UnsignedFile.Multi.Generic ) - warning
20:47:40.0796 2228 LHidKe - detected UnsignedFile.Multi.Generic (1)
20:47:40.0828 2228 [ CBD1C6BFF70E170CEC6E1502E7FCFEF6 ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
20:47:40.0875 2228 LHidUsbK ( UnsignedFile.Multi.Generic ) - warning
20:47:40.0875 2228 LHidUsbK - detected UnsignedFile.Multi.Generic (1)
20:47:40.0968 2228 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:47:41.0234 2228 LmHosts - ok
20:47:41.0281 2228 [ 63D3B1D3CD267FCC186A0146B80D453B ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:47:41.0296 2228 LMouFilt - ok
20:47:41.0328 2228 [ 90A794D0A0BF3531C4BA1C0510449629 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
20:47:41.0375 2228 LMouKE ( UnsignedFile.Multi.Generic ) - warning
20:47:41.0375 2228 LMouKE - detected UnsignedFile.Multi.Generic (1)
20:47:41.0453 2228 [ 0C62957912D4DF1E4BA9795E6BE3ED38 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
20:47:41.0515 2228 LUsbFilt - ok
20:47:41.0578 2228 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:47:41.0609 2228 MDM - ok
20:47:41.0656 2228 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:47:41.0718 2228 mdmxsdk - ok
20:47:41.0734 2228 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:47:42.0031 2228 Messenger - ok
20:47:42.0046 2228 [ 9B90303A9C9405A6CE1466FF4AA20FDD ] mmc_2K C:\WINDOWS\system32\drivers\mmc_2K.sys
20:47:42.0250 2228 mmc_2K ( UnsignedFile.Multi.Generic ) - warning
20:47:42.0281 2228 mmc_2K - detected UnsignedFile.Multi.Generic (1)
20:47:42.0312 2228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:47:42.0515 2228 mnmdd - ok
20:47:42.0562 2228 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:47:42.0750 2228 mnmsrvc - ok
20:47:42.0796 2228 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:47:43.0062 2228 Modem - ok
20:47:43.0171 2228 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:47:43.0343 2228 Mouclass - ok
20:47:43.0359 2228 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:47:43.0531 2228 mouhid - ok
20:47:43.0546 2228 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:47:43.0734 2228 MountMgr - ok
20:47:43.0828 2228 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:47:43.0906 2228 MpFilter - ok
20:47:43.0906 2228 mraid35x - ok
20:47:43.0984 2228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:47:44.0125 2228 MRxDAV - ok
20:47:44.0218 2228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:47:44.0359 2228 MRxSmb - ok
20:47:44.0406 2228 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:47:44.0640 2228 MSDTC - ok
20:47:44.0671 2228 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:47:44.0890 2228 Msfs - ok
20:47:44.0906 2228 MSIServer - ok
20:47:44.0921 2228 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:47:45.0140 2228 MSKSSRV - ok
20:47:45.0250 2228 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:47:45.0343 2228 MsMpSvc - ok
20:47:45.0359 2228 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:47:45.0515 2228 MSPCLOCK - ok
20:47:45.0531 2228 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:47:45.0796 2228 MSPQM - ok
20:47:45.0843 2228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:47:45.0968 2228 mssmbios - ok
20:47:46.0031 2228 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:47:46.0125 2228 Mup - ok
20:47:46.0171 2228 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:47:46.0343 2228 napagent - ok
20:47:46.0437 2228 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:47:46.0734 2228 NDIS - ok
20:47:46.0781 2228 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:47:46.0875 2228 NdisTapi - ok
20:47:46.0906 2228 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:47:47.0078 2228 Ndisuio - ok
20:47:47.0109 2228 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:47:47.0296 2228 NdisWan - ok
20:47:47.0343 2228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:47:47.0437 2228 NDProxy - ok
20:47:47.0515 2228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:47:47.0734 2228 NetBIOS - ok
20:47:47.0812 2228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:47:48.0015 2228 NetBT - ok
20:47:48.0062 2228 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:47:48.0218 2228 NetDDE - ok
20:47:48.0218 2228 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:47:48.0328 2228 NetDDEdsdm - ok
20:47:48.0375 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:47:48.0531 2228 Netlogon - ok
20:47:48.0562 2228 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:47:48.0718 2228 Netman - ok
20:47:48.0750 2228 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:47:48.0859 2228 NetTcpPortSharing - ok
20:47:48.0875 2228 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:47:49.0015 2228 NIC1394 - ok
20:47:49.0062 2228 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:47:49.0125 2228 Nla - ok
20:47:49.0156 2228 [ 1ACF98D80E95ADD298832C7A8996B48C ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
20:47:49.0171 2228 nosGetPlusHelper - ok
20:47:49.0343 2228 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:47:49.0546 2228 Npfs - ok
20:47:49.0640 2228 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:47:49.0859 2228 Ntfs - ok
20:47:49.0875 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:47:50.0062 2228 NtLmSsp - ok
20:47:50.0156 2228 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:47:50.0312 2228 NtmsSvc - ok
20:47:50.0343 2228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:47:50.0484 2228 Null - ok
20:47:50.0640 2228 [ A933BEC064AA03DA7AF5D259D8EA73E1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:47:50.0796 2228 nv - ok
20:47:50.0875 2228 [ D2CAE11B646F91B1DD9FDFAD0013DECE ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:47:50.0906 2228 NVSvc - ok
20:47:50.0953 2228 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:47:51.0093 2228 NwlnkFlt - ok
20:47:51.0109 2228 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:47:51.0328 2228 NwlnkFwd - ok
20:47:51.0359 2228 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:47:51.0500 2228 ohci1394 - ok
20:47:51.0531 2228 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
20:47:51.0562 2228 OMCI ( UnsignedFile.Multi.Generic ) - warning
20:47:51.0562 2228 OMCI - detected UnsignedFile.Multi.Generic (1)
20:47:51.0609 2228 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:47:51.0640 2228 ose - ok
20:47:51.0671 2228 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:47:51.0812 2228 Parport - ok
20:47:51.0843 2228 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:47:52.0031 2228 PartMgr - ok
20:47:52.0078 2228 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:47:52.0265 2228 ParVdm - ok
20:47:52.0328 2228 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:47:52.0531 2228 PCI - ok
20:47:52.0546 2228 PCIDump - ok
20:47:52.0593 2228 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:47:52.0812 2228 PCIIde - ok
20:47:52.0859 2228 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:47:53.0046 2228 Pcmcia - ok
20:47:53.0046 2228 PDCOMP - ok
20:47:53.0062 2228 PDFRAME - ok
20:47:53.0062 2228 PDRELI - ok
20:47:53.0078 2228 PDRFRAME - ok
20:47:53.0093 2228 perc2 - ok
20:47:53.0093 2228 perc2hib - ok
20:47:53.0140 2228 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:47:53.0171 2228 PlugPlay - ok
20:47:53.0187 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:47:53.0359 2228 PolicyAgent - ok
20:47:53.0406 2228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:47:53.0593 2228 PptpMiniport - ok
20:47:53.0593 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:47:53.0781 2228 ProtectedStorage - ok
20:47:53.0812 2228 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:47:53.0984 2228 PSched - ok
20:47:54.0031 2228 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:47:54.0062 2228 PSI_SVC_2 - ok
20:47:54.0093 2228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:47:54.0296 2228 Ptilink - ok
20:47:54.0328 2228 [ D8B90616A8BD53DE281DBDB664C0984A ] pwd_2k C:\WINDOWS\system32\drivers\pwd_2k.sys
20:47:54.0359 2228 pwd_2k ( UnsignedFile.Multi.Generic ) - warning
20:47:54.0359 2228 pwd_2k - detected UnsignedFile.Multi.Generic (1)
20:47:54.0390 2228 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:47:54.0437 2228 PxHelp20 - ok
20:47:54.0437 2228 ql1080 - ok
20:47:54.0453 2228 Ql10wnt - ok
20:47:54.0453 2228 ql12160 - ok
20:47:54.0468 2228 ql1240 - ok
20:47:54.0500 2228 ql1280 - ok
20:47:54.0500 2228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:47:54.0671 2228 RasAcd - ok
20:47:54.0718 2228 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:47:54.0937 2228 RasAuto - ok
20:47:54.0968 2228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:47:55.0171 2228 Rasl2tp - ok
20:47:55.0218 2228 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:47:55.0359 2228 RasMan - ok
20:47:55.0390 2228 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:47:55.0531 2228 RasPppoe - ok
20:47:55.0546 2228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:47:55.0687 2228 Raspti - ok
20:47:55.0765 2228 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:47:55.0906 2228 Rdbss - ok
20:47:55.0906 2228 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:47:56.0062 2228 RDPCDD - ok
20:47:56.0093 2228 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:47:56.0375 2228 rdpdr - ok
20:47:56.0421 2228 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:47:56.0546 2228 RDPWD - ok
20:47:56.0593 2228 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:47:56.0734 2228 RDSessMgr - ok
20:47:56.0765 2228 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:47:56.0921 2228 redbook - ok
20:47:56.0968 2228 [ 68A4629A901CFB5B6628AF55AE0D0808 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20:47:56.0984 2228 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:47:56.0984 2228 RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:47:57.0031 2228 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:47:57.0203 2228 RemoteAccess - ok
20:47:57.0250 2228 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:47:57.0406 2228 RemoteRegistry - ok
20:47:57.0437 2228 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:47:57.0593 2228 RpcLocator - ok
20:47:57.0734 2228 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:47:57.0812 2228 RpcSs - ok
20:47:57.0859 2228 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:47:58.0062 2228 RSVP - ok
20:47:58.0109 2228 [ 44833553A6FBDAC1554F290F10018BA4 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
20:47:58.0171 2228 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
20:47:58.0171 2228 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
20:47:58.0203 2228 [ 662C9F09076A2E1224C8833DEF1F5CB0 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
20:47:58.0328 2228 s24trans ( UnsignedFile.Multi.Generic ) - warning
20:47:58.0328 2228 s24trans - detected UnsignedFile.Multi.Generic (1)
20:47:58.0343 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:47:58.0703 2228 SamSs - ok
20:47:58.0765 2228 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:47:58.0890 2228 SCardSvr - ok
20:47:58.0953 2228 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:47:59.0109 2228 Schedule - ok
20:47:59.0156 2228 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:47:59.0218 2228 Secdrv - ok
20:47:59.0281 2228 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:47:59.0421 2228 seclogon - ok
20:47:59.0453 2228 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:47:59.0703 2228 SENS - ok
20:47:59.0718 2228 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:47:59.0890 2228 serenum - ok
20:47:59.0937 2228 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:48:00.0078 2228 Serial - ok
20:48:00.0125 2228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:48:00.0265 2228 Sfloppy - ok
20:48:00.0406 2228 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:48:00.0593 2228 SharedAccess - ok
20:48:00.0640 2228 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:48:00.0656 2228 ShellHWDetection - ok
20:48:00.0671 2228 Simbad - ok
20:48:00.0687 2228 Sparrow - ok
20:48:00.0921 2228 [ 777B4A39A65854C39C581DD129F946B3 ] SplashtopRemoteService C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
20:48:01.0000 2228 SplashtopRemoteService - ok
20:48:01.0046 2228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:48:01.0234 2228 splitter - ok
20:48:01.0250 2228 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:48:01.0375 2228 Spooler - ok
20:48:01.0406 2228 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:48:01.0531 2228 sr - ok
20:48:01.0593 2228 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:48:01.0671 2228 srservice - ok
20:48:01.0812 2228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:48:01.0953 2228 Srv - ok
20:48:02.0015 2228 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:48:02.0156 2228 SSDPSRV - ok
20:48:02.0343 2228 [ F9AEDD871E1CD759B95728C9B935D203 ] SSUService C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
20:48:02.0406 2228 SSUService - ok
20:48:02.0531 2228 [ 305CC42945A713347F978D78566113F3 ] STAC97 C:\WINDOWS\system32\drivers\stac97.sys
20:48:02.0687 2228 STAC97 - ok
20:48:02.0750 2228 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:48:03.0109 2228 stisvc - ok
20:48:03.0156 2228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:48:03.0328 2228 swenum - ok
20:48:03.0343 2228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:48:03.0500 2228 swmidi - ok
20:48:03.0515 2228 SwPrv - ok
20:48:03.0531 2228 symc810 - ok
20:48:03.0531 2228 symc8xx - ok
20:48:03.0546 2228 sym_hi - ok
20:48:03.0562 2228 sym_u3 - ok
20:48:03.0625 2228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:03.0765 2228 sysaudio - ok
20:48:03.0796 2228 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:48:03.0937 2228 SysmonLog - ok
20:48:04.0015 2228 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:48:04.0171 2228 TapiSrv - ok
20:48:04.0343 2228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:48:04.0421 2228 Tcpip - ok
20:48:04.0468 2228 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:48:04.0703 2228 TDPIPE - ok
20:48:04.0734 2228 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:48:04.0906 2228 TDTCP - ok
20:48:04.0921 2228 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:48:05.0109 2228 TermDD - ok
20:48:05.0250 2228 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:48:05.0406 2228 TermService - ok
20:48:05.0453 2228 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:48:05.0484 2228 Themes - ok
20:48:05.0531 2228 [ A4C6F3E34358C94E5C3ACFC3392F8907 ] tiumfwl C:\WINDOWS\system32\drivers\tiumfwl.sys
20:48:05.0609 2228 tiumfwl - ok
20:48:05.0656 2228 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:48:05.0781 2228 TlntSvr - ok
20:48:05.0796 2228 TosIde - ok
20:48:05.0843 2228 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:48:06.0031 2228 TrkWks - ok
20:48:06.0062 2228 [ 4E75005B74BE901C30F2636DF40B0C15 ] UdfReadr_xp C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
20:48:06.0093 2228 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - warning
20:48:06.0093 2228 UdfReadr_xp - detected UnsignedFile.Multi.Generic (1)
20:48:06.0156 2228 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:48:06.0390 2228 Udfs - ok
20:48:06.0390 2228 ultra - ok
20:48:06.0484 2228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:48:06.0734 2228 Update - ok
20:48:06.0828 2228 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:48:06.0921 2228 upnphost - ok
20:48:06.0968 2228 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:48:07.0125 2228 UPS - ok
20:48:07.0187 2228 [ 5C2BDC152BBAB34F36473DEAF7713F22 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:48:07.0265 2228 USBAAPL - ok
20:48:07.0328 2228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:48:07.0468 2228 usbccgp - ok
20:48:07.0515 2228 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:48:07.0656 2228 usbehci - ok
20:48:07.0687 2228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:48:07.0859 2228 usbhub - ok
20:48:07.0906 2228 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:48:08.0093 2228 usbprint - ok
20:48:08.0125 2228 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:48:08.0296 2228 usbscan - ok
20:48:08.0328 2228 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:48:08.0531 2228 USBSTOR - ok
20:48:08.0578 2228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:48:08.0781 2228 usbuhci - ok
20:48:08.0812 2228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:48:09.0015 2228 VgaSave - ok
20:48:09.0015 2228 ViaIde - ok
20:48:09.0078 2228 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:48:09.0296 2228 VolSnap - ok
20:48:09.0375 2228 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:48:09.0531 2228 VSS - ok
20:48:09.0640 2228 [ 4FED83668F087ECBE810EA90BECEB765 ] w22n51 C:\WINDOWS\system32\DRIVERS\w22n51.sys
20:48:09.0890 2228 w22n51 - ok
20:48:10.0312 2228 [ 9EE38FFCB4CBE5BEE6C305700DDC4725 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
20:48:10.0796 2228 w29n51 - ok
20:48:10.0906 2228 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:48:11.0046 2228 W32Time - ok
20:48:11.0109 2228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:48:11.0343 2228 Wanarp - ok
20:48:11.0781 2228 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:48:11.0828 2228 Wdf01000 - ok
20:48:11.0843 2228 WDICA - ok
20:48:11.0921 2228 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:12.0046 2228 wdmaud - ok
20:48:12.0093 2228 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:48:12.0281 2228 WebClient - ok
20:48:12.0453 2228 [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:48:12.0531 2228 winachsf - ok
20:48:12.0765 2228 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:48:12.0890 2228 winmgmt - ok
20:48:13.0484 2228 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:48:13.0828 2228 WinRM - ok
20:48:13.0937 2228 [ 617E537771B3BA1D54091527D0D72DE4 ] WLANKEEPER C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
20:48:13.0968 2228 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
20:48:13.0968 2228 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
20:48:14.0046 2228 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:48:14.0281 2228 WmdmPmSN - ok
20:48:14.0421 2228 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:48:14.0531 2228 Wmi - ok
20:48:14.0593 2228 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:48:14.0921 2228 WmiApSrv - ok
20:48:15.0437 2228 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:48:15.0546 2228 WMPNetworkSvc - ok
20:48:15.0828 2228 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:48:16.0015 2228 WPFFontCache_v0400 - ok
20:48:16.0078 2228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:48:16.0265 2228 WS2IFSL - ok
20:48:16.0375 2228 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:48:16.0671 2228 wscsvc - ok
20:48:16.0718 2228 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:48:16.0890 2228 wuauserv - ok
20:48:16.0953 2228 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:48:17.0046 2228 WudfPf - ok
20:48:17.0078 2228 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:48:17.0125 2228 WudfSvc - ok
20:48:17.0468 2228 [ BE0B3774113713059527FCF071CCDBFE ] wwEngineSvc C:\Program Files\Webroot\Washer\WasherSvc.exe
20:48:17.0531 2228 wwEngineSvc - ok
20:48:17.0703 2228 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:48:17.0968 2228 WZCSVC - ok
20:48:18.0203 2228 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:48:18.0437 2228 xmlprov - ok
20:48:18.0453 2228 ================ Scan global ===============================
20:48:18.0531 2228 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:18.0703 2228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:48:18.0750 2228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:48:18.0828 2228 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:18.0828 2228 [Global] - ok
20:48:18.0828 2228 ================ Scan MBR ==================================
20:48:19.0093 2228 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:48:23.0062 2228 \Device\Harddisk0\DR0 - ok
20:48:23.0062 2228 ================ Scan VBR ==================================
20:48:23.0156 2228 [ 69CE3C22DBE66614196A18640E5DB573 ] \Device\Harddisk0\DR0\Partition1
20:48:23.0156 2228 \Device\Harddisk0\DR0\Partition1 - ok
20:48:23.0156 2228 ================ Scan active images ========================
20:48:23.0156 2228 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
20:48:23.0156 2228 C:\WINDOWS\system32\drivers\intelppm.sys - ok
20:48:23.0156 2228 [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
20:48:23.0156 2228 C:\WINDOWS\system32\drivers\cmbatt.sys - ok
20:48:23.0171 2228 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
20:48:23.0171 2228 C:\WINDOWS\system32\drivers\videoprt.sys - ok
20:48:23.0171 2228 [ 2A6C99CFDC23C9C26D0E30B1C99748D4 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
20:48:23.0171 2228 C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
20:48:23.0187 2228 [ 2ACF06176B9D011567D7F25B83DDD066 ] C:\WINDOWS\system32\drivers\b57xp32.sys
20:48:23.0187 2228 C:\WINDOWS\system32\drivers\b57xp32.sys - ok
20:48:23.0187 2228 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
20:48:23.0187 2228 C:\WINDOWS\system32\drivers\usbport.sys - ok
20:48:23.0203 2228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
20:48:23.0203 2228 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
20:48:23.0203 2228 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
20:48:23.0203 2228 C:\WINDOWS\system32\drivers\usbehci.sys - ok
20:48:23.0203 2228 [ 017DAECF0ED3AA731313433601EC40FA ] C:\WINDOWS\system32\drivers\smclib.sys
20:48:23.0203 2228 C:\WINDOWS\system32\drivers\smclib.sys - ok
20:48:23.0218 2228 [ 7D074058804AD398F93CA0A08AF83FF2 ] C:\WINDOWS\system32\drivers\gtipci21.sys
20:48:23.0218 2228 C:\WINDOWS\system32\drivers\gtipci21.sys - ok
20:48:23.0218 2228 [ 9EE38FFCB4CBE5BEE6C305700DDC4725 ] C:\WINDOWS\system32\drivers\w29n51.sys
20:48:23.0218 2228 C:\WINDOWS\system32\drivers\w29n51.sys - ok
20:48:23.0234 2228 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
20:48:23.0234 2228 C:\WINDOWS\system32\drivers\ks.sys - ok
20:48:23.0234 2228 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
20:48:23.0234 2228 C:\WINDOWS\system32\drivers\drmk.sys - ok
20:48:23.0250 2228 [ A84BBBDD125D370593004F6429F8445C ] C:\WINDOWS\system32\drivers\HSFHWICH.sys
20:48:23.0250 2228 C:\WINDOWS\system32\drivers\HSFHWICH.sys - ok
20:48:23.0250 2228 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
20:48:23.0250 2228 C:\WINDOWS\system32\drivers\portcls.sys - ok
20:48:23.0250 2228 [ 305CC42945A713347F978D78566113F3 ] C:\WINDOWS\system32\drivers\STAC97.sys
20:48:23.0250 2228 C:\WINDOWS\system32\drivers\STAC97.sys - ok
20:48:23.0265 2228 [ B678FA91CF4A1C19B462D8DB04CD02AB ] C:\WINDOWS\system32\drivers\HSF_DPV.SYS
20:48:23.0265 2228 C:\WINDOWS\system32\drivers\HSF_DPV.SYS - ok
20:48:23.0265 2228 [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
20:48:23.0265 2228 C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
20:48:23.0265 2228 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
20:48:23.0265 2228 C:\WINDOWS\system32\drivers\modem.sys - ok
20:48:23.0281 2228 [ 090880E9BF20F928BC341F96D27C019E ] C:\WINDOWS\system32\drivers\Apfiltr.sys
20:48:23.0281 2228 C:\WINDOWS\system32\drivers\Apfiltr.sys - ok
20:48:23.0281 2228 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
20:48:23.0281 2228 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
20:48:23.0296 2228 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
20:48:23.0296 2228 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
20:48:23.0296 2228 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
20:48:23.0296 2228 C:\WINDOWS\system32\drivers\mouclass.sys - ok
20:48:23.0296 2228 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
20:48:23.0296 2228 C:\WINDOWS\system32\drivers\serenum.sys - ok
20:48:23.0312 2228 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
20:48:23.0312 2228 C:\WINDOWS\system32\drivers\serial.sys - ok
20:48:23.0312 2228 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
20:48:23.0312 2228 C:\WINDOWS\system32\drivers\parport.sys - ok
20:48:23.0312 2228 [ A7B8A3A79D35215D798A300DF49ED23F ] C:\WINDOWS\system32\drivers\afc.sys
20:48:23.0312 2228 C:\WINDOWS\system32\drivers\afc.sys - ok
20:48:23.0328 2228 [ 837EEF65AF62D4E8A37C41D3879F7274 ] C:\WINDOWS\system32\drivers\cdr4_xp.sys
20:48:23.0328 2228 C:\WINDOWS\system32\drivers\cdr4_xp.sys - ok
20:48:23.0328 2228 [ 579DA2F9F5401F55DAE2CF8779D61DFC ] C:\WINDOWS\system32\drivers\cdralw2k.sys
20:48:23.0328 2228 C:\WINDOWS\system32\drivers\cdralw2k.sys - ok
20:48:23.0328 2228 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
20:48:23.0328 2228 C:\WINDOWS\system32\drivers\cdrom.sys - ok
20:48:23.0343 2228 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
20:48:23.0343 2228 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
20:48:23.0343 2228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
20:48:23.0343 2228 C:\WINDOWS\system32\drivers\imapi.sys - ok
20:48:23.0359 2228 [ D8B90616A8BD53DE281DBDB664C0984A ] C:\WINDOWS\system32\drivers\pwd_2K.sys
20:48:23.0359 2228 C:\WINDOWS\system32\drivers\pwd_2K.sys - ok
20:48:23.0359 2228 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
20:48:23.0359 2228 C:\WINDOWS\system32\drivers\redbook.sys - ok
20:48:23.0359 2228 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
20:48:23.0359 2228 C:\WINDOWS\system32\drivers\audstub.sys - ok
20:48:23.0375 2228 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
20:48:23.0375 2228 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
20:48:23.0375 2228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
20:48:23.0375 2228 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
20:48:23.0375 2228 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
20:48:23.0375 2228 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
20:48:23.0390 2228 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
20:48:23.0390 2228 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
20:48:23.0390 2228 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
20:48:23.0390 2228 C:\WINDOWS\system32\drivers\tdi.sys - ok
20:48:23.0390 2228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
20:48:23.0390 2228 C:\WINDOWS\system32\drivers\msgpc.sys - ok
20:48:23.0406 2228 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
20:48:23.0406 2228 C:\WINDOWS\system32\drivers\psched.sys - ok
20:48:23.0406 2228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
20:48:23.0406 2228 C:\WINDOWS\system32\drivers\raspptp.sys - ok
20:48:23.0406 2228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
20:48:23.0406 2228 C:\WINDOWS\system32\drivers\ptilink.sys - ok
20:48:23.0421 2228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
20:48:23.0421 2228 C:\WINDOWS\system32\drivers\raspti.sys - ok
20:48:23.0421 2228 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
20:48:23.0421 2228 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
20:48:23.0421 2228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
20:48:23.0421 2228 C:\WINDOWS\system32\drivers\swenum.sys - ok
20:48:23.0437 2228 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
20:48:23.0437 2228 C:\WINDOWS\system32\drivers\termdd.sys - ok
20:48:23.0437 2228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
20:48:23.0437 2228 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
20:48:23.0437 2228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
20:48:23.0437 2228 C:\WINDOWS\system32\drivers\update.sys - ok
20:48:23.0453 2228 [ 677829F7010768EEEED8D0083E510DAB ] C:\WINDOWS\system32\drivers\Dvd_2k.sys
20:48:23.0453 2228 C:\WINDOWS\system32\drivers\Dvd_2k.sys - ok
20:48:23.0453 2228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
20:48:23.0453 2228 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
20:48:23.0453 2228 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
20:48:23.0453 2228 C:\WINDOWS\system32\drivers\usbd.sys - ok
20:48:23.0468 2228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
20:48:23.0468 2228 C:\WINDOWS\system32\drivers\usbhub.sys - ok
20:48:23.0468 2228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
20:48:23.0468 2228 C:\WINDOWS\system32\drivers\fdc.sys - ok
20:48:23.0484 2228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
20:48:23.0484 2228 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
20:48:23.0484 2228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
20:48:23.0484 2228 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
20:48:23.0484 2228 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
20:48:23.0484 2228 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
20:48:23.0500 2228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
20:48:23.0500 2228 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
20:48:23.0500 2228 [ 856B0CEE009946BF2D327E6B24FE7E3F ] C:\WINDOWS\system32\drivers\AvgAsCln.sys
20:48:23.0500 2228 C:\WINDOWS\system32\drivers\AvgAsCln.sys - ok
20:48:23.0500 2228 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
20:48:23.0500 2228 C:\WINDOWS\system32\drivers\beep.sys - ok
20:48:23.0515 2228 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
20:48:23.0515 2228 C:\WINDOWS\system32\drivers\hidparse.sys - ok
20:48:23.0515 2228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
20:48:23.0515 2228 C:\WINDOWS\system32\drivers\null.sys - ok
20:48:23.0515 2228 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
20:48:23.0515 2228 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
20:48:23.0531 2228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
20:48:23.0531 2228 C:\WINDOWS\system32\drivers\vga.sys - ok
20:48:23.0531 2228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:23.0531 2228 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
20:48:23.0531 2228 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
20:48:23.0531 2228 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
20:48:23.0546 2228 [ CFD81F2140193FC7F1812E6D6EAF6795 ] C:\WINDOWS\system32\drivers\cdudf_xp.sys
20:48:23.0546 2228 C:\WINDOWS\system32\drivers\cdudf_xp.sys - ok
20:48:23.0546 2228 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
20:48:23.0546 2228 C:\WINDOWS\system32\drivers\msfs.sys - ok
20:48:23.0546 2228 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
20:48:23.0546 2228 C:\WINDOWS\system32\drivers\npfs.sys - ok
20:48:23.0562 2228 [ 4E75005B74BE901C30F2636DF40B0C15 ] C:\WINDOWS\system32\drivers\udfreadr_xp.sys
20:48:23.0562 2228 C:\WINDOWS\system32\drivers\udfreadr_xp.sys - ok
20:48:23.0562 2228 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
20:48:23.0562 2228 C:\WINDOWS\system32\drivers\ipsec.sys - ok
20:48:23.0562 2228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
20:48:23.0562 2228 C:\WINDOWS\system32\drivers\rasacd.sys - ok
20:48:23.0578 2228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
20:48:23.0578 2228 C:\WINDOWS\system32\drivers\tcpip.sys - ok
20:48:23.0578 2228 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
20:48:23.0578 2228 C:\WINDOWS\system32\drivers\ipnat.sys - ok
20:48:23.0578 2228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
20:48:23.0578 2228 C:\WINDOWS\system32\drivers\netbt.sys - ok
20:48:23.0593 2228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:48:23.0593 2228 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
20:48:23.0593 2228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
20:48:23.0593 2228 C:\WINDOWS\system32\drivers\afd.sys - ok
20:48:23.0593 2228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
20:48:23.0593 2228 C:\WINDOWS\system32\drivers\netbios.sys - ok
20:48:23.0609 2228 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
20:48:23.0609 2228 C:\WINDOWS\system32\drivers\rdbss.sys - ok
20:48:23.0609 2228 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] C:\WINDOWS\system32\drivers\omci.sys
20:48:23.0609 2228 C:\WINDOWS\system32\drivers\omci.sys - ok
20:48:23.0609 2228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
20:48:23.0609 2228 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
20:48:23.0625 2228 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
20:48:23.0625 2228 C:\WINDOWS\system32\drivers\fips.sys - ok
20:48:23.0625 2228 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
20:48:23.0625 2228 C:\WINDOWS\system32\smss.exe - ok
20:48:23.0625 2228 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
20:48:23.0625 2228 C:\WINDOWS\system32\ntdll.dll - ok
20:48:23.0625 2228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
20:48:23.0625 2228 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
20:48:23.0640 2228 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
20:48:23.0640 2228 C:\WINDOWS\system32\autochk.exe - ok
20:48:23.0640 2228 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
20:48:23.0640 2228 C:\WINDOWS\system32\sfcfiles.dll - ok
20:48:23.0640 2228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
20:48:23.0640 2228 C:\WINDOWS\system32\drivers\wanarp.sys - ok
20:48:23.0656 2228 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
20:48:23.0656 2228 C:\WINDOWS\system32\drivers\hidclass.sys - ok
20:48:23.0656 2228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
20:48:23.0656 2228 C:\WINDOWS\system32\drivers\hidusb.sys - ok
20:48:23.0656 2228 [ ED8F9311CAE12C41A58DAE2EA6D6C849 ] C:\WINDOWS\system32\drivers\LEqdUsb.sys
20:48:23.0656 2228 C:\WINDOWS\system32\drivers\LEqdUsb.sys - ok
20:48:23.0671 2228 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
20:48:23.0671 2228 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
20:48:23.0671 2228 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
20:48:23.0671 2228 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
20:48:23.0671 2228 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
20:48:23.0671 2228 C:\WINDOWS\system32\drivers\mouhid.sys - ok
20:48:23.0687 2228 [ 9943F10C60EAF714C7010B37025A5AC5 ] C:\WINDOWS\system32\drivers\LHidEqd.sys
20:48:23.0687 2228 C:\WINDOWS\system32\drivers\LHidEqd.sys - ok
20:48:23.0687 2228 [ B68309F25C5787385DA842EB5B496958 ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
20:48:23.0687 2228 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
20:48:23.0687 2228 [ 63D3B1D3CD267FCC186A0146B80D453B ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
20:48:23.0687 2228 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
20:48:23.0687 2228 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
20:48:23.0687 2228 C:\WINDOWS\system32\drivers\wmilib.sys - ok
20:48:23.0703 2228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
20:48:23.0703 2228 C:\WINDOWS\system32\drivers\atapi.sys - ok
20:48:23.0703 2228 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
20:48:23.0703 2228 C:\WINDOWS\system32\drivers\dxapi.sys - ok
20:48:23.0703 2228 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
20:48:23.0703 2228 C:\WINDOWS\system32\csrss.exe - ok
20:48:23.0718 2228 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
20:48:23.0718 2228 C:\WINDOWS\system32\watchdog.sys - ok
20:48:23.0718 2228 [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys
20:48:23.0718 2228 C:\WINDOWS\system32\win32k.sys - ok
20:48:23.0718 2228 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
20:48:23.0718 2228 C:\WINDOWS\system32\csrsrv.dll - ok
20:48:23.0718 2228 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:23.0718 2228 C:\WINDOWS\system32\basesrv.dll - ok
20:48:23.0734 2228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:48:23.0734 2228 C:\WINDOWS\system32\winsrv.dll - ok
20:48:23.0734 2228 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
20:48:23.0734 2228 C:\WINDOWS\system32\gdi32.dll - ok
20:48:23.0734 2228 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
20:48:23.0734 2228 C:\WINDOWS\system32\kernel32.dll - ok
20:48:23.0750 2228 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
20:48:23.0750 2228 C:\WINDOWS\system32\user32.dll - ok
20:48:23.0750 2228 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
20:48:23.0750 2228 C:\WINDOWS\system32\drivers\dxg.sys - ok
20:48:23.0750 2228 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
20:48:23.0750 2228 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
20:48:23.0765 2228 [ 366C5A72B8797CAC54CD451D2C3F41DC ] C:\WINDOWS\system32\ati2cqag.dll
20:48:23.0765 2228 C:\WINDOWS\system32\ati2cqag.dll - ok
20:48:23.0765 2228 [ FE188F2D4FC26DDC7A74662D0D657FF2 ] C:\WINDOWS\system32\ati2dvag.dll
20:48:23.0765 2228 C:\WINDOWS\system32\ati2dvag.dll - ok
20:48:23.0765 2228 [ 1DF2AA407C05A3CA9DD672DA964D80C4 ] C:\WINDOWS\system32\atikvmag.dll
20:48:23.0765 2228 C:\WINDOWS\system32\atikvmag.dll - ok
20:48:23.0765 2228 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
20:48:23.0765 2228 C:\WINDOWS\system32\vga.dll - ok
20:48:23.0781 2228 [ 1DE5DC0610AE3D24180B23AFC3B34A65 ] C:\WINDOWS\system32\ati3duag.dll
20:48:23.0781 2228 C:\WINDOWS\system32\ati3duag.dll - ok
20:48:23.0781 2228 [ 097A3C26827C97A9A8C3F44F7CF8FCF7 ] C:\WINDOWS\system32\ativvaxx.dll
20:48:23.0781 2228 C:\WINDOWS\system32\ativvaxx.dll - ok
20:48:23.0781 2228 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
20:48:23.0781 2228 C:\WINDOWS\system32\winlogon.exe - ok
20:48:23.0796 2228 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
20:48:23.0796 2228 C:\WINDOWS\system32\advapi32.dll - ok
20:48:23.0796 2228 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
20:48:23.0796 2228 C:\WINDOWS\system32\rpcrt4.dll - ok
20:48:23.0812 2228 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
20:48:23.0812 2228 C:\WINDOWS\system32\secur32.dll - ok
20:48:23.0812 2228 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
20:48:23.0812 2228 C:\WINDOWS\system32\authz.dll - ok
20:48:23.0812 2228 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
20:48:23.0812 2228 C:\WINDOWS\system32\msvcrt.dll - ok
20:48:23.0828 2228 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
20:48:23.0828 2228 C:\WINDOWS\system32\crypt32.dll - ok
20:48:23.0828 2228 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
20:48:23.0828 2228 C:\WINDOWS\system32\msasn1.dll - ok
20:48:23.0828 2228 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
20:48:23.0828 2228 C:\WINDOWS\system32\nddeapi.dll - ok
20:48:23.0843 2228 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
20:48:23.0843 2228 C:\WINDOWS\system32\profmap.dll - ok
20:48:23.0843 2228 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
20:48:23.0843 2228 C:\WINDOWS\system32\netapi32.dll - ok
20:48:23.0843 2228 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
20:48:23.0843 2228 C:\WINDOWS\system32\userenv.dll - ok
20:48:23.0859 2228 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
20:48:23.0859 2228 C:\WINDOWS\system32\psapi.dll - ok
20:48:23.0859 2228 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
20:48:23.0859 2228 C:\WINDOWS\system32\regapi.dll - ok
20:48:23.0859 2228 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
20:48:23.0859 2228 C:\WINDOWS\system32\setupapi.dll - ok
20:48:23.0875 2228 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
20:48:23.0875 2228 C:\WINDOWS\system32\version.dll - ok
20:48:23.0875 2228 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
20:48:23.0875 2228 C:\WINDOWS\system32\winsta.dll - ok
20:48:23.0875 2228 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
20:48:23.0875 2228 C:\WINDOWS\system32\wintrust.dll - ok
20:48:23.0890 2228 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
20:48:23.0890 2228 C:\WINDOWS\system32\imagehlp.dll - ok
20:48:23.0890 2228 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
20:48:23.0890 2228 C:\WINDOWS\system32\imm32.dll - ok
20:48:23.0890 2228 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
20:48:23.0890 2228 C:\WINDOWS\system32\ws2help.dll - ok
20:48:23.0890 2228 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
20:48:23.0890 2228 C:\WINDOWS\system32\ws2_32.dll - ok
20:48:23.0906 2228 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
20:48:23.0906 2228 C:\WINDOWS\system32\kbdus.dll - ok
20:48:23.0906 2228 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
20:48:23.0906 2228 C:\WINDOWS\system32\msgina.dll - ok
20:48:23.0906 2228 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
20:48:23.0906 2228 C:\WINDOWS\system32\comctl32.dll - ok
20:48:23.0921 2228 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
20:48:23.0921 2228 C:\WINDOWS\system32\odbc32.dll - ok
20:48:23.0921 2228 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
20:48:23.0921 2228 C:\WINDOWS\system32\comdlg32.dll - ok
20:48:23.0921 2228 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
20:48:23.0921 2228 C:\WINDOWS\system32\shell32.dll - ok
20:48:23.0937 2228 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
20:48:23.0937 2228 C:\WINDOWS\system32\shlwapi.dll - ok
20:48:23.0937 2228 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
20:48:23.0937 2228 C:\WINDOWS\system32\sxs.dll - ok
20:48:23.0937 2228 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
20:48:23.0937 2228 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
20:48:23.0937 2228 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
20:48:23.0937 2228 C:\WINDOWS\system32\odbcint.dll - ok
20:48:23.0953 2228 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
20:48:23.0953 2228 C:\WINDOWS\system32\shsvcs.dll - ok
20:48:23.0953 2228 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
20:48:23.0953 2228 C:\WINDOWS\system32\sfc.dll - ok
20:48:23.0953 2228 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
20:48:23.0953 2228 C:\WINDOWS\system32\sfc_os.dll - ok
20:48:23.0968 2228 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
20:48:23.0968 2228 C:\WINDOWS\system32\ole32.dll - ok
20:48:23.0968 2228 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
20:48:23.0968 2228 C:\WINDOWS\system32\apphelp.dll - ok
20:48:23.0968 2228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
20:48:23.0968 2228 C:\WINDOWS\system32\lsass.exe - ok
20:48:23.0984 2228 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:23.0984 2228 C:\WINDOWS\system32\services.exe - ok
20:48:23.0984 2228 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
20:48:23.0984 2228 C:\WINDOWS\system32\lsasrv.dll - ok
20:48:23.0984 2228 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
20:48:23.0984 2228 C:\WINDOWS\system32\ncobjapi.dll - ok
20:48:24.0000 2228 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
20:48:24.0000 2228 C:\WINDOWS\system32\msvcp60.dll - ok
20:48:24.0000 2228 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
20:48:24.0000 2228 C:\WINDOWS\system32\mpr.dll - ok
20:48:24.0000 2228 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
20:48:24.0000 2228 C:\WINDOWS\system32\scesrv.dll - ok
20:48:24.0015 2228 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
20:48:24.0015 2228 C:\WINDOWS\system32\ntdsapi.dll - ok
20:48:24.0015 2228 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
20:48:24.0015 2228 C:\WINDOWS\system32\dnsapi.dll - ok
20:48:24.0015 2228 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
20:48:24.0015 2228 C:\WINDOWS\system32\umpnpmgr.dll - ok
20:48:24.0031 2228 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
20:48:24.0031 2228 C:\WINDOWS\system32\wldap32.dll - ok
20:48:24.0031 2228 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
20:48:24.0031 2228 C:\WINDOWS\system32\samlib.dll - ok
20:48:24.0031 2228 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
20:48:24.0031 2228 C:\WINDOWS\system32\shimeng.dll - ok
20:48:24.0031 2228 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
20:48:24.0031 2228 C:\WINDOWS\AppPatch\acadproc.dll - ok
20:48:24.0046 2228 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
20:48:24.0046 2228 C:\WINDOWS\system32\samsrv.dll - ok
20:48:24.0046 2228 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
20:48:24.0046 2228 C:\WINDOWS\system32\cryptdll.dll - ok
20:48:24.0046 2228 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
20:48:24.0046 2228 C:\WINDOWS\AppPatch\acgenral.dll - ok
20:48:24.0062 2228 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
20:48:24.0062 2228 C:\WINDOWS\system32\winmm.dll - ok
20:48:24.0062 2228 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
20:48:24.0062 2228 C:\WINDOWS\system32\oleaut32.dll - ok
20:48:24.0062 2228 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
20:48:24.0062 2228 C:\WINDOWS\system32\msacm32.dll - ok
20:48:24.0078 2228 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
20:48:24.0078 2228 C:\WINDOWS\system32\uxtheme.dll - ok
20:48:24.0078 2228 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
20:48:24.0078 2228 C:\WINDOWS\system32\msapsspc.dll - ok
20:48:24.0078 2228 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
20:48:24.0078 2228 C:\WINDOWS\system32\msvcrt40.dll - ok
20:48:24.0093 2228 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
20:48:24.0093 2228 C:\WINDOWS\system32\schannel.dll - ok
20:48:24.0093 2228 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
20:48:24.0093 2228 C:\WINDOWS\system32\digest.dll - ok
20:48:24.0093 2228 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
20:48:24.0093 2228 C:\WINDOWS\system32\msnsspc.dll - ok
20:48:24.0109 2228 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
20:48:24.0109 2228 C:\WINDOWS\system32\msctfime.ime - ok
20:48:24.0109 2228 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
20:48:24.0109 2228 C:\WINDOWS\system32\msprivs.dll - ok
20:48:24.0109 2228 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
20:48:24.0109 2228 C:\WINDOWS\system32\kerberos.dll - ok
20:48:24.0125 2228 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
20:48:24.0125 2228 C:\WINDOWS\system32\atmfd.dll - ok
20:48:24.0125 2228 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
20:48:24.0125 2228 C:\WINDOWS\system32\msv1_0.dll - ok
20:48:24.0125 2228 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
20:48:24.0125 2228 C:\WINDOWS\system32\iphlpapi.dll - ok
20:48:24.0125 2228 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
20:48:24.0125 2228 C:\WINDOWS\system32\netlogon.dll - ok
20:48:24.0140 2228 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
20:48:24.0140 2228 C:\WINDOWS\system32\w32time.dll - ok
20:48:24.0140 2228 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
20:48:24.0140 2228 C:\WINDOWS\system32\wdigest.dll - ok
20:48:24.0140 2228 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
20:48:24.0140 2228 C:\WINDOWS\system32\rsaenh.dll - ok
20:48:24.0140 2228 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
20:48:24.0140 2228 C:\WINDOWS\system32\winscard.dll - ok
20:48:24.0156 2228 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
20:48:24.0156 2228 C:\WINDOWS\system32\wtsapi32.dll - ok
20:48:24.0156 2228 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
20:48:24.0156 2228 C:\WINDOWS\system32\scecli.dll - ok
20:48:24.0156 2228 [ DFEA480EE09BDEB7F51244900170E173 ] C:\WINDOWS\system32\ati2evxx.exe
20:48:24.0156 2228 C:\WINDOWS\system32\ati2evxx.exe - ok
20:48:24.0171 2228 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
20:48:24.0171 2228 C:\WINDOWS\system32\svchost.exe - ok
20:48:24.0171 2228 [ 517F8933DD4A59C7C2C68DB533331C22 ] C:\WINDOWS\system32\ati2edxx.dll
20:48:24.0171 2228 C:\WINDOWS\system32\ati2edxx.dll - ok
20:48:24.0171 2228 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
20:48:24.0171 2228 C:\WINDOWS\system32\ntmarta.dll - ok
20:48:24.0187 2228 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
20:48:24.0203 2228 C:\WINDOWS\system32\powrprof.dll - ok
20:48:24.0203 2228 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
20:48:24.0203 2228 C:\WINDOWS\system32\rpcss.dll - ok
20:48:24.0203 2228 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
20:48:24.0203 2228 C:\WINDOWS\system32\eventlog.dll - ok
20:48:24.0203 2228 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
20:48:24.0203 2228 C:\WINDOWS\system32\xpsp2res.dll - ok
20:48:24.0218 2228 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
20:48:24.0218 2228 C:\WINDOWS\system32\mswsock.dll - ok
20:48:24.0218 2228 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
20:48:24.0218 2228 C:\WINDOWS\system32\hnetcfg.dll - ok
20:48:24.0218 2228 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
20:48:24.0218 2228 C:\WINDOWS\system32\logonui.exe - ok
20:48:24.0234 2228 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
20:48:24.0234 2228 C:\WINDOWS\system32\winrnr.dll - ok
20:48:24.0234 2228 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
20:48:24.0234 2228 C:\WINDOWS\system32\wshtcpip.dll - ok
20:48:24.0234 2228 [ C69DBFA61FE3DEA653A9B83C3A2B052B ] C:\Program Files\Bonjour\mdnsNSP.dll
20:48:24.0234 2228 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:48:24.0250 2228 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
20:48:24.0250 2228 C:\WINDOWS\system32\duser.dll - ok
20:48:24.0250 2228 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
20:48:24.0250 2228 C:\WINDOWS\system32\rasadhlp.dll - ok
20:48:24.0250 2228 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:48:24.0250 2228 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:48:24.0265 2228 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:48:24.0265 2228 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:48:24.0265 2228 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
20:48:24.0265 2228 C:\WINDOWS\system32\msimg32.dll - ok
20:48:24.0265 2228 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
20:48:24.0265 2228 C:\WINDOWS\system32\oleacc.dll - ok
20:48:24.0281 2228 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:48:24.0281 2228 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:48:24.0281 2228 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
20:48:24.0281 2228 C:\WINDOWS\system32\clbcatq.dll - ok
20:48:24.0281 2228 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
20:48:24.0281 2228 C:\WINDOWS\system32\comres.dll - ok
20:48:24.0281 2228 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
20:48:24.0281 2228 C:\WINDOWS\system32\shgina.dll - ok
20:48:24.0296 2228 [ C2208C358CD9EB232AEAE53B99F33156 ] C:\WINDOWS\system32\ati2evxx.dll
20:48:24.0296 2228 C:\WINDOWS\system32\ati2evxx.dll - ok
20:48:24.0296 2228 [ 12DAFD934641DCF61E446313BC261EC2 ] C:\WINDOWS\system32\drivers\AegisP.sys
20:48:24.0296 2228 C:\WINDOWS\system32\drivers\AegisP.sys - ok
20:48:24.0296 2228 [ 662C9F09076A2E1224C8833DEF1F5CB0 ] C:\WINDOWS\system32\drivers\s24trans.sys
20:48:24.0296 2228 C:\WINDOWS\system32\drivers\s24trans.sys - ok
20:48:24.0312 2228 [ F8AF9BA55E23599FFF540E976194F546 ] C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
20:48:24.0312 2228 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - ok
20:48:24.0312 2228 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
20:48:24.0312 2228 C:\WINDOWS\system32\cscdll.dll - ok
20:48:24.0312 2228 [ 3E61F6788517D84C5E7BF4E13A89FCBE ] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll
20:48:24.0312 2228 C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll - ok
20:48:24.0328 2228 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
20:48:24.0328 2228 C:\WINDOWS\system32\dimsntfy.dll - ok
20:48:24.0328 2228 [ EE455C7A9D69A647C216AB48D7565990 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
20:48:24.0328 2228 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
20:48:24.0328 2228 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:48:24.0328 2228 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:48:24.0343 2228 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
20:48:24.0343 2228 C:\WINDOWS\system32\winspool.drv - ok
20:48:24.0343 2228 [ 103CA71EC8628E949611A0AF8299D1E1 ] C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll
20:48:24.0343 2228 C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll - ok
20:48:24.0343 2228 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
20:48:24.0343 2228 C:\WINDOWS\system32\wlnotify.dll - ok
20:48:24.0343 2228 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
20:48:24.0343 2228 C:\WINDOWS\system32\atl.dll - ok
20:48:24.0359 2228 [ 8E7DDDCC5A262480E7A8342956732BD9 ] C:\WINDOWS\system32\WgaLogon.dll
20:48:24.0359 2228 C:\WINDOWS\system32\WgaLogon.dll - ok
20:48:24.0359 2228 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
20:48:24.0359 2228 C:\WINDOWS\system32\fltlib.dll - ok
20:48:24.0359 2228 [ 5F4B4BD17FA4C8D03A4D1B5D9FF96641 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B4875F2D-CE6A-478C-8CC8-57555AD1821B}\mpengine.dll
20:48:24.0359 2228 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B4875F2D-CE6A-478C-8CC8-57555AD1821B}\mpengine.dll - ok
20:48:24.0375 2228 [ 2133B82CD52F1B62CDEA633769819A60 ] C:\Program Files\Common Files\System\ado\msado15.dll
20:48:24.0375 2228 C:\Program Files\Common Files\System\ado\msado15.dll - ok
20:48:24.0375 2228 [ 44833553A6FBDAC1554F290F10018BA4 ] C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
20:48:24.0375 2228 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - ok
20:48:24.0375 2228 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
20:48:24.0375 2228 C:\WINDOWS\system32\msxml3.dll - ok
20:48:24.0390 2228 [ 972F3C25C7E2B5454C4A03835294DE75 ] C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
20:48:24.0390 2228 C:\Program Files\Intel\Wireless\Bin\Libeay32.dll - ok
20:48:24.0390 2228 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
20:48:24.0390 2228 C:\WINDOWS\system32\msdart.dll - ok
20:48:24.0390 2228 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
20:48:24.0390 2228 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
20:48:24.0390 2228 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
20:48:24.0390 2228 C:\WINDOWS\system32\wsock32.dll - ok
20:48:24.0406 2228 [ 009E3FE029F4F9A4AE77ABC1EF6D62EE ] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
20:48:24.0406 2228 C:\Program Files\Intel\Wireless\Bin\IntStngs.dll - ok
20:48:24.0406 2228 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
20:48:24.0406 2228 C:\WINDOWS\system32\mfc42.dll - ok
20:48:24.0421 2228 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
20:48:24.0421 2228 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
20:48:24.0421 2228 [ 1ED4C96EC76C3DDFCABD7644DA23F4B6 ] C:\Program Files\Common Files\System\Ole DB\msdasql.dll
20:48:24.0421 2228 C:\Program Files\Common Files\System\Ole DB\msdasql.dll - ok
20:48:24.0421 2228 [ 73BAFFA0B02320690CDC606241078CE4 ] C:\Program Files\Common Files\System\Ole DB\msdatl3.dll
20:48:24.0421 2228 C:\Program Files\Common Files\System\Ole DB\msdatl3.dll - ok
20:48:24.0421 2228 [ A92383FB4982DAA1A9D7746E9755E75A ] C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
20:48:24.0421 2228 C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll - ok
20:48:24.0437 2228 [ 8985FCECE06A74017E23DDD093E34D4E ] C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll
20:48:24.0437 2228 C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll - ok
20:48:24.0437 2228 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
20:48:24.0437 2228 C:\WINDOWS\system32\comsvcs.dll - ok
20:48:24.0437 2228 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
20:48:24.0437 2228 C:\WINDOWS\system32\colbact.dll - ok
20:48:24.0453 2228 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
20:48:24.0453 2228 C:\WINDOWS\system32\netcfgx.dll - ok
20:48:24.0453 2228 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
20:48:24.0453 2228 C:\WINDOWS\system32\mtxclu.dll - ok
20:48:24.0453 2228 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
20:48:24.0453 2228 C:\WINDOWS\system32\clusapi.dll - ok
20:48:24.0468 2228 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
20:48:24.0468 2228 C:\WINDOWS\system32\resutils.dll - ok
20:48:24.0468 2228 [ 1B05DCC75FBB903A17E3E0DDAEA8D508 ] C:\WINDOWS\system32\odbcjt32.dll
20:48:24.0468 2228 C:\WINDOWS\system32\odbcjt32.dll - ok
20:48:24.0484 2228 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
20:48:24.0484 2228 C:\WINDOWS\system32\cscui.dll - ok
20:48:24.0484 2228 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
20:48:24.0484 2228 C:\WINDOWS\system32\msjet40.dll - ok
20:48:24.0484 2228 [ 617E537771B3BA1D54091527D0D72DE4 ] C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
20:48:24.0484 2228 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe - ok
20:48:24.0484 2228 [ D79A02056F65AB424410FDF678D2DEC3 ] C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll
20:48:24.0484 2228 C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll - ok
20:48:24.0500 2228 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
20:48:24.0500 2228 C:\WINDOWS\system32\dpcdll.dll - ok
20:48:24.0500 2228 [ 28AEEDFF6563EC30D4C4DC4E5DE29C85 ] C:\Program Files\Intel\Wireless\Bin\DbEngine.dll
20:48:24.0500 2228 C:\Program Files\Intel\Wireless\Bin\DbEngine.dll - ok
20:48:24.0500 2228 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
20:48:24.0500 2228 C:\WINDOWS\system32\mprapi.dll - ok
20:48:24.0515 2228 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
20:48:24.0515 2228 C:\WINDOWS\system32\mswstr10.dll - ok
20:48:24.0515 2228 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
20:48:24.0515 2228 C:\WINDOWS\system32\activeds.dll - ok
20:48:24.0515 2228 [ F964EC974620AC55CA2BE49B96CD9EAF ] C:\Program Files\Intel\Wireless\Bin\MurocApi.dll
20:48:24.0515 2228 C:\Program Files\Intel\Wireless\Bin\MurocApi.dll - ok
20:48:24.0531 2228 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
20:48:24.0531 2228 C:\WINDOWS\system32\adsldpc.dll - ok
20:48:24.0531 2228 [ 9493BE0E36CA5216C704B919FEDDC9BC ] C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll
20:48:24.0531 2228 C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll - ok
20:48:24.0531 2228 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
20:48:24.0531 2228 C:\WINDOWS\system32\rtutils.dll - ok
20:48:24.0546 2228 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
20:48:24.0546 2228 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
20:48:24.0546 2228 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
20:48:24.0546 2228 C:\WINDOWS\system32\dhcpcsvc.dll - ok
20:48:24.0546 2228 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
20:48:24.0546 2228 C:\WINDOWS\system32\dnsrslvr.dll - ok
20:48:24.0562 2228 [ 5CE275CDC5FFB77B1EC29DBDFE4B6689 ] C:\WINDOWS\system32\odbcji32.dll
20:48:24.0562 2228 C:\WINDOWS\system32\odbcji32.dll - ok
20:48:24.0562 2228 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
20:48:24.0562 2228 C:\WINDOWS\system32\msjter40.dll - ok
20:48:24.0562 2228 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
20:48:24.0562 2228 C:\WINDOWS\system32\lmhsvc.dll - ok
20:48:24.0578 2228 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
20:48:24.0578 2228 C:\WINDOWS\system32\wzcsvc.dll - ok
20:48:24.0578 2228 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
20:48:24.0578 2228 C:\WINDOWS\system32\msjint40.dll - ok
20:48:24.0578 2228 [ 2C288AA87E4723AC9FF4D76A192EC3F8 ] C:\WINDOWS\system32\odbccp32.dll
20:48:24.0578 2228 C:\WINDOWS\system32\odbccp32.dll - ok
20:48:24.0593 2228 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
20:48:24.0593 2228 C:\WINDOWS\system32\wmi.dll - ok
20:48:24.0593 2228 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
20:48:24.0593 2228 C:\WINDOWS\system32\eapolqec.dll - ok
20:48:24.0593 2228 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
20:48:24.0593 2228 C:\WINDOWS\system32\qutil.dll - ok
20:48:24.0609 2228 [ 142CEDECAE89E372EE347681C3FBB257 ] C:\Program Files\Common Files\System\msadc\msadce.dll
20:48:24.0609 2228 C:\Program Files\Common Files\System\msadc\msadce.dll - ok
20:48:24.0609 2228 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
20:48:24.0609 2228 C:\WINDOWS\system32\dot3api.dll - ok
20:48:24.0609 2228 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
20:48:24.0609 2228 C:\WINDOWS\system32\esent.dll - ok
20:48:24.0609 2228 [ 81E9041DAC0983AACE5C8920AF73D64E ] C:\Program Files\Common Files\System\msadc\msadcer.dll
20:48:24.0609 2228 C:\Program Files\Common Files\System\msadc\msadcer.dll - ok
20:48:24.0625 2228 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
20:48:24.0625 2228 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
20:48:24.0625 2228 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
20:48:24.0625 2228 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
20:48:24.0625 2228 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
20:48:24.0625 2228 C:\WINDOWS\system32\rastls.dll - ok
20:48:24.0640 2228 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
20:48:24.0640 2228 C:\WINDOWS\system32\cryptui.dll - ok
20:48:24.0640 2228 [ 9AD88EA663124336E88EB031F917CE20 ] C:\WINDOWS\system32\wininet.dll
20:48:24.0640 2228 C:\WINDOWS\system32\wininet.dll - ok
20:48:24.0640 2228 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
20:48:24.0640 2228 C:\WINDOWS\system32\normaliz.dll - ok
20:48:24.0640 2228 [ BCA608797A3E8EEC0094CD6D596D77D7 ] C:\WINDOWS\system32\urlmon.dll
20:48:24.0640 2228 C:\WINDOWS\system32\urlmon.dll - ok
20:48:24.0656 2228 [ 994B77915EA49A467CDA144806AE42D6 ] C:\WINDOWS\system32\iertutil.dll
20:48:24.0656 2228 C:\WINDOWS\system32\iertutil.dll - ok
20:48:24.0656 2228 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
20:48:24.0656 2228 C:\WINDOWS\system32\rasapi32.dll - ok
20:48:24.0656 2228 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
20:48:24.0656 2228 C:\WINDOWS\system32\rasman.dll - ok
20:48:24.0671 2228 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
20:48:24.0671 2228 C:\WINDOWS\system32\tapi32.dll - ok
20:48:24.0671 2228 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:48:24.0671 2228 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:48:24.0671 2228 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
20:48:24.0671 2228 C:\WINDOWS\system32\riched20.dll - ok
20:48:24.0687 2228 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
20:48:24.0687 2228 C:\WINDOWS\system32\mlang.dll - ok
20:48:24.0687 2228 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
20:48:24.0687 2228 C:\WINDOWS\system32\cabinet.dll - ok
20:48:24.0687 2228 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
20:48:24.0687 2228 C:\WINDOWS\system32\raschap.dll - ok
20:48:24.0687 2228 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
20:48:24.0687 2228 C:\WINDOWS\system32\xmlprovi.dll - ok
20:48:24.0703 2228 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
20:48:24.0703 2228 C:\WINDOWS\system32\wzcsapi.dll - ok
20:48:24.0703 2228 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
20:48:24.0703 2228 C:\WINDOWS\system32\netman.dll - ok
20:48:24.0703 2228 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
20:48:24.0703 2228 C:\WINDOWS\system32\netshell.dll - ok
20:48:24.0718 2228 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
20:48:24.0718 2228 C:\WINDOWS\system32\credui.dll - ok
20:48:24.0718 2228 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
20:48:24.0718 2228 C:\WINDOWS\system32\dot3dlg.dll - ok
20:48:24.0718 2228 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:48:24.0718 2228 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:48:24.0734 2228 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
20:48:24.0734 2228 C:\WINDOWS\system32\onex.dll - ok
20:48:24.0734 2228 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
20:48:24.0734 2228 C:\WINDOWS\system32\eappcfg.dll - ok
20:48:24.0734 2228 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
20:48:24.0734 2228 C:\WINDOWS\system32\eappprxy.dll - ok
20:48:24.0750 2228 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
20:48:24.0750 2228 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
20:48:24.0750 2228 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
20:48:24.0750 2228 C:\WINDOWS\system32\schedsvc.dll - ok
20:48:24.0750 2228 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
20:48:24.0750 2228 C:\WINDOWS\system32\userinit.exe - ok
20:48:24.0750 2228 [ 6A8E1ED7790C55106B6C2BD6DB0E0F1D ] C:\WINDOWS\system32\WgaTray.exe
20:48:24.0750 2228 C:\WINDOWS\system32\WgaTray.exe - ok
20:48:24.0765 2228 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
20:48:24.0765 2228 C:\WINDOWS\system32\msidle.dll - ok
20:48:24.0765 2228 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
20:48:24.0765 2228 C:\WINDOWS\system32\spoolsv.exe - ok
20:48:24.0765 2228 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
20:48:24.0765 2228 C:\WINDOWS\explorer.exe - ok
20:48:24.0781 2228 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
20:48:24.0781 2228 C:\WINDOWS\system32\audiosrv.dll - ok
20:48:24.0781 2228 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
20:48:24.0781 2228 C:\WINDOWS\system32\browseui.dll - ok
20:48:24.0781 2228 [ 86D007E7A654B9A71D1D7D856B104353 ] C:\WINDOWS\system32\scardsvr.exe
20:48:24.0781 2228 C:\WINDOWS\system32\scardsvr.exe - ok
20:48:24.0796 2228 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
20:48:24.0796 2228 C:\WINDOWS\system32\wkssvc.dll - ok
20:48:24.0796 2228 [ 62BDF8E945F23BEE485BB3CB4ED19CB7 ] C:\WINDOWS\system32\shdocvw.dll
20:48:24.0796 2228 C:\WINDOWS\system32\shdocvw.dll - ok
20:48:24.0812 2228 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
20:48:24.0812 2228 C:\WINDOWS\system32\cryptnet.dll - ok
20:48:24.0812 2228 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
20:48:24.0812 2228 C:\WINDOWS\system32\wdmaud.drv - ok
20:48:24.0812 2228 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:24.0812 2228 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
20:48:24.0812 2228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:24.0812 2228 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
20:48:24.0828 2228 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
20:48:24.0828 2228 C:\WINDOWS\system32\sensapi.dll - ok
20:48:24.0828 2228 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
20:48:24.0828 2228 C:\WINDOWS\system32\winhttp.dll - ok
20:48:24.0828 2228 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
20:48:24.0828 2228 C:\WINDOWS\system32\drivers\aec.sys - ok
20:48:24.0843 2228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
20:48:24.0843 2228 C:\WINDOWS\system32\drivers\splitter.sys - ok
20:48:24.0843 2228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
20:48:24.0843 2228 C:\WINDOWS\system32\drivers\swmidi.sys - ok
20:48:24.0843 2228 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
20:48:24.0843 2228 C:\WINDOWS\system32\drivers\dmusic.sys - ok
20:48:24.0859 2228 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
20:48:24.0859 2228 C:\WINDOWS\system32\drivers\kmixer.sys - ok
20:48:24.0859 2228 [ D0E44C9C8BD85350828458EAD715BD30 ] C:\WINDOWS\system32\LegitCheckControl.dll
20:48:24.0859 2228 C:\WINDOWS\system32\LegitCheckControl.dll - ok
20:48:24.0859 2228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
20:48:24.0859 2228 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
20:48:24.0875 2228 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
20:48:24.0875 2228 C:\WINDOWS\system32\msacm32.drv - ok
20:48:24.0875 2228 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
20:48:24.0875 2228 C:\WINDOWS\system32\midimap.dll - ok
20:48:24.0875 2228 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
20:48:24.0875 2228 C:\WINDOWS\system32\desk.cpl - ok
20:48:24.0890 2228 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
20:48:24.0890 2228 C:\WINDOWS\system32\themeui.dll - ok
20:48:24.0890 2228 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
20:48:24.0890 2228 C:\WINDOWS\system32\actxprxy.dll - ok
20:48:24.0890 2228 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
20:48:24.0890 2228 C:\WINDOWS\system32\cmd.exe - ok
20:48:24.0890 2228 [ 903C8C110131B8A71501514B61A17761 ] C:\WINDOWS\system32\ieframe.dll
20:48:24.0890 2228 C:\WINDOWS\system32\ieframe.dll - ok
20:48:24.0906 2228 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Greg\LOCALS~1\temp\2B3E2BA8-4859-442C-86C2-2CF2FC5D10BE.exe
20:48:24.0906 2228 C:\DOCUME~1\Greg\LOCALS~1\temp\2B3E2BA8-4859-442C-86C2-2CF2FC5D10BE.exe - ok
20:48:24.0906 2228 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
20:48:24.0906 2228 C:\WINDOWS\system32\linkinfo.dll - ok
20:48:24.0906 2228 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
20:48:24.0906 2228 C:\WINDOWS\system32\ntshrui.dll - ok
20:48:24.0921 2228 [ B7EE47B4D960BF55BDD7EC1812373872 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
20:48:24.0921 2228 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
20:48:24.0921 2228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:24.0921 2228 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:48:24.0921 2228 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Real\RealUpgrade\msvcr71.dll
20:48:24.0921 2228 C:\Program Files\Real\RealUpgrade\msvcr71.dll - ok
20:48:24.0937 2228 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
20:48:24.0937 2228 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
20:48:24.0937 2228 [ D5DD87741F4511D88A97E6EF444604BD ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
20:48:24.0937 2228 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
20:48:24.0937 2228 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Real\RealUpgrade\msvcp71.dll
20:48:24.0937 2228 C:\Program Files\Real\RealUpgrade\msvcp71.dll - ok
20:48:24.0953 2228 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
20:48:24.0953 2228 C:\WINDOWS\system32\msi.dll - ok
20:48:24.0953 2228 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
20:48:24.0953 2228 C:\WINDOWS\system32\verclsid.exe - ok
20:48:24.0953 2228 [ 1851C12437091DB8EBFB3F4F3408AB36 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
20:48:24.0953 2228 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
20:48:24.0968 2228 [ FA4B5940B31853ADE67A73026884C8C9 ] C:\WINDOWS\system32\dfshim.dll
20:48:24.0968 2228 C:\WINDOWS\system32\dfshim.dll - ok
20:48:24.0968 2228 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
20:48:24.0968 2228 C:\WINDOWS\system32\dbghelp.dll - ok
20:48:24.0968 2228 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
20:48:24.0968 2228 C:\WINDOWS\system32\mscoree.dll - ok
20:48:24.0984 2228 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
20:48:24.0984 2228 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
20:48:24.0984 2228 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
20:48:24.0984 2228 C:\WINDOWS\system32\mstask.dll - ok
20:48:24.0984 2228 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:48:24.0984 2228 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:48:25.0000 2228 [ AB6D0A4EBA0B43A83A21F698F3E1BCC8 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
20:48:25.0000 2228 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll - ok
20:48:25.0000 2228 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
20:48:25.0000 2228 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
20:48:25.0000 2228 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
20:48:25.0000 2228 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
20:48:25.0015 2228 [ D257C5540E5AB498F92A231BA469EC93 ] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
20:48:25.0015 2228 C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe - ok
20:48:25.0015 2228 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
20:48:25.0015 2228 C:\WINDOWS\system32\dsound.dll - ok
20:48:25.0015 2228 [ 976DCE49C441E4E88DB3E07EFF4ADD2F ] C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
20:48:25.0015 2228 C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe - ok
20:48:25.0031 2228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
20:48:25.0031 2228 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
20:48:25.0031 2228 [ D69AE8F36282ABCC92829E7761115239 ] C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
20:48:25.0031 2228 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe - ok
20:48:25.0031 2228 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
20:48:25.0031 2228 C:\WINDOWS\system32\oledlg.dll - ok
20:48:25.0046 2228 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
20:48:25.0046 2228 C:\WINDOWS\system32\olepro32.dll - ok
20:48:25.0046 2228 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\89452355.sys
20:48:25.0046 2228 C:\WINDOWS\system32\drivers\89452355.sys - ok
20:48:25.0046 2228 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
20:48:25.0046 2228 C:\WINDOWS\system32\webcheck.dll - ok
20:48:25.0062 2228 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
20:48:25.0062 2228 C:\WINDOWS\system32\stobject.dll - ok
20:48:25.0062 2228 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
20:48:25.0062 2228 C:\WINDOWS\system32\batmeter.dll - ok
20:48:25.0062 2228 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
20:48:25.0062 2228 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
20:48:25.0062 2228 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
20:48:25.0062 2228 C:\Program Files\Microsoft Security Client\msseces.exe - ok
20:48:25.0078 2228 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
20:48:25.0078 2228 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
20:48:25.0078 2228 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
20:48:25.0078 2228 C:\WINDOWS\system32\drivers\cdfs.sys - ok
20:48:25.0093 2228 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
20:48:25.0093 2228 C:\WINDOWS\system32\webclnt.dll - ok
20:48:25.0093 2228 [ 48009264282B0A6640213DE66B3125CB ] C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll
20:48:25.0093 2228 C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll - ok
20:48:25.0093 2228 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
20:48:25.0093 2228 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
20:48:25.0109 2228 [ 53393FE192776D53640C447CA18B3E22 ] C:\Program Files\Skype\Phone\Skype.exe
20:48:25.0109 2228 C:\Program Files\Skype\Phone\Skype.exe - ok
20:48:25.0109 2228 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
20:48:25.0109 2228 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
20:48:25.0109 2228 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
20:48:25.0109 2228 C:\WINDOWS\system32\msisip.dll - ok
20:48:25.0109 2228 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
20:48:25.0109 2228 C:\WINDOWS\system32\wshext.dll - ok
20:48:25.0125 2228 [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll
20:48:25.0125 2228 C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
20:48:25.0125 2228 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
20:48:25.0125 2228 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok
20:48:25.0140 2228 [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
20:48:25.0140 2228 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
20:48:25.0140 2228 [ 486AB45787D6E0A3163235ADB666BD3C ] C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe
20:48:25.0140 2228 C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe - ok
20:48:25.0140 2228 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
20:48:25.0140 2228 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
20:48:25.0140 2228 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:48:25.0140 2228 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:48:25.0156 2228 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
20:48:25.0156 2228 C:\WINDOWS\system32\msftedit.dll - ok
20:48:25.0156 2228 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
20:48:25.0156 2228 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
20:48:25.0156 2228 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
20:48:25.0156 2228 C:\WINDOWS\system32\shfolder.dll - ok
20:48:25.0171 2228 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
20:48:25.0171 2228 C:\WINDOWS\system32\drivers\parvdm.sys - ok
20:48:25.0171 2228 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:48:25.0171 2228 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:48:25.0171 2228 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
20:48:25.0171 2228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
20:48:25.0187 2228 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
20:48:25.0187 2228 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
20:48:25.0187 2228 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:48:25.0187 2228 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:48:25.0187 2228 [ BC485253D079F28BA398294465D13A21 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:48:25.0187 2228 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:48:25.0203 2228 [ CEF20CB83B36EC2DBB99D38DC80FC826 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:48:25.0203 2228 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:48:25.0203 2228 [ C9680F06E51DB8B9A0772C20F3E10DB6 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:48:25.0203 2228 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:48:25.0203 2228 [ 554BD99F802FCC7BFE7FA7102384A2D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:48:25.0203 2228 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:48:25.0218 2228 [ F64A630C746DCEFB640FE724F911D317 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:48:25.0218 2228 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:48:25.0218 2228 [ 39C821EF59F82FF6CDCCA768E5E36BBE ] C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
20:48:25.0218 2228 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll - ok
20:48:25.0218 2228 [ 3075B86A8EE385CADA46F69386430FCF ] C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
20:48:25.0218 2228 C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
20:48:25.0234 2228 [ 608E159EC424C6B54D04ABFDF2E8F8B0 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
20:48:25.0234 2228 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll - ok
20:48:25.0234 2228 [ ED8CEE58C1E4C5893F5B2FD686A272BF ] C:\WINDOWS\system32\drivers\ASPI32.SYS
20:48:25.0234 2228 C:\WINDOWS\system32\drivers\ASPI32.SYS - ok
20:48:25.0234 2228 [ F832F1505AD8B83474BD9A5B1B985E01 ] C:\Program Files\Bonjour\mDNSResponder.exe
20:48:25.0234 2228 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:48:25.0250 2228 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:25.0250 2228 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:48:25.0250 2228 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
20:48:25.0250 2228 C:\WINDOWS\system32\cryptsvc.dll - ok
20:48:25.0250 2228 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
20:48:25.0250 2228 C:\WINDOWS\system32\certcli.dll - ok
20:48:25.0265 2228 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
20:48:25.0265 2228 C:\WINDOWS\system32\es.dll - ok
20:48:25.0265 2228 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
20:48:25.0265 2228 C:\WINDOWS\system32\ersvc.dll - ok
20:48:25.0265 2228 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
20:48:25.0265 2228 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
20:48:25.0265 2228 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
20:48:25.0281 2228 C:\WINDOWS\system32\drivers\http.sys - ok
20:48:25.0281 2228 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
20:48:25.0281 2228 C:\WINDOWS\system32\hidserv.dll - ok
20:48:25.0281 2228 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
20:48:25.0281 2228 C:\WINDOWS\system32\hid.dll - ok
20:48:25.0281 2228 [ A12175F063302CD68F8FC6D572D7E5FD ] C:\Program Files\Java\jre7\bin\jqs.exe
20:48:25.0281 2228 C:\Program Files\Java\jre7\bin\jqs.exe - ok
20:48:25.0296 2228 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
20:48:25.0296 2228 C:\WINDOWS\system32\w3ssl.dll - ok
20:48:25.0296 2228 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
20:48:25.0296 2228 C:\WINDOWS\system32\strmfilt.dll - ok
20:48:25.0296 2228 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
20:48:25.0296 2228 C:\WINDOWS\system32\httpapi.dll - ok
20:48:25.0312 2228 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
20:48:25.0312 2228 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
20:48:25.0312 2228 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
20:48:25.0312 2228 C:\WINDOWS\system32\pdh.dll - ok
20:48:25.0312 2228 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
20:48:25.0312 2228 C:\WINDOWS\system32\odbcbcp.dll - ok
20:48:25.0328 2228 [ CA63FE81705AD660E482BEF210BF2C73 ] C:\WINDOWS\system32\drivers\LBeepKE.sys
20:48:25.0328 2228 C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
20:48:25.0328 2228 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
20:48:25.0328 2228 C:\WINDOWS\system32\srvsvc.dll - ok
20:48:25.0328 2228 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:48:25.0328 2228 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
20:48:25.0343 2228 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
20:48:25.0343 2228 C:\WINDOWS\system32\netmsg.dll - ok
20:48:25.0343 2228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
20:48:25.0343 2228 C:\WINDOWS\system32\drivers\srv.sys - ok
20:48:25.0343 2228 [ 3C318B9CD391371BED62126581EE9961 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
20:48:25.0343 2228 C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
20:48:25.0359 2228 [ D2CAE11B646F91B1DD9FDFAD0013DECE ] C:\WINDOWS\system32\nvsvc32.exe
20:48:25.0359 2228 C:\WINDOWS\system32\nvsvc32.exe - ok
20:48:25.0359 2228 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
20:48:25.0359 2228 C:\WINDOWS\system32\ipsecsvc.dll - ok
20:48:25.0359 2228 [ 3697488DF12F295293E970DD4CA5E833 ] C:\WINDOWS\system32\nvcpl.dll
20:48:25.0359 2228 C:\WINDOWS\system32\nvcpl.dll - ok
20:48:25.0375 2228 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
20:48:25.0375 2228 C:\WINDOWS\system32\spoolss.dll - ok
20:48:25.0375 2228 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
20:48:25.0375 2228 C:\WINDOWS\system32\oakley.dll - ok
20:48:25.0375 2228 [ 543A4EF0923BF70D126625B034EF25AF ] C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:48:25.0375 2228 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe - ok
20:48:25.0390 2228 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
20:48:25.0390 2228 C:\WINDOWS\system32\localspl.dll - ok
20:48:25.0390 2228 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
20:48:25.0390 2228 C:\WINDOWS\system32\winipsec.dll - ok
20:48:25.0390 2228 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
20:48:25.0390 2228 C:\WINDOWS\system32\pstorsvc.dll - ok
20:48:25.0390 2228 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
20:48:25.0390 2228 C:\WINDOWS\system32\psbase.dll - ok
20:48:25.0406 2228 [ 68A4629A901CFB5B6628AF55AE0D0808 ] C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20:48:25.0406 2228 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - ok
20:48:25.0406 2228 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
20:48:25.0406 2228 C:\WINDOWS\system32\dssenh.dll - ok
20:48:25.0421 2228 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
20:48:25.0421 2228 C:\WINDOWS\system32\regsvc.dll - ok
20:48:25.0421 2228 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
20:48:25.0421 2228 C:\WINDOWS\system32\seclogon.dll - ok
20:48:25.0421 2228 [ F2E08C274BE0C6A15BD7AD88BBB0D3FE ] C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll
20:48:25.0421 2228 C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll - ok
20:48:25.0437 2228 [ 777B4A39A65854C39C581DD129F946B3 ] C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
20:48:25.0437 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe - ok
20:48:25.0437 2228 [ 381915766C2A5E47A7DB95423CE09A16 ] C:\WINDOWS\system32\AdobePDF.dll
20:48:25.0437 2228 C:\WINDOWS\system32\AdobePDF.dll - ok
20:48:25.0437 2228 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
20:48:25.0437 2228 C:\WINDOWS\system32\sens.dll - ok
20:48:25.0437 2228 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
20:48:25.0437 2228 C:\WINDOWS\system32\cnbjmon.dll - ok
20:48:25.0453 2228 [ E4999DB6E61931361B86C5FE47CAF3E8 ] C:\WINDOWS\system32\E_FLBBPA.DLL
20:48:25.0453 2228 C:\WINDOWS\system32\E_FLBBPA.DLL - ok
20:48:25.0453 2228 [ 22E4CE84A1E2400D877F6397510A31DA ] C:\WINDOWS\system32\EBPMON24.DLL
20:48:25.0453 2228 C:\WINDOWS\system32\EBPMON24.DLL - ok
20:48:25.0468 2228 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll
20:48:25.0468 2228 C:\WINDOWS\system32\mdimon.dll - ok
20:48:25.0468 2228 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
20:48:25.0468 2228 C:\WINDOWS\system32\pjlmon.dll - ok
20:48:25.0468 2228 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
20:48:25.0468 2228 C:\WINDOWS\system32\tcpmon.dll - ok
20:48:25.0484 2228 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
20:48:25.0484 2228 C:\WINDOWS\system32\usbmon.dll - ok
20:48:25.0484 2228 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
20:48:25.0484 2228 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
20:48:25.0484 2228 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
20:48:25.0484 2228 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
20:48:25.0500 2228 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
20:48:25.0500 2228 C:\WINDOWS\system32\win32spl.dll - ok
20:48:25.0500 2228 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
20:48:25.0500 2228 C:\WINDOWS\system32\srsvc.dll - ok
20:48:25.0500 2228 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
20:48:25.0500 2228 C:\WINDOWS\system32\ssdpsrv.dll - ok
20:48:25.0515 2228 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
20:48:25.0515 2228 C:\WINDOWS\system32\netrap.dll - ok
20:48:25.0515 2228 [ F9AEDD871E1CD759B95728C9B935D203 ] C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
20:48:25.0515 2228 C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe - ok
20:48:25.0515 2228 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
20:48:25.0515 2228 C:\WINDOWS\system32\inetpp.dll - ok
20:48:25.0531 2228 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
20:48:25.0531 2228 C:\WINDOWS\system32\perfos.dll - ok
20:48:25.0531 2228 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
20:48:25.0531 2228 C:\WINDOWS\system32\perfdisk.dll - ok
20:48:25.0531 2228 [ 57E51C6347165622C69D456B96B1EB46 ] C:\WINDOWS\system32\dxdiagn.dll
20:48:25.0531 2228 C:\WINDOWS\system32\dxdiagn.dll - ok
20:48:25.0546 2228 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
20:48:25.0546 2228 C:\WINDOWS\system32\trkwks.dll - ok
20:48:25.0546 2228 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
20:48:25.0546 2228 C:\WINDOWS\system32\wiaservc.dll - ok
20:48:25.0546 2228 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] C:\WINDOWS\system32\upnphost.dll
20:48:25.0546 2228 C:\WINDOWS\system32\upnphost.dll - ok
20:48:25.0562 2228 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
20:48:25.0562 2228 C:\WINDOWS\system32\wuauserv.dll - ok
20:48:25.0562 2228 [ BE0B3774113713059527FCF071CCDBFE ] C:\Program Files\Webroot\Washer\WasherSvc.exe
20:48:25.0562 2228 C:\Program Files\Webroot\Washer\WasherSvc.exe - ok
20:48:25.0562 2228 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
20:48:25.0562 2228 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
20:48:25.0578 2228 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
20:48:25.0578 2228 C:\WINDOWS\system32\ssdpapi.dll - ok
20:48:25.0578 2228 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
20:48:25.0578 2228 C:\WINDOWS\system32\ksuser.dll - ok
20:48:25.0578 2228 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
20:48:25.0578 2228 C:\WINDOWS\system32\cfgmgr32.dll - ok
20:48:25.0593 2228 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
20:48:25.0593 2228 C:\WINDOWS\system32\mscms.dll - ok
20:48:25.0593 2228 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
20:48:25.0593 2228 C:\WINDOWS\system32\vssapi.dll - ok
20:48:25.0593 2228 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
20:48:25.0593 2228 C:\WINDOWS\system32\wuaueng.dll - ok
20:48:25.0609 2228 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
20:48:25.0609 2228 C:\WINDOWS\system32\mspatcha.dll - ok
20:48:25.0609 2228 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
20:48:25.0609 2228 C:\WINDOWS\system32\browser.dll - ok
20:48:25.0609 2228 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:48:25.0609 2228 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:48:25.0625 2228 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
20:48:25.0625 2228 C:\WINDOWS\system32\ipnathlp.dll - ok
20:48:25.0625 2228 [ 3B8CFDA90EFAA65901ECC2EDCAD4D1EF ] C:\WINDOWS\system32\wmpmde.dll
20:48:25.0625 2228 C:\WINDOWS\system32\wmpmde.dll - ok
20:48:25.0625 2228 [ 55C30168142479C602BD456AC4E230B0 ] C:\WINDOWS\system32\MFPLAT.dll
20:48:25.0625 2228 C:\WINDOWS\system32\MFPLAT.dll - ok
20:48:25.0640 2228 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
20:48:25.0640 2228 C:\WINDOWS\system32\wups.dll - ok
20:48:25.0640 2228 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
20:48:25.0640 2228 C:\WINDOWS\system32\wups2.dll - ok
20:48:25.0656 2228 [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll
20:48:25.0656 2228 C:\WINDOWS\system32\mtxoci.dll - ok
20:48:25.0656 2228 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
20:48:25.0656 2228 C:\WINDOWS\system32\faultrep.dll - ok
20:48:25.0656 2228 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
20:48:25.0656 2228 C:\WINDOWS\system32\wuauclt.exe - ok
20:48:25.0671 2228 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
20:48:25.0671 2228 C:\WINDOWS\system32\wscsvc.dll - ok
20:48:25.0671 2228 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
20:48:25.0671 2228 C:\WINDOWS\system32\upnp.dll - ok
20:48:25.0687 2228 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
20:48:25.0687 2228 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
20:48:25.0687 2228 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
20:48:25.0687 2228 C:\WINDOWS\system32\wbem\esscli.dll - ok
20:48:25.0687 2228 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
20:48:25.0687 2228 C:\WINDOWS\system32\wbem\fastprox.dll - ok
20:48:25.0703 2228 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
20:48:25.0703 2228 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
20:48:25.0703 2228 [ 77B4BE0C9AA0AC78884D8E7CFB315463 ] C:\WINDOWS\system32\wmp.dll
20:48:25.0703 2228 C:\WINDOWS\system32\wmp.dll - ok
20:48:25.0703 2228 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
20:48:25.0703 2228 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
20:48:25.0703 2228 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
20:48:25.0703 2228 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
20:48:25.0718 2228 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
20:48:25.0718 2228 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
20:48:25.0718 2228 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
20:48:25.0718 2228 C:\WINDOWS\system32\wbem\wbemess.dll - ok
20:48:25.0718 2228 [ A8D36ADDD1FCD24A450807EE693E4762 ] C:\Program Files\Skype\Plugin Manager\skypePM.exe
20:48:25.0718 2228 C:\Program Files\Skype\Plugin Manager\skypePM.exe - ok
20:48:25.0734 2228 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
20:48:25.0734 2228 C:\WINDOWS\system32\wuapi.dll - ok
20:48:25.0734 2228 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
20:48:25.0734 2228 C:\WINDOWS\system32\msvfw32.dll - ok
20:48:25.0734 2228 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
20:48:25.0734 2228 C:\WINDOWS\system32\wbem\ncprov.dll - ok
20:48:25.0750 2228 [ E8885A533A3D46209851433E3B9B3BC4 ] C:\WINDOWS\system32\wmploc.dll
20:48:25.0750 2228 C:\WINDOWS\system32\wmploc.dll - ok
20:48:25.0750 2228 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
20:48:25.0750 2228 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
20:48:25.0750 2228 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
20:48:25.0750 2228 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
20:48:25.0765 2228 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
20:48:25.0765 2228 C:\WINDOWS\system32\rasmans.dll - ok
20:48:25.0765 2228 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
20:48:25.0765 2228 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
20:48:25.0765 2228 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
20:48:25.0765 2228 C:\WINDOWS\system32\wbem\framedyn.dll - ok
20:48:25.0781 2228 [ 5CCB54A9CF8FC5E3251374E0DC9C45BB ] C:\WINDOWS\system32\wmpps.dll
20:48:25.0781 2228 C:\WINDOWS\system32\wmpps.dll - ok
20:48:25.0781 2228 [ 35876F2E9AB7981F1C6E45AF67BFC371 ] C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
20:48:25.0781 2228 C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll - ok
20:48:25.0781 2228 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
20:48:25.0781 2228 C:\WINDOWS\system32\imapi.exe - ok
20:48:25.0796 2228 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
20:48:25.0796 2228 C:\WINDOWS\system32\termsrv.dll - ok
20:48:25.0796 2228 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
20:48:25.0796 2228 C:\WINDOWS\system32\icaapi.dll - ok
20:48:25.0812 2228 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
20:48:25.0812 2228 C:\WINDOWS\system32\mstlsapi.dll - ok
20:48:25.0812 2228 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
20:48:25.0812 2228 C:\WINDOWS\winhlp32.exe - ok
20:48:25.0812 2228 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
20:48:25.0812 2228 C:\WINDOWS\system32\tapisrv.dll - ok
20:48:25.0828 2228 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
20:48:25.0828 2228 C:\WINDOWS\system32\licwmi.dll - ok
20:48:25.0828 2228 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
20:48:25.0828 2228 C:\WINDOWS\system32\licdll.dll - ok
20:48:25.0828 2228 [ 8D9D123CD7286F583828532A4D0E46A2 ] C:\Program Files\Intel\Wireless\Bin\WiFiWMIP.dll
20:48:25.0828 2228 C:\Program Files\Intel\Wireless\Bin\WiFiWMIP.dll - ok
20:48:25.0828 2228 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
20:48:25.0828 2228 C:\WINDOWS\system32\wbem\wmiprov.dll - ok
20:48:25.0843 2228 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
20:48:25.0843 2228 C:\WINDOWS\system32\wscntfy.exe - ok
20:48:25.0843 2228 [ B160B7ABF5030CD97A2898D936A7025C ] C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
20:48:25.0843 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe - ok
20:48:25.0843 2228 [ A0EED6F51E65D17538F1E5F3D1473231 ] C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
20:48:25.0843 2228 C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe - ok
20:48:25.0859 2228 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
20:48:25.0859 2228 C:\WINDOWS\system32\msxml6.dll - ok
20:48:25.0859 2228 [ 7AA09D937F0B77241D42310FACFF762E ] C:\PROGRA~1\Intel\Wireless\Bin\acAuth.dll
20:48:25.0859 2228 C:\PROGRA~1\Intel\Wireless\Bin\acAuth.dll - ok
20:48:25.0859 2228 [ D78B56BB20AE9B4EBC30EC242426F376 ] C:\PROGRA~1\Intel\Wireless\Bin\C1XStngs.dll
20:48:25.0859 2228 C:\PROGRA~1\Intel\Wireless\Bin\C1XStngs.dll - ok
20:48:25.0875 2228 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
20:48:25.0875 2228 C:\WINDOWS\system32\rastapi.dll - ok
20:48:25.0875 2228 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
20:48:25.0875 2228 C:\WINDOWS\system32\unimdm.tsp - ok
20:48:25.0890 2228 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
20:48:25.0890 2228 C:\WINDOWS\system32\uniplat.dll - ok
20:48:25.0890 2228 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
20:48:25.0890 2228 C:\WINDOWS\system32\alg.exe - ok
20:48:25.0890 2228 [ 7EF5D09268693E4A41B0FC13149442C7 ] C:\PROGRA~1\Intel\Wireless\Bin\LSAWRAPI.DLL
20:48:25.0890 2228 C:\PROGRA~1\Intel\Wireless\Bin\LSAWRAPI.DLL - ok
20:48:25.0906 2228 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
20:48:25.0906 2228 C:\WINDOWS\system32\unimdmat.dll - ok
20:48:25.0906 2228 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
20:48:25.0906 2228 C:\WINDOWS\system32\devenum.dll - ok
20:48:25.0906 2228 [ 1ECAD6CDB2CEE77C847BF579482B3270 ] C:\PROGRA~1\Intel\Wireless\Bin\acCTA.dll
20:48:25.0906 2228 C:\PROGRA~1\Intel\Wireless\Bin\acCTA.dll - ok
20:48:25.0921 2228 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
20:48:25.0921 2228 C:\WINDOWS\system32\msdmo.dll - ok
20:48:25.0921 2228 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
20:48:25.0921 2228 C:\WINDOWS\system32\modemui.dll - ok
20:48:25.0921 2228 [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
20:48:25.0921 2228 C:\WINDOWS\system32\avicap32.dll - ok
20:48:25.0921 2228 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
20:48:25.0921 2228 C:\WINDOWS\system32\kmddsp.tsp - ok
20:48:25.0937 2228 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
20:48:25.0937 2228 C:\WINDOWS\system32\ndptsp.tsp - ok
20:48:25.0937 2228 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
20:48:25.0937 2228 C:\WINDOWS\system32\ipconf.tsp - ok
20:48:25.0937 2228 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
20:48:25.0937 2228 C:\WINDOWS\system32\h323.tsp - ok
20:48:25.0953 2228 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
20:48:25.0953 2228 C:\WINDOWS\system32\hidphone.tsp - ok
20:48:25.0953 2228 [ 63C808002D47DBACBBC5B2BC75F4FB7A ] C:\Program Files\Splashtop\Splashtop Software Updater\SSUAPI.dll
20:48:25.0953 2228 C:\Program Files\Splashtop\Splashtop Software Updater\SSUAPI.dll - ok
20:48:25.0953 2228 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
20:48:25.0953 2228 C:\WINDOWS\system32\rasppp.dll - ok
20:48:25.0968 2228 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
20:48:25.0968 2228 C:\WINDOWS\system32\ntlsapi.dll - ok
20:48:25.0968 2228 [ 9D37F2AE57ED6C4DDBD8E29DFD2D5450 ] C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
20:48:25.0968 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe - ok
20:48:25.0968 2228 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
20:48:25.0968 2228 C:\WINDOWS\system32\rasqec.dll - ok
20:48:25.0984 2228 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
20:48:25.0984 2228 C:\WINDOWS\system32\rasdlg.dll - ok
20:48:25.0984 2228 [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
20:48:25.0984 2228 C:\WINDOWS\system32\d3d9.dll - ok
20:48:25.0984 2228 [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
20:48:25.0984 2228 C:\WINDOWS\system32\d3d8thk.dll - ok
20:48:26.0000 2228 [ 767E7A5A1BCE7F5BDCF279888470E898 ] C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppAnnotation.dll
20:48:26.0000 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppAnnotation.dll - ok
20:48:26.0000 2228 [ AA8DB417755DEEE7ABA2ED1706D53238 ] C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppBrowser.dll
20:48:26.0000 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppBrowser.dll - ok
20:48:26.0000 2228 [ C8DFEBF7946F8FB9EB9752E90E7EA482 ] C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppCam.dll
20:48:26.0000 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppCam.dll - ok
20:48:26.0015 2228 [ 1CCFE1F8D251E9ECC9D3AD486B4D47F8 ] C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppED.dll
20:48:26.0015 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppED.dll - ok
20:48:26.0015 2228 [ 8B4274EC780BCABADACFC1B3EE121D2C ] C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppFileHound.dll
20:48:26.0015 2228 C:\Program Files\Splashtop\Splashtop Remote\Server\plugin\SRAppFileHound.dll - ok
20:48:26.0015 2228 [ AFDCC326174D131C374766FEB946F496 ] C:\Program Files\Java\jre7\bin\awt.dll
20:48:26.0015 2228 C:\Program Files\Java\jre7\bin\awt.dll - ok
20:48:26.0031 2228 [ 47B5CF49EF651E9954231BA079A95058 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
20:48:26.0031 2228 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
20:48:26.0031 2228 [ 615F729DF8E1E7160445858C6D32C910 ] C:\Program Files\Java\jre7\bin\dcpr.dll
20:48:26.0031 2228 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
20:48:26.0031 2228 [ 40D1D0A2569395D34A7CE070F99A5365 ] C:\Program Files\Java\jre7\bin\deploy.dll
20:48:26.0031 2228 C:\Program Files\Java\jre7\bin\deploy.dll - ok
20:48:26.0031 2228 [ DA443EC760094294B23EBDE1CB1FF213 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
20:48:26.0031 2228 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
20:48:26.0046 2228 [ 26F2B2669BBEEFA02DCC8052701D9563 ] C:\Program Files\Java\jre7\bin\java.dll
20:48:26.0046 2228 C:\Program Files\Java\jre7\bin\java.dll - ok
20:48:26.0046 2228 [ 5BD255C0051A41738FCB67F3A0C68DCA ] C:\Program Files\Java\jre7\bin\javaw.exe
20:48:26.0046 2228 C:\Program Files\Java\jre7\bin\javaw.exe - ok
20:48:26.0062 2228 [ 8CB1564D5084BAA5B79A77CBC92621C5 ] C:\Program Files\Java\jre7\bin\jp2native.dll
20:48:26.0062 2228 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
20:48:26.0062 2228 [ 9A85F6C0D35643AA02199C95ECCE2CF1 ] C:\Program Files\Java\jre7\bin\jpeg.dll
20:48:26.0062 2228 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
20:48:26.0062 2228 [ 687A1BEA3FEF91B75F8CF46B0620C9D7 ] C:\Program Files\Java\jre7\bin\net.dll
20:48:26.0062 2228 C:\Program Files\Java\jre7\bin\net.dll - ok
20:48:26.0078 2228 [ 8C1D980BD50D81261B770B47C1553976 ] C:\Program Files\Java\jre7\bin\nio.dll
20:48:26.0078 2228 C:\Program Files\Java\jre7\bin\nio.dll - ok
20:48:26.0078 2228 [ 8CC69BCE988C0921CCFE7AFFEA394B17 ] C:\Program Files\Java\jre7\bin\verify.dll
20:48:26.0078 2228 C:\Program Files\Java\jre7\bin\verify.dll - ok
20:48:26.0078 2228 [ 2A65F096DFEFD5AF498A43CD53D53B0C ] C:\Program Files\Java\jre7\bin\zip.dll
20:48:26.0078 2228 C:\Program Files\Java\jre7\bin\zip.dll - ok
20:48:26.0093 2228 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
20:48:26.0093 2228 C:\WINDOWS\system32\drprov.dll - ok
20:48:26.0093 2228 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
20:48:26.0093 2228 C:\WINDOWS\system32\netui0.dll - ok
20:48:26.0093 2228 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
20:48:26.0093 2228 C:\WINDOWS\system32\ntlanman.dll - ok
20:48:26.0109 2228 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
20:48:26.0109 2228 C:\WINDOWS\system32\netui1.dll - ok
20:48:26.0109 2228 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
20:48:26.0109 2228 C:\WINDOWS\system32\davclnt.dll - ok
20:48:26.0109 2228 ============================================================
20:48:26.0109 2228 Scan finished
20:48:26.0109 2228 ============================================================
20:48:26.0265 0792 Detected object count: 19
20:48:26.0265 0792 Actual detected object count: 19
20:49:13.0281 0792 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0281 0792 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0281 0792 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0281 0792 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0281 0792 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0281 0792 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0281 0792 cdudf_xp ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0281 0792 cdudf_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0281 0792 dvd_2K ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0281 0792 dvd_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0296 0792 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0296 0792 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0296 0792 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0296 0792 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0296 0792 L8042mou ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0296 0792 L8042mou ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0296 0792 LHidKe ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0296 0792 LHidKe ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0296 0792 LHidUsbK ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0296 0792 LHidUsbK ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0312 0792 LMouKE ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0312 0792 LMouKE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0312 0792 mmc_2K ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0312 0792 mmc_2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0312 0792 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0312 0792 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0312 0792 pwd_2k ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0312 0792 pwd_2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0328 0792 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0328 0792 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0328 0792 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0328 0792 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0328 0792 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0328 0792 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0328 0792 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0328 0792 UdfReadr_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:13.0343 0792 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:13.0343 0792 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:23.0937 1820 Deinitialize success
 



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 12 February 2013 - 08:06 AM


Hello

looking thru the tdsskiller report you will find the file

20:48:10.0312 2228 [ 9EE38FFCB4CBE5BEE6C305700DDC4725 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
20:48:10.0796 2228 w29n51 - ok

If you google the MD5 (what I have bolded in red) you will find it is a legit file - So I would update the driver and leave it alone

I would like to see a report that combofix makes.

extra combofix report
C:\Qoobox\Add-Remove Programs.txt
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
    • click ok
  • copy and paste the report into this topic for me to review

    Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 12 February 2013 - 02:11 PM

Hi Gringo,
 
Here is the combofix report.  I went to the intel page for the driver and it said that I need to update Java.  I did not do that yet, thought I would wait until I got this finaled with you before making any other changes.
 
Report:

7-Zip 9.20
ABBYY FineReader 5.0 Sprint Plus
Acrobat.com
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Standard
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI MUI
Adobe Reader XI (11.0.01)
Adobe Shockwave Player 11.5
ALIAS Email List Manager 1.0.0
ALIAS Find And Replace 1.3.0
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 5
ArcSoft Software Suite
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Bing Maps 3D
Bonjour
Broadcom Gigabit Integrated Controller
C-Major Audio
CardBus
CCleaner
Compatibility Pack for the 2007 Office system
Conexant D110 MDC V.92 Modem
Corel Paint Shop Pro X
Corel PaintShop Pro X4
Critical Update for Windows Media Player 11 (KB959772)
CSE HTML Validator Lite v11.01
CuteFTP 5.0 XP
Dell Driver Download Manager
Dell ResourceCD
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Easy CD Creator 5 Basic
eBook Pro 6.0
EPSON CardMonitor
EPSON Copy Utility
EPSON Photo Print
EPSON PhotoStarter3.0
EPSON Print CD
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON Stylus Photo RX580 Scanner Driver Update
EPSON Stylus Photo RX580 User's Guide
eReg
FreeDiff v1.1.2
getPlus® for Adobe
Google AdWords Editor
Google Update Helper
GoToMeeting 5.3.0.1009
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HoverAd Creator 2.0
HTML Executable IERuntime
ICA
Intel® PROSet/Wireless Software
InterActual Player
InterVideo WinDVD
IPM_PSP_COM
iTunes
Jasc Animation Shop 3
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.1
join.me
K-Lite Mega Codec Pack 4.3.4
Logitech SetPoint 6.1
Malwarebytes' RogueRemover
Malwarebytes Anti-Malware version 1.70.0.1100
mCore
mDriver
mDrWiFi
Memorex exPressit Label Design Studio
mHlpDell
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
mIWA
mLogView
mMHouse
Mozilla Firefox 14.0.1 (x86 en-US)
mPfMgr
mPfWiz
mProSafe
mSSO
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mWMI
mXML
MySoftware Fonts
mZConfig
Notepad++
NVIDIA Windows 2000/XP Display Drivers
OGA Notifier 2.0.0048.0
PCI 7510 CardBus Controller with SmartCard and Software
PSPPContent
PSPPHelp
QuickTime
RealPlayer
RealUpgrade 1.0
RevenueWire Keyword Manager
Revo Uninstaller 1.94
Screen Calipers
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Setup
SigmaTel AC97 Audio Drivers
Skype™ 3.8
SpeedPPC Campaign Builder Version 4
Splashtop Software Updater
Splashtop Streamer
Spybot - Search & Destroy
System Requirements Lab for Intel
Texas Instruments PCIxx21/x515 drivers.
The Logo Creator v5.2
TIxx21/x515
TopStyle Lite (Version 3.0)
Tweak UI
TweetAssassinSetup
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows Internet Explorer 8 (KB982664)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
VC80CRTRedist - 8.0.50727.4053
VIGOS Gsitemap 0.97a
WebFldrs XP
Window Washer
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinMerge 2.12.4

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 12 February 2013 - 09:19 PM


Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..


I am at this time recommending removing Java completely from the computer unless there is something that is needed for your work- the bad guys are exploiting it faster than they can get it updated


uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)
  • Programs to remove

    • Java 7 Update 7
      JavaFX 2.1.1


Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
  • .

    Clean Out Temp Files
    • This small application you may want to keep and use once a week to keep the computer clean.

      Download CCleaner from here http://www.ccleaner.com/
      • Run the installer to install the application.
      • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
      • Run CCleaner. default settings are fine
      • Click Run Cleaner.
      • Close CCleaner.
: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
      • report from Hijackthis
        • let me know of any problems you may have had
          • How is the computer doing now?
        Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 13 February 2013 - 12:25 AM

Gringo,

Below are the logfiles, no problem with either one. Computer seems to be
running fine, no issues. I still have yet to update that driver, waiting
until the other issue is cleaned off.

Thanks.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:51:09 PM, on 2/12/13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Documents and Settings\Greg\Desktop\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Documents%20and%20Settings/Greg/Desktop/DESKTOP%20FOLDERS/newindex.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [EPSON Stylus Photo RX580 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPA.EXE /FU "C:\DOCUME~1\Greg\LOCALS~1\Temp\E_S12.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: RemindMe.lnk = C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: RemindMe.lnk = C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe (User 'Default user')
O4 - .DEFAULT User Startup: RemindMe.lnk = C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe (User 'Default user')
O4 - Startup: RemindMe.lnk = C:\Documents and Settings\Greg\My Documents\Downloads\remindme\remindme\RemindMe.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.5.0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269471504921
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1347713975906
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 10289 bytes



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.13.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Greg :: PRIMARY [administrator]

2/12/13 9:13:07 PM
mbam-log-2013-02-12 (21-13-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 208321
Time elapsed: 7 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 13 February 2013 - 12:42 AM




Greetings

go ahead and do the update while I am here

These logs are looking very good, we are almost done!!! Just one more scan to go.

I normaly remove any extra startups That I see in the Hijackthis report to speed things up but yours look very good - Great Job!! smile.png

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
  • When the scan is complete
    • If no threats were found
      • put a checkmark in "Uninstall application on close"
      • close program
      • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 13 February 2013 - 03:45 AM

This is the scan from ESET. I went in to update the driver, it's installing the new PROSet/Wireless WiFi Software
but it's been stuck on about 98% for the last 30 minutes. May need to reboot and start over? I didn't want to hang on it any longer before I sent this. I think I might just go ahead and reboot and try to install the ICS_x32.exe file again.

Thanks!


C:\Qoobox\Quarantine\C\Documents and Settings\Greg\Application Data\9.exe.vir variant of Win32/Injector.ACQU trojan

C:\Qoobox\Quarantine\C\Documents and Settings\Greg\Application Data\A.exe.vir variant of Win32/Injector.ACQU trojan

C:\Qoobox\Quarantine\C\Documents and Settings\Greg\Application Data\B.exe.vir variant of Win32/Injector.ACQU trojan

C:\System Volume Information\_restore{D399FF16-B707-46B5-981C-4C20A5AF88F8}\RP156\A0004793.exe variant of Win32/Injector.ACQU trojan

C:\System Volume Information\_restore{D399FF16-B707-46B5-981C-4C20A5AF88F8}\RP156\A0004794.exe variant of Win32/Injector.ACQU trojan

C:\System Volume Information\_restore{D399FF16-B707-46B5-981C-4C20A5AF88F8}\RP156\A0004795.exe variant of Win32/Injector.ACQU trojan

Edited by wgrogers, 13 February 2013 - 03:48 AM.


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:04 PM

Posted 13 February 2013 - 03:54 AM


Hello

try and hold off for a few more min and see if it completes

The Online scan looks very good!! It is only reporting backups created during the course of this fix!!

  • C:\Qoobox\Quarantine\<-- combofix
    C:\System Volume Information\<-- System restore

Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


:Why we need to remove some of our tools:
  • Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wrong time can make the computer an expensive paper weight.
    They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

    The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.
  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
    • The application window will appear
    • Click the Re-enable button to re-enable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK.
    Your Emulation drivers are now re-enabled.
:Uninstall ComboFix:
  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • CF-Uninstall.png
  • :Remove the rest of our tools:

    Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.
    • Double-click OTCleanIt.exe.
    • Click the CleanUp! button.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes, if not delete it by yourself.
    • If asked to restart the computer, please do so
    Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

    :The programs you can keep:

    Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.
    • Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

      CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

      Malwarebytes' Anti-Malware The Gold standard today in antimalware scanners

    :Security programs:

    One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.
    • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
    • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
    • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
      totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)

      Note** If you decide to install MSE you will need to uninstall your present Antivirus
:Security awareness:


It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.


The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internetHere is some more reading for you from some of my collegesquoted from Tech Support Forum

Conclusion

There is no such thing as ‘perfect security’. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 wgrogers

wgrogers
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Moonbeamafornia
  • Local time:11:04 AM

Posted 13 February 2013 - 04:35 PM

I'll get rid of the programs but here's the situation now.  I did try to load the new driver.  Last night it sat there for about two hours and never completed.  I finally did a reboot since I could not turn it off, Now when I turn the computer on, I am getting a Intel® PROSet/Wireless Zero Config Service error pop up.  Says zcfgsvc.exe is the AppName and it pops up at regular intervals.  Behind it are one pop up that has the same title but says the "service has encountered a problem and needs to close. Sorry".    I close that and behind it is a 3rd popup that has the intel logo and is the installshield wiard that says the PROSet\Wireless WiFi Software has successfully installed.

 

If you know a solution off the top, let me know otherwise I'll continue to investigate as I can.  I will also run the clean up tools in the interum.

 

Thanks Gringo!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users