Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search redirect and Internet explorer windows running in background


  • Please log in to reply
14 replies to this topic

#1 Inigo64

Inigo64

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 11 February 2013 - 11:17 PM

Hello, my name is Colin

Help, my searches in any search engine are being redirected and there are usually 3 or 4 random Internet explorer windows running that i could only see in the task manager but were slowing my computer down.

I tried running an MBAM scan and it didn't find anything so I ran rkill before I scanned again and it still didn't come up with anything. I also tried Malwarebyte's Anti-Rootkit and that didnt find anything.

The redirect virus affects every browser, but the background web pages were only in Explorer or at least I think because I turned off IE9 and they weren't running anymore

I'm not exactly sure what system information I need to upload besides I'm running Windows 7 professional with service pack 1

Thanks,
Colin

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 11 February 2013 - 11:22 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 12 February 2013 - 07:35 PM

Thanks for responding so fast, TDSSKiller didnt find anything, but the last two did.

Heres the logs:

 

TDSSKiller

 

15:50:32.0092 3456  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:50:32.0685 3456  ============================================================
15:50:32.0685 3456  Current date / time: 2013/02/12 15:50:32.0685
15:50:32.0685 3456  SystemInfo:
15:50:32.0685 3456  
15:50:32.0685 3456  OS Version: 6.1.7601 ServicePack: 1.0
15:50:32.0685 3456  Product type: Workstation
15:50:32.0685 3456  ComputerName: COLINKEELE
15:50:32.0685 3456  UserName: akeele
15:50:32.0685 3456  Windows directory: C:\Windows
15:50:32.0685 3456  System windows directory: C:\Windows
15:50:32.0685 3456  Processor architecture: Intel x86
15:50:32.0685 3456  Number of processors: 2
15:50:32.0685 3456  Page size: 0x1000
15:50:32.0685 3456  Boot type: Normal boot
15:50:32.0685 3456  ============================================================
15:51:10.0507 3456  BG loaded
15:51:15.0093 3456  Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:51:15.0213 3456  ============================================================
15:51:15.0213 3456  \Device\Harddisk0\DR0:
15:51:15.0233 3456  MBR partitions:
15:51:15.0233 3456  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x10A3000
15:51:15.0233 3456  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10B7000, BlocksNum 0x1194E000
15:51:15.0233 3456  ============================================================
15:51:15.0743 3456  C: <-> \Device\Harddisk0\DR0\Partition2
15:51:15.0743 3456  ============================================================
15:51:15.0743 3456  Initialize success
15:51:15.0743 3456  ============================================================
15:51:30.0209 5872  ============================================================
15:51:30.0209 5872  Scan started
15:51:30.0209 5872  Mode: Manual;
15:51:30.0209 5872  ============================================================
15:51:52.0938 5872  ================ Scan system memory ========================
15:51:52.0938 5872  System memory - ok
15:51:52.0938 5872  ================ Scan services =============================
15:52:10.0224 5872  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:52:10.0551 5872  1394ohci - ok
15:52:10.0957 5872  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:52:11.0113 5872  ACPI - ok
15:52:11.0285 5872  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:52:11.0316 5872  AcpiPmi - ok
15:52:11.0955 5872  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:52:11.0971 5872  AdobeARMservice - ok
15:52:12.0486 5872  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:12.0845 5872  AdobeFlashPlayerUpdateSvc - ok
15:52:13.0359 5872  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:52:13.0968 5872  adp94xx - ok
15:52:14.0124 5872  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:52:14.0732 5872  adpahci - ok
15:52:14.0873 5872  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:52:15.0153 5872  adpu320 - ok
15:52:15.0263 5872  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:52:15.0278 5872  AeLookupSvc - ok
15:52:15.0559 5872  [ 7A841462AD4749F8A07B27AE8E8947B8 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
15:52:15.0590 5872  AERTFilters - ok
15:52:16.0011 5872  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
15:52:16.0027 5872  AFD - ok
15:52:16.0089 5872  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:52:16.0152 5872  agp440 - ok
15:52:16.0292 5872  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:52:16.0339 5872  aic78xx - ok
15:52:16.0464 5872  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:52:16.0511 5872  ALG - ok
15:52:16.0573 5872  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:52:16.0729 5872  aliide - ok
15:52:16.0776 5872  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:52:16.0807 5872  amdagp - ok
15:52:16.0869 5872  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:52:16.0901 5872  amdide - ok
15:52:17.0010 5872  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:52:17.0057 5872  AmdK8 - ok
15:52:17.0166 5872  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:52:17.0244 5872  AmdPPM - ok
15:52:17.0353 5872  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:52:17.0478 5872  amdsata - ok
15:52:17.0634 5872  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:52:17.0852 5872  amdsbs - ok
15:52:17.0868 5872  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:52:17.0899 5872  amdxata - ok
15:52:18.0133 5872  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
15:52:18.0242 5872  AppID - ok
15:52:18.0414 5872  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:52:18.0445 5872  AppIDSvc - ok
15:52:18.0585 5872  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
15:52:18.0601 5872  Appinfo - ok
15:52:18.0975 5872  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:52:18.0975 5872  Apple Mobile Device - ok
15:52:19.0272 5872  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:52:19.0475 5872  AppMgmt - ok
15:52:19.0662 5872  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:52:19.0787 5872  arc - ok
15:52:19.0880 5872  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:52:19.0943 5872  arcsas - ok
15:52:20.0567 5872  [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:52:20.0660 5872  aspnet_state - ok
15:52:20.0754 5872  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:52:20.0785 5872  AsyncMac - ok
15:52:20.0847 5872  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
15:52:20.0847 5872  atapi - ok
15:52:21.0144 5872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:52:21.0159 5872  AudioEndpointBuilder - ok
15:52:21.0362 5872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:52:21.0362 5872  Audiosrv - ok
15:52:21.0534 5872  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:52:21.0690 5872  AxInstSV - ok
15:52:21.0986 5872  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:52:22.0797 5872  b06bdrv - ok
15:52:23.0172 5872  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:52:23.0765 5872  b57nd60x - ok
15:52:24.0404 5872  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:52:24.0435 5872  BBSvc - ok
15:52:24.0763 5872  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:52:24.0997 5872  BBUpdate - ok
15:52:25.0247 5872  [ 601259276B934F0C938BFF4F558C5691 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
15:52:25.0262 5872  BCMH43XX - ok
15:52:25.0387 5872  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:52:25.0418 5872  BDESVC - ok
15:52:25.0481 5872  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:52:25.0481 5872  Beep - ok
15:52:25.0949 5872  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
15:52:25.0980 5872  BFE - ok
15:52:26.0307 5872  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
15:52:26.0323 5872  BITS - ok
15:52:26.0385 5872  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:52:26.0401 5872  blbdrive - ok
15:52:26.0947 5872  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:52:26.0947 5872  Bonjour Service - ok
15:52:27.0150 5872  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:52:27.0165 5872  bowser - ok
15:52:27.0399 5872  [ 104C980400850EA84F86CD31AE2EEECE ] BPowMon         C:\Program Files\Broadcom\BPowMon\BPowMon.exe
15:52:27.0415 5872  BPowMon - ok
15:52:27.0446 5872  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:52:27.0462 5872  BrFiltLo - ok
15:52:27.0509 5872  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:52:27.0524 5872  BrFiltUp - ok
15:52:27.0602 5872  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:52:27.0618 5872  BridgeMP - ok
15:52:27.0743 5872  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
15:52:27.0743 5872  Browser - ok
15:52:27.0789 5872  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:52:27.0899 5872  Brserid - ok
15:52:27.0930 5872  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:52:27.0961 5872  BrSerWdm - ok
15:52:27.0992 5872  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:52:28.0023 5872  BrUsbMdm - ok
15:52:28.0086 5872  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:52:28.0101 5872  BrUsbSer - ok
15:52:28.0133 5872  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:52:28.0148 5872  BTHMODEM - ok
15:52:28.0195 5872  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:52:28.0257 5872  bthserv - ok
15:52:30.0910 5872  catchme - ok
15:52:30.0974 5872  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:52:31.0021 5872  cdfs - ok
15:52:31.0145 5872  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:52:31.0161 5872  cdrom - ok
15:52:31.0395 5872  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:52:31.0504 5872  CertPropSvc - ok
15:52:31.0582 5872  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:52:31.0645 5872  circlass - ok
15:52:31.0723 5872  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:52:31.0832 5872  CLFS - ok
15:52:32.0128 5872  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:32.0331 5872  clr_optimization_v2.0.50727_32 - ok
15:52:33.0189 5872  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:52:33.0532 5872  clr_optimization_v4.0.30319_32 - ok
15:52:33.0626 5872  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:52:33.0673 5872  CmBatt - ok
15:52:33.0766 5872  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:52:33.0938 5872  cmdide - ok
15:52:34.0141 5872  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:52:34.0624 5872  CNG - ok
15:52:34.0733 5872  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:52:34.0780 5872  Compbatt - ok
15:52:34.0874 5872  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:52:34.0874 5872  CompositeBus - ok
15:52:34.0983 5872  COMSysApp - ok
15:52:35.0061 5872  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:52:35.0155 5872  crcdisk - ok
15:52:35.0326 5872  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:52:35.0342 5872  CryptSvc - ok
15:52:35.0529 5872  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
15:52:35.0545 5872  CSC - ok
15:52:35.0654 5872  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
15:52:35.0669 5872  CscService - ok
15:52:36.0044 5872  [ 7CAAF4AF453EF3582FEF65DD72CAA0AA ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
15:52:36.0059 5872  dc3d - ok
15:52:36.0262 5872  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:52:36.0262 5872  DcomLaunch - ok
15:52:36.0371 5872  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:52:36.0683 5872  defragsvc - ok
15:52:36.0824 5872  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:52:36.0824 5872  DfsC - ok
15:52:37.0042 5872  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:52:37.0058 5872  Dhcp - ok
15:52:37.0120 5872  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:52:37.0136 5872  discache - ok
15:52:37.0261 5872  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:52:37.0307 5872  Disk - ok
15:52:37.0401 5872  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:52:37.0417 5872  Dnscache - ok
15:52:37.0573 5872  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:52:37.0900 5872  dot3svc - ok
15:52:38.0072 5872  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
15:52:38.0087 5872  DPS - ok
15:52:38.0243 5872  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:52:38.0275 5872  drmkaud - ok
15:52:38.0961 5872  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:52:38.0992 5872  DXGKrnl - ok
15:52:39.0148 5872  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:52:39.0164 5872  EapHost - ok
15:52:40.0755 5872  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:52:42.0284 5872  ebdrv - ok
15:52:42.0424 5872  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
15:52:42.0424 5872  EFS - ok
15:52:43.0033 5872  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:52:43.0797 5872  ehRecvr - ok
15:52:43.0906 5872  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:52:44.0078 5872  ehSched - ok
15:52:44.0390 5872  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:52:44.0967 5872  elxstor - ok
15:52:45.0076 5872  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:52:45.0123 5872  ErrDev - ok
15:52:45.0731 5872  [ 01CE484FF6D70A39479BC6D619DE7ED6 ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
15:52:45.0856 5872  EsgScanner - ok
15:52:46.0184 5872  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:52:46.0184 5872  EventSystem - ok
15:52:46.0262 5872  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:52:46.0527 5872  exfat - ok
15:52:46.0621 5872  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:52:46.0636 5872  fastfat - ok
15:52:46.0933 5872  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
15:52:46.0933 5872  Fax - ok
15:52:47.0042 5872  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:52:47.0120 5872  fdc - ok
15:52:47.0229 5872  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:52:47.0229 5872  fdPHost - ok
15:52:47.0369 5872  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:52:47.0385 5872  FDResPub - ok
15:52:47.0447 5872  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:52:47.0541 5872  FileInfo - ok
15:52:47.0681 5872  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:52:47.0713 5872  Filetrace - ok
15:52:47.0775 5872  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:52:47.0822 5872  flpydisk - ok
15:52:48.0087 5872  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:52:48.0087 5872  FltMgr - ok
15:52:48.0415 5872  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
15:52:48.0430 5872  FontCache - ok
15:52:48.0649 5872  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:52:48.0805 5872  FontCache3.0.0.0 - ok
15:52:48.0851 5872  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:52:48.0945 5872  FsDepends - ok
15:52:49.0039 5872  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:52:49.0101 5872  Fs_Rec - ok
15:52:49.0366 5872  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:52:49.0631 5872  fvevol - ok
15:52:49.0834 5872  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:52:49.0943 5872  gagp30kx - ok
15:52:50.0021 5872  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:52:50.0021 5872  GEARAspiWDM - ok
15:52:50.0427 5872  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:52:50.0443 5872  gpsvc - ok
15:52:51.0035 5872  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:52:51.0035 5872  gupdate - ok
15:52:51.0316 5872  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:52:51.0316 5872  gupdatem - ok
15:52:51.0394 5872  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:52:51.0472 5872  hcw85cir - ok
15:52:51.0644 5872  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:52:51.0644 5872  HDAudBus - ok
15:52:51.0878 5872  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:52:51.0956 5872  HidBatt - ok
15:52:52.0065 5872  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:52:52.0190 5872  HidBth - ok
15:52:52.0299 5872  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:52:52.0408 5872  HidIr - ok
15:52:52.0549 5872  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
15:52:52.0564 5872  hidserv - ok
15:52:52.0689 5872  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:52:52.0705 5872  HidUsb - ok
15:52:52.0767 5872  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:52:52.0939 5872  hkmsvc - ok
15:52:53.0063 5872  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:52:53.0079 5872  HomeGroupListener - ok
15:52:53.0173 5872  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:52:53.0173 5872  HomeGroupProvider - ok
15:52:53.0329 5872  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:52:53.0407 5872  HpSAMD - ok
15:52:54.0389 5872  [ 048B4041190C6A3ED1A182551C7489F4 ] hshld           C:\Program Files\Hotspot Shield\bin\openvpnas.exe
15:52:54.0389 5872  hshld - ok
15:52:54.0733 5872  [ 9FCC81FD265F359EA9AAF81090C8104C ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
15:52:54.0748 5872  HssDRV6 - ok
15:52:55.0731 5872  [ 5732B012627C191A7E790A21ED83F4E4 ] HssSrv          C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
15:52:55.0762 5872  HssSrv - ok
15:52:56.0246 5872  [ D77606D299993FD6614030AC14F5B762 ] HssTrayService  C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
15:52:56.0277 5872  HssTrayService - ok
15:52:56.0963 5872  [ 18EE60A306C973E5A94BB27EF40DF55F ] HssWd           C:\Program Files\Hotspot Shield\bin\hsswd.exe
15:52:57.0010 5872  HssWd - ok
15:52:57.0431 5872  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:52:57.0463 5872  HTTP - ok
15:52:57.0556 5872  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:52:57.0619 5872  hwpolicy - ok
15:52:57.0853 5872  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:52:58.0055 5872  i8042prt - ok
15:52:58.0461 5872  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:52:59.0288 5872  iaStorV - ok
15:52:59.0834 5872  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:53:00.0692 5872  idsvc - ok
15:53:00.0801 5872  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:53:00.0926 5872  iirsp - ok
15:53:01.0409 5872  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:53:01.0425 5872  IKEEXT - ok
15:53:02.0408 5872  [ 94B1FF5D243D34B31380A2F79FC48959 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:53:02.0470 5872  IntcAzAudAddService - ok
15:53:02.0533 5872  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:53:02.0564 5872  intelide - ok
15:53:02.0751 5872  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:53:02.0751 5872  intelppm - ok
15:53:02.0923 5872  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:53:02.0938 5872  IPBusEnum - ok
15:53:03.0032 5872  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:53:03.0079 5872  IpFilterDriver - ok
15:53:03.0734 5872  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:53:03.0734 5872  iphlpsvc - ok
15:53:03.0874 5872  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:53:04.0124 5872  IPMIDRV - ok
15:53:04.0186 5872  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:53:04.0451 5872  IPNAT - ok
15:53:04.0966 5872  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:53:04.0966 5872  iPod Service - ok
15:53:05.0153 5872  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:53:05.0213 5872  IRENUM - ok
15:53:05.0331 5872  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:53:05.0457 5872  isapnp - ok
15:53:05.0705 5872  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:53:06.0196 5872  iScsiPrt - ok
15:53:08.0256 5872  [ 7EA81534E80570BDF6EE4A4248BBA4D6 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
15:53:08.0267 5872  k57nd60x - ok
15:53:08.0417 5872  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:53:08.0429 5872  kbdclass - ok
15:53:08.0547 5872  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:53:08.0557 5872  kbdhid - ok
15:53:08.0596 5872  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
15:53:08.0600 5872  KeyIso - ok
15:53:08.0679 5872  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:53:08.0766 5872  KSecDD - ok
15:53:08.0864 5872  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:53:08.0943 5872  KSecPkg - ok
15:53:09.0090 5872  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:53:09.0524 5872  KtmRm - ok
15:53:09.0603 5872  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:53:09.0622 5872  LanmanServer - ok
15:53:09.0698 5872  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:53:09.0715 5872  LanmanWorkstation - ok
15:53:09.0864 5872  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:53:09.0877 5872  lltdio - ok
15:53:09.0910 5872  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:53:10.0058 5872  lltdsvc - ok
15:53:10.0099 5872  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:53:10.0112 5872  lmhosts - ok
15:53:10.0192 5872  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:53:10.0225 5872  LSI_FC - ok
15:53:10.0250 5872  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:53:10.0289 5872  LSI_SAS - ok
15:53:10.0322 5872  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:53:10.0353 5872  LSI_SAS2 - ok
15:53:10.0378 5872  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:53:10.0409 5872  LSI_SCSI - ok
15:53:10.0438 5872  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:53:10.0475 5872  luafv - ok
15:53:10.0525 5872  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:53:10.0600 5872  Mcx2Svc - ok
15:53:10.0633 5872  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:53:10.0669 5872  megasas - ok
15:53:10.0729 5872  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:53:10.0797 5872  MegaSR - ok
15:53:10.0835 5872  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:53:10.0854 5872  MMCSS - ok
15:53:10.0873 5872  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:53:10.0891 5872  Modem - ok
15:53:10.0984 5872  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:53:10.0985 5872  monitor - ok
15:53:11.0010 5872  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:53:11.0025 5872  mouclass - ok
15:53:11.0062 5872  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:53:11.0073 5872  mouhid - ok
15:53:11.0125 5872  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:53:11.0178 5872  mountmgr - ok
15:53:11.0252 5872  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:53:11.0286 5872  MozillaMaintenance - ok
15:53:11.0308 5872  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:53:11.0352 5872  mpio - ok
15:53:11.0380 5872  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:53:11.0392 5872  mpsdrv - ok
15:53:11.0544 5872  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:53:11.0560 5872  MpsSvc - ok
15:53:11.0613 5872  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:53:11.0653 5872  MRxDAV - ok
15:53:11.0700 5872  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:53:11.0713 5872  mrxsmb - ok
15:53:11.0795 5872  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:53:11.0817 5872  mrxsmb10 - ok
15:53:11.0891 5872  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:53:11.0909 5872  mrxsmb20 - ok
15:53:11.0973 5872  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
15:53:11.0989 5872  msahci - ok
15:53:12.0084 5872  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:53:12.0174 5872  msdsm - ok
15:53:12.0202 5872  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:53:12.0268 5872  MSDTC - ok
15:53:12.0366 5872  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:53:12.0380 5872  Msfs - ok
15:53:12.0392 5872  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:53:12.0412 5872  mshidkmdf - ok
15:53:12.0426 5872  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:53:12.0441 5872  msisadrv - ok
15:53:12.0496 5872  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:53:12.0586 5872  MSiSCSI - ok
15:53:12.0590 5872  msiserver - ok
15:53:12.0622 5872  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:53:12.0642 5872  MSKSSRV - ok
15:53:12.0659 5872  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:53:12.0700 5872  MSPCLOCK - ok
15:53:12.0713 5872  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:53:12.0727 5872  MSPQM - ok
15:53:12.0774 5872  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:53:12.0892 5872  MsRPC - ok
15:53:12.0947 5872  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:53:12.0948 5872  mssmbios - ok
15:53:13.0027 5872  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:53:13.0112 5872  MSTEE - ok
15:53:13.0133 5872  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:53:13.0168 5872  MTConfig - ok
15:53:13.0231 5872  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:53:13.0314 5872  Mup - ok
15:53:13.0398 5872  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
15:53:13.0402 5872  napagent - ok
15:53:13.0480 5872  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:53:13.0505 5872  NativeWifiP - ok
15:53:13.0626 5872  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:53:13.0636 5872  NDIS - ok
15:53:13.0690 5872  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:13.0706 5872  NdisCap - ok
15:53:13.0743 5872  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:13.0754 5872  NdisTapi - ok
15:53:13.0816 5872  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:13.0828 5872  Ndisuio - ok
15:53:13.0877 5872  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:13.0894 5872  NdisWan - ok
15:53:13.0946 5872  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:53:13.0958 5872  NDProxy - ok
15:53:14.0008 5872  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:53:14.0018 5872  NetBIOS - ok
15:53:14.0071 5872  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:53:14.0088 5872  NetBT - ok
15:53:14.0105 5872  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
15:53:14.0107 5872  Netlogon - ok
15:53:14.0151 5872  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:53:14.0169 5872  Netman - ok
15:53:14.0191 5872  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:53:14.0196 5872  netprofm - ok
15:53:14.0245 5872  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:53:14.0299 5872  NetTcpPortSharing - ok
15:53:14.0368 5872  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:53:14.0466 5872  nfrd960 - ok
15:53:14.0510 5872  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:53:14.0513 5872  NlaSvc - ok
15:53:14.0524 5872  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:53:14.0538 5872  Npfs - ok
15:53:14.0564 5872  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:53:14.0573 5872  nsi - ok
15:53:14.0583 5872  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:53:14.0592 5872  nsiproxy - ok
15:53:14.0720 5872  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:53:14.0973 5872  Ntfs - ok
15:53:15.0420 5872  [ 5E91ABA9182BC66A5FFC988C3A399152 ] ntrtscan        c:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
15:53:15.0435 5872  ntrtscan - ok
15:53:15.0480 5872  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:53:15.0490 5872  Null - ok
15:53:15.0615 5872  [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
15:53:15.0629 5872  NVHDA - ok
15:53:16.0439 5872  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:53:16.0580 5872  nvlddmkm - ok
15:53:16.0617 5872  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:53:16.0632 5872  nvraid - ok
15:53:16.0698 5872  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:53:16.0715 5872  nvstor - ok
15:53:16.0808 5872  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:53:16.0813 5872  nvsvc - ok
15:53:17.0236 5872  [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:53:17.0242 5872  nvUpdatusService - ok
15:53:17.0300 5872  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:53:17.0326 5872  nv_agp - ok
15:53:17.0434 5872  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:53:17.0577 5872  odserv - ok
15:53:17.0628 5872  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:53:17.0658 5872  ohci1394 - ok
15:53:17.0807 5872  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:17.0831 5872  ose - ok
15:53:17.0912 5872  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:53:17.0915 5872  p2pimsvc - ok
15:53:17.0932 5872  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:53:17.0936 5872  p2psvc - ok
15:53:17.0956 5872  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:53:17.0967 5872  Parport - ok
15:53:18.0011 5872  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:53:18.0022 5872  partmgr - ok
15:53:18.0035 5872  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:53:18.0045 5872  Parvdm - ok
15:53:18.0122 5872  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:53:18.0124 5872  PcaSvc - ok
15:53:18.0171 5872  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
15:53:18.0204 5872  pci - ok
15:53:18.0246 5872  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
15:53:18.0272 5872  pciide - ok
15:53:18.0300 5872  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:53:18.0328 5872  pcmcia - ok
15:53:18.0339 5872  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:53:18.0349 5872  pcw - ok
15:53:18.0392 5872  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:53:18.0410 5872  PEAUTH - ok
15:53:18.0465 5872  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:53:18.0483 5872  PeerDistSvc - ok
15:53:18.0639 5872  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
15:53:18.0751 5872  pla - ok
15:53:18.0830 5872  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:53:18.0849 5872  PlugPlay - ok
15:53:18.0879 5872  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:53:18.0889 5872  PNRPAutoReg - ok
15:53:18.0936 5872  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:53:18.0938 5872  PNRPsvc - ok
15:53:18.0998 5872  [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32         C:\Windows\system32\DRIVERS\point32.sys
15:53:19.0009 5872  Point32 - ok
15:53:19.0053 5872  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:53:19.0067 5872  PolicyAgent - ok
15:53:19.0130 5872  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
15:53:19.0132 5872  Power - ok
15:53:19.0162 5872  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:53:19.0174 5872  PptpMiniport - ok
15:53:19.0186 5872  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:53:19.0212 5872  Processor - ok
15:53:19.0245 5872  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
15:53:19.0261 5872  ProfSvc - ok
15:53:19.0288 5872  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:19.0290 5872  ProtectedStorage - ok
15:53:19.0327 5872  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:53:19.0328 5872  Psched - ok
15:53:19.0549 5872  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:53:19.0857 5872  ql2300 - ok
15:53:19.0898 5872  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:53:19.0916 5872  ql40xx - ok
15:53:20.0041 5872  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:53:20.0142 5872  QWAVE - ok
15:53:20.0156 5872  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:53:20.0167 5872  QWAVEdrv - ok
15:53:20.0182 5872  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:53:20.0200 5872  RasAcd - ok
15:53:20.0240 5872  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:20.0250 5872  RasAgileVpn - ok
15:53:20.0307 5872  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:53:20.0343 5872  RasAuto - ok
15:53:20.0375 5872  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:20.0389 5872  Rasl2tp - ok
15:53:20.0462 5872  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
15:53:20.0496 5872  RasMan - ok
15:53:20.0528 5872  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:20.0540 5872  RasPppoe - ok
15:53:20.0598 5872  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:53:20.0609 5872  RasSstp - ok
15:53:20.0945 5872  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:53:20.0962 5872  rdbss - ok
15:53:21.0012 5872  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:21.0021 5872  rdpbus - ok
15:53:21.0096 5872  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:21.0104 5872  RDPCDD - ok
15:53:21.0179 5872  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:53:21.0248 5872  RDPDR - ok
15:53:21.0303 5872  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:53:21.0311 5872  RDPENCDD - ok
15:53:21.0324 5872  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:53:21.0332 5872  RDPREFMP - ok
15:53:21.0453 5872  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:53:21.0506 5872  RDPWD - ok
15:53:21.0556 5872  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:53:21.0588 5872  rdyboost - ok
15:53:21.0692 5872  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:53:21.0719 5872  RemoteAccess - ok
15:53:21.0740 5872  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:53:21.0791 5872  RemoteRegistry - ok
15:53:21.0806 5872  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:53:21.0816 5872  RpcEptMapper - ok
15:53:21.0859 5872  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:53:21.0890 5872  RpcLocator - ok
15:53:22.0001 5872  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
15:53:22.0005 5872  RpcSs - ok
15:53:22.0088 5872  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:53:22.0098 5872  rspndr - ok
15:53:22.0134 5872  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:53:22.0162 5872  s3cap - ok
15:53:22.0172 5872  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
15:53:22.0173 5872  SamSs - ok
15:53:22.0237 5872  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:53:22.0324 5872  sbp2port - ok
15:53:22.0406 5872  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:53:22.0429 5872  SCardSvr - ok
15:53:22.0520 5872  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:53:22.0541 5872  scfilter - ok
15:53:22.0591 5872  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
15:53:22.0611 5872  Schedule - ok
15:53:22.0706 5872  [ 3B68015683C27CB00C7A6B60A37CBCFD ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
15:53:22.0729 5872  SCMNdisP - ok
15:53:22.0774 5872  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:53:22.0775 5872  SCPolicySvc - ok
15:53:22.0822 5872  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:53:22.0861 5872  SDRSVC - ok
15:53:22.0931 5872  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:53:22.0940 5872  secdrv - ok
15:53:22.0981 5872  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:53:22.0991 5872  seclogon - ok
15:53:23.0007 5872  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
15:53:23.0009 5872  SENS - ok
15:53:23.0036 5872  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:53:23.0048 5872  SensrSvc - ok
15:53:23.0064 5872  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:53:23.0073 5872  Serenum - ok
15:53:23.0087 5872  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:53:23.0101 5872  Serial - ok
15:53:23.0151 5872  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:53:23.0181 5872  sermouse - ok
15:53:23.0225 5872  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:53:23.0314 5872  SessionEnv - ok
15:53:23.0395 5872  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:53:23.0426 5872  sffdisk - ok
15:53:23.0445 5872  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:53:23.0460 5872  sffp_mmc - ok
15:53:23.0498 5872  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:53:23.0507 5872  sffp_sd - ok
15:53:23.0587 5872  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:53:23.0611 5872  sfloppy - ok
15:53:23.0682 5872  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:53:23.0719 5872  SharedAccess - ok
15:53:23.0751 5872  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:23.0766 5872  ShellHWDetection - ok
15:53:23.0778 5872  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:53:23.0809 5872  sisagp - ok
15:53:23.0853 5872  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:53:23.0865 5872  SiSRaid2 - ok
15:53:23.0880 5872  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:53:23.0923 5872  SiSRaid4 - ok
15:53:23.0955 5872  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:53:23.0983 5872  Smb - ok
15:53:24.0025 5872  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:53:24.0040 5872  SNMPTRAP - ok
15:53:24.0099 5872  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:53:24.0123 5872  spldr - ok
15:53:24.0221 5872  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
15:53:24.0254 5872  Spooler - ok
15:53:24.0421 5872  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:53:24.0437 5872  sppsvc - ok
15:53:24.0480 5872  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:53:24.0494 5872  sppuinotify - ok
15:53:24.0802 5872  [ B7A8148CA23C6A55712002ED317A75D9 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:53:24.0858 5872  SpyHunter 4 Service - ok
15:53:25.0017 5872  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:53:25.0053 5872  srv - ok
15:53:25.0209 5872  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:53:25.0227 5872  srv2 - ok
15:53:25.0425 5872  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:53:25.0441 5872  srvnet - ok
15:53:25.0635 5872  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:53:25.0637 5872  SSDPSRV - ok
15:53:25.0727 5872  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:53:25.0743 5872  SstpSvc - ok
15:53:26.0051 5872  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:53:26.0083 5872  Stereo Service - ok
15:53:26.0121 5872  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:53:26.0158 5872  stexstor - ok
15:53:26.0325 5872  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:53:26.0344 5872  StiSvc - ok
15:53:26.0372 5872  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:53:26.0446 5872  storflt - ok
15:53:26.0512 5872  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
15:53:26.0523 5872  StorSvc - ok
15:53:26.0561 5872  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:53:26.0605 5872  storvsc - ok
15:53:28.0010 5872  [ 3C4A14B5592B75067B27904B5C94291F ] svcGenericHost  c:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
15:53:28.0022 5872  svcGenericHost - ok
15:53:28.0136 5872  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:53:28.0145 5872  swenum - ok
15:53:28.0276 5872  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:53:28.0486 5872  swprv - ok
15:53:28.0784 5872  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
15:53:28.0791 5872  SysMain - ok
15:53:28.0889 5872  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:28.0910 5872  TabletInputService - ok
15:53:29.0031 5872  [ 3A710AB5FD0F7F32CC3F65067FB27B12 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
15:53:29.0042 5872  taphss6 - ok
15:53:29.0102 5872  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:53:29.0166 5872  TapiSrv - ok
15:53:29.0189 5872  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:53:29.0192 5872  TBS - ok
15:53:29.0318 5872  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:53:29.0473 5872  Tcpip - ok
15:53:29.0499 5872  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:53:29.0505 5872  TCPIP6 - ok
15:53:29.0549 5872  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:53:29.0560 5872  tcpipreg - ok
15:53:29.0589 5872  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:53:29.0604 5872  TDPIPE - ok
15:53:29.0646 5872  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:53:29.0678 5872  TDTCP - ok
15:53:29.0715 5872  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:53:29.0726 5872  tdx - ok
15:53:29.0775 5872  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:53:29.0785 5872  TermDD - ok
15:53:29.0877 5872  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
15:53:29.0936 5872  TermService - ok
15:53:29.0982 5872  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:53:29.0997 5872  Themes - ok
15:53:30.0009 5872  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:53:30.0010 5872  THREADORDER - ok
15:53:30.0037 5872  [ AD90AF229517AADD7C29DDC2F606730B ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
15:53:30.0052 5872  tmactmon - ok
15:53:30.0166 5872  [ 69E7DF29EDB32441F14BB77E338E68CD ] TMBMServer      c:\Program Files\Trend Micro\BM\TMBMSRV.exe
15:53:30.0180 5872  TMBMServer - ok
15:53:30.0227 5872  [ 40035CEA54E7CEBD1A211998C48655FF ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
15:53:30.0243 5872  tmcomm - ok
15:53:30.0306 5872  [ C1D5C3CDAA19A9ABD15CAFE9342F1F49 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
15:53:30.0317 5872  tmevtmgr - ok
15:53:30.0417 5872  [ 717E406972BBC07F8FB2A989416CAB73 ] TmFilter        c:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys
15:53:30.0456 5872  TmFilter - ok
15:53:30.0540 5872  [ A39E5B2B9E5F80B5037F5423290D41F2 ] tmlisten        c:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
15:53:30.0548 5872  tmlisten - ok
15:53:30.0682 5872  [ 20DFB632BDD7FF2CD57B46713953AC3A ] tmlwf           C:\Windows\system32\DRIVERS\tmlwf.sys
15:53:30.0698 5872  tmlwf - ok
15:53:30.0901 5872  [ B9EFEC15F0D8825E246FF0D7ECD2CE78 ] TmPfw           c:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
15:53:30.0904 5872  TmPfw - ok
15:53:30.0963 5872  [ 379C4F99994A56B66E11D1E32BB22A1C ] TmPreFilter     c:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys
15:53:30.0973 5872  TmPreFilter - ok
15:53:31.0043 5872  [ C871D384C78B9E87876FFF9C1690F1ED ] TmProxy         c:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
15:53:31.0049 5872  TmProxy - ok
15:53:31.0105 5872  [ 5F7F63884A8547981EE379B8C0FB3312 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
15:53:31.0125 5872  tmtdi - ok
15:53:31.0445 5872  [ 359FAF47313FEE4F2E8A46DC8BE19307 ] tmwfp           C:\Windows\system32\DRIVERS\tmwfp.sys
15:53:31.0491 5872  tmwfp - ok
15:53:31.0515 5872  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:53:31.0525 5872  TrkWks - ok
15:53:31.0638 5872  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:31.0716 5872  TrustedInstaller - ok
15:53:31.0811 5872  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:31.0833 5872  tssecsrv - ok
15:53:31.0963 5872  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:53:31.0978 5872  TsUsbFlt - ok
15:53:32.0099 5872  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:53:32.0110 5872  tunnel - ok
15:53:32.0142 5872  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:53:32.0171 5872  uagp35 - ok
15:53:32.0202 5872  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:53:32.0277 5872  udfs - ok
15:53:32.0339 5872  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:53:32.0384 5872  UI0Detect - ok
15:53:32.0451 5872  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:53:32.0487 5872  uliagpkx - ok
15:53:32.0554 5872  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:53:32.0566 5872  umbus - ok
15:53:32.0651 5872  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:53:32.0685 5872  UmPass - ok
15:53:32.0749 5872  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:53:32.0849 5872  UmRdpService - ok
15:53:32.0980 5872  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:53:32.0983 5872  upnphost - ok
15:53:33.0025 5872  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:33.0038 5872  usbccgp - ok
15:53:33.0155 5872  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:53:33.0211 5872  usbcir - ok
15:53:33.0243 5872  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:53:33.0253 5872  usbehci - ok
15:53:33.0319 5872  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:53:33.0336 5872  usbhub - ok
15:53:33.0376 5872  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:53:33.0392 5872  usbohci - ok
15:53:33.0462 5872  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:53:33.0497 5872  usbprint - ok
15:53:33.0527 5872  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:33.0540 5872  USBSTOR - ok
15:53:33.0582 5872  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:53:33.0590 5872  usbuhci - ok
15:53:33.0649 5872  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:53:33.0659 5872  UxSms - ok
15:53:33.0697 5872  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:53:33.0699 5872  VaultSvc - ok
15:53:33.0804 5872  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:53:33.0849 5872  vdrvroot - ok
15:53:33.0993 5872  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
15:53:34.0203 5872  vds - ok
15:53:34.0269 5872  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:34.0300 5872  vga - ok
15:53:34.0351 5872  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:53:34.0361 5872  VgaSave - ok
15:53:34.0439 5872  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:53:34.0534 5872  vhdmp - ok
15:53:34.0626 5872  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:53:34.0659 5872  viaagp - ok
15:53:34.0684 5872  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:53:34.0720 5872  ViaC7 - ok
15:53:34.0767 5872  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
15:53:34.0782 5872  viaide - ok
15:53:34.0861 5872  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:53:34.0918 5872  vmbus - ok
15:53:34.0950 5872  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:53:34.0978 5872  VMBusHID - ok
15:53:35.0001 5872  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:53:35.0028 5872  volmgr - ok
15:53:35.0144 5872  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:53:35.0309 5872  volmgrx - ok
15:53:35.0384 5872  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:53:35.0495 5872  volsnap - ok
15:53:35.0868 5872  [ 642EB152CB980AD9181B2161066BE629 ] VSApiNt         c:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys
15:53:35.0891 5872  VSApiNt - ok
15:53:35.0988 5872  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:53:36.0067 5872  vsmraid - ok
15:53:36.0501 5872  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
15:53:37.0435 5872  VSS - ok
15:53:37.0444 5872  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:53:37.0445 5872  vwifibus - ok
15:53:37.0486 5872  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:53:37.0498 5872  vwififlt - ok
15:53:37.0646 5872  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:53:38.0018 5872  W32Time - ok
15:53:38.0084 5872  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:53:38.0125 5872  WacomPen - ok
15:53:38.0191 5872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:53:38.0201 5872  WANARP - ok
15:53:38.0218 5872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:53:38.0219 5872  Wanarpv6 - ok
15:53:38.0627 5872  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:39.0515 5872  WatAdminSvc - ok
15:53:39.0932 5872  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
15:53:40.0743 5872  wbengine - ok
15:53:40.0866 5872  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:53:40.0970 5872  WbioSrvc - ok
15:53:41.0086 5872  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:53:41.0519 5872  wcncsvc - ok
15:53:41.0617 5872  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:41.0651 5872  WcsPlugInService - ok
15:53:41.0754 5872  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:53:41.0785 5872  Wd - ok
15:53:42.0147 5872  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:53:42.0653 5872  Wdf01000 - ok
15:53:42.0698 5872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:53:43.0056 5872  WdiServiceHost - ok
15:53:43.0114 5872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:53:43.0117 5872  WdiSystemHost - ok
15:53:43.0237 5872  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
15:53:43.0541 5872  WebClient - ok
15:53:43.0775 5872  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:53:44.0178 5872  Wecsvc - ok
15:53:44.0259 5872  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:53:44.0262 5872  wercplsupport - ok
15:53:44.0388 5872  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:53:44.0391 5872  WerSvc - ok
15:53:44.0567 5872  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:44.0577 5872  WfpLwf - ok
15:53:44.0638 5872  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:53:44.0690 5872  WIMMount - ok
15:53:45.0089 5872  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:53:45.0107 5872  WinDefend - ok
15:53:45.0109 5872  WinHttpAutoProxySvc - ok
15:53:45.0395 5872  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:53:45.0406 5872  Winmgmt - ok
15:53:45.0664 5872  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:53:46.0763 5872  WinRM - ok
15:53:46.0832 5872  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:46.0890 5872  WinUsb - ok
15:53:47.0034 5872  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:53:47.0053 5872  Wlansvc - ok
15:53:47.0449 5872  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:47.0458 5872  wlidsvc - ok
15:53:47.0485 5872  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:53:47.0505 5872  WmiAcpi - ok
15:53:47.0520 5872  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:53:47.0590 5872  wmiApSrv - ok
15:53:47.0894 5872  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:53:47.0900 5872  WMPNetworkSvc - ok
15:53:47.0975 5872  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:53:47.0997 5872  WPCSvc - ok
15:53:48.0039 5872  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:53:48.0050 5872  WPDBusEnum - ok
15:53:48.0122 5872  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:53:48.0130 5872  ws2ifsl - ok
15:53:48.0286 5872  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:53:48.0289 5872  wscsvc - ok
15:53:48.0292 5872  WSearch - ok
15:53:48.0443 5872  [ A2C4DC335656FB7A5A3AC076282534CB ] WSWNDA3100      C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
15:53:48.0462 5872  WSWNDA3100 - ok
15:53:49.0417 5872  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:53:49.0435 5872  wuauserv - ok
15:53:49.0480 5872  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:53:49.0491 5872  WudfPf - ok
15:53:49.0670 5872  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:49.0685 5872  WUDFRd - ok
15:53:49.0832 5872  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:53:49.0847 5872  wudfsvc - ok
15:53:49.0945 5872  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:53:50.0152 5872  WwanSvc - ok
15:53:50.0267 5872  ================ Scan global ===============================
15:53:50.0326 5872  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:53:50.0395 5872  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:53:50.0421 5872  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:53:50.0524 5872  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:53:50.0636 5872  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:53:50.0639 5872  [Global] - ok
15:53:50.0640 5872  ================ Scan MBR ==================================
15:53:50.0681 5872  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
15:53:54.0822 5872  \Device\Harddisk0\DR0 - ok
15:53:54.0822 5872  ================ Scan VBR ==================================
15:53:54.0853 5872  [ A2F719A704B383928907F28C40FB4624 ] \Device\Harddisk0\DR0\Partition1
15:53:54.0874 5872  \Device\Harddisk0\DR0\Partition1 - ok
15:53:54.0909 5872  [ 84DDA5F6FDE597AB99EFC461D3EC7948 ] \Device\Harddisk0\DR0\Partition2
15:53:54.0923 5872  \Device\Harddisk0\DR0\Partition2 - ok
15:53:54.0924 5872  ================ Scan active images ========================
15:53:54.0924 5872  [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
15:53:54.0924 5872  C:\Windows\System32\drivers\crashdmp.sys - ok
15:53:54.0924 5872  [ 338C86357871C167A96AB976519BF59E ] C:\Windows\System32\drivers\atapi.sys
15:53:54.0924 5872  C:\Windows\System32\drivers\atapi.sys - ok
15:53:54.0925 5872  [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
15:53:54.0925 5872  C:\Windows\System32\drivers\Dumpata.sys - ok
15:53:54.0925 5872  [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
15:53:54.0925 5872  C:\Windows\System32\drivers\dumpfve.sys - ok
15:53:54.0925 5872  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
15:53:54.0925 5872  C:\Windows\System32\drivers\cdrom.sys - ok
15:53:54.0926 5872  [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
15:53:54.0926 5872  C:\Windows\System32\drivers\null.sys - ok
15:53:54.0926 5872  [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
15:53:54.0926 5872  C:\Windows\System32\drivers\beep.sys - ok
15:53:54.0927 5872  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
15:53:54.0927 5872  C:\Windows\System32\drivers\msfs.sys - ok
15:53:54.0927 5872  [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
15:53:54.0927 5872  C:\Windows\System32\drivers\npfs.sys - ok
15:53:54.0927 5872  [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
15:53:54.0928 5872  C:\Windows\System32\drivers\RDPCDD.sys - ok
15:53:54.0928 5872  [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
15:53:54.0928 5872  C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:53:54.0928 5872  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
15:53:54.0928 5872  C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:53:54.0929 5872  [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
15:53:54.0929 5872  C:\Windows\System32\drivers\tdi.sys - ok
15:53:54.0929 5872  [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
15:53:54.0929 5872  C:\Windows\System32\drivers\tdx.sys - ok
15:53:54.0930 5872  [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
15:53:54.0930 5872  C:\Windows\System32\drivers\vga.sys - ok
15:53:54.0930 5872  [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
15:53:54.0930 5872  C:\Windows\System32\drivers\videoprt.sys - ok
15:53:54.0930 5872  [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
15:53:54.0930 5872  C:\Windows\System32\drivers\watchdog.sys - ok
15:53:54.0931 5872  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
15:53:54.0931 5872  C:\Windows\System32\drivers\afd.sys - ok
15:53:54.0931 5872  [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
15:53:54.0931 5872  C:\Windows\System32\drivers\netbt.sys - ok
15:53:54.0932 5872  [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
15:53:54.0932 5872  C:\Windows\System32\drivers\pacer.sys - ok
15:53:54.0932 5872  [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
15:53:54.0932 5872  C:\Windows\System32\drivers\vwififlt.sys - ok
15:53:54.0933 5872  [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
15:53:54.0933 5872  C:\Windows\System32\drivers\wfplwf.sys - ok
15:53:54.0933 5872  [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
15:53:54.0933 5872  C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:53:54.0934 5872  [ 9FCC81FD265F359EA9AAF81090C8104C ] C:\Windows\System32\drivers\hssdrv6.sys
15:53:54.0934 5872  C:\Windows\System32\drivers\hssdrv6.sys - ok
15:53:54.0934 5872  [ 20DFB632BDD7FF2CD57B46713953AC3A ] C:\Windows\System32\drivers\tmlwf.sys
15:53:54.0934 5872  C:\Windows\System32\drivers\tmlwf.sys - ok
15:53:54.0934 5872  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
15:53:54.0934 5872  C:\Windows\System32\drivers\netbios.sys - ok
15:53:54.0935 5872  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] C:\Windows\System32\drivers\serial.sys
15:53:54.0935 5872  C:\Windows\System32\drivers\serial.sys - ok
15:53:54.0935 5872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
15:53:54.0935 5872  C:\Windows\System32\drivers\wanarp.sys - ok
15:53:54.0936 5872  [ 5F7F63884A8547981EE379B8C0FB3312 ] C:\Windows\System32\drivers\tmtdi.sys
15:53:54.0936 5872  C:\Windows\System32\drivers\tmtdi.sys - ok
15:53:54.0936 5872  [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
15:53:54.0936 5872  C:\Windows\System32\drivers\rdbss.sys - ok
15:53:54.0936 5872  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
15:53:54.0936 5872  C:\Windows\System32\drivers\termdd.sys - ok
15:53:54.0937 5872  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
15:53:54.0937 5872  C:\Windows\System32\drivers\nsiproxy.sys - ok
15:53:54.0938 5872  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
15:53:54.0938 5872  C:\Windows\System32\drivers\csc.sys - ok
15:53:54.0938 5872  [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
15:53:54.0938 5872  C:\Windows\System32\drivers\dfsc.sys - ok
15:53:54.0938 5872  [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
15:53:54.0938 5872  C:\Windows\System32\drivers\discache.sys - ok
15:53:54.0939 5872  [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
15:53:54.0939 5872  C:\Windows\System32\drivers\mssmbios.sys - ok
15:53:54.0939 5872  [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
15:53:54.0939 5872  C:\Windows\System32\drivers\blbdrive.sys - ok
15:53:54.0940 5872  [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
15:53:54.0940 5872  C:\Windows\System32\drivers\tunnel.sys - ok
15:53:54.0940 5872  [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
15:53:54.0940 5872  C:\Windows\System32\ntdll.dll - ok
15:53:54.0941 5872  [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
15:53:54.0941 5872  C:\Windows\System32\smss.exe - ok
15:53:54.0941 5872  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
15:53:54.0941 5872  C:\Windows\System32\drivers\intelppm.sys - ok
15:53:54.0941 5872  [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
15:53:54.0941 5872  C:\Windows\System32\autochk.exe - ok
15:53:54.0942 5872  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
15:53:54.0942 5872  C:\Windows\System32\normaliz.dll - ok
15:53:54.0942 5872  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
15:53:54.0942 5872  C:\Windows\System32\shell32.dll - ok
15:53:54.0943 5872  [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
15:53:54.0943 5872  C:\Windows\System32\imm32.dll - ok
15:53:54.0943 5872  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
15:53:54.0943 5872  C:\Windows\System32\sechost.dll - ok
15:53:54.0944 5872  [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
15:53:54.0944 5872  C:\Windows\System32\user32.dll - ok
15:53:54.0944 5872  [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
15:53:54.0944 5872  C:\Windows\System32\gdi32.dll - ok
15:53:54.0944 5872  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
15:53:54.0944 5872  C:\Windows\System32\imagehlp.dll - ok
15:53:54.0945 5872  [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
15:53:54.0945 5872  C:\Windows\System32\lpk.dll - ok
15:53:54.0945 5872  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] C:\Windows\System32\drivers\nvlddmkm.sys
15:53:54.0945 5872  C:\Windows\System32\drivers\nvlddmkm.sys - ok
15:53:54.0946 5872  [ 7A69287FF53D91DAF812B254841E293C ] C:\Windows\System32\drivers\nvBridge.kmd
15:53:54.0946 5872  C:\Windows\System32\drivers\nvBridge.kmd - ok
15:53:54.0946 5872  [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
15:53:54.0946 5872  C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:53:54.0946 5872  [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
15:53:54.0946 5872  C:\Windows\System32\drivers\dxgmms1.sys - ok
15:53:54.0947 5872  [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
15:53:54.0947 5872  C:\Windows\System32\drivers\hdaudbus.sys - ok
15:53:54.0947 5872  [ 7EA81534E80570BDF6EE4A4248BBA4D6 ] C:\Windows\System32\drivers\k57nd60x.sys
15:53:54.0947 5872  C:\Windows\System32\drivers\k57nd60x.sys - ok
15:53:54.0948 5872  [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
15:53:54.0948 5872  C:\Windows\System32\drivers\usbport.sys - ok
15:53:54.0948 5872  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] C:\Windows\System32\drivers\serenum.sys
15:53:54.0948 5872  C:\Windows\System32\drivers\serenum.sys - ok
15:53:54.0948 5872  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
15:53:54.0948 5872  C:\Windows\System32\drivers\usbehci.sys - ok
15:53:54.0951 5872  [ 68DF884CF41CDADA664BEB01DAF67E3D ] C:\Windows\System32\drivers\usbuhci.sys
15:53:54.0951 5872  C:\Windows\System32\drivers\usbuhci.sys - ok
15:53:54.0951 5872  [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
15:53:54.0951 5872  C:\Windows\System32\drivers\agilevpn.sys - ok
15:53:54.0952 5872  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
15:53:54.0952 5872  C:\Windows\System32\drivers\CompositeBus.sys - ok
15:53:54.0952 5872  [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:53:54.0952 5872  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:53:54.0953 5872  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
15:53:54.0953 5872  C:\Windows\System32\drivers\ndistapi.sys - ok
15:53:54.0953 5872  [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
15:53:54.0953 5872  C:\Windows\System32\drivers\ndiswan.sys - ok
15:53:54.0953 5872  [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
15:53:54.0953 5872  C:\Windows\System32\drivers\rasl2tp.sys - ok
15:53:54.0954 5872  [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
15:53:54.0954 5872  C:\Windows\System32\drivers\kbdclass.sys - ok
15:53:54.0954 5872  [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
15:53:54.0954 5872  C:\Windows\System32\drivers\raspppoe.sys - ok
15:53:54.0955 5872  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
15:53:54.0955 5872  C:\Windows\System32\drivers\raspptp.sys - ok
15:53:54.0955 5872  [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
15:53:54.0955 5872  C:\Windows\System32\drivers\rassstp.sys - ok
15:53:54.0956 5872  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
15:53:54.0956 5872  C:\Windows\System32\drivers\rdpbus.sys - ok
15:53:54.0956 5872  [ 3A710AB5FD0F7F32CC3F65067FB27B12 ] C:\Windows\System32\drivers\taphss6.sys
15:53:54.0956 5872  C:\Windows\System32\drivers\taphss6.sys - ok
15:53:54.0956 5872  [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
15:53:54.0956 5872  C:\Windows\System32\drivers\ks.sys - ok
15:53:54.0957 5872  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
15:53:54.0957 5872  C:\Windows\System32\drivers\mouclass.sys - ok
15:53:54.0957 5872  [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
15:53:54.0957 5872  C:\Windows\System32\drivers\swenum.sys - ok
15:53:54.0958 5872  [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
15:53:54.0958 5872  C:\Windows\System32\drivers\umbus.sys - ok
15:53:54.0958 5872  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
15:53:54.0958 5872  C:\Windows\System32\drivers\usbhub.sys - ok
15:53:54.0959 5872  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
15:53:54.0959 5872  C:\Windows\System32\drivers\ndproxy.sys - ok
15:53:54.0959 5872  [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
15:53:54.0959 5872  C:\Windows\System32\drivers\drmk.sys - ok
15:53:54.0960 5872  [ 3D7FB57354703809B5F0C23287FAC1D6 ] C:\Windows\System32\drivers\nvhda32v.sys
15:53:54.0960 5872  C:\Windows\System32\drivers\nvhda32v.sys - ok
15:53:54.0960 5872  [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
15:53:54.0960 5872  C:\Windows\System32\drivers\portcls.sys - ok
15:53:54.0960 5872  [ 94B1FF5D243D34B31380A2F79FC48959 ] C:\Windows\System32\drivers\RTKVHDA.sys
15:53:54.0960 5872  C:\Windows\System32\drivers\RTKVHDA.sys - ok
15:53:54.0961 5872  [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
15:53:54.0961 5872  C:\Windows\System32\iertutil.dll - ok
15:53:54.0962 5872  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
15:53:54.0962 5872  C:\Windows\System32\msvcrt.dll - ok
15:53:54.0963 5872  [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
15:53:54.0963 5872  C:\Windows\System32\drivers\usbd.sys - ok
15:53:54.0963 5872  [ F991AB9CC6B908DB552166768176896A ] C:\Windows\System32\drivers\USBSTOR.SYS
15:53:54.0963 5872  C:\Windows\System32\drivers\USBSTOR.SYS - ok
15:53:54.0964 5872  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
15:53:54.0964 5872  C:\Windows\System32\oleaut32.dll - ok
15:53:54.0964 5872  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
15:53:54.0964 5872  C:\Windows\System32\msctf.dll - ok
15:53:54.0965 5872  [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
15:53:54.0965 5872  C:\Windows\System32\wininet.dll - ok
15:53:54.0965 5872  [ AE09B85158C66E2C154C5C9B3C0027B3 ] C:\Windows\System32\kernel32.dll
15:53:54.0965 5872  C:\Windows\System32\kernel32.dll - ok
15:53:54.0965 5872  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
15:53:54.0965 5872  C:\Windows\System32\nsi.dll - ok
15:53:54.0966 5872  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll
15:53:54.0966 5872  C:\Windows\System32\usp10.dll - ok
15:53:54.0966 5872  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
15:53:54.0966 5872  C:\Windows\System32\psapi.dll - ok
15:53:54.0967 5872  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
15:53:54.0967 5872  C:\Windows\System32\shlwapi.dll - ok
15:53:54.0967 5872  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
15:53:54.0967 5872  C:\Windows\System32\comdlg32.dll - ok
15:53:54.0968 5872  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
15:53:54.0968 5872  C:\Windows\System32\ws2_32.dll - ok
15:53:54.0968 5872  [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
15:53:54.0968 5872  C:\Windows\System32\clbcatq.dll - ok
15:53:54.0968 5872  [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
15:53:54.0969 5872  C:\Windows\System32\urlmon.dll - ok
15:53:54.0969 5872  [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
15:53:54.0969 5872  C:\Windows\System32\rpcrt4.dll - ok
15:53:54.0969 5872  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
15:53:54.0969 5872  C:\Windows\System32\advapi32.dll - ok
15:53:54.0970 5872  [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
15:53:54.0970 5872  C:\Windows\System32\difxapi.dll - ok
15:53:54.0970 5872  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
15:53:54.0970 5872  C:\Windows\System32\setupapi.dll - ok
15:53:54.0971 5872  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
15:53:54.0971 5872  C:\Windows\System32\Wldap32.dll - ok
15:53:54.0971 5872  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
15:53:54.0971 5872  C:\Windows\System32\ole32.dll - ok
15:53:54.0972 5872  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
15:53:54.0972 5872  C:\Windows\System32\comctl32.dll - ok
15:53:54.0972 5872  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
15:53:54.0972 5872  C:\Windows\System32\crypt32.dll - ok
15:53:54.0973 5872  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
15:53:54.0973 5872  C:\Windows\System32\wintrust.dll - ok
15:53:54.0973 5872  [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
15:53:54.0973 5872  C:\Windows\System32\cfgmgr32.dll - ok
15:53:54.0973 5872  [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
15:53:54.0973 5872  C:\Windows\System32\devobj.dll - ok
15:53:54.0974 5872  [ AD88D390C9417C959E08F8BF6F2B8154 ] C:\Windows\System32\KernelBase.dll
15:53:54.0974 5872  C:\Windows\System32\KernelBase.dll - ok
15:53:54.0974 5872  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
15:53:54.0974 5872  C:\Windows\System32\msasn1.dll - ok
15:53:54.0975 5872  [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
15:53:54.0975 5872  C:\Windows\System32\drivers\dxapi.sys - ok
15:53:54.0975 5872  [ C7ECD7583B56569DC3DE77FE05641565 ] C:\Windows\System32\win32k.sys
15:53:54.0975 5872  C:\Windows\System32\win32k.sys - ok
15:53:54.0976 5872  [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
15:53:54.0976 5872  C:\Windows\System32\csrsrv.dll - ok
15:53:54.0976 5872  [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
15:53:54.0976 5872  C:\Windows\System32\csrss.exe - ok
15:53:54.0976 5872  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
15:53:54.0976 5872  C:\Windows\System32\basesrv.dll - ok
15:53:54.0977 5872  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\System32\winsrv.dll
15:53:54.0977 5872  C:\Windows\System32\winsrv.dll - ok
15:53:54.0977 5872  [ 601259276B934F0C938BFF4F558C5691 ] C:\Windows\System32\drivers\bcmwlhigh6.sys
15:53:54.0977 5872  C:\Windows\System32\drivers\bcmwlhigh6.sys - ok
15:53:54.0978 5872  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
15:53:54.0978 5872  C:\Windows\System32\drivers\vwifibus.sys - ok
15:53:54.0978 5872  [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
15:53:54.0978 5872  C:\Windows\System32\drivers\monitor.sys - ok
15:53:54.0979 5872  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
15:53:54.0979 5872  C:\Windows\System32\sxssrv.dll - ok
15:53:54.0979 5872  [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
15:53:54.0979 5872  C:\Windows\System32\tsddd.dll - ok
15:53:54.0979 5872  [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
15:53:54.0979 5872  C:\Windows\System32\wininit.exe - ok
15:53:54.0980 5872  [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
15:53:54.0980 5872  C:\Windows\System32\KBDUS.DLL - ok
15:53:54.0980 5872  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
15:53:54.0980 5872  C:\Windows\System32\profapi.dll - ok
15:53:54.0981 5872  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
15:53:54.0981 5872  C:\Windows\System32\RpcRtRemote.dll - ok
15:53:54.0981 5872  [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
15:53:54.0981 5872  C:\Windows\System32\cdd.dll - ok
15:53:54.0981 5872  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
15:53:54.0981 5872  C:\Windows\System32\cryptbase.dll - ok
15:53:54.0982 5872  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
15:53:54.0982 5872  C:\Windows\System32\sxs.dll - ok
15:53:54.0982 5872  [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
15:53:54.0982 5872  C:\Windows\System32\WlS0WndH.dll - ok
15:53:54.0983 5872  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
15:53:54.0983 5872  C:\Windows\System32\apphelp.dll - ok
15:53:54.0983 5872  [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
15:53:54.0983 5872  C:\Windows\System32\lsasrv.dll - ok
15:53:54.0983 5872  [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
15:53:54.0983 5872  C:\Windows\System32\lsass.exe - ok
15:53:54.0984 5872  [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
15:53:54.0984 5872  C:\Windows\System32\lsm.exe - ok
15:53:54.0984 5872  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
15:53:54.0984 5872  C:\Windows\System32\services.exe - ok
15:53:54.0985 5872  [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
15:53:54.0985 5872  C:\Windows\System32\sspicli.dll - ok
15:53:54.0985 5872  [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
15:53:54.0985 5872  C:\Windows\System32\sspisrv.dll - ok
15:53:54.0986 5872  [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
15:53:54.0986 5872  C:\Windows\System32\sysntfy.dll - ok
15:53:54.0986 5872  [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
15:53:54.0986 5872  C:\Windows\System32\scesrv.dll - ok
15:53:54.0987 5872  [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
15:53:54.0987 5872  C:\Windows\System32\scext.dll - ok
15:53:54.0987 5872  [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
15:53:54.0987 5872  C:\Windows\System32\secur32.dll - ok
15:53:54.0987 5872  [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
15:53:54.0987 5872  C:\Windows\System32\wmsgapi.dll - ok
15:53:54.0988 5872  [ 7CAAF4AF453EF3582FEF65DD72CAA0AA ] C:\Windows\System32\drivers\dc3d.sys
15:53:54.0988 5872  C:\Windows\System32\drivers\dc3d.sys - ok
15:53:54.0988 5872  [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
15:53:54.0988 5872  C:\Windows\System32\drivers\hidparse.sys - ok
15:53:54.0989 5872  [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
15:53:54.0989 5872  C:\Windows\System32\drivers\usbccgp.sys - ok
15:53:54.0989 5872  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
15:53:54.0989 5872  C:\Windows\System32\srvcli.dll - ok
15:53:54.0990 5872  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
15:53:54.0990 5872  C:\Windows\System32\cryptdll.dll - ok
15:53:54.0990 5872  [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
15:53:54.0990 5872  C:\Windows\System32\samsrv.dll - ok
15:53:54.0991 5872  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
15:53:54.0991 5872  C:\Windows\System32\wevtapi.dll - ok
15:53:54.0991 5872  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
15:53:54.0991 5872  C:\Windows\System32\authz.dll - ok
15:53:54.0991 5872  [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
15:53:54.0992 5872  C:\Windows\System32\cngaudit.dll - ok
15:53:54.0992 5872  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
15:53:54.0992 5872  C:\Windows\System32\ncrypt.dll - ok
15:53:54.0992 5872  [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
15:53:54.0992 5872  C:\Windows\System32\winlogon.exe - ok
15:53:54.0993 5872  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
15:53:54.0993 5872  C:\Windows\System32\winsta.dll - ok
15:53:54.0993 5872  [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
15:53:54.0993 5872  C:\Windows\System32\bcrypt.dll - ok
15:53:54.0994 5872  [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
15:53:54.0994 5872  C:\Windows\System32\drivers\TsUsbFlt.sys - ok
15:53:54.0994 5872  [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
15:53:54.0994 5872  C:\Windows\System32\drivers\hidclass.sys - ok
15:53:54.0994 5872  [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
15:53:54.0994 5872  C:\Windows\System32\drivers\hidusb.sys - ok
15:53:54.0995 5872  [ 9E3CED91863E6EE98C24794D05E27A71 ] C:\Windows\System32\drivers\kbdhid.sys
15:53:54.0995 5872  C:\Windows\System32\drivers\kbdhid.sys - ok
15:53:54.0995 5872  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
15:53:54.0995 5872  C:\Windows\System32\drivers\mouhid.sys - ok
15:53:54.0996 5872  [ 896D916DE06F5502D301E8C4DC442AE8 ] C:\Windows\System32\drivers\point32.sys
15:53:54.0996 5872  C:\Windows\System32\drivers\point32.sys - ok
15:53:54.0996 5872  [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
15:53:54.0996 5872  C:\Windows\System32\msprivs.dll - ok
15:53:54.0997 5872  [ 5DAF8A6B7F127C4E70A5C1F707347859 ] C:\Windows\System32\atmfd.dll
15:53:54.0997 5872  C:\Windows\System32\atmfd.dll - ok
15:53:54.0997 5872  [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
15:53:54.0997 5872  C:\Windows\System32\netjoin.dll - ok
15:53:54.0997 5872  [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
15:53:54.0997 5872  C:\Windows\System32\kerberos.dll - ok
15:53:54.0998 5872  [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
15:53:54.0998 5872  C:\Windows\System32\negoexts.dll - ok
15:53:54.0998 5872  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
15:53:54.0998 5872  C:\Windows\System32\cryptsp.dll - ok
15:53:54.0999 5872  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
15:53:54.0999 5872  C:\Windows\System32\mswsock.dll - ok
15:53:54.0999 5872  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
15:53:54.0999 5872  C:\Windows\System32\version.dll - ok
15:53:55.0000 5872  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
15:53:55.0000 5872  C:\Windows\System32\msv1_0.dll - ok
15:53:55.0000 5872  [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
15:53:55.0000 5872  C:\Windows\System32\netlogon.dll - ok
15:53:55.0001 5872  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
15:53:55.0001 5872  C:\Windows\System32\wship6.dll - ok
15:53:55.0001 5872  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
15:53:55.0001 5872  C:\Windows\System32\dnsapi.dll - ok
15:53:55.0002 5872  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
15:53:55.0002 5872  C:\Windows\System32\logoncli.dll - ok
15:53:55.0002 5872  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
15:53:55.0002 5872  C:\Windows\System32\schannel.dll - ok
15:53:55.0003 5872  [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
15:53:55.0003 5872  C:\Windows\System32\wdigest.dll - ok
15:53:55.0004 5872  [ 93723774872D9FB903266A46ED1E0BC2 ] C:\Windows\System32\LIVESSP.DLL
15:53:55.0004 5872  C:\Windows\System32\LIVESSP.DLL - ok
15:53:55.0004 5872  [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
15:53:55.0004 5872  C:\Windows\System32\pku2u.dll - ok
15:53:55.0004 5872  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
15:53:55.0004 5872  C:\Windows\System32\rsaenh.dll - ok
15:53:55.0005 5872  [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
15:53:55.0005 5872  C:\Windows\System32\TSpkg.dll - ok
15:53:55.0005 5872  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
15:53:55.0005 5872  C:\Windows\System32\bcryptprimitives.dll - ok
15:53:55.0006 5872  [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
15:53:55.0006 5872  C:\Windows\System32\efslsaext.dll - ok
15:53:55.0006 5872  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
15:53:55.0006 5872  C:\Windows\System32\credssp.dll - ok
15:53:55.0007 5872  [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
15:53:55.0007 5872  C:\Windows\System32\scecli.dll - ok
15:53:55.0008 5872  [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
15:53:55.0008 5872  C:\Windows\System32\ubpm.dll - ok
15:53:55.0009 5872  [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
15:53:55.0009 5872  C:\Windows\System32\svchost.exe - ok
15:53:55.0009 5872  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
15:53:55.0009 5872  C:\Windows\System32\umpnpmgr.dll - ok
15:53:55.0009 5872  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
15:53:55.0009 5872  C:\Windows\System32\SPInf.dll - ok
15:53:55.0010 5872  [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
15:53:55.0010 5872  C:\Windows\System32\devrtl.dll - ok
15:53:55.0011 5872  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
15:53:55.0011 5872  C:\Windows\System32\userenv.dll - ok
15:53:55.0011 5872  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
15:53:55.0011 5872  C:\Windows\System32\gpapi.dll - ok
15:53:55.0011 5872  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
15:53:55.0011 5872  C:\Windows\System32\pcwum.dll - ok
15:53:55.0012 5872  [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
15:53:55.0012 5872  C:\Windows\System32\umpo.dll - ok
15:53:55.0012 5872  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
15:53:55.0012 5872  C:\Windows\System32\powrprof.dll - ok
15:53:55.0013 5872  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
15:53:55.0013 5872  C:\Windows\System32\drivers\luafv.sys - ok
15:53:55.0013 5872  [ 379C4F99994A56B66E11D1E32BB22A1C ] C:\Program Files\Trend Micro\Client Server Security Agent\tmpreflt.sys
15:53:55.0013 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmpreflt.sys - ok
15:53:55.0014 5872  [ 642EB152CB980AD9181B2161066BE629 ] C:\Program Files\Trend Micro\Client Server Security Agent\vsapiNT.sys
15:53:55.0014 5872  C:\Program Files\Trend Micro\Client Server Security Agent\vsapiNT.sys - ok
15:53:55.0014 5872  [ 717E406972BBC07F8FB2A989416CAB73 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys
15:53:55.0014 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys - ok
15:53:55.0015 5872  [ B7A8148CA23C6A55712002ED317A75D9 ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
15:53:55.0015 5872  C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE - ok
15:53:55.0015 5872  [ 205CBE408A76F5FBDEF1BB0A509083BD ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll
15:53:55.0015 5872  C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll - ok
15:53:55.0015 5872  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
15:53:55.0015 5872  C:\Windows\System32\drivers\WUDFPf.sys - ok
15:53:55.0016 5872  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] C:\Windows\System32\nvvsvc.exe
15:53:55.0016 5872  C:\Windows\System32\nvvsvc.exe - ok
15:53:55.0016 5872  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
15:53:55.0016 5872  C:\Windows\System32\wtsapi32.dll - ok
15:53:55.0017 5872  [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:53:55.0017 5872  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
15:53:55.0017 5872  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
15:53:55.0017 5872  C:\Windows\System32\winspool.drv - ok
15:53:55.0018 5872  [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll
15:53:55.0018 5872  C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok
15:53:55.0018 5872  [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll
15:53:55.0018 5872  C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll - ok
15:53:55.0018 5872  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
15:53:55.0018 5872  C:\Windows\System32\ntmarta.dll - ok
15:53:55.0019 5872  [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
15:53:55.0019 5872  C:\Windows\System32\rpcss.dll - ok
15:53:55.0019 5872  [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
15:53:55.0019 5872  C:\Windows\System32\RpcEpMap.dll - ok
15:53:55.0020 5872  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
15:53:55.0020 5872  C:\Windows\System32\wshqos.dll - ok
15:53:55.0020 5872  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
15:53:55.0020 5872  C:\Windows\System32\WSHTCPIP.DLL - ok
15:53:55.0021 5872  [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
15:53:55.0021 5872  C:\Windows\System32\FirewallAPI.dll - ok
15:53:55.0021 5872  [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
15:53:55.0021 5872  C:\Windows\System32\LogonUI.exe - ok
15:53:55.0022 5872  [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
15:53:55.0022 5872  C:\Windows\System32\wevtsvc.dll - ok
15:53:55.0022 5872  [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
15:53:55.0022 5872  C:\Windows\System32\authui.dll - ok
15:53:55.0022 5872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
15:53:55.0022 5872  C:\Windows\System32\audiosrv.dll - ok
15:53:55.0023 5872  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
15:53:55.0023 5872  C:\Windows\System32\avrt.dll - ok
15:53:55.0023 5872  [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
15:53:55.0023 5872  C:\Windows\System32\mmcss.dll - ok
15:53:55.0024 5872  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
15:53:55.0024 5872  C:\Windows\System32\MMDevAPI.dll - ok
15:53:55.0024 5872  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
15:53:55.0024 5872  C:\Windows\System32\propsys.dll - ok
15:53:55.0024 5872  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
15:53:55.0024 5872  C:\Windows\System32\cryptui.dll - ok
15:53:55.0025 5872  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:53:55.0025 5872  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:53:55.0025 5872  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
15:53:55.0025 5872  C:\Windows\System32\samlib.dll - ok
15:53:55.0026 5872  [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
15:53:55.0026 5872  C:\Windows\System32\shacct.dll - ok
15:53:55.0026 5872  [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
15:53:55.0026 5872  C:\Windows\System32\uxtheme.dll - ok
15:53:55.0027 5872  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:53:55.0027 5872  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:53:55.0027 5872  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
15:53:55.0027 5872  C:\Windows\System32\dui70.dll - ok
15:53:55.0027 5872  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
15:53:55.0027 5872  C:\Windows\System32\duser.dll - ok
15:53:55.0028 5872  [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
15:53:55.0028 5872  C:\Windows\System32\SndVolSSO.dll - ok
15:53:55.0028 5872  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
15:53:55.0028 5872  C:\Windows\System32\dwmapi.dll - ok
15:53:55.0029 5872  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
15:53:55.0029 5872  C:\Windows\System32\hid.dll - ok
15:53:55.0029 5872  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
15:53:55.0029 5872  C:\Windows\System32\xmllite.dll - ok
15:53:55.0030 5872  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
15:53:55.0030 5872  C:\Windows\System32\WindowsCodecs.dll - ok
15:53:55.0030 5872  [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
15:53:55.0030 5872  C:\Windows\System32\audiodg.exe - ok
15:53:55.0031 5872  [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
15:53:55.0031 5872  C:\Windows\System32\cscsvc.dll - ok
15:53:55.0031 5872  [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
15:53:55.0031 5872  C:\Windows\System32\PeerDist.dll - ok
15:53:55.0031 5872  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
15:53:55.0031 5872  C:\Windows\System32\winbrand.dll - ok
15:53:55.0032 5872  [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
15:53:55.0032 5872  C:\Windows\System32\gpsvc.dll - ok
15:53:55.0032 5872  [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
15:53:55.0032 5872  C:\Windows\System32\VaultCredProvider.dll - ok
15:53:55.0033 5872  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
15:53:55.0033 5872  C:\Windows\System32\netprofm.dll - ok
15:53:55.0033 5872  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
15:53:55.0033 5872  C:\Windows\System32\taskschd.dll - ok
15:53:55.0034 5872  [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
15:53:55.0034 5872  C:\Windows\System32\nlaapi.dll - ok
15:53:55.0034 5872  [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
15:53:55.0034 5872  C:\Windows\System32\profsvc.dll - ok
15:53:55.0034 5872  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
15:53:55.0034 5872  C:\Windows\System32\atl.dll - ok
15:53:55.0035 5872  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
15:53:55.0035 5872  C:\Windows\System32\dsrole.dll - ok
15:53:55.0035 5872  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
15:53:55.0035 5872  C:\Windows\System32\themeservice.dll - ok
15:53:55.0036 5872  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
15:53:55.0036 5872  C:\Windows\System32\slc.dll - ok
15:53:55.0036 5872  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
15:53:55.0036 5872  C:\Windows\System32\mstask.dll - ok
15:53:55.0036 5872  [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
15:53:55.0037 5872  C:\Windows\System32\es.dll - ok
15:53:55.0037 5872  [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
15:53:55.0037 5872  C:\Windows\System32\Sens.dll - ok
15:53:55.0037 5872  [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
15:53:55.0037 5872  C:\Windows\System32\uxsms.dll - ok
15:53:55.0038 5872  [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:53:55.0038 5872  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:53:55.0038 5872  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
15:53:55.0038 5872  C:\Windows\System32\WUDFSvc.dll - ok
15:53:55.0039 5872  [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
15:53:55.0039 5872  C:\Windows\System32\WUDFPlatform.dll - ok
15:53:55.0039 5872  [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
15:53:55.0039 5872  C:\Windows\System32\BioCredProv.dll - ok
15:53:55.0040 5872  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
15:53:55.0040 5872  C:\Windows\System32\drivers\lltdio.sys - ok
15:53:55.0040 5872  [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
15:53:55.0040 5872  C:\Windows\System32\winbio.dll - ok
15:53:55.0040 5872  [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
15:53:55.0040 5872  C:\Windows\System32\drivers\ndisuio.sys - ok
15:53:55.0041 5872  [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
15:53:55.0041 5872  C:\Windows\System32\drivers\nwifi.sys - ok
15:53:55.0041 5872  [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
15:53:55.0041 5872  C:\Windows\System32\drivers\rspndr.sys - ok
15:53:55.0042 5872  [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
15:53:55.0042 5872  C:\Windows\System32\lmhsvc.dll - ok
15:53:55.0042 5872  [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
15:53:55.0042 5872  C:\Windows\System32\nsisvc.dll - ok
15:53:55.0042 5872  [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
15:53:55.0042 5872  C:\Windows\System32\dhcpcore.dll - ok
15:53:55.0043 5872  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
15:53:55.0043 5872  C:\Windows\System32\IPHLPAPI.DLL - ok
15:53:55.0043 5872  [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
15:53:55.0043 5872  C:\Windows\System32\keyiso.dll - ok
15:53:55.0044 5872  [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
15:53:55.0044 5872  C:\Windows\System32\nrpsrv.dll - ok
15:53:55.0044 5872  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
15:53:55.0044 5872  C:\Windows\System32\winnsi.dll - ok
15:53:55.0044 5872  [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
15:53:55.0045 5872  C:\Windows\System32\dnsrslvr.dll - ok
15:53:55.0045 5872  [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
15:53:55.0045 5872  C:\Windows\System32\eapsvc.dll - ok
15:53:55.0046 5872  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
15:53:55.0046 5872  C:\Windows\System32\FWPUCLNT.DLL - ok
15:53:55.0046 5872  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
15:53:55.0046 5872  C:\Windows\System32\dhcpcsvc.dll - ok
15:53:55.0047 5872  [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
15:53:55.0047 5872  C:\Windows\System32\dnsext.dll - ok
15:53:55.0047 5872  [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
15:53:55.0047 5872  C:\Windows\System32\comres.dll - ok
15:53:55.0047 5872  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
15:53:55.0047 5872  C:\Windows\System32\dhcpcsvc6.dll - ok
15:53:55.0048 5872  [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
15:53:55.0048 5872  C:\Windows\System32\eapphost.dll - ok
15:53:55.0048 5872  [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
15:53:55.0048 5872  C:\Windows\System32\umb.dll - ok
15:53:55.0049 5872  [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
15:53:55.0049 5872  C:\Windows\System32\credui.dll - ok
15:53:55.0049 5872  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
15:53:55.0049 5872  C:\Windows\System32\netapi32.dll - ok
15:53:55.0050 5872  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
15:53:55.0050 5872  C:\Windows\System32\netutils.dll - ok
15:53:55.0050 5872  [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
15:53:55.0050 5872  C:\Windows\System32\vaultcli.dll - ok
15:53:55.0050 5872  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
15:53:55.0050 5872  C:\Windows\System32\wkscli.dll - ok
15:53:55.0051 5872  [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
15:53:55.0051 5872  C:\Windows\System32\dhcpcore6.dll - ok
15:53:55.0051 5872  [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
15:53:55.0051 5872  C:\Windows\System32\wlansvc.dll - ok
15:53:55.0052 5872  [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
15:53:55.0052 5872  C:\Windows\System32\wlanmsm.dll - ok
15:53:55.0052 5872  [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
15:53:55.0052 5872  C:\Windows\System32\eappprxy.dll - ok
15:53:55.0053 5872  [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
15:53:55.0053 5872  C:\Windows\System32\onex.dll - ok
15:53:55.0053 5872  [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
15:53:55.0053 5872  C:\Windows\System32\wlansec.dll - ok
15:53:55.0054 5872  [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
15:53:55.0054 5872  C:\Windows\System32\eappcfg.dll - ok
15:53:55.0054 5872  [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
15:53:55.0054 5872  C:\Windows\System32\wlgpclnt.dll - ok
15:53:55.0055 5872  [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
15:53:55.0055 5872  C:\Windows\System32\l2gpstore.dll - ok
15:53:55.0055 5872  [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
15:53:55.0055 5872  C:\Windows\System32\WinSCard.dll - ok
15:53:55.0055 5872  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
15:53:55.0055 5872  C:\Windows\System32\wlanutil.dll - ok
15:53:55.0056 5872  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
15:53:55.0056 5872  C:\Windows\System32\msxml6.dll - ok
15:53:55.0056 5872  [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
15:53:55.0056 5872  C:\Windows\System32\adtschema.dll - ok
15:53:55.0057 5872  [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
15:53:55.0057 5872  C:\Windows\System32\shsvcs.dll - ok
15:53:55.0057 5872  [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
15:53:55.0057 5872  C:\Windows\System32\schedsvc.dll - ok
15:53:55.0058 5872  [ 6F44F5C0BC6B210FE5F5A1C8D899AD0A ] C:\Windows\System32\wlanext.exe
15:53:55.0058 5872  C:\Windows\System32\wlanext.exe - ok
15:53:55.0058 5872  [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
15:53:55.0058 5872  C:\Windows\System32\ktmw32.dll - ok
15:53:55.0059 5872  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
15:53:55.0059 5872  C:\Windows\System32\samcli.dll - ok
15:53:55.0059 5872  [ EFDA8576B2BA177AE3DF78B29EA0C45B ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
15:53:55.0059 5872  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
15:53:55.0060 5872  [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
15:53:55.0060 5872  C:\Windows\System32\certCredProvider.dll - ok
15:53:55.0060 5872  [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
15:53:55.0060 5872  C:\Windows\System32\rasplap.dll - ok
15:53:55.0061 5872  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
15:53:55.0061 5872  C:\Windows\System32\rasapi32.dll - ok
15:53:55.0061 5872  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
15:53:55.0062 5872  C:\Windows\System32\rasman.dll - ok
15:53:55.0062 5872  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
15:53:55.0062 5872  C:\Windows\System32\rtutils.dll - ok
15:53:55.0063 5872  [ 3FA214B377B8711D859F950FDFEFF739 ] C:\Windows\System32\conhost.exe
15:53:55.0063 5872  C:\Windows\System32\conhost.exe - ok
15:53:55.0063 5872  [ 32CD26C007DDFC550552AC64DBBDE195 ] C:\Windows\System32\bcmihvsrv.dll
15:53:55.0063 5872  C:\Windows\System32\bcmihvsrv.dll - ok
15:53:55.0064 5872  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
15:53:55.0064 5872  C:\Windows\System32\wlanapi.dll - ok
15:53:55.0064 5872  [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
15:53:55.0064 5872  C:\Windows\System32\fveapi.dll - ok
15:53:55.0065 5872  [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
15:53:55.0065 5872  C:\Windows\System32\fvecerts.dll - ok
15:53:55.0065 5872  [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
15:53:55.0065 5872  C:\Windows\System32\taskcomp.dll - ok
15:53:55.0066 5872  [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
15:53:55.0066 5872  C:\Windows\System32\tbs.dll - ok
15:53:55.0066 5872  [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
15:53:55.0066 5872  C:\Windows\System32\UXInit.dll - ok
15:53:55.0067 5872  [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
15:53:55.0067 5872  C:\Windows\System32\wiarpc.dll - ok
15:53:55.0067 5872  [ C71F2B4D0151CFEDE5D405C5D60B6FCE ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
15:53:55.0067 5872  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
15:53:55.0068 5872  [ 11695C9D4ADB2E9C6C5B0B6447F4EAD7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
15:53:55.0068 5872  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
15:53:55.0069 5872  [ DEC53E152E18541D3D585794D99F02B7 ] C:\Windows\System32\nvsvc.dll
15:53:55.0069 5872  C:\Windows\System32\nvsvc.dll - ok
15:53:55.0069 5872  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
15:53:55.0069 5872  C:\Windows\System32\mscms.dll - ok



#4 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 12 February 2013 - 07:36 PM

15:53:55.0070 5872  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll

15:53:55.0070 5872  C:\Windows\System32\winmm.dll - ok

15:53:55.0070 5872  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll

15:53:55.0070 5872  C:\Windows\System32\msimg32.dll - ok

15:53:55.0070 5872  [ CEDE7CB889F5BAE7B6FA90C8BBA79498 ] C:\Windows\System32\nvapi.dll

15:53:55.0070 5872  C:\Windows\System32\nvapi.dll - ok

15:53:55.0071 5872  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll

15:53:55.0071 5872  C:\Windows\System32\imageres.dll - ok

15:53:55.0072 5872  [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

15:53:55.0072 5872  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

15:53:55.0072 5872  [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll

15:53:55.0072 5872  C:\Windows\System32\MPSSVC.dll - ok

15:53:55.0073 5872  [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys

15:53:55.0073 5872  C:\Windows\System32\drivers\http.sys - ok

15:53:55.0073 5872  [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe

15:53:55.0073 5872  C:\Windows\System32\spoolsv.exe - ok

15:53:55.0074 5872  [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL

15:53:55.0074 5872  C:\Windows\System32\BFE.DLL - ok

15:53:55.0074 5872  [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe

15:53:55.0074 5872  C:\Windows\System32\dllhost.exe - ok

15:53:55.0074 5872  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ]
C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

15:53:55.0075 5872 
C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
- ok

15:53:55.0075 5872  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys

15:53:55.0075 5872  C:\Windows\System32\drivers\srvnet.sys - ok

15:53:55.0075 5872  [ 572CBECE3BAA034CD3AF3CBBA5A6F8F2 ] C:\Windows\System32\nvsvcr.dll

15:53:55.0075 5872  C:\Windows\System32\nvsvcr.dll - ok

15:53:55.0076 5872  [ 9BA2B36132A41AEBDA66C1D90F8470C2 ] C:\Windows\System32\nvcpl.dll

15:53:55.0076 5872  C:\Windows\System32\nvcpl.dll - ok

15:53:55.0076 5872  [ 4E78E6587B4D5B014874E5938B3FBF5F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll

15:53:55.0076 5872  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok

15:53:55.0077 5872  [ 3B313DD380E041BE611577D5ADC7DC97 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll

15:53:55.0077 5872  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok

15:53:55.0078 5872  [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll

15:53:55.0078 5872  C:\Windows\System32\IDStore.dll - ok

15:53:55.0080 5872  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys

15:53:55.0080 5872  C:\Windows\System32\drivers\bowser.sys - ok

15:53:55.0080 5872  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys

15:53:55.0080 5872  C:\Windows\System32\drivers\mpsdrv.sys - ok

15:53:55.0081 5872  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys

15:53:55.0081 5872  C:\Windows\System32\drivers\mrxsmb.sys - ok

15:53:55.0082 5872  [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys

15:53:55.0082 5872  C:\Windows\System32\drivers\mrxsmb10.sys - ok

15:53:55.0082 5872  [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys

15:53:55.0082 5872  C:\Windows\System32\drivers\mrxsmb20.sys - ok

15:53:55.0083 5872  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys

15:53:55.0083 5872  C:\Windows\System32\drivers\srv2.sys - ok

15:53:55.0084 5872  [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe

15:53:55.0084 5872  C:\Windows\System32\taskhost.exe - ok

15:53:55.0085 5872  [ 4ED8382D5F1C9D2028FBDA35E3B2DD47 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll

15:53:55.0085 5872  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok

15:53:55.0085 5872  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll

15:53:55.0085 5872  C:\Windows\System32\oleacc.dll - ok

15:53:55.0086 5872  [ 04D603957DA11F2A401D114B7FF9BF36 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll

15:53:55.0086 5872  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok

15:53:55.0086 5872  [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll

15:53:55.0086 5872  C:\Windows\System32\netcfgx.dll - ok

15:53:55.0087 5872  [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

15:53:55.0087 5872  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

15:53:55.0087 5872  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll

15:53:55.0087 5872  C:\Program Files\Bonjour\mdnsNSP.dll - ok

15:53:55.0088 5872  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll

15:53:55.0088 5872  C:\Windows\System32\rasadhlp.dll - ok

15:53:55.0088 5872  [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll

15:53:55.0088 5872  C:\Windows\System32\localspl.dll - ok

15:53:55.0089 5872  [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll

15:53:55.0089 5872  C:\Windows\System32\FXSMON.dll - ok

15:53:55.0089 5872  [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll

15:53:55.0089 5872  C:\Windows\System32\PrintIsolationProxy.dll - ok

15:53:55.0090 5872  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll

15:53:55.0090 5872  C:\Windows\System32\snmpapi.dll - ok

15:53:55.0090 5872  [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll

15:53:55.0090 5872  C:\Windows\System32\spoolss.dll - ok

15:53:55.0091 5872  [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll

15:53:55.0091 5872  C:\Windows\System32\tcpmon.dll - ok

15:53:55.0091 5872  [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll

15:53:55.0091 5872  C:\Windows\System32\usbmon.dll - ok

15:53:55.0092 5872  [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll

15:53:55.0092 5872  C:\Windows\System32\WSDMon.dll - ok

15:53:55.0092 5872  [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll

15:53:55.0092 5872  C:\Windows\System32\wsnmp32.dll - ok

15:53:55.0093 5872  [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll

15:53:55.0093 5872  C:\Windows\System32\WSDApi.dll - ok

15:53:55.0093 5872  [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll

15:53:55.0093 5872  C:\Windows\System32\webservices.dll - ok

15:53:55.0094 5872  [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll

15:53:55.0094 5872  C:\Windows\System32\fundisc.dll - ok

15:53:55.0094 5872  [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll

15:53:55.0094 5872  C:\Windows\System32\fdPnp.dll - ok

15:53:55.0094 5872  [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

15:53:55.0094 5872  C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok

15:53:55.0095 5872  [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll

15:53:55.0095 5872  C:\Windows\System32\win32spl.dll - ok

15:53:55.0095 5872  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll

15:53:55.0095 5872  C:\Windows\System32\cscapi.dll - ok

15:53:55.0096 5872  [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll

15:53:55.0096 5872  C:\Windows\System32\inetpp.dll - ok

15:53:55.0096 5872  [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll

15:53:55.0096 5872  C:\Program Files\Windows Defender\MpEvMsg.dll - ok

15:53:55.0097 5872  [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll

15:53:55.0097 5872  C:\Windows\System32\wkssvc.dll - ok

15:53:55.0097 5872  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys

15:53:55.0097 5872  C:\Windows\System32\drivers\srv.sys - ok

15:53:55.0097 5872  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll

15:53:55.0097 5872  C:\Windows\System32\browser.dll - ok

15:53:55.0098 5872  [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll

15:53:55.0098 5872  C:\Windows\System32\netmsg.dll - ok

15:53:55.0098 5872  [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll

15:53:55.0098 5872  C:\Windows\System32\srvsvc.dll - ok

15:53:55.0099 5872  [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll

15:53:55.0099 5872  C:\Windows\System32\sscore.dll - ok

15:53:55.0099 5872  [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll

15:53:55.0099 5872  C:\Windows\System32\wfapigp.dll - ok

15:53:55.0100 5872  [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll

15:53:55.0100 5872  C:\Windows\System32\pcasvc.dll - ok

15:53:55.0100 5872  [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe

15:53:55.0100 5872  C:\Windows\System32\snmptrap.exe - ok

15:53:55.0101 5872  [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll

15:53:55.0101 5872  C:\Windows\System32\PeerDistSh.dll - ok

15:53:55.0101 5872  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll

15:53:55.0101 5872  C:\Windows\System32\provsvc.dll - ok

15:53:55.0101 5872  [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll

15:53:55.0101 5872  C:\Windows\System32\sstpsvc.dll - ok

15:53:55.0102 5872  [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll

15:53:55.0102 5872  C:\Windows\System32\clusapi.dll - ok

15:53:55.0102 5872  [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll

15:53:55.0102 5872  C:\Windows\System32\HotStartUserAgent.dll - ok

15:53:55.0103 5872  [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll

15:53:55.0103 5872  C:\Windows\System32\resutils.dll - ok

15:53:55.0103 5872  [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe

15:53:55.0103 5872  C:\Windows\System32\AtBroker.exe - ok

15:53:55.0104 5872  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll

15:53:55.0104 5872  C:\Windows\System32\mpr.dll - ok

15:53:55.0104 5872  [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe

15:53:55.0104 5872  C:\Windows\System32\userinit.exe - ok

15:53:55.0104 5872  [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe

15:53:55.0104 5872  C:\Windows\System32\dwm.exe - ok

15:53:55.0105 5872  [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll

15:53:55.0105 5872  C:\Windows\System32\dwmcore.dll - ok

15:53:55.0105 5872  [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll

15:53:55.0105 5872  C:\Windows\System32\dwmredir.dll - ok

15:53:55.0106 5872  [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll

15:53:55.0106 5872  C:\Windows\System32\d3d10_1.dll - ok

15:53:55.0106 5872  [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll

15:53:55.0106 5872  C:\Windows\System32\d3d10_1core.dll - ok

15:53:55.0106 5872  [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll

15:53:55.0107 5872  C:\Windows\System32\dxgi.dll - ok

15:53:55.0107 5872  [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe

15:53:55.0107 5872  C:\Windows\explorer.exe - ok

15:53:55.0107 5872  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys

15:53:55.0107 5872  C:\Windows\System32\drivers\parport.sys - ok

15:53:55.0108 5872  [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll

15:53:55.0108 5872  C:\Windows\System32\PlaySndSrv.dll - ok

15:53:55.0109 5872  [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll

15:53:55.0109 5872  C:\Windows\System32\MsCtfMonitor.dll - ok

15:53:55.0109 5872  [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll

15:53:55.0109 5872  C:\Windows\System32\msutb.dll - ok

15:53:55.0109 5872  [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys

15:53:55.0110 5872  C:\Windows\System32\drivers\fltMgr.sys - ok

15:53:55.0110 5872  [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL

15:53:55.0110 5872  C:\Windows\System32\PSHED.DLL - ok

15:53:55.0110 5872  [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

15:53:55.0110 5872  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

15:53:55.0111 5872  [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe

15:53:55.0111 5872  C:\Windows\System32\taskeng.exe - ok

15:53:55.0112 5872  [ 40035CEA54E7CEBD1A211998C48655FF ] C:\Windows\System32\drivers\tmcomm.sys

15:53:55.0112 5872  C:\Windows\System32\drivers\tmcomm.sys - ok

15:53:55.0113 5872  [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll

15:53:55.0113 5872  C:\Windows\System32\TSChannel.dll - ok

15:53:55.0113 5872  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe

15:53:55.0113 5872  C:\Program Files\Google\Update\GoogleUpdate.exe - ok

15:53:55.0114 5872  [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

15:53:55.0114 5872  C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

15:53:55.0114 5872  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll

15:53:55.0114 5872  C:\Windows\System32\msi.dll - ok

15:53:55.0115 5872  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll

15:53:55.0115 5872  C:\Windows\System32\dbghelp.dll - ok

15:53:55.0115 5872  [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

15:53:55.0115 5872  C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

15:53:55.0116 5872  [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

15:53:55.0116 5872  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

15:53:55.0116 5872  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ]
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll

15:53:55.0116 5872 
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
- ok

15:53:55.0116 5872  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program
Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe

15:53:55.0116 5872  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

15:53:55.0117 5872  [ 7A841462AD4749F8A07B27AE8E8947B8 ] C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

15:53:55.0117 5872  C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe - ok

15:53:55.0117 5872  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ]
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

15:53:55.0117 5872 
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
- ok

15:53:55.0118 5872  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll

15:53:55.0118 5872  C:\Windows\System32\ExplorerFrame.dll - ok

15:53:55.0118 5872  [ C9564CF4976E7E96B4052737AA2492B4 ]
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

15:53:55.0118 5872 
C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
- ok

15:53:55.0119 5872  [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program
Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

15:53:55.0119 5872  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

15:53:55.0119 5872  [ 64894527838C86454E2F378FF39FA336 ] C:\Program
Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

15:53:55.0119 5872  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

15:53:55.0120 5872  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program
Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

15:53:55.0120 5872  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

15:53:55.0120 5872  [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program
Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

15:53:55.0120 5872  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

15:53:55.0121 5872  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll

15:53:55.0121 5872  C:\Windows\System32\wsock32.dll - ok

15:53:55.0121 5872  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

15:53:55.0121 5872  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

15:53:55.0122 5872  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program
Files\Common Files\Apple\Apple Application Support\libdispatch.dll

15:53:55.0122 5872  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

15:53:55.0122 5872  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll

15:53:55.0122 5872  C:\Windows\System32\EhStorShell.dll - ok

15:53:55.0122 5872  [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll

15:53:55.0122 5872  C:\Windows\System32\cscui.dll - ok

15:53:55.0123 5872  [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll

15:53:55.0123 5872  C:\Windows\System32\cscdll.dll - ok

15:53:55.0123 5872  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll

15:53:55.0123 5872  C:\Windows\System32\ntshrui.dll - ok

15:53:55.0124 5872  [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll

15:53:55.0124 5872  C:\Windows\System32\IconCodecService.dll - ok

15:53:55.0124 5872  [ 70BA2ED3DE9080D9ED3C65B7ADE6F653 ] C:\Windows\System32\nvwgf2um.dll

15:53:55.0124 5872  C:\Windows\System32\nvwgf2um.dll - ok

15:53:55.0124 5872  [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program
Files\Common Files\Apple\Apple Application Support\libicuin.dll

15:53:55.0124 5872  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

15:53:55.0125 5872  [ A3609397EF273B03295DBB10274BE12C ] C:\Program
Files\Common Files\Apple\Apple Application Support\libicuuc.dll

15:53:55.0125 5872  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

15:53:55.0125 5872  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program
Files\Common Files\Apple\Apple Application Support\icudt46.dll

15:53:55.0125 5872  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

15:53:55.0126 5872  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

15:53:55.0126 5872  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

15:53:55.0126 5872  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program
Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService_main.dll

15:53:55.0126 5872  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

15:53:55.0127 5872  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll

15:53:55.0127 5872  C:\Windows\System32\dnssd.dll - ok

15:53:55.0127 5872  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program
Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

15:53:55.0127 5872  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

15:53:55.0127 5872  [ F48FEB7DA35821DA15E0B006DCB9A169 ] C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE

15:53:55.0127 5872  C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - ok

15:53:55.0128 5872  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll

15:53:55.0128 5872  C:\Windows\System32\SensApi.dll - ok

15:53:55.0128 5872  [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

15:53:55.0128 5872  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

15:53:55.0129 5872  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program
Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

15:53:55.0129 5872  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

15:53:55.0129 5872  [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program
Files\Common Files\Apple\Apple Application Support\SQLite3.dll

15:53:55.0129 5872  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

15:53:55.0130 5872  [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program
Files\Common Files\Apple\Apple Application Support\libxml2.dll

15:53:55.0130 5872  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

15:53:55.0130 5872  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe

15:53:55.0130 5872  C:\Program Files\Bonjour\mDNSResponder.exe - ok

15:53:55.0130 5872  [ 104C980400850EA84F86CD31AE2EEECE ] C:\Program Files\Broadcom\BPowMon\BPowMon.exe

15:53:55.0130 5872  C:\Program Files\Broadcom\BPowMon\BPowMon.exe - ok

15:53:55.0131 5872  [ B1A11CDDB5F7E7D5C33A416472AAF94C ] C:\Program Files\Broadcom\BPowMon\BMAPI.dll

15:53:55.0131 5872  C:\Program Files\Broadcom\BPowMon\BMAPI.dll - ok

15:53:55.0131 5872  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll

15:53:55.0131 5872  C:\Windows\System32\cryptnet.dll - ok

15:53:55.0132 5872  [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll

15:53:55.0132 5872  C:\Windows\System32\cryptsvc.dll - ok

15:53:55.0132 5872  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll

15:53:55.0132 5872  C:\Windows\System32\dps.dll - ok

15:53:55.0133 5872  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll

15:53:55.0133 5872  C:\Windows\System32\FDResPub.dll - ok

15:53:55.0133 5872  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll

15:53:55.0133 5872  C:\Windows\System32\vssapi.dll - ok

15:53:55.0133 5872  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll

15:53:55.0133 5872  C:\Windows\System32\vsstrace.dll - ok

15:53:55.0134 5872  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll

15:53:55.0134 5872  C:\Windows\System32\webio.dll - ok

15:53:55.0134 5872  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll

15:53:55.0134 5872  C:\Windows\System32\winhttp.dll - ok

15:53:55.0135 5872  [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll

15:53:55.0135 5872  C:\Windows\System32\httpapi.dll - ok

15:53:55.0135 5872  [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll

15:53:55.0135 5872  C:\Windows\System32\uDWM.dll - ok

15:53:55.0135 5872  [ 048B4041190C6A3ED1A182551C7489F4 ] C:\Program Files\Hotspot Shield\bin\openvpnas.exe

15:53:55.0135 5872  C:\Program Files\Hotspot Shield\bin\openvpnas.exe - ok

15:53:55.0136 5872  [ 824F64CDAF0BD8CE9FE6D6F9C4A41F37 ] C:\Program Files\Hotspot Shield\bin\af_proxy.dll

15:53:55.0136 5872  C:\Program Files\Hotspot Shield\bin\af_proxy.dll - ok

15:53:55.0136 5872  [ C7D4D685A0AF2A09CBC21CB474358595 ] C:\Program Files\Hotspot Shield\bin\zlib1.dll

15:53:55.0136 5872  C:\Program Files\Hotspot Shield\bin\zlib1.dll - ok

15:53:55.0137 5872  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll

15:53:55.0137 5872  C:\Windows\System32\NapiNSP.dll - ok

15:53:55.0138 5872  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll

15:53:55.0138 5872  C:\Windows\System32\pnrpnsp.dll - ok

15:53:55.0138 5872  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll

15:53:55.0138 5872  C:\Windows\System32\winrnr.dll - ok

15:53:55.0139 5872  [ 5732B012627C191A7E790A21ED83F4E4 ] C:\Program Files\Hotspot Shield\HssWPR\HssSrv.exe

15:53:55.0139 5872  C:\Program Files\Hotspot Shield\HssWPR\HssSrv.exe - ok

15:53:55.0139 5872  [ 18EE60A306C973E5A94BB27EF40DF55F ] C:\Program Files\Hotspot Shield\bin\hsswd.exe

15:53:55.0139 5872  C:\Program Files\Hotspot Shield\bin\hsswd.exe - ok

15:53:55.0139 5872  [ 5E91ABA9182BC66A5FFC988C3A399152 ] C:\Program Files\Trend Micro\Client Server Security Agent\NTRtScan.exe

15:53:55.0140 5872  C:\Program Files\Trend Micro\Client Server Security Agent\NTRtScan.exe - ok

15:53:55.0140 5872  [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL

15:53:55.0140 5872  C:\Windows\System32\IKEEXT.DLL - ok

15:53:55.0140 5872  [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll

15:53:55.0140 5872  C:\Windows\System32\ncsi.dll - ok

15:53:55.0141 5872  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll

15:53:55.0141 5872  C:\Windows\System32\netman.dll - ok

15:53:55.0141 5872  [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll

15:53:55.0141 5872  C:\Windows\System32\nlasvc.dll - ok

15:53:55.0142 5872  [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll

15:53:55.0142 5872  C:\Windows\System32\ssdpapi.dll - ok

15:53:55.0142 5872  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\System32\pdh.dll

15:53:55.0142 5872  C:\Windows\System32\pdh.dll - ok

15:53:55.0143 5872  [ 1EDE5074C1795AE41C10288FA14A7865 ] C:\Program
Files\Trend Micro\Client Server Security Agent\perfiCrcPerfMonMgr.dll

15:53:55.0143 5872  C:\Program Files\Trend Micro\Client Server Security Agent\perfiCrcPerfMonMgr.dll - ok

15:53:55.0143 5872  [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll

15:53:55.0143 5872  C:\Windows\System32\loadperf.dll - ok

15:53:55.0143 5872  [ D06B7003F0FF54253136817EA41A69DE ] C:\Program Files\Trend Micro\Client Server Security Agent\Vsapi32.dll

15:53:55.0143 5872  C:\Program Files\Trend Micro\Client Server Security Agent\Vsapi32.dll - ok

15:53:55.0144 5872  [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll

15:53:55.0144 5872  C:\Windows\System32\vpnikeapi.dll - ok

15:53:55.0144 5872  [ A467A16D1C4429A90D805CBDBC18493C ] C:\Program
Files\Trend Micro\Client Server Security Agent\FlowControl.dll

15:53:55.0144 5872  C:\Program Files\Trend Micro\Client Server Security Agent\FlowControl.dll - ok

15:53:55.0145 5872  [ 4E034BB197B3D2EA9677326CC8BB4636 ] C:\Program Files\Trend Micro\Client Server Security Agent\OfcDog.dll

15:53:55.0145 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcDog.dll - ok

15:53:55.0145 5872  [ 2AB427108F709702B9EA53FB8DE7279E ] C:\Program
Files\Trend Micro\Client Server Security Agent\OfcPlugInAPI.dll

15:53:55.0145 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPlugInAPI.dll - ok

15:53:55.0146 5872  [ AB0C3F5D2470824C5FCBAB46F16373AB ] C:\Program Files\Trend Micro\Client Server Security Agent\OfcPIPC.dll

15:53:55.0146 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPIPC.dll - ok

15:53:55.0146 5872  [ 47EF5A57E381BEB10E2B7F5983CE0A0B ] C:\Program
Files\Trend Micro\Client Server Security Agent\libCNTProdRes.dll

15:53:55.0146 5872  C:\Program Files\Trend Micro\Client Server Security Agent\libCNTProdRes.dll - ok

15:53:55.0146 5872  [ 01B697CEABA3D4420A3457E6E19EA886 ] C:\Program
Files\Trend Micro\Client Server Security Agent\TimeString.dll

15:53:55.0146 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TimeString.dll - ok

15:53:55.0147 5872  [ 9390DB851E6DF7D900BEA7E3EAE4964C ] C:\Program Files\Trend Micro\Client Server Security Agent\TMBMCLI.dll

15:53:55.0147 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TMBMCLI.dll - ok

15:53:55.0147 5872  [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys

15:53:55.0147 5872  C:\Windows\System32\drivers\PEAuth.sys - ok

15:53:55.0148 5872  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

15:53:55.0148 5872  C:\Windows\System32\drivers\secdrv.sys - ok

15:53:55.0148 5872  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys

15:53:55.0148 5872  C:\Windows\System32\drivers\tcpipreg.sys - ok

15:53:55.0148 5872  [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL

15:53:55.0148 5872  C:\Windows\System32\IPSECSVC.DLL - ok

15:53:55.0149 5872  [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll

15:53:55.0149 5872  C:\Windows\System32\seclogon.dll - ok

15:53:55.0149 5872  [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll

15:53:55.0149 5872  C:\Windows\System32\sysmain.dll - ok

15:53:55.0150 5872  [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll

15:53:55.0150 5872  C:\Windows\System32\wiaservc.dll - ok

15:53:55.0151 5872  [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll

15:53:55.0151 5872  C:\Windows\System32\FwRemoteSvr.dll - ok

15:53:55.0152 5872  [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll

15:53:55.0152 5872  C:\Windows\System32\wiatrace.dll - ok

15:53:55.0152 5872  [ D77606D299993FD6614030AC14F5B762 ] C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe

15:53:55.0152 5872  C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe - ok

15:53:55.0153 5872  [ 0A3A95CA4ABD3ACDE6D294251A53007E ] C:\Program Files\Trend Micro\Client Server Security Agent\NTSvcRes.dll

15:53:55.0153 5872  C:\Program Files\Trend Micro\Client Server Security Agent\NTSvcRes.dll - ok

15:53:55.0153 5872  [ 9487845A1F2353915A19E86B04C0C1B0 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmEngDrv.dll

15:53:55.0153 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmEngDrv.dll - ok

15:53:55.0154 5872  [ 0C6439D9C5F06D693EB3543A501DB6C5 ] C:\Program
Files\Trend Micro\Client Server Security Agent\OfcPlugInMain.dll

15:53:55.0154 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPlugInMain.dll - ok

15:53:55.0154 5872  [ 47E4D18EAFE3D899696DBA5B3EBC99D7 ] C:\Program
Files\Trend Micro\Client Server Security Agent\OfcPluginTray.dll

15:53:55.0154 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPluginTray.dll - ok

15:53:55.0155 5872  [ 2D1EB7F24D044093F26CEAE0234DCFD5 ] C:\Program Files\Trend Micro\Client Server Security Agent\TSC.exe

15:53:55.0155 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TSC.exe - ok

15:53:55.0155 5872  [ B6D850E48243FFDAC79CCF54910F1AA7 ] C:\Program Files\Trend Micro\Client Server Security Agent\libTMAS.dll

15:53:55.0155 5872  C:\Program Files\Trend Micro\Client Server Security Agent\libTMAS.dll - ok

15:53:55.0156 5872  [ 359FAF47313FEE4F2E8A46DC8BE19307 ] C:\Windows\System32\drivers\tmwfp.sys

15:53:55.0156 5872  C:\Windows\System32\drivers\tmwfp.sys - ok

15:53:55.0156 5872  [ A3D20789B3FF0576A29462BEF25BCFCC ] C:\Program
Files\Trend Micro\Client Server Security Agent\Temp\BM_Driver\tmcomm.sys

15:53:55.0156 5872  C:\Program Files\Trend Micro\Client Server Security Agent\Temp\BM_Driver\tmcomm.sys - ok

15:53:55.0157 5872  [ 40035CEA54E7CEBD1A211998C48655FF ] C:\Program Files\Trend Micro\Client Server Security Agent\tmcomm.sys

15:53:55.0157 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmcomm.sys - ok

15:53:55.0157 5872  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll

15:53:55.0157 5872  C:\Windows\System32\trkwks.dll - ok

15:53:55.0157 5872  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

15:53:55.0157 5872  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok

15:53:55.0158 5872  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll

15:53:55.0158 5872  C:\Program Files\Windows Defender\MpSvc.dll - ok

15:53:55.0158 5872  [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll

15:53:55.0158 5872  C:\Windows\System32\wbem\WMIsvc.dll - ok

15:53:55.0159 5872  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL

15:53:55.0159 5872  C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok

15:53:55.0159 5872  [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll

15:53:55.0159 5872  C:\Program Files\Windows Defender\MpClient.dll - ok

15:53:55.0160 5872  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll

15:53:55.0160 5872  C:\Windows\System32\sfc.dll - ok

15:53:55.0160 5872  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll

15:53:55.0160 5872  C:\Windows\System32\sfc_os.dll - ok

15:53:55.0160 5872  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll

15:53:55.0160 5872  C:\Windows\System32\wer.dll - ok

15:53:55.0161 5872  [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll

15:53:55.0161 5872  C:\Windows\System32\esent.dll - ok

15:53:55.0161 5872  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll

15:53:55.0161 5872  C:\Windows\System32\wbemcomn.dll - ok

15:53:55.0162 5872  [ A2C4DC335656FB7A5A3AC076282534CB ] C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe

15:53:55.0162 5872  C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe - ok

15:53:55.0162 5872  [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll

15:53:55.0162 5872  C:\Windows\System32\wbem\WinMgmtR.dll - ok

15:53:55.0163 5872  [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll

15:53:55.0163 5872  C:\Windows\System32\wbem\WmiDcPrv.dll - ok

15:53:55.0163 5872  [ 3C4A14B5592B75067B27904B5C94291F ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\svcGenericHost.exe

15:53:55.0163 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe - ok

15:53:55.0164 5872  [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\System32\icmp.dll

15:53:55.0164 5872  C:\Windows\System32\icmp.dll - ok

15:53:55.0164 5872  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll

15:53:55.0164 5872  C:\Windows\System32\iphlpsvc.dll - ok

15:53:55.0165 5872  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll

15:53:55.0165 5872  C:\Windows\System32\wbem\fastprox.dll - ok

15:53:55.0165 5872  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll

15:53:55.0165 5872  C:\Windows\System32\ntdsapi.dll - ok

15:53:55.0166 5872  [ 9F6A591D97274696A81CE46CE1914C5B ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilDllMgr.dll

15:53:55.0166 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilDllMgr.dll - ok

15:53:55.0166 5872  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll

15:53:55.0166 5872  C:\Windows\System32\wbem\wbemprox.dll - ok

15:53:55.0166 5872  [ C72A32FD271DE2F6334E4AA4526B0DA7 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilCommon.dll

15:53:55.0166 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilCommon.dll - ok

15:53:55.0167 5872  [ 3D310B2DE177DDC0ED09D30E8A891955 ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\utilDebug.dll

15:53:55.0167 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilDebug.dll - ok

15:53:55.0167 5872  [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll

15:53:55.0167 5872  C:\Windows\System32\sqmapi.dll - ok

15:53:55.0168 5872  [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll

15:53:55.0168 5872  C:\Windows\System32\wdscore.dll - ok

15:53:55.0168 5872  [ 9E524EB797A1B6FA6B8C84483DB2CF6A ] C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll

15:53:55.0168 5872  C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll - ok

15:53:55.0169 5872  [ 773F536F2618C81A09AB67E474444860 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilThread.dll

15:53:55.0169 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilThread.dll - ok

15:53:55.0169 5872  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll

15:53:55.0169 5872  C:\Windows\System32\hnetcfg.dll - ok

15:53:55.0170 5872  [ 80584E9BBE6169399879334278B125AE ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilWinPfwCtrlHelper.exe

15:53:55.0170 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilWinPfwCtrlHelper.exe - ok

15:53:55.0170 5872  [ FE51842BF48BAE27301C28A887143B2D ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\PccWFWMo.dll

15:53:55.0170 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\PccWFWMo.dll - ok

15:53:55.0171 5872  [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll

15:53:55.0171 5872  C:\Windows\System32\msxml3.dll - ok

15:53:55.0171 5872  [ 75DB636D4C2AC03ED9657E002F042828 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilConfiguration.dll

15:53:55.0171 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilConfiguration.dll - ok

15:53:55.0171 5872  [ 521891BE5423C64863BD7185E868CD8E ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\utilIPC.dll

15:53:55.0171 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilIPC.dll - ok

15:53:55.0172 5872  [ A39E5B2B9E5F80B5037F5423290D41F2 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe

15:53:55.0172 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe - ok

15:53:55.0172 5872  [ 73226F04E979C3EB6629C336DCC87999 ] C:\Program Files\NETGEAR\WNDA3100v2\wps_api.dll

15:53:55.0172 5872  C:\Program Files\NETGEAR\WNDA3100v2\wps_api.dll - ok

15:53:55.0173 5872  [ 0E8E29B463AA143C4E41B02E28149CE6 ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\utilRPC.dll

15:53:55.0173 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilRPC.dll - ok

15:53:55.0173 5872  [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll

15:53:55.0173 5872  C:\Windows\System32\wbem\wbemcore.dll - ok

15:53:55.0173 5872  [ 889663C354E508354E5B340EE67F6BBD ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilAccessControl.dll

15:53:55.0173 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilAccessControl.dll - ok

15:53:55.0174 5872  [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\System32\activeds.dll

15:53:55.0174 5872  C:\Windows\System32\activeds.dll - ok

15:53:55.0175 5872  [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\System32\adsldpc.dll

15:53:55.0175 5872  C:\Windows\System32\adsldpc.dll - ok

15:53:55.0175 5872  [ 5091D5F23BD3132DABD66C0094948A6E ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\resResources.dll

15:53:55.0175 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\resResources.dll - ok

15:53:55.0176 5872  [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll

15:53:55.0176 5872  C:\Windows\System32\wbem\esscli.dll - ok

15:53:55.0176 5872  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll

15:53:55.0176 5872  C:\Windows\System32\wbem\wbemsvc.dll - ok

15:53:55.0177 5872  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll

15:53:55.0177 5872  C:\Windows\System32\wbem\wmiutils.dll - ok

15:53:55.0177 5872  [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll

15:53:55.0177 5872  C:\Program Files\Windows Defender\MpRTP.dll - ok

15:53:55.0178 5872  [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll

15:53:55.0178 5872  C:\Windows\System32\wbem\repdrvfs.dll - ok

15:53:55.0179 5872  [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll

15:53:55.0179 5872  C:\Windows\System32\tdh.dll - ok

15:53:55.0179 5872  [ 5F4B4BD17FA4C8D03A4D1B5D9FF96641 ]
C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpengine.dll

15:53:55.0179 5872  C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpengine.dll - ok

15:53:55.0180 5872  [ 9C879E1C3B27085FB46EFECCD7120D51 ] C:\Program
Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

15:53:55.0180 5872  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok

15:53:55.0180 5872  [ 5F402D465410ED8409A486E6DF10B464 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\HostedAgent.exe

15:53:55.0180 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe - ok

15:53:55.0181 5872  [ 4C1A82E9362DF1282355FBA3037DF0C4 ]
C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpasbase.vdm

15:53:55.0181 5872  C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpasbase.vdm - ok

15:53:55.0181 5872  [ 7E5345601433F8C57FC74058CE64EF4F ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPac.dll

15:53:55.0181 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPac.dll - ok

15:53:55.0182 5872  [ 7677A5E3A3489AC2650E47DC21482645 ] C:\Program Files\Trend Micro\Client Server Security Agent\libTmCAV.dll

15:53:55.0182 5872  C:\Program Files\Trend Micro\Client Server Security Agent\libTmCAV.dll - ok

15:53:55.0182 5872  [ 62E944B9C803A8BB8D9E54843B8FDA96 ] C:\Program Files\Trend Micro\Client Server Security Agent\PWD.dll

15:53:55.0182 5872  C:\Program Files\Trend Micro\Client Server Security Agent\PWD.dll - ok

15:53:55.0183 5872  [ 83D1A98C5903D4489EEE71B3CAC06A6A ] C:\Program
Files\Trend Micro\Client Server Security Agent\OfcPfwCommon.dll

15:53:55.0183 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwCommon.dll - ok

15:53:55.0183 5872  [ B4BBFA08813FEFED69DF442461856305 ] C:\Program Files\Trend Micro\Client Server Security Agent\ZLib.dll

15:53:55.0183 5872  C:\Program Files\Trend Micro\Client Server Security Agent\ZLib.dll - ok

15:53:55.0183 5872  [ 33DC6F3735A7A274FBAAEF42C902BF1C ] C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.dll

15:53:55.0183 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.dll - ok

15:53:55.0184 5872  [ DFAD8F1C0B4819D9F424C3BA14E12A47 ] C:\Program
Files\Trend Micro\Client Server Security Agent\TmListenShare.dll

15:53:55.0184 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmListenShare.dll - ok

15:53:55.0184 5872  [ 84636201F75E2A8EA8BBF141E88309C1 ] C:\Program
Files\Trend Micro\Client Server Security Agent\libNetCtrl.dll

15:53:55.0184 5872  C:\Program Files\Trend Micro\Client Server Security Agent\libNetCtrl.dll - ok

15:53:55.0185 5872  [ 2CBC4EF0A6A2789300222C7BD4870F6C ] C:\Program Files\Trend Micro\Client Server Security Agent\TmSock.dll

15:53:55.0185 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmSock.dll - ok

15:53:55.0185 5872  [ AAAD098BE3B4753D4082811E13A75C02 ] C:\Program Files\Trend Micro\Client Server Security Agent\PccWFWMo.dll

15:53:55.0185 5872  C:\Program Files\Trend Micro\Client Server Security Agent\PccWFWMo.dll - ok

15:53:55.0186 5872  [ E1016AC59D1B7A9B9404785730AA5203 ] C:\Program Files\Trend Micro\Client Server Security Agent\loadhttp.dll

15:53:55.0186 5872  C:\Program Files\Trend Micro\Client Server Security Agent\loadhttp.dll - ok

15:53:55.0186 5872  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll

15:53:55.0186 5872  C:\Windows\System32\security.dll - ok

15:53:55.0187 5872  [ AB3BDA5672CAA9711684D9389B799B79 ]
C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpasdlta.vdm

15:53:55.0187 5872  C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\mpasdlta.vdm - ok

15:53:55.0187 5872  [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll

15:53:55.0187 5872  C:\Program Files\Windows Defender\MsMpLics.dll - ok

15:53:55.0188 5872  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll

15:53:55.0188 5872  C:\Windows\System32\wscapi.dll - ok

15:53:55.0188 5872  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll

15:53:55.0188 5872  C:\Windows\System32\wscisvif.dll - ok

15:53:55.0189 5872  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll

15:53:55.0189 5872  C:\Windows\System32\wscproxystub.dll - ok

15:53:55.0189 5872  [ 1D5D195A0DFF5B7976A3EB27D56BC6DD ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\MainFlowController.dll

15:53:55.0189 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\MainFlowController.dll - ok

15:53:55.0189 5872  [ E215BD73D61593D50BBE04A7DA46ED71 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilChangeNotification.dll

15:53:55.0189 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilChangeNotification.dll - ok

15:53:55.0190 5872  [ F14C8012D0592AE8CF7002966E6F54B3 ] C:\Program Files\Trend Micro\Client Server Security Agent\zlibwapi.dll

15:53:55.0190 5872  C:\Program Files\Trend Micro\Client Server Security Agent\zlibwapi.dll - ok

15:53:55.0191 5872  [ FCC8F25A5F5A4D6BD57D917DB7A00D78 ] C:\Windows\System32\crtdll.dll

15:53:55.0191 5872  C:\Windows\System32\crtdll.dll - ok

15:53:55.0191 5872  [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll

15:53:55.0191 5872  C:\Windows\System32\dssenh.dll - ok

15:53:55.0191 5872  [ B99E4750D0F3CFD1ABC833F65D893B00 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\ConfigurationManager.dll

15:53:55.0191 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\ConfigurationManager.dll - ok

15:53:55.0192 5872  [ 535159246F87D7B4B41B5F9675E5CB22 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilNetwork.dll

15:53:55.0192 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilNetwork.dll - ok

15:53:55.0192 5872  [ 8596935EF4A8707ED80BF36EAD6A8AB2 ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\Protocol.dll

15:53:55.0192 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\Protocol.dll - ok

15:53:55.0193 5872  [ 0C085CEED0864BCC60F24125677C11F5 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\LicenseManager.dll

15:53:55.0193 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\LicenseManager.dll - ok

15:53:55.0193 5872  [ 9E3BA5D5DDE90B91CE2BB0EAE0222294 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\ServerCommunicator.dll

15:53:55.0193 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\ServerCommunicator.dll - ok

15:53:55.0194 5872  [ CD2B33700E4314A4B432064AF58667FD ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\HttpServer.dll

15:53:55.0194 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\HttpServer.dll - ok

15:53:55.0194 5872  [ 169323F9329F0083A744564C39EA6FA5 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\ClientManager.dll

15:53:55.0194 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\ClientManager.dll - ok

15:53:55.0194 5872  [ B9DEC36270CDA7B896A8285DFB0860AD ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\OfcPfwCommon.dll

15:53:55.0194 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\OfcPfwCommon.dll - ok

15:53:55.0195 5872  [ C92F7ADDE4CC68FB39D3C18881A1B874 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\FlowControl.dll

15:53:55.0195 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\FlowControl.dll - ok

15:53:55.0195 5872  [ 1066A360AE47C9130E8A64982885E1E4 ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\zlib.dll

15:53:55.0195 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\zlib.dll - ok

15:53:55.0196 5872  [ 8556B0A3BC3E76921A0A52090E40A40F ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\loadhttp.dll

15:53:55.0196 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\loadhttp.dll - ok

15:53:55.0196 5872  [ 67A02267F3E0A21E90182E2577167265 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmUpdate.dll

15:53:55.0196 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmUpdate.dll - ok

15:53:55.0197 5872  [ 5C22797A16CAB637F341F7B254EC505A ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\pwd.dll

15:53:55.0197 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\pwd.dll - ok

15:53:55.0197 5872  [ 1B8CCCE397BFE8FE9A7163096866BEE0 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\OemManager.dll

15:53:55.0197 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\OemManager.dll - ok

15:53:55.0198 5872  [ 4D6125E204695F8FE7B4349CBB36321A ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\AgentCommunicator.dll

15:53:55.0198 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\AgentCommunicator.dll - ok

15:53:55.0198 5872  [ 1776C3A8EDB6EFD8634B1F76618CEE13 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\OppManager.dll

15:53:55.0198 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\OppManager.dll - ok

15:53:55.0198 5872  [ BA242016A8FE009D950519C7196EF9FA ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\TopologyManager.dll

15:53:55.0198 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\TopologyManager.dll - ok

15:53:55.0199 5872  [ DAAB0207A458B9A56E4FA182F2ECF5AF ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\LogManager.dll

15:53:55.0199 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\LogManager.dll - ok

15:53:55.0199 5872  [ 775D4AA4C0BAD413ED43376DB0072916 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\StatusManager.dll

15:53:55.0199 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\StatusManager.dll - ok

15:53:55.0200 5872  [ EFC38EDDA83E03936DB6E61A0010DA7B ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\ElectManager.dll

15:53:55.0200 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\ElectManager.dll - ok

15:53:55.0200 5872  [ 5A1B50C473B28DD5D4C745FEC98CFA7C ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\UpdateManager.dll

15:53:55.0200 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\UpdateManager.dll - ok

15:53:55.0201 5872  [ 1628C88D95FDDAA0546671CE1E2C7E68 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\utilSecurity.dll

15:53:55.0201 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\utilSecurity.dll - ok

15:53:55.0201 5872  [ EF540CE769EF87C3A46C8384651340C3 ] C:\Program
Files\Trend Micro\Client Server Security Agent\HostedAgent\OfcPIPC.dll

15:53:55.0201 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\OfcPIPC.dll - ok

15:53:55.0202 5872  [ BBC7D3014547787A290D8868071A1521 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\HostedAgent\SpawnProcessAsCurrentUser.exe

15:53:55.0202 5872  C:\Program Files\Trend Micro\Client Server Security Agent\HostedAgent\SpawnProcessAsCurrentUser.exe - ok

15:53:55.0202 5872  [ AECDC33A731580B9F2982EDF11095E16 ] C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe

15:53:55.0202 5872  C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe - ok

15:53:55.0203 5872  [ 522B733E194380CA3638152116F7CDE3 ] C:\Program
Files\Trend Micro\Client Server Security Agent\libTrendSecure.dll

15:53:55.0203 5872  C:\Program Files\Trend Micro\Client Server Security Agent\libTrendSecure.dll - ok

15:53:55.0203 5872  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll

15:53:55.0203 5872  C:\Windows\System32\oledlg.dll - ok

15:53:55.0204 5872  [ C66EBC39D79B12726E889871B12F2ECE ] C:\Program Files\Trend Micro\Client Server Security Agent\NTMonRes.dll

15:53:55.0204 5872  C:\Program Files\Trend Micro\Client Server Security Agent\NTMonRes.dll - ok

15:53:55.0204 5872  [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll

15:53:55.0204 5872  C:\Windows\System32\wbem\WmiPrvSD.dll - ok

15:53:55.0205 5872  [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll

15:53:55.0205 5872  C:\Windows\System32\ncobjapi.dll - ok

15:53:55.0205 5872  [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll

15:53:55.0205 5872  C:\Windows\System32\wbem\wbemess.dll - ok

15:53:55.0205 5872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll

15:53:55.0205 5872  C:\Windows\System32\wdi.dll - ok

15:53:55.0206 5872  [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll

15:53:55.0206 5872  C:\Windows\System32\appinfo.dll - ok

15:53:55.0206 5872  [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll

15:53:55.0206 5872  C:\Windows\System32\perftrack.dll - ok

15:53:55.0207 5872  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll

15:53:55.0207 5872  C:\Windows\System32\aelupsvc.dll - ok

15:53:55.0207 5872  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll

15:53:55.0207 5872  C:\Windows\System32\hidserv.dll - ok

15:53:55.0208 5872  [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll

15:53:55.0208 5872  C:\Windows\System32\aepic.dll - ok

15:53:55.0208 5872  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll

15:53:55.0208 5872  C:\Windows\System32\npmproxy.dll - ok

15:53:55.0209 5872  [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll

15:53:55.0209 5872  C:\Windows\System32\wpdbusenum.dll - ok

15:53:55.0209 5872  [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll

15:53:55.0209 5872  C:\Windows\System32\diagperf.dll - ok

15:53:55.0210 5872  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll

15:53:55.0210 5872  C:\Windows\System32\PortableDeviceApi.dll - ok

15:53:55.0210 5872  [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll

15:53:55.0210 5872  C:\Windows\System32\mprapi.dll - ok

15:53:55.0210 5872  [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll

15:53:55.0210 5872  C:\Windows\System32\ndiscapCfg.dll - ok

15:53:55.0211 5872  [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll

15:53:55.0211 5872  C:\Windows\System32\rascfg.dll - ok

15:53:55.0211 5872  [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll

15:53:55.0211 5872  C:\Windows\System32\mprmsg.dll - ok

15:53:55.0213 5872  [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll

15:53:55.0213 5872  C:\Windows\System32\PortableDeviceConnectApi.dll - ok

15:53:55.0213 5872  [ 867C301E8B790040AE9CF6486E8041DF ] C:\Windows\System32\drivers\WUDFRd.sys

15:53:55.0213 5872  C:\Windows\System32\drivers\WUDFRd.sys - ok

15:53:55.0213 5872  [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll

15:53:55.0213 5872  C:\Windows\System32\tcpipcfg.dll - ok

15:53:55.0214 5872  [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll

15:53:55.0214 5872  C:\Windows\System32\pnpts.dll - ok

15:53:55.0214 5872  [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll

15:53:55.0214 5872  C:\Windows\System32\Apphlpdm.dll - ok

15:53:55.0215 5872  [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll

15:53:55.0215 5872  C:\Windows\System32\radardt.dll - ok

15:53:55.0215 5872  [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll

15:53:55.0215 5872  C:\Windows\System32\wdiasqmmodule.dll - ok

15:53:55.0216 5872  [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll

15:53:55.0216 5872  C:\Windows\System32\p2pcollab.dll - ok

15:53:55.0217 5872  [ 980B6A5F92B8DB235C4A26728C2BE732 ] C:\Windows\System32\WUDFHost.exe

15:53:55.0217 5872  C:\Windows\System32\WUDFHost.exe - ok

15:53:55.0217 5872  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL

15:53:55.0217 5872  C:\Windows\System32\QAGENTRT.DLL - ok

15:53:55.0217 5872  [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll

15:53:55.0217 5872  C:\Windows\System32\fveui.dll - ok

15:53:55.0218 5872  [ A36F7A256E65D858A7039DB00ADEEBDD ] C:\Windows\System32\WUDFx.dll

15:53:55.0218 5872  C:\Windows\System32\WUDFx.dll - ok

15:53:55.0218 5872  [ 7ABBDC3B08950992D218FA1E52D52A96 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll

15:53:55.0218 5872  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok

15:53:55.0219 5872  [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL

15:53:55.0219 5872  C:\Windows\System32\WMVCORE.DLL - ok

15:53:55.0219 5872  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe

15:53:55.0219 5872  C:\Windows\System32\runonce.exe - ok

15:53:55.0220 5872  [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll

15:53:55.0220 5872  C:\Windows\System32\wshnetbs.dll - ok

15:53:55.0220 5872  [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll

15:53:55.0220 5872  C:\Windows\System32\nci.dll - ok

15:53:55.0221 5872  [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll

15:53:55.0221 5872  C:\Windows\System32\wlaninst.dll - ok

15:53:55.0221 5872  [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll

15:53:55.0221 5872  C:\Windows\System32\wwaninst.dll - ok

15:53:55.0222 5872  [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL

15:53:55.0222 5872  C:\Windows\System32\WMASF.DLL - ok

15:53:55.0222 5872  [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\System32\PortableDeviceClassExtension.dll

15:53:55.0222 5872  C:\Windows\System32\PortableDeviceClassExtension.dll - ok

15:53:55.0223 5872  [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll

15:53:55.0223 5872  C:\Windows\System32\PortableDeviceTypes.dll - ok

15:53:55.0223 5872  [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll

15:53:55.0223 5872  C:\Windows\System32\dimsjob.dll - ok

15:53:55.0224 5872  [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll

15:53:55.0224 5872  C:\Windows\System32\pautoenr.dll - ok

15:53:55.0224 5872  [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll

15:53:55.0224 5872  C:\Windows\System32\certcli.dll - ok

15:53:55.0225 5872  [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll

15:53:55.0225 5872  C:\Windows\System32\CertEnroll.dll - ok

15:53:55.0225 5872  [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll

15:53:55.0225 5872  C:\Windows\System32\netshell.dll - ok

15:53:55.0226 5872  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll

15:53:55.0226 5872  C:\Windows\System32\davclnt.dll - ok

15:53:55.0226 5872  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll

15:53:55.0226 5872  C:\Windows\System32\davhlpr.dll - ok

15:53:55.0227 5872  [ 7AA994D0757EF3FDB4F3F7656E1E4D60 ] C:\Windows\System32\dfscli.dll

15:53:55.0227 5872  C:\Windows\System32\dfscli.dll - ok

15:53:55.0227 5872  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll

15:53:55.0227 5872  C:\Windows\System32\drprov.dll - ok

15:53:55.0228 5872  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll

15:53:55.0228 5872  C:\Windows\System32\ntlanman.dll - ok

15:53:55.0228 5872  [ 665D34ED390424377DE265E2EE71333F ] C:\Program Files\Trend Micro\Client Server Security Agent\tmfbeng.dll

15:53:55.0228 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmfbeng.dll - ok

15:53:55.0229 5872  [ BDE2C0B54F2B36FF0A2E72C4AC8ECD37 ] C:\Program Files\Trend Micro\Client Server Security Agent\PccNT.exe

15:53:55.0229 5872  C:\Program Files\Trend Micro\Client Server Security Agent\PccNT.exe - ok

15:53:55.0229 5872  [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll

15:53:55.0229 5872  C:\Windows\System32\spfileq.dll - ok

15:53:55.0230 5872  [ 44985356FFF4E4EF1F04C59A95CE757C ] C:\Program Files\Hotspot Shield\bin\openvpntray.exe

15:53:55.0230 5872  C:\Program Files\Hotspot Shield\bin\openvpntray.exe - ok

15:53:55.0230 5872  [ 21F215E54770C4BF93EFAF63F58FE57E ] C:\Program
Files\Trend Micro\Client Server Security
Agent\Temp\BM_Driver\tmevtmgr.sys

15:53:55.0230 5872  C:\Program Files\Trend Micro\Client Server Security Agent\Temp\BM_Driver\tmevtmgr.sys - ok

15:53:55.0231 5872  [ C1D5C3CDAA19A9ABD15CAFE9342F1F49 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmevtmgr.sys

15:53:55.0231 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmevtmgr.sys - ok

15:53:55.0231 5872  [ C1D5C3CDAA19A9ABD15CAFE9342F1F49 ] C:\Windows\System32\drivers\tmevtmgr.sys

15:53:55.0231 5872  C:\Windows\System32\drivers\tmevtmgr.sys - ok

15:53:55.0232 5872  [ CA9E9C2C04A198ED345C1752222A5F3E ] C:\Program
Files\Trend Micro\Client Server Security
Agent\Temp\BM_Driver\tmactmon.sys

15:53:55.0232 5872  C:\Program Files\Trend Micro\Client Server Security Agent\Temp\BM_Driver\tmactmon.sys - ok

15:53:55.0232 5872  [ AD90AF229517AADD7C29DDC2F606730B ] C:\Program Files\Trend Micro\Client Server Security Agent\tmactmon.sys

15:53:55.0232 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmactmon.sys - ok

15:53:55.0232 5872  [ AD90AF229517AADD7C29DDC2F606730B ] C:\Windows\System32\drivers\tmactmon.sys

15:53:55.0232 5872  C:\Windows\System32\drivers\tmactmon.sys - ok

15:53:55.0233 5872  [ 9390DB851E6DF7D900BEA7E3EAE4964C ] C:\Program Files\Trend Micro\BM\TMBMCLI.dll

15:53:55.0233 5872  C:\Program Files\Trend Micro\BM\TMBMCLI.dll - ok

15:53:55.0233 5872  [ 69E7DF29EDB32441F14BB77E338E68CD ] C:\Program Files\Trend Micro\Client Server Security Agent\TMBMSRV.exe

15:53:55.0233 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TMBMSRV.exe - ok

15:53:55.0234 5872  [ 69E7DF29EDB32441F14BB77E338E68CD ] C:\Program Files\Trend Micro\BM\TMBMSRV.exe

15:53:55.0234 5872  C:\Program Files\Trend Micro\BM\TMBMSRV.exe - ok

15:53:55.0234 5872  [ FB0D2079D03C598234DC80A7990B666E ] C:\Program Files\Trend Micro\Client Server Security Agent\tmcomeng.dll

15:53:55.0234 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmcomeng.dll - ok

15:53:55.0235 5872  [ FB0D2079D03C598234DC80A7990B666E ] C:\Program Files\Trend Micro\BM\tmcomeng.dll

15:53:55.0235 5872  C:\Program Files\Trend Micro\BM\tmcomeng.dll - ok

15:53:55.0235 5872  [ 9487845A1F2353915A19E86B04C0C1B0 ] C:\Program Files\Trend Micro\BM\TmEngDrv.dll

15:53:55.0235 5872  C:\Program Files\Trend Micro\BM\TmEngDrv.dll - ok

15:53:55.0236 5872  [ 421E95D4BC0C5C9B9D0878EDF3154A82 ] C:\Program Files\Trend Micro\BM\tmtap.dll

15:53:55.0236 5872  C:\Program Files\Trend Micro\BM\tmtap.dll - ok

15:53:55.0236 5872  [ 421E95D4BC0C5C9B9D0878EDF3154A82 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmtap.dll

15:53:55.0236 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmtap.dll - ok

15:53:55.0237 5872  [ 8EE6B3EEDC07F7CE07FBEDBF46815ABB ] C:\Program Files\Trend Micro\Client Server Security Agent\tmufeng.dll

15:53:55.0237 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmufeng.dll - ok

15:53:55.0237 5872  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll

15:53:55.0237 5872  C:\Windows\AppPatch\AcLayers.dll - ok

15:53:55.0237 5872  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe

15:53:55.0237 5872  C:\Windows\System32\rundll32.exe - ok

15:53:55.0238 5872  [ EA97A61D587A0081E46E65A69BD69489 ] C:\Program
Files\Trend Micro\Client Server Security Agent\OfcTmProxy.dll

15:53:55.0238 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcTmProxy.dll - ok

15:53:55.0238 5872  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe

15:53:55.0238 5872  C:\Windows\System32\cmd.exe - ok

15:53:55.0239 5872  [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll

15:53:55.0239 5872  C:\Windows\System32\ieframe.dll - ok

15:53:55.0239 5872  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll

15:53:55.0239 5872  C:\Windows\System32\shdocvw.dll - ok

15:53:55.0240 5872  [ 178A34E5554DCE485E1262DDF027960C ]
C:\Users\akeele\AppData\Local\Temp\A54F5BF6-9B2E-4539-A3DB-569982EF25DF.exe

15:53:55.0240 5872  C:\Users\akeele\AppData\Local\Temp\A54F5BF6-9B2E-4539-A3DB-569982EF25DF.exe - ok

15:53:55.0240 5872  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll

15:53:55.0240 5872  C:\Windows\System32\cabinet.dll - ok

15:53:55.0241 5872  [ 1A2F2D638BD8FA736BB06F60C17783FE ] C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.dll

15:53:55.0241 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.dll - ok

15:53:55.0241 5872  [ 8EE6B3EEDC07F7CE07FBEDBF46815ABB ] C:\Program Files\Trend Micro\BM\tmufeng.dll

15:53:55.0241 5872  C:\Program Files\Trend Micro\BM\tmufeng.dll - ok

15:53:55.0241 5872  [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll

15:53:55.0241 5872  C:\Windows\System32\pnidui.dll - ok

15:53:55.0242 5872  [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll

15:53:55.0242 5872  C:\Windows\System32\wmp.dll - ok

15:53:55.0242 5872  [ 57C82882C4115360D3592F335B323572 ] C:\PROGRA~1\TRENDM~1\CLIENT~1\TmpxCfg.dll

15:53:55.0242 5872  C:\PROGRA~1\TRENDM~1\CLIENT~1\TmpxCfg.dll - ok

15:53:55.0243 5872  [ 5F7F63884A8547981EE379B8C0FB3312 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmtdi.sys

15:53:55.0243 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmtdi.sys - ok

15:53:55.0243 5872  [ C871D384C78B9E87876FFF9C1690F1ED ] C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe

15:53:55.0243 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe - ok

15:53:55.0244 5872  [ 3BCE9A7276D6D4E01DBF51569C2E79D4 ] C:\Program
Files\Trend Micro\Client Server Security
Agent\utilPfwInstCondChecker.exe

15:53:55.0244 5872  C:\Program Files\Trend Micro\Client Server Security Agent\utilPfwInstCondChecker.exe - ok

15:53:55.0244 5872  [ B7820BC5C34A848627ECAF99803DC2CF ] C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.dll

15:53:55.0244 5872  C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.dll - ok

15:53:55.0245 5872  [ 6E91671ED475D113D15F34312CD54B47 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwApi.dll

15:53:55.0245 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwApi.dll - ok

15:53:55.0245 5872  [ BF7DDBE14FA4B68AAB6A3C78EF5C96B8 ] C:\Windows\System32\inetmib1.dll

15:53:55.0245 5872  C:\Windows\System32\inetmib1.dll - ok

15:53:55.0245 5872  [ 20DFB632BDD7FF2CD57B46713953AC3A ] C:\Program Files\Trend Micro\Client Server Security Agent\TMLWF.sys

15:53:55.0245 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TMLWF.sys - ok

15:53:55.0246 5872  [ 359FAF47313FEE4F2E8A46DC8BE19307 ] C:\Program Files\Trend Micro\Client Server Security Agent\TMWFP.sys

15:53:55.0246 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TMWFP.sys - ok

15:53:55.0246 5872  [ E346C5524B23449E5A704FAC8E94CDE6 ] C:\Program Files\Trend Micro\Client Server Security Agent\TM_CFW.sys

15:53:55.0246 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TM_CFW.sys - ok

15:53:55.0247 5872  [ B9EFEC15F0D8825E246FF0D7ECD2CE78 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe

15:53:55.0247 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe - ok

15:53:55.0247 5872  [ 4F0A3C1562C0AC89BAAF91F02307573C ] C:\Program Files\Trend Micro\Client Server Security Agent\tmpem.dll

15:53:55.0247 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmpem.dll - ok

15:53:55.0248 5872  [ 4F0A3C1562C0AC89BAAF91F02307573C ] C:\Program Files\Trend Micro\BM\tmpem.dll

15:53:55.0248 5872  C:\Program Files\Trend Micro\BM\tmpem.dll - ok

15:53:55.0248 5872  [ FB5FA51E6F33784E6523E1AE4109EF1F ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwCtl.dll

15:53:55.0248 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwCtl.dll - ok

15:53:55.0248 5872  [ F7199005D30C0ABBD16920F2ECD8C7E1 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmwfpapi.dll

15:53:55.0248 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmwfpapi.dll - ok

15:53:55.0249 5872  [ 8CB1E1C6CEC597DAE5AF16E78F975250 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmHash.dll

15:53:55.0249 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmHash.dll - ok

15:53:55.0249 5872  [ 6B068F76BC8CB5319F884481A54A877A ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwLog.dll

15:53:55.0249 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwLog.dll - ok

15:53:55.0250 5872  [ 7617F042FB9F57A22D5EAECD871C43FF ] C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwRul.dll

15:53:55.0250 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmPfwRul.dll - ok

15:53:55.0250 5872  [ 7E0AB74553476622FB6AE36F73D97D35 ] C:\Windows\System32\drivers\fastfat.sys

15:53:55.0250 5872  C:\Windows\System32\drivers\fastfat.sys - ok

15:53:55.0250 5872  [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

15:53:55.0250 5872  C:\Windows\System32\ie4uinit.exe - ok

15:53:55.0251 5872  [ 03642BEEF14CF12D535E79A2A9BD4595 ] C:\Program Files\Trend Micro\Client Server Security Agent\ssapi32.dll

15:53:55.0251 5872  C:\Program Files\Trend Micro\Client Server Security Agent\ssapi32.dll - ok

15:53:55.0251 5872  [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

15:53:55.0251 5872  C:\Windows\System32\iedkcs32.dll - ok

15:53:55.0252 5872  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll

15:53:55.0252 5872  C:\Windows\System32\shfolder.dll - ok

15:53:55.0252 5872  [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\System32\themeui.dll

15:53:55.0252 5872  C:\Windows\System32\themeui.dll - ok

15:53:55.0253 5872  [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl

15:53:55.0253 5872  C:\Windows\System32\timedate.cpl - ok

15:53:55.0253 5872  [ 5B37190F79F5D63C1033ED88C006080C ] C:\Windows\System32\occache.dll

15:53:55.0253 5872  C:\Windows\System32\occache.dll - ok

15:53:55.0254 5872  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll

15:53:55.0254 5872  C:\Windows\System32\actxprxy.dll - ok

15:53:55.0254 5872  [ 5E034AF21740AD674A5EECE2B7F434C3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax.dll

15:53:55.0254 5872  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax.dll - ok

15:53:55.0254 5872  [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

15:53:55.0254 5872  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok

15:53:55.0255 5872  [ 4017DE4D10D56427720631256316056E ] C:\Program Files\Trend Micro\Client Server Security Agent\PccNTRes.dll

15:53:55.0255 5872  C:\Program Files\Trend Micro\Client Server Security Agent\PccNTRes.dll - ok

15:53:55.0255 5872  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll

15:53:55.0255 5872  C:\Windows\System32\linkinfo.dll - ok

15:53:55.0256 5872  [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll

15:53:55.0256 5872  C:\Windows\System32\aeevts.dll - ok

15:53:55.0256 5872  [ 07B74B353CEDA9629092AE2AA3C53F90 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll

15:53:55.0256 5872  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok

15:53:55.0257 5872  [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll

15:53:55.0257 5872  C:\Windows\System32\gameux.dll - ok

15:53:55.0257 5872  [ 716CCAD4089663248F1D98B1FE3BB234 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll

15:53:55.0257 5872  C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok

15:53:55.0258 5872  [ F5F08BF486998EFA8171CB09065B15D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll

15:53:55.0258 5872  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok

15:53:55.0258 5872  [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\System32\Wpc.dll

15:53:55.0258 5872  C:\Windows\System32\Wpc.dll - ok

15:53:55.0259 5872  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll

15:53:55.0259 5872  C:\Windows\System32\msftedit.dll - ok

15:53:55.0259 5872  [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

15:53:55.0259 5872  C:\Windows\System32\msls31.dll - ok

15:53:55.0260 5872  [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

15:53:55.0260 5872  C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

15:53:55.0260 5872  [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll

15:53:55.0260 5872  C:\Windows\System32\DeviceCenter.dll - ok

15:53:55.0261 5872  [ 0EE886B38B4A4BC23338887005AB8F29 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

15:53:55.0261 5872  C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - ok

15:53:55.0261 5872  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll

15:53:55.0261 5872  C:\Windows\System32\dsound.dll - ok

15:53:55.0261 5872  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

15:53:55.0261 5872  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

15:53:55.0262 5872  [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program
Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

15:53:55.0262 5872  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

15:53:55.0263 5872  [ E774F875819DEE4A312A921A88F779FE ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe

15:53:55.0263 5872  C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok

15:53:55.0263 5872  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll

15:53:55.0263 5872  C:\Windows\System32\networkexplorer.dll - ok

15:53:55.0264 5872  [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

15:53:55.0264 5872  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

15:53:55.0264 5872  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll

15:53:55.0264 5872  C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok

15:53:55.0265 5872  [ CFE4BD7C25A750D71A5BD2390953BEB6 ] C:\Program Files\Microsoft IntelliType Pro\itype.exe

15:53:55.0265 5872  C:\Program Files\Microsoft IntelliType Pro\itype.exe - ok

15:53:55.0265 5872  [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program
Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

15:53:55.0265 5872  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

15:53:55.0265 5872  [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll

15:53:55.0265 5872  C:\Windows\System32\thumbcache.dll - ok

15:53:55.0266 5872  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll

15:53:55.0266 5872  C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll - ok

15:53:55.0266 5872  [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll

15:53:55.0266 5872  C:\Windows\System32\mshtml.dll - ok

15:53:55.0267 5872  [ DB001FAEA818AE2E14A74E0ADC530FC0 ]
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll

15:53:55.0267 5872 
C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
- ok

15:53:55.0267 5872  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll

15:53:55.0267 5872  C:\Windows\System32\msiltcfg.dll - ok

15:53:55.0267 5872  [ 6619FBECBF8AD8148AD0B9EAA6B939B2 ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll

15:53:55.0267 5872  C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok

15:53:55.0268 5872  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe

15:53:55.0268 5872  C:\Program Files\QuickTime\QTTask.exe - ok

15:53:55.0268 5872  [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files\iTunes\iTunesHelper.exe

15:53:55.0268 5872  C:\Program Files\iTunes\iTunesHelper.exe - ok

15:53:55.0269 5872  [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files\iTunes\iTunesHelper.dll

15:53:55.0269 5872  C:\Program Files\iTunes\iTunesHelper.dll - ok

15:53:55.0269 5872  [ 8A4AC2F86CED71C0FCD476052C5EF53B ] C:\Program
Files\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe

15:53:55.0269 5872  C:\Program Files\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe - ok

15:53:55.0270 5872  [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll

15:53:55.0270 5872  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

15:53:55.0270 5872  [ E97BC7718923E0B9EF6C10984D4E759A ] C:\Program Files\Microsoft IntelliPoint\ipres.dll

15:53:55.0270 5872  C:\Program Files\Microsoft IntelliPoint\ipres.dll - ok

15:53:55.0271 5872  [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe

15:53:55.0271 5872  C:\Program Files\Windows Sidebar\sidebar.exe - ok

15:53:55.0271 5872  [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program
Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

15:53:55.0271 5872  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

15:53:55.0272 5872  [ 4458989C34FA84B5A75DD3ABCFBE786A ] C:\Program Files\Pando Networks\Media Booster\PMB.exe

15:53:55.0272 5872  C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok

15:53:55.0272 5872  [ 8B479D31BBBDB6CE41F443618CA868B8 ] C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll

15:53:55.0272 5872  C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll - ok

15:53:55.0272 5872  [ AD531584A515E6F41253FD0424877D87 ] C:\Users\akeele\AppData\Local\System RankException\DevnetPlay.dll

15:53:55.0272 5872  C:\Users\akeele\AppData\Local\System RankException\DevnetPlay.dll - ok

15:53:55.0273 5872  [ 84156844ED42CB621ED29A686A095953 ] C:\Users\akeele\AppData\Local\Apple Computer\ahbgslne.dll

15:53:55.0273 5872  C:\Users\akeele\AppData\Local\Apple Computer\ahbgslne.dll - ok

15:53:55.0273 5872  [ 327477FD1853EDD05E8A02E1960092BD ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll

15:53:55.0273 5872  C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok

15:53:55.0274 5872  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll

15:53:55.0274 5872  C:\Windows\System32\msimtf.dll - ok

15:53:55.0274 5872  [ 904991696B997C540EFF553B5E775809 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll

15:53:55.0274 5872  C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok

15:53:55.0275 5872  [ 14EC25DF073B3A88E5CCB71BC8D3FCB0 ] C:\Program Files\Hotspot Shield\bin\vistahlp.dll

15:53:55.0275 5872  C:\Program Files\Hotspot Shield\bin\vistahlp.dll - ok

15:53:55.0275 5872  [ 23754E13C135B321D39A6F66A4032D11 ] C:\Program Files\Microsoft IntelliPoint\srres.dll

15:53:55.0275 5872  C:\Program Files\Microsoft IntelliPoint\srres.dll - ok

15:53:55.0276 5872  [ 24879003FEDF924A3681AA6AB0E1A2E8 ] C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe

15:53:55.0276 5872  C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe - ok

15:53:55.0276 5872  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll

15:53:55.0276 5872  C:\Windows\System32\AudioSes.dll - ok

15:53:55.0276 5872  [ 53EA398343BCEE4F3E349F192D197569 ] C:\Users\akeele\AppData\Roaming\rvdobv.dll

15:53:55.0276 5872  C:\Users\akeele\AppData\Roaming\rvdobv.dll - ok

15:53:55.0277 5872  [ E67D2876E0892FFF0CF3B4B4630C8E4C ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll

15:53:55.0277 5872  C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok

15:53:55.0277 5872  [ 3391418529AC20521EADAD4F23AF20B0 ] C:\Users\akeele\AppData\Roaming\rkcap.dll

15:53:55.0277 5872  C:\Users\akeele\AppData\Roaming\rkcap.dll - ok

15:53:55.0278 5872  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll

15:53:55.0278 5872  C:\Windows\System32\mlang.dll - ok

15:53:55.0278 5872  [ D4876B4AEDD66825DBC5FB579005E420 ] C:\Program Files\Microsoft IntelliType Pro\itres.dll

15:53:55.0278 5872  C:\Program Files\Microsoft IntelliType Pro\itres.dll - ok

15:53:55.0279 5872  [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll

15:53:55.0279 5872  C:\Windows\System32\stobject.dll - ok

15:53:55.0279 5872  [ C0FD64EB5824071B6B5683AAFDB2C60C ] C:\Program Files\Pando Networks\Media Booster\nss3.dll

15:53:55.0279 5872  C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok

15:53:55.0279 5872  [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll

15:53:55.0279 5872  C:\Windows\System32\jscript9.dll - ok

15:53:55.0280 5872  [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll

15:53:55.0280 5872  C:\Windows\System32\batmeter.dll - ok

15:53:55.0280 5872  [ 4F69AABB5D82AA4EF6DFF7871212ADF6 ] C:\Program Files\Mozilla Firefox\firefox.exe

15:53:55.0280 5872  C:\Program Files\Mozilla Firefox\firefox.exe - ok

15:53:55.0281 5872  [ 9F539C0FFC1D7950FD84CBBE0E941AC2 ] C:\Program Files\Microsoft IntelliType Pro\srres.dll

15:53:55.0281 5872  C:\Program Files\Microsoft IntelliType Pro\srres.dll - ok

15:53:55.0281 5872  [ D1AE6648BB68F9275652E8EDBC32B914 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll

15:53:55.0281 5872  C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok

15:53:55.0282 5872  [ 82C2CEA9AFA85E483481374621DAE39E ] C:\Program Files\Pando Networks\Media Booster\plds4.dll

15:53:55.0282 5872  C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok

15:53:55.0282 5872  [ BF8650D4FEFB972A4A6A5FFC1F41C38C ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

15:53:55.0282 5872  C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok

15:53:55.0282 5872  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

15:53:55.0282 5872  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok

15:53:55.0283 5872  [ E37857FF2E9B95D1C70DF2F68DBBBD2F ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll

15:53:55.0283 5872  C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok

15:53:55.0283 5872  [ 845CF7392F441441920D416703A345E8 ] C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe

15:53:55.0283 5872  C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe - ok

15:53:55.0284 5872  [ 5D7542A68AA96C3B69AF1086318AAC54 ] C:\Program Files\Pando Networks\Media Booster\smime3.dll

15:53:55.0284 5872  C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok

15:53:55.0284 5872  [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program
Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

15:53:55.0284 5872  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

15:53:55.0284 5872  [ AC8F0ED53A2D872AE3C7DB55D769349B ] C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll

15:53:55.0284 5872  C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll - ok

15:53:55.0285 5872  [ EE3920731FDEAA8CD2D4B218B03B23D0 ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll

15:53:55.0285 5872  C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok

15:53:55.0285 5872  [ F8D269CB2EDD02963ADAB1065352487D ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll

15:53:55.0285 5872  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok

15:53:55.0286 5872  [ 0EDEE4F10B9201C9DA951FECE180CC8A ] C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

15:53:55.0286 5872  C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe - ok

15:53:55.0286 5872  [ 0993AB4DC534B208C5557D0586195589 ] C:\Program Files\Mozilla Firefox\mozglue.dll

15:53:55.0286 5872  C:\Program Files\Mozilla Firefox\mozglue.dll - ok

15:53:55.0287 5872  [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll

15:53:55.0287 5872  C:\Windows\System32\d2d1.dll - ok

15:53:55.0287 5872  [ D101D9B8D4AE92AA657DD45B17148243 ] C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll

15:53:55.0287 5872  C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll - ok

15:53:55.0288 5872  [ 5AA4DF6CD3C96086955064BEC1CD0C9B ] C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

15:53:55.0288 5872  C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

15:53:55.0288 5872  [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll

15:53:55.0288 5872  C:\Windows\System32\DWrite.dll - ok

15:53:55.0288 5872  [ D0C7442DBC1A718E31BD5FBA24E62F73 ] C:\Program
Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll

15:53:55.0288 5872  C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll - ok

15:53:55.0289 5872  [ 83AE0B1E4245156C874688945FD898F9 ] C:\Program Files\Microsoft Games\Age of Empires III\age3.exe

15:53:55.0289 5872  C:\Program Files\Microsoft Games\Age of Empires III\age3.exe - ok

15:53:55.0289 5872  [ 293250CB785A8C75FBA7D8AA9C000A69 ] C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe

15:53:55.0289 5872  C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe - ok

15:53:55.0290 5872  [ BC0E700689FE5A80584B9F7390844DDA ] C:\Program Files\StarCraft II\Support\Blizzard Updater.exe

15:53:55.0290 5872  C:\Program Files\StarCraft II\Support\Blizzard Updater.exe - ok

15:53:55.0290 5872  [ 1DB96E66ABE95EE09734FDE692BF01DA ] C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\clokspl.exe

15:53:55.0290 5872  C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\clokspl.exe - ok

15:53:55.0291 5872  [ 2DD574F00DC391B361FB0BC79C9C63DA ] C:\Program Files\Microsoft Office\Office12\CLVIEW.EXE

15:53:55.0291 5872  C:\Program Files\Microsoft Office\Office12\CLVIEW.EXE - ok

15:53:55.0291 5872  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv

15:53:55.0291 5872  C:\Windows\System32\wdmaud.drv - ok

15:53:55.0292 5872  [ E8A39D41474BE42FD8830CED32932D6C ] C:\Program Files\iPod\bin\iPodService.exe

15:53:55.0292 5872  C:\Program Files\iPod\bin\iPodService.exe - ok

15:53:55.0292 5872  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll

15:53:55.0292 5872  C:\Windows\System32\ksuser.dll - ok

15:53:55.0292 5872  [ 1543F92276820B61692740C480C9DEB0 ] C:\Program Files\Sierra\Empire Earth II\EE2.exe

15:53:55.0292 5872  C:\Program Files\Sierra\Empire Earth II\EE2.exe - ok

15:53:55.0293 5872  [ 678E273E2FECC9535E571BB3AAF17961 ]
C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\offreg.dll

15:53:55.0293 5872  C:\ProgramData\Microsoft\Windows Defender\Definition
Updates\{EBBF50B3-7464-4BFA-98F7-5C18A82CE2A2}\offreg.dll - ok

15:53:55.0293 5872  [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll

15:53:55.0293 5872  C:\Windows\System32\wbem\NCProv.dll - ok

15:53:55.0294 5872  [ 4612B0E54FF1955B76BD7E22F8B0FA97 ] C:\Windows\System32\RTCOM\RtkCfg.dll

15:53:55.0294 5872  C:\Windows\System32\RTCOM\RtkCfg.dll - ok

15:53:55.0294 5872  [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv

15:53:55.0294 5872  C:\Windows\System32\msacm32.drv - ok

15:53:55.0295 5872  [ 280013E1CA1A648A6B896D884CC46601 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

15:53:55.0295 5872  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

15:53:55.0295 5872  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll

15:53:55.0295 5872  C:\Windows\System32\msacm32.dll - ok

15:53:55.0295 5872  [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll

15:53:55.0295 5872  C:\Windows\System32\midimap.dll - ok

15:53:55.0296 5872  [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll

15:53:55.0296 5872  C:\Windows\System32\prnfldr.dll - ok

15:53:55.0296 5872  [ 7DF0DECD3006B8BA450AEC714086FF3C ] C:\Program
Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

15:53:55.0296 5872  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

15:53:55.0297 5872  [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll

15:53:55.0297 5872  C:\Windows\System32\wersvc.dll - ok

15:53:55.0297 5872  [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\System32\WerFault.exe

15:53:55.0297 5872  C:\Windows\System32\WerFault.exe - ok

15:53:55.0298 5872  [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll

15:53:55.0298 5872  C:\Windows\System32\fdProxy.dll - ok

15:53:55.0298 5872  [ AC77904CDF9F134F69EFFE24746EAC42 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmpxHelp.dll

15:53:55.0298 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmpxHelp.dll - ok

15:53:55.0298 5872  [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll

15:53:55.0298 5872  C:\Windows\System32\AudioEng.dll - ok

15:53:55.0299 5872  [ C85AA9C0398E4A048B6364B392E5FC4A ] C:\Program Files\Trend Micro\Client Server Security Agent\tmtdi.dll

15:53:55.0299 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmtdi.dll - ok

15:53:55.0300 5872  [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll

15:53:55.0300 5872  C:\Windows\System32\DXP.dll - ok

15:53:55.0300 5872  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll

15:53:55.0300 5872  C:\Windows\System32\FntCache.dll - ok

15:53:55.0300 5872  [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll

15:53:55.0300 5872  C:\Windows\System32\Syncreg.dll - ok

15:53:55.0301 5872  [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll

15:53:55.0301 5872  C:\Windows\ehome\ehSSO.dll - ok

15:53:55.0301 5872  [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\System32\Faultrep.dll

15:53:55.0301 5872  C:\Windows\System32\Faultrep.dll - ok

15:53:55.0302 5872  [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll

15:53:55.0302 5872  C:\Windows\System32\AUDIOKSE.dll - ok

15:53:55.0302 5872  [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll

15:53:55.0302 5872  C:\Windows\System32\d3d10warp.dll - ok

15:53:55.0303 5872  [ 62CE9F1AA44D13E8DE79B99DFF7DB65C ] C:\Program Files\Trend Micro\Client Server Security Agent\TmpxHash.dll

15:53:55.0303 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmpxHash.dll - ok

15:53:55.0303 5872  [ 13ACDB4CD9AE18911A9770FBFDCCD8B7 ] C:\Windows\System32\MBWrp32.dll

15:53:55.0303 5872  C:\Windows\System32\MBWrp32.dll - ok

15:53:55.0304 5872  [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll

15:53:55.0304 5872  C:\Windows\System32\WPDShServiceObj.dll - ok

15:53:55.0304 5872  [ 68F7DF818CB60B31AE1ECB74206500F6 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmsmIm.dll

15:53:55.0304 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmsmIm.dll - ok

15:53:55.0305 5872  [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe

15:53:55.0305 5872  C:\Windows\System32\SearchIndexer.exe - ok

15:53:55.0305 5872  [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll

15:53:55.0305 5872  C:\Windows\System32\cscobj.dll - ok

15:53:55.0306 5872  [ 466DE4864089FE6631AA9B2C37F1C44A ] C:\Program Files\Trend Micro\Client Server Security Agent\TmpePDP.dll

15:53:55.0306 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmpePDP.dll - ok

15:53:55.0306 5872  [ 47BB23927747B934C6690F86C33E3C16 ] C:\Windows\System32\fthsvc.dll

15:53:55.0306 5872  C:\Windows\System32\fthsvc.dll - ok

15:53:55.0307 5872  [ 75B758B52E17D39AF9E4625A0387AF8E ] C:\Windows\System32\MBAPO32.dll

15:53:55.0307 5872  C:\Windows\System32\MBAPO32.dll - ok

15:53:55.0307 5872  [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\System32\dbgeng.dll

15:53:55.0307 5872  C:\Windows\System32\dbgeng.dll - ok

15:53:55.0307 5872  [ AF8A661F10A8ED44178DE94D623AC0D7 ] C:\Program Files\Trend Micro\Client Server Security Agent\tmcfscan.dll

15:53:55.0307 5872  C:\Program Files\Trend Micro\Client Server Security Agent\tmcfscan.dll - ok

15:53:55.0308 5872  [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll

15:53:55.0308 5872  C:\Windows\System32\srchadmin.dll - ok

15:53:55.0308 5872  [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll

15:53:55.0308 5872  C:\Windows\System32\tquery.dll - ok

15:53:55.0309 5872  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\23836087.sys

15:53:55.0309 5872  C:\Windows\System32\drivers\23836087.sys - ok

15:53:55.0309 5872  [ BD814E32727335BA88FE6471DB7A414E ] C:\Windows\System32\RtkAPO.dll

15:53:55.0309 5872  C:\Windows\System32\RtkAPO.dll - ok

15:53:55.0309 5872  [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll

15:53:55.0309 5872  C:\Windows\System32\ActionCenter.dll - ok

15:53:55.0310 5872  [ FFCE5D826891BAB3814A235BEAC0AD79 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmphAim.dll

15:53:55.0310 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmphAim.dll - ok

15:53:55.0310 5872  [ 84897874906481E0B3F4045DAD90D69F ] C:\Windows\System32\FirewallControlPanel.dll

15:53:55.0310 5872  C:\Windows\System32\FirewallControlPanel.dll - ok

15:53:55.0311 5872  [ D3F147535D4290502C3C46C34BA1444C ] C:\Program Files\Trend Micro\Client Server Security Agent\TmsmHttp.dll

15:53:55.0311 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmsmHttp.dll - ok

15:53:55.0311 5872  [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\System32\perfctrs.dll

15:53:55.0311 5872  C:\Windows\System32\perfctrs.dll - ok

15:53:55.0312 5872  [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll

15:53:55.0312 5872  C:\Windows\System32\FXSST.dll - ok

15:53:55.0312 5872  [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\System32\werui.dll

15:53:55.0312 5872  C:\Windows\System32\werui.dll - ok

15:53:55.0312 5872  [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll

15:53:55.0312 5872  C:\Windows\System32\mssrch.dll - ok

15:53:55.0313 5872  [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll

15:53:55.0313 5872  C:\Windows\System32\FXSAPI.dll - ok

15:53:55.0313 5872  [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll

15:53:55.0313 5872  C:\Windows\System32\WMALFXGFXDSP.dll - ok

15:53:55.0314 5872  [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll

15:53:55.0314 5872  C:\Windows\System32\FXSRESM.dll - ok

15:53:55.0314 5872  [ 3998A7FE8D3B5B97262C996DDF35F5D4 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmpeUrlF.dll

15:53:55.0314 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmpeUrlF.dll - ok

15:53:55.0315 5872  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll

15:53:55.0315 5872  C:\Windows\System32\mfplat.dll - ok

15:53:55.0315 5872  [ BA502FE020F2B4880D7130480ECDDCAF ] C:\Program Files\Microsoft Office\Office12\EXCEL.EXE

15:53:55.0315 5872  C:\Program Files\Microsoft Office\Office12\EXCEL.EXE - ok

15:53:55.0315 5872  [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll

15:53:55.0315 5872  C:\Windows\System32\msidle.dll - ok

15:53:55.0316 5872  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll

15:53:55.0316 5872  C:\Windows\System32\mssprxy.dll - ok

15:53:55.0316 5872  [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll

15:53:55.0316 5872  C:\Windows\System32\UIAnimation.dll - ok

15:53:55.0317 5872  [ 3EB0C6216241873CE65B051CD74506C5 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmphHttp.dll

15:53:55.0317 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmphHttp.dll - ok

15:53:55.0317 5872  [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll

15:53:55.0317 5872  C:\Windows\System32\AltTab.dll - ok

15:53:55.0317 5872  [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL

15:53:55.0317 5872  C:\Windows\System32\QUTIL.DLL - ok

15:53:55.0318 5872  [ FE26E354E0128859466B964388940F8F ] C:\Program Files\Trend Micro\Client Server Security Agent\TmphIcq.dll

15:53:55.0318 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmphIcq.dll - ok

15:53:55.0318 5872  [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe

15:53:55.0318 5872  C:\Windows\System32\FXSSVC.exe - ok

15:53:55.0319 5872  [ 630972C428847FE4700AFABA23935182 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmphMsn.dll

15:53:55.0319 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmphMsn.dll - ok

15:53:55.0319 5872  [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll

15:53:55.0319 5872  C:\Windows\System32\SearchFolder.dll - ok

15:53:55.0320 5872  [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl

15:53:55.0320 5872  C:\Windows\System32\bthprops.cpl - ok

15:53:55.0320 5872  [ 524F98313736C8914F76C17FB126FD24 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmphYmsg.dll

15:53:55.0320 5872  C:\Program Files\Trend Micro\Client Server Security Agent\TmphYmsg.dll - ok

15:53:55.0320 5872  [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui

15:53:55.0320 5872  C:\Windows\System32\en-US\tquery.dll.mui - ok

15:53:55.0321 5872  [ DF72E898195D8F5CB5E981775A3E5B2C ] C:\PROGRA~1\TRENDM~1\CLIENT~1\TmPlgAdp.dll

15:53:55.0321 5872  C:\PROGRA~1\TRENDM~1\CLIENT~1\TmPlgAdp.dll - ok

15:53:55.0321 5872  [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\System32\StructuredQuery.dll

15:53:55.0321 5872  C:\Windows\System32\StructuredQuery.dll - ok

15:53:55.0322 5872  [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\System32\mssvp.dll

15:53:55.0322 5872  C:\Windows\System32\mssvp.dll - ok

15:53:55.0322 5872  [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll

15:53:55.0322 5872  C:\Windows\System32\rasdlg.dll - ok

15:53:55.0324 5872  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll

15:53:55.0324 5872  C:\Windows\System32\mapi32.dll - ok

15:53:55.0325 5872  [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll

15:53:55.0325 5872  C:\Windows\System32\dot3api.dll - ok

15:53:55.0325 5872  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll

15:53:55.0325 5872  C:\Windows\System32\riched20.dll - ok

15:53:55.0326 5872  [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll

15:53:55.0326 5872  C:\Windows\System32\wlanhlp.dll - ok

15:53:55.0326 5872  [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

15:53:55.0326 5872  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

15:53:55.0326 5872  [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll

15:53:55.0326 5872  C:\Program Files\Windows Media Player\wmpnssci.dll - ok

15:53:55.0327 5872  [ D9FCB69502C4631BDFA0A207FB038894 ] C:\Windows\System32\shpafact.dll

15:53:55.0327 5872  C:\Windows\System32\shpafact.dll - ok

15:53:55.0327 5872  [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll

15:53:55.0327 5872  C:\Windows\System32\WWanAPI.dll - ok

15:53:55.0328 5872  [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll

15:53:55.0328 5872  C:\Windows\System32\wwapi.dll - ok

15:53:55.0328 5872  [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL

15:53:55.0328 5872  C:\Windows\System32\QAGENT.DLL - ok

15:53:55.0328 5872  [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\System32\comsvcs.dll

15:53:55.0329 5872  C:\Windows\System32\comsvcs.dll - ok

15:53:55.0329 5872  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe

15:53:55.0329 5872  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

15:53:55.0329 5872  [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll

15:53:55.0329 5872  C:\Windows\System32\wmdrmdev.dll - ok

15:53:55.0330 5872  [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll

15:53:55.0330 5872  C:\Windows\System32\drmv2clt.dll - ok

15:53:55.0330 5872  [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe

15:53:55.0330 5872  C:\Windows\System32\consent.exe - ok

15:53:55.0331 5872  [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL

15:53:55.0331 5872  C:\Windows\System32\wmploc.DLL - ok

15:53:55.0331 5872  [ 839F360641F146EB3B068FB6FF89970D ] C:\Users\akeele\Desktop\Xbox\FalloutNV VE  v4.1\FalloutNV VE.exe

15:53:55.0331 5872  C:\Users\akeele\Desktop\Xbox\FalloutNV VE  v4.1\FalloutNV VE.exe - ok

15:53:55.0332 5872  [ A97E8CADC0906EBA8FA34F6392BF8B59 ]
C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key

15:53:55.0332 5872  C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok

15:53:55.0332 5872  [ 82FC59A500AA685F833E61E3A1BB7DAF ] C:\Windows\System32\nvd3dum.dll

15:53:55.0332 5872  C:\Windows\System32\nvd3dum.dll - ok

15:53:55.0332 5872  [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll

15:53:55.0332 5872  C:\Windows\System32\upnp.dll - ok

15:53:55.0333 5872  [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll

15:53:55.0333 5872  C:\Windows\System32\ssdpsrv.dll - ok

15:53:55.0333 5872  [ 99866ADD6362DAFADDB7C571325BAA66 ] C:\Program Files\Hotspot Shield\bin\fbw.exe

15:53:55.0333 5872  C:\Program Files\Hotspot Shield\bin\fbw.exe - ok

15:53:55.0334 5872  [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe

15:53:55.0334 5872  C:\Windows\System32\SearchProtocolHost.exe - ok

15:53:55.0334 5872  [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

15:53:55.0334 5872  C:\Windows\System32\webcheck.dll - ok

15:53:55.0334 5872  [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll

15:53:55.0334 5872  C:\Windows\System32\SyncCenter.dll - ok

15:53:55.0335 5872  [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll

15:53:55.0335 5872  C:\Windows\System32\msshooks.dll - ok

15:53:55.0335 5872  [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe

15:53:55.0335 5872  C:\Windows\System32\SearchFilterHost.exe - ok

15:53:55.0336 5872  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll

15:53:55.0336 5872  C:\Windows\System32\mscoree.dll - ok

15:53:55.0337 5872  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

15:53:55.0337 5872  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

15:53:55.0337 5872  [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll

15:53:55.0337 5872  C:\Windows\System32\d3d10.dll - ok

15:53:55.0338 5872  [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll

15:53:55.0338 5872  C:\Windows\System32\mssph.dll - ok

15:53:55.0338 5872  [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll

15:53:55.0338 5872  C:\Windows\System32\d3d10core.dll - ok

15:53:55.0339 5872  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll

15:53:55.0339 5872  C:\Windows\System32\ddraw.dll - ok

15:53:55.0339 5872  [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll

15:53:55.0339 5872  C:\Windows\System32\imapi2.dll - ok

15:53:55.0339 5872  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll

15:53:55.0339 5872  C:\Windows\System32\dciman32.dll - ok

15:53:55.0340 5872  [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll

15:53:55.0340 5872  C:\Windows\System32\hgcpl.dll - ok

15:53:55.0340 5872  [ 523214677C1D31D7991632C6D11E6B42 ] C:\Windows\System32\d3dim700.dll

15:53:55.0340 5872  C:\Windows\System32\d3dim700.dll - ok

15:53:55.0341 5872  [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll

15:53:55.0341 5872  C:\Windows\System32\fdPHost.dll - ok

15:53:55.0341 5872  [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll

15:53:55.0341 5872  C:\Windows\System32\fdWSD.dll - ok

15:53:55.0341 5872  [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll

15:53:55.0341 5872  C:\Windows\System32\fdSSDP.dll - ok

15:53:55.0342 5872  [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll

15:53:55.0342 5872  C:\Program Files\Internet Explorer\ieproxy.dll - ok

15:53:55.0342 5872  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll

15:53:55.0342 5872  C:\Windows\System32\ListSvc.dll - ok

15:53:55.0343 5872  [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll

15:53:55.0343 5872  C:\Windows\System32\P2P.dll - ok

15:53:55.0343 5872  [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll

15:53:55.0343 5872  C:\Windows\System32\wmpps.dll - ok

15:53:55.0344 5872  [ 9DC23ACF360AEA7DF55AD7A8D3FBF4E6 ] C:\Windows\System32\IdListen.dll

15:53:55.0344 5872  C:\Windows\System32\IdListen.dll - ok

15:53:55.0344 5872  [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll

15:53:55.0344 5872  C:\Windows\System32\wmpmde.dll - ok

15:53:55.0344 5872  [ F059EB4C9C256F62F196EAA439E28F74 ] C:\Windows\System32\hgprint.dll

15:53:55.0345 5872  C:\Windows\System32\hgprint.dll - ok

15:53:55.0345 5872  [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll

15:53:55.0345 5872  C:\Windows\System32\WinSATAPI.dll - ok

15:53:55.0345 5872  [ DC8DFA6D71DAF85D3F23D49A4B4B0BD2 ] C:\Program Files\iTunes\iTunes.exe

15:53:55.0345 5872  C:\Program Files\iTunes\iTunes.exe - ok

15:53:55.0346 5872  [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll

15:53:55.0346 5872  C:\Windows\System32\pnrpsvc.dll - ok

15:53:55.0346 5872  [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL

15:53:55.0346 5872  C:\Windows\System32\MSMPEG2ENC.DLL - ok

15:53:55.0347 5872  [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll

15:53:55.0347 5872  C:\Windows\System32\p2psvc.dll - ok

15:53:55.0347 5872  [ 1200B011AD494A9E41D882143DEB9D68 ] C:\Program Files\Mozilla Firefox\nspr4.dll

15:53:55.0347 5872  C:\Program Files\Mozilla Firefox\nspr4.dll - ok

15:53:55.0347 5872  [ E52F9B31AEA7458E415616B88F41D6B6 ] C:\Program Files\Mozilla Firefox\plc4.dll

15:53:55.0347 5872  C:\Program Files\Mozilla Firefox\plc4.dll - ok

15:53:55.0348 5872  [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll

15:53:55.0348 5872  C:\Windows\System32\P2PGraph.dll - ok

15:53:55.0348 5872  [ 3817D77E8371F2B8BFAB4653FB23230C ] C:\Program Files\Mozilla Firefox\mozalloc.dll

15:53:55.0348 5872  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok

15:53:55.0349 5872  [ 65D434A6EAD6152ACFFCA952121B8FA2 ] C:\Program Files\Mozilla Firefox\plds4.dll

15:53:55.0349 5872  C:\Program Files\Mozilla Firefox\plds4.dll - ok

15:53:55.0349 5872  [ CBBAA8D5109E5C51C241482BE107D1B2 ] C:\Program Files\Mozilla Firefox\nssutil3.dll

15:53:55.0349 5872  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok

15:53:55.0349 5872  [ 9A0F86431A4304985A6A32356D8A1E5A ] C:\Program Files\Mozilla Firefox\softokn3.dll

15:53:55.0349 5872  C:\Program Files\Mozilla Firefox\softokn3.dll - ok

15:53:55.0350 5872  [ 6D8F7647F8EADB1F0D003B13AC7AFF8B ] C:\Program Files\Mozilla Firefox\nss3.dll

15:53:55.0350 5872  C:\Program Files\Mozilla Firefox\nss3.dll - ok

15:53:55.0350 5872  [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll

15:53:55.0350 5872  C:\Windows\System32\qmgr.dll - ok

15:53:55.0351 5872  [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll

15:53:55.0351 5872  C:\Windows\System32\bitsperf.dll - ok

15:53:55.0351 5872  [ 49C2A8DBD535EC9FF202ACA627C3EC6A ] C:\Program Files\Mozilla Firefox\ssl3.dll

15:53:55.0351 5872  C:\Program Files\Mozilla Firefox\ssl3.dll - ok

15:53:55.0352 5872  [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll

15:53:55.0352 5872  C:\Windows\System32\bitsigd.dll - ok

15:53:55.0352 5872  [ 25A86A8D2A66B599800D3530DC8CA4AF ] C:\Program Files\Mozilla Firefox\smime3.dll

15:53:55.0352 5872  C:\Program Files\Mozilla Firefox\smime3.dll - ok

15:53:55.0352 5872  [ AFD505D7506AA6B3FB18A69248376C43 ] C:\Program Files\Java\jre6\bin\java.exe

15:53:55.0352 5872  C:\Program Files\Java\jre6\bin\java.exe - ok

15:53:55.0353 5872  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:53:55.0353 5872  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

15:53:55.0353 5872  [ 97258F0898F8E3F3D154CE1DD71FD50B ] C:\Program Files\Mozilla Firefox\mozjs.dll

15:53:55.0353 5872  C:\Program Files\Mozilla Firefox\mozjs.dll - ok

15:53:55.0354 5872  [ 13E7CFE8E269ED15E7FC9C3EBBCB7E2B ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

15:53:55.0354 5872  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

15:53:55.0354 5872  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

15:53:55.0354 5872  C:\Windows\System32\msvcr100_clr0400.dll - ok

15:53:55.0355 5872  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll

15:53:55.0355 5872  C:\Windows\System32\devenum.dll - ok

15:53:55.0355 5872  [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll

15:53:55.0355 5872  C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll - ok

15:53:55.0356 5872  ============================================================

15:53:55.0356 5872  Scan finished

15:53:55.0356 5872  ============================================================

15:53:55.0357 5864  Detected object count: 0

15:53:55.0357 5864  Actual detected object count: 0

15:54:42.0288 0732  Deinitialize success
 

 

 


aswMBR


 


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2013-02-12 16:00:03

-----------------------------

16:00:03.722    OS Version: Windows 6.1.7601 Service Pack 1

16:00:03.722    Number of processors: 2 586 0x170A

16:00:03.723    ComputerName: COLINKEELE  UserName: akeele

16:00:04.555    Initialize success

16:02:40.392    AVAST engine defs: 13021200

16:02:48.804    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

16:02:48.806    Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3

16:02:48.830    Disk 0 MBR read successfully

16:02:48.832    Disk 0 MBR scan

16:02:48.853    Disk 0 Windows VISTA default MBR code

16:02:48.855    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63

16:02:48.869    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS         8518 MB offset 81920

16:02:48.883    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       144028 MB offset 17526784

16:02:48.891    Disk 0 scanning sectors +312496128

16:02:48.964    Disk 0 scanning C:\Windows\system32\drivers

16:03:06.066    Service scanning

16:03:26.966    Service tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys **LOCKED** 5

16:03:27.256    Service tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys **LOCKED** 5

16:03:27.455    Service tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys **LOCKED** 5

16:03:33.631    Modules scanning

16:03:40.122    Disk 0 trace - called modules:

16:03:40.140    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

16:03:40.144    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x861a5030]

16:03:40.151    3 CLASSPNP.SYS[8b5de59e] -> nt!IofCallDriver -> [0x85cb8860]

16:03:40.158    5 ACPI.sys[8b0c63d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x853ed610]

16:03:41.908    AVAST engine scan C:\Windows

16:03:46.432    AVAST engine scan C:\Windows\system32

16:08:51.001    AVAST engine scan C:\Windows\system32\drivers

16:09:20.100    AVAST engine scan C:\Users\akeele

16:16:24.792    File:
C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3b65b9d6-3c14022e 
**INFECTED** Win32:Malware-gen

16:31:42.367    File: C:\Users\akeele\AppData\Roaming\rkcap.dll  **INFECTED** Win32:Medfos-AQ [Trj]

16:31:42.601    File: C:\Users\akeele\AppData\Roaming\rvdobv.dll  **INFECTED** Win32:Medfos-AQ [Trj]

16:31:48.623    File: C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe  **INFECTED** Win32:Malware-gen

16:39:18.238    AVAST engine scan C:\ProgramData

16:45:14.516    Scan finished successfully

16:52:26.470    Disk 0 MBR has been saved successfully to "C:\Users\akeele\Desktop\MBR.dat"

16:52:26.486    The log file has been saved successfully to "C:\Users\akeele\Desktop\aswMBR.txt"




 


 


 


ESET results

 

C:\Program Files\Warcraft III\Warcraft III.exe    Win32/Expiro.NAN virus    deleted - quarantined

C:\Users\akeele\AppData\Local\d4f88dd9-daae-4480-9838-624731a019b4.crx    JS/Redirector.NCG trojan    deleted - quarantined

C:\Users\akeele\AppData\Local\Temp\jar_cache1848166104888186037.tmp    multiple threats    deleted - quarantined

C:\Users\akeele\AppData\Local\Temp\V.class    a variant of
Java/Exploit.CVE-2011-3544.BQ trojan    cleaned by deleting -
quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\4088c081-45d1217c    multiple threats    deleted - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\7ba5560c-3b40c4b7  
 a variant of Java/Exploit.Agent.NDH trojan    deleted - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2ad95913-49469917  
 Java/Exploit.CVE-2012-1723.AZ trojan    deleted - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3b65b9d6-3c14022e  
 Win32/Spy.Zbot.AAO trojan    cleaned by deleting - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3b65b9d6-7833d285    multiple threats    deleted - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\25c070ab-218f5ba1    multiple threats    deleted - quarantined

C:\Users\akeele\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\30846e6d-32a3c936  
 a variant of Java/Exploit.CVE-2012-1723.FO trojan    deleted -
quarantined

C:\Users\akeele\AppData\Roaming\rkcap.dll    a variant of
Win32/Medfos.HO trojan    cleaned by deleting (after the next restart) -
quarantined

C:\Users\akeele\AppData\Roaming\rvdobv.dll    a variant of Win32/Medfos.HO trojan    cleaned by deleting - quarantined

C:\Users\akeele\AppData\Roaming\Mozilla\Firefox\Profiles\gysb46yc.default\user.js  
 JS/SecurityDisabler.A.Gen application    cleaned by deleting -
quarantined

C:\Users\akeele\AppData\Roaming\Mozilla\Firefox\Profiles\gysb46yc.default\extensions\{d4f88dd9-daae-4480-9838-624731a019b4}.xpi  
 JS/Redirector.NCL trojan    deleted - quarantined

C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe    Win32/Spy.Zbot.AAO trojan    cleaned by deleting - quarantined

C:\Users\akeele\Desktop\Xbox\WinRAR\Rar.exe    Win32/Expiro.NAN virus    deleted - quarantined

C:\Users\akeele\Desktop\Xbox\WinRAR\Uninstall.exe    Win32/Expiro.NAN virus    deleted - quarantined

C:\Users\akeele\Desktop\Xbox\WinRAR\UnRAR.exe    Win32/Expiro.NAN virus    deleted - quarantined

C:\Users\akeele\Desktop\Xbox\WinRAR\WinRAR.exe    Win32/Expiro.NAN virus    deleted - quarantined

Operating memory    a variant of Win32/Spy.Zbot.AAO trojan   
 


 

 

My only two questions are How was the whole Warcraft III game a
virus, and is WinRAR itself malicious or was that from another virus?


The post was too long so i had to split it up.



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 12 February 2013 - 09:11 PM

Infection came from a different dropper.This expiro virus spreads fast and infects exectuable files

 

Please remove this folder

 

C:\Program Files\Warcraft III

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#6 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 13 February 2013 - 12:04 AM

Junkware Removal Tool would pop up with an error when it got to Checking Registry - Quick Scan that said Find String (QGREP) Utility has stopped working

 

My pc also ran  check disk while it was rebooting in the middle of one of the programs

 

Logs:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.13.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
akeele :: COLINKEELE [administrator]

2/12/2013 9:18:24 PM
mbam-log-2013-02-12 (21-18-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240147
Time elapsed: 11 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by akeele (administrator) on 12-02-2013 at 22:15:16
Running from "C:\Users\akeele\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : colinkeele
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-F1-58-04-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
   Physical Address. . . . . . . . . : C4-3D-C7-CA-DF-FE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4852:54fd:37df:56bd%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, February 12, 2013 9:16:27 PM
   Lease Expires . . . . . . . . . . : Wednesday, February 13, 2013 9:16:26 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 365182407
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7D-2C-88-84-2B-2B-8A-92-45
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 84-2B-2B-8A-92-45
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AD763623-CA4D-4937-96B2-61EB7B21035A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1cf4:2080:9ea8:9954(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1cf4:2080:9ea8:9954%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F15804B6-08A8-4532-9F73-9087A8C023D3}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4009:801::1005
      74.125.225.40
      74.125.225.36
      74.125.225.35
      74.125.225.37
      74.125.225.39
      74.125.225.46
      74.125.225.41
      74.125.225.34
      74.125.225.33
      74.125.225.38
      74.125.225.32


Pinging google.com [74.125.225.78] with 32 bytes of data:
Reply from 74.125.225.78: bytes=32 time=23ms TTL=54
Reply from 74.125.225.78: bytes=32 time=23ms TTL=54

Ping statistics for 74.125.225.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=62ms TTL=48
Reply from 98.139.183.24: bytes=32 time=71ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 62ms, Maximum = 71ms, Average = 66ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...00 ff f1 58 04 b6 ......Anchorfree HSS VPN Adapter
 13...c4 3d c7 ca df fe ......NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
 10...84 2b 2b 8a 92 45 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.9     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.9    286
      192.168.1.9  255.255.255.255         On-link       192.168.1.9    286
    192.168.1.255  255.255.255.255         On-link       192.168.1.9    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.9    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.9    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:1cf4:2080:9ea8:9954/128
                                    On-link
 13    286 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::1cf4:2080:9ea8:9954/128
                                    On-link
 13    286 fe80::4852:54fd:37df:56bd/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 13    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/12/2013 06:06:39 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/12/2013 03:51:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_rvdobv.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: VERSION.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x000015da
Faulting process id: 0xe40
Faulting application start time: 0xrundll32.exe_rvdobv.dll0
Faulting application path: rundll32.exe_rvdobv.dll1
Faulting module path: rundll32.exe_rvdobv.dll2
Report Id: rundll32.exe_rvdobv.dll3

Error: (02/11/2013 11:09:11 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/11/2013 10:00:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_rvdobv.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: VERSION.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x000015da
Faulting process id: 0xa9c
Faulting application start time: 0xrundll32.exe_rvdobv.dll0
Faulting application path: rundll32.exe_rvdobv.dll1
Faulting module path: rundll32.exe_rvdobv.dll2
Report Id: rundll32.exe_rvdobv.dll3

Error: (02/11/2013 09:53:32 PM) (Source: Application Hang) (User: )
Description: The program lotroclient.exe version 901.51.1392.8029 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 810

Start Time: 01ce08d2ba2782fc

Termination Time: 130

Application Path: C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe

Report Id:

Error: (02/11/2013 03:53:57 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/11/2013 03:24:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_rvdobv.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: VERSION.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb2b
Exception code: 0xc0000005
Fault offset: 0x000015da
Faulting process id: 0x854
Faulting application start time: 0xrundll32.exe_rvdobv.dll0
Faulting application path: rundll32.exe_rvdobv.dll1
Faulting module path: rundll32.exe_rvdobv.dll2
Report Id: rundll32.exe_rvdobv.dll3

Error: (02/10/2013 11:58:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_rvdobv.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3f4
Faulting application start time: 0xrundll32.exe_rvdobv.dll0
Faulting application path: rundll32.exe_rvdobv.dll1
Faulting module path: rundll32.exe_rvdobv.dll2
Report Id: rundll32.exe_rvdobv.dll3

Error: (02/10/2013 06:50:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3874176

Error: (02/10/2013 06:50:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3874176


System errors:
=============
Error: (02/12/2013 04:14:16 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:16 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:16 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:16 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:16 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:13 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:13 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:13 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/12/2013 04:14:13 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/12/2013 04:14:13 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Age of Empires III - The WarChiefs (Version: 1.00.0000)
Age of Empires III (Version: 1.00.0000)
Aliens vs. Predator 2
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.1.391.0)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Broadcom Management Programs (Version: 12.35.01)
Brother HL-2070N (Version: 1.00)
D3DX10 (Version: 15.4.2368.0902)
Dell Backup and Recovery Manager (Version: 1.3)
Dell Edoc Viewer (Version: 1.0.0)
Empire Earth II (Version: 1.10)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.123)
Hotspot Shield 2.85 (Version: 2.85)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 32 (Version: 6.0.320)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Pando Media Booster (Version: 2.6.0.8)
Pepakura Designer 3
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
ROBLOX Player for akeele
ROBLOX Studio for akeele
Safari (Version: 5.34.57.2)
SPORE™ (Version: 1.00.0000)
SpyHunter (Version: 4.11.10.4138)
StarCraft II (Version: 1.4.3.21029)
swMSM (Version: 12.0.0.1)
The Lord of the Rings Online™ v03.08.00.8025 (Version: 03.08.00.8025)
Trend Micro Client/Server Security Agent (Version: 3.0.3152)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Warcraft III
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (32-bit) (Version: 4.20.0)

========================= Devices: ================================

Name: NETGEAR WNDR3400 N600 Wireless Router
Description: NETGEAR WNDR3400 N600 Wireless Router
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3070.8 MB
Available physical RAM: 1687.04 MB
Total Pagefile: 6139.9 MB
Available Pagefile: 4753.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.13 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:140.65 GB) (Free:23.29 GB) NTFS

========================= Users: ========================================

User accounts for \\COLINKEELE

Administrator            akeele                   ASPNET                   
Guest                    UpdatusUser              


**** End of log ****
 

 

Farbar Service Scanner Version: 10-02-2013
Ran by akeele (administrator) on 12-02-2013 at 22:22:13
Running from "C:\Users\akeele\Desktop"
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


 

# AdwCleaner v2.112 - Logfile created 02/12/2013 at 22:24:30
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : akeele - COLINKEELE
# Boot Mode : Normal
# Running from : C:\Users\akeele\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Users\akeele\AppData\Roaming\Mozilla\Firefox\Profiles\gysb46yc.default\prefs.js

C:\Users\akeele\AppData\Roaming\Mozilla\Firefox\Profiles\gysb46yc.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\akeele\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [322 octets] - [12/02/2013 22:23:56]
AdwCleaner[S2].txt - [1755 octets] - [12/02/2013 22:24:30]

########## EOF - C:\AdwCleaner[S2].txt - [1815 octets] ##########
 

 

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/12/2013 10:57:24 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 02/12/2013 10:57:37 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "IntelliPoint"    "IPoint.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellipoint\ipoint.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"
+ "itype"    "IType.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellitype pro\itype.exe"
+ "OfficeScanNT Monitor"    "Trend Micro Client/Server Security Agent Monitor"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\pccntmon.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\rthdvcpl.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "NETGEAR WNDA3100v2 Smart Wizard.lnk"    "Netgear"    ""    "c:\program files\netgear\wnda3100v2\wnda3100v2.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Apple Computer"    "Visio Organization Chart Wizard DLL"    "Microsoft Corporation"    "c:\users\akeele\appdata\local\apple computer\ahbgslne.dll"
+ "Pando Media Booster"    "Pando Media Booster"    ""    "c:\program files\pando networks\media booster\pmb.exe"
+ "Poexehyw"    ""    ""    "File not found: C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe"
+ "rkcap"    ""    ""    "File not found: C:\Users\akeele\AppData\Roaming\rkcap.dll"
+ "Sidebar"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"
+ "SystemRankException"    ""    ""    "c:\users\akeele\appdata\local\system rankexception\devnetplay.dll"
+ "YouTube Mini"    "YouTube Mini Application"    ""    "c:\program files\youtubedownloader.org\youtubedownloader\youtube mini.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "livecall"    "Windows Live Messenger Protocol Handler Module"    "Microsoft Corporation"    "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim"    "Windows Live Messenger Protocol Handler Module"    "Microsoft Corporation"    "c:\program files\windows live\messenger\msgrapp.dll"
+ "tmpx"    "Trend Micro NSC IE Plug-In"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\bho\1035\tmieplg.dll"
+ "wlmailhtml"    "Windows Live Mail"    "Microsoft Corporation"    "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg"    "Windows Live Album Download Protocol Handler"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"    ""    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\ssv.dll"
+ "TmIEPlugInBHO Class"    "Trend Micro NSC IE Plug-In"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\bho\1035\tmieplg.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files\windows live\writer\writerbrowserextension.dll"
"Task Scheduler"    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe"    "IPoint.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe"    "IType.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellitype pro\itype.exe"
+ "\{0BD15F3A-7B8B-4E94-A4A3-42D49017AF19}"    "NETGEAR WG111 Smart Wizard-Wireless Assistance"    ""    "c:\program files\netgear\wg111 configuration utility\wg111cfg.exe"
+ "\{5C0871BF-3A31-47B7-B6FF-81F304FFF573}"    "Launcher MFC Application"    ""    "c:\program files\fox\aliens vs. predator 2\avp2.exe"
+ "\{A2DC67DA-6737-41AB-A9F5-4116A8B3E752}"    "Launcher MFC Application"    ""    "c:\program files\fox\aliens vs. predator 2\avp2.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters"    "Andrea filters APO access service (32-bit)"    "Andrea Electronics Corporation"    "c:\program files\realtek\audio\hda\aertsrv.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "BPowMon"    "Power monitoring service for Broadcom applications."    "Broadcom Corp."    "c:\program files\broadcom\bpowmon\bpowmon.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "hshld"    ""    "AnchorFree Inc."    "c:\program files\hotspot shield\bin\openvpnas.exe"
+ "HssSrv"    ""    "AnchorFree Inc."    "c:\program files\hotspot shield\hsswpr\hsssrv.exe"
+ "HssTrayService"    ""    ""    "c:\program files\hotspot shield\bin\hsstrayservice.exe"
+ "HssWd"    ""    ""    "c:\program files\hotspot shield\bin\hsswd.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance"    ""    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "ntrtscan"    "Performs Real-time, Scheduled, and Manual scan on client/server security agents."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\ntrtscan.exe"
+ "nvsvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"    "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SpyHunter 4 Service"    "SpyHunter 4 Helper Service"    "Enigma Software Group USA, LLC."    "c:\program files\enigma software group\spyhunter\sh4service.exe"
+ "Stereo Service"    "Provides system support for NVIDIA Stereoscopic 3D driver"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "svcGenericHost"    "Receives commands and notifications from the security server and facilitates communication from the client to the server"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\hostedagent\svcgenerichost.exe"
+ "TMBMServer"    "Manages the Trend Micro unauthorized change prevention feature"    "Trend Micro Inc."    "c:\program files\trend micro\bm\tmbmsrv.exe"
+ "tmlisten"    "Receives commands and notifications from the security server and facilitates communication from the client to the server."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmlisten.exe"
+ "TmPfw"    "Provides packet level firewall, network virus scanning and intrusion detection capabilities."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmpfw.exe"
+ "TmProxy"    "Scans network traffic before passing it to the target application."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmproxy.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "WSWNDA3100"    "Wifi Service"    ""    "c:\program files\netgear\wnda3100v2\wifisvc.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx"    "Adaptec Ultra SCSI miniport"    "Adaptec, Inc."    "c:\windows\system32\drivers\djsvs.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows family"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60x.sys"
+ "BCMH43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwlhigh6.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "catchme"    ""    ""    "File not found: C:\Users\akeele\AppData\Local\Temp\catchme.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "EsgScanner"    "Enigma Scan filter"    ""    "c:\windows\system32\drivers\esgscanner.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6"    "Hotspot Shield Routing Driver 6"    "AnchorFree Inc."    "c:\windows\system32\drivers\hssdrv6.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - ia32"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhda.sys"
+ "k57nd60x"    "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\k57nd60x.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7 for x86"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA"    "NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 306.97 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "SCMNdisP"    "General NDIS Protocol Driver"    "Windows ® Codename Longhorn DDK provider"    "c:\windows\system32\drivers\scmndisp.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "taphss6"    "Anchorfree HSS VPN Adapter"    "Anchorfree Inc."    "c:\windows\system32\drivers\taphss6.sys"
+ "tmactmon"    "Trend Micro Activity Monitor Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm"    "Trend Micro Common Engine Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmcomm.sys"
+ "tmevtmgr"    "Trend Micro Event Manager Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmevtmgr.sys"
+ "TmFilter"    "Post Filter For XP"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmxpflt.sys"
+ "tmlwf"    "Trend Micro NDIS 6.0 Filter Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmlwf.sys"
+ "TmPreFilter"    "Pre-Filter For XP"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmpreflt.sys"
+ "tmtdi"    "Trend Micro TDI Driver (i386-fre)"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmtdi.sys"
+ "tmwfp"    "Trend Micro WFP Callout Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmwfp.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "VSApiNt"    "VsapiNT "    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\vsapint.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.IV41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DivX for Blizzard Decoder Filter"    ""    ""    "File not found: C:\Program Files\Warcraft III\blizzard.ax"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\akeele\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ "CPU Meter"    "See the current computer CPU and system memory (RAM)."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
 



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 13 February 2013 - 02:10 AM

Launch Autoruns and uncheck these entries
 

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Apple Computer"    "Visio Organization Chart Wizard DLL"  "Microsoft Corporation"    "c:\users\akeele\appdata\local\applecomputer\ahbgslne.dll"
+ "rkcap"    ""    ""    "File not found: C:\Users\akeele\AppData\Roaming\rkcap.dll"

 

 

Restart the PC and delete this file

 

C:\users\akeele\appdata\local\applecomputer\ahbgslne.dll

 

 

Run ESET online scanner again and post the new log



#8 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 13 February 2013 - 06:04 PM

I can't delete the ahbgslne.dll file because "The action can't be completed because the file is open in Desktop Window Manager," and i restarted my computer twice and tried deleting it but the same error still comes up



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 13 February 2013 - 09:32 PM

Please follow my instructions.You have to uncheck the entry in Autoruns first and then restart the PC and delete the file.



#10 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 14 February 2013 - 12:05 AM

Sorry, i didnt uncheck both of them.

 

here is the log, only one thing in it:

 

C:\Users\akeele\AppData\Local\d4f88dd9-daae-4480-9838-624731a019b4.crx    JS/Redirector.NCG trojan    deleted - quarantined
 



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 14 February 2013 - 02:41 AM

Please run autoruns again and post the log



#12 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 14 February 2013 - 04:22 PM

Here ya go:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "IntelliPoint"    "IPoint.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellipoint\ipoint.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"
+ "itype"    "IType.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellitype pro\itype.exe"
+ "OfficeScanNT Monitor"    "Trend Micro Client/Server Security Agent Monitor"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\pccntmon.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\rthdvcpl.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "NETGEAR WNDA3100v2 Smart Wizard.lnk"    "Netgear"    ""    "c:\program files\netgear\wnda3100v2\wnda3100v2.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
X "Apple Computer"    ""    ""    "File not found: C:\Users\akeele\AppData\Local\Apple Computer\ahbgslne.dll"
+ "Pando Media Booster"    "Pando Media Booster"    ""    "c:\program files\pando networks\media booster\pmb.exe"
+ "Poexehyw"    ""    ""    "File not found: C:\Users\akeele\AppData\Roaming\Viedyp\kayv.exe"
X "rkcap"    ""    ""    "File not found: C:\Users\akeele\AppData\Roaming\rkcap.dll"
+ "Sidebar"    "Windows Desktop Gadgets"    "Microsoft Corporation"    "c:\program files\windows sidebar\sidebar.exe"
+ "SystemRankException"    ""    ""    "c:\users\akeele\appdata\local\system rankexception\devnetplay.dll"
+ "YouTube Mini"    "YouTube Mini Application"    ""    "c:\program files\youtubedownloader.org\youtubedownloader\youtube mini.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "livecall"    "Windows Live Messenger Protocol Handler Module"    "Microsoft Corporation"    "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim"    "Windows Live Messenger Protocol Handler Module"    "Microsoft Corporation"    "c:\program files\windows live\messenger\msgrapp.dll"
+ "tmpx"    "Trend Micro NSC IE Plug-In"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\bho\1035\tmieplg.dll"
+ "wlmailhtml"    "Windows Live Mail"    "Microsoft Corporation"    "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg"    "Windows Live Album Download Protocol Handler"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"    ""    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\users\akeele\desktop\xbox\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\ssv.dll"
+ "TmIEPlugInBHO Class"    "Trend Micro NSC IE Plug-In"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\bho\1035\tmieplg.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files\windows live\writer\writerbrowserextension.dll"
"Task Scheduler"    ""    ""    ""
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe"    "IPoint.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe"    "IType.exe"    "Microsoft Corporation"    "c:\program files\microsoft intellitype pro\itype.exe"
+ "\{0BD15F3A-7B8B-4E94-A4A3-42D49017AF19}"    "NETGEAR WG111 Smart Wizard-Wireless Assistance"    ""    "c:\program files\netgear\wg111 configuration utility\wg111cfg.exe"
+ "\{5C0871BF-3A31-47B7-B6FF-81F304FFF573}"    "Launcher MFC Application"    ""    "c:\program files\fox\aliens vs. predator 2\avp2.exe"
+ "\{A2DC67DA-6737-41AB-A9F5-4116A8B3E752}"    "Launcher MFC Application"    ""    "c:\program files\fox\aliens vs. predator 2\avp2.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters"    "Andrea filters APO access service (32-bit)"    "Andrea Electronics Corporation"    "c:\program files\realtek\audio\hda\aertsrv.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation."    "c:\program files\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "BPowMon"    "Power monitoring service for Broadcom applications."    "Broadcom Corp."    "c:\program files\broadcom\bpowmon\bpowmon.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "hshld"    ""    "AnchorFree Inc."    "c:\program files\hotspot shield\bin\openvpnas.exe"
+ "HssSrv"    ""    "AnchorFree Inc."    "c:\program files\hotspot shield\hsswpr\hsssrv.exe"
+ "HssTrayService"    ""    ""    "c:\program files\hotspot shield\bin\hsstrayservice.exe"
+ "HssWd"    ""    ""    "c:\program files\hotspot shield\bin\hsswd.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance"    ""    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "ntrtscan"    "Performs Real-time, Scheduled, and Manual scan on client/server security agents."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\ntrtscan.exe"
+ "nvsvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"    "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nvidia update core\daemonu.exe"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SpyHunter 4 Service"    "SpyHunter 4 Helper Service"    "Enigma Software Group USA, LLC."    "c:\program files\enigma software group\spyhunter\sh4service.exe"
+ "Stereo Service"    "Provides system support for NVIDIA Stereoscopic 3D driver"    "NVIDIA Corporation"    "c:\program files\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "svcGenericHost"    "Receives commands and notifications from the security server and facilitates communication from the client to the server"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\hostedagent\svcgenerichost.exe"
+ "TMBMServer"    "Manages the Trend Micro unauthorized change prevention feature"    "Trend Micro Inc."    "c:\program files\trend micro\bm\tmbmsrv.exe"
+ "tmlisten"    "Receives commands and notifications from the security server and facilitates communication from the client to the server."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmlisten.exe"
+ "TmPfw"    "Provides packet level firewall, network virus scanning and intrusion detection capabilities."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmpfw.exe"
+ "TmProxy"    "Scans network traffic before passing it to the target application."    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmproxy.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "WSWNDA3100"    "Wifi Service"    ""    "c:\program files\netgear\wnda3100v2\wifisvc.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx"    "Adaptec Ultra SCSI miniport"    "Adaptec, Inc."    "c:\windows\system32\drivers\djsvs.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows family"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60x.sys"
+ "BCMH43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwlhigh6.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "catchme"    ""    ""    "File not found: C:\Users\akeele\AppData\Local\Temp\catchme.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "EsgScanner"    "Enigma Scan filter"    ""    "c:\windows\system32\drivers\esgscanner.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6"    "Hotspot Shield Routing Driver 6"    "AnchorFree Inc."    "c:\windows\system32\drivers\hssdrv6.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - ia32"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhda.sys"
+ "k57nd60x"    "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\k57nd60x.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7 for x86"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA"    "NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda32v.sys"
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 306.97 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "SCMNdisP"    "General NDIS Protocol Driver"    "Windows ® Codename Longhorn DDK provider"    "c:\windows\system32\drivers\scmndisp.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "taphss6"    "Anchorfree HSS VPN Adapter"    "Anchorfree Inc."    "c:\windows\system32\drivers\taphss6.sys"
+ "tmactmon"    "Trend Micro Activity Monitor Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm"    "Trend Micro Common Engine Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmcomm.sys"
+ "tmevtmgr"    "Trend Micro Event Manager Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmevtmgr.sys"
+ "TmFilter"    "Post Filter For XP"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmxpflt.sys"
+ "tmlwf"    "Trend Micro NDIS 6.0 Filter Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmlwf.sys"
+ "TmPreFilter"    "Pre-Filter For XP"    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\tmpreflt.sys"
+ "tmtdi"    "Trend Micro TDI Driver (i386-fre)"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmtdi.sys"
+ "tmwfp"    "Trend Micro WFP Callout Driver"    "Trend Micro Inc."    "c:\windows\system32\drivers\tmwfp.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "VSApiNt"    "VsapiNT "    "Trend Micro Inc."    "c:\program files\trend micro\client server security agent\vsapint.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.IV41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DivX for Blizzard Decoder Filter"    ""    ""    "File not found: C:\Program Files\Warcraft III\blizzard.ax"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\akeele\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"    ""    ""    ""
+ "CPU Meter"    "See the current computer CPU and system memory (RAM)."    "Microsoft Corporation"    "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
 



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 14 February 2013 - 05:02 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing smile.png

 



#14 Inigo64

Inigo64
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 15 February 2013 - 06:20 PM

My PC is clean, Thanks!

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:02 AM

Posted 15 February 2013 - 06:22 PM

You're most welcome :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users