Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible TDL3 rootkit after MBAM


  • This topic is locked This topic is locked
22 replies to this topic

#1 bm6126349

bm6126349

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 25 February 2013 - 06:48 PM

Hello,

A guy at work brought me his XP laptop claiming slowness and email problems.

Looking into it I saw the Windows Security Center was turned off, and not

in the list to restart!

 

MBAM ran finding lots of Trojan.ObCom.  I let MBAM fix all the problems.

Ran it again, seems clean. Ran the online eset scanner, and it came up

clean.

Ran DDS and got the possible rootkit error.

 

Can someone help?  Whats the next step?

Thanks

Mike

 

===========================================================================================

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_21
Run by javierh at 12:15:19 on 2013-02-25
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2649 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\umonit.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\FourJs\gdc\fitrix\bin\gdc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: <No Name>: {53707962-6F74-2D53-2644-206D7942484F} - 
BHO: IE_PopupBlocker Class: {656EC4B7-072B-4698-B504-2A414C1F0037} - 
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\javierh\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [UMonit] c:\windows\system32\umonit.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil9d.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\genero~1.lnk - c:\program files\fourjs\gdc\fitrix\bin\gdc.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcDcToday.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/InstBanr.ocx
DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/InstFred.ocx
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcPreview.ocx
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\goec62~1.dll, c:\progra~1\google\google~1\goec62~1.dll c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\javierh\application data\mozilla\firefox\profiles\ljexw853.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=421&systemid=406&sr=0&q=
FF - plugin: c:\documents and settings\javierh\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mcafee security scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - ExtSQL: 2013-02-08 07:38; AppGraffiti@AppGraffiti.com; c:\documents and settings\javierh\application data\mozilla\firefox\profiles\ljexw853.default\extensions\AppGraffiti@AppGraffiti.com
FF - ExtSQL: !HIDDEN! 2009-09-08 06:13; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-07-31 10:55; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\searchqu toolbar\datamngr\FirefoxExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 195296]
R1 MpKsl2976d37f;MpKsl2976d37f;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d1bba548-14c7-4d7d-8bd7-76f7a2f8cbbd}\MpKsl2976d37f.sys [2013-2-25 29904]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [2007-6-16 14416]
RUnknown SASKUTIL;SASKUTIL; [x]
S3 DDCCI;DDC/CI monitor;c:\windows\system32\drivers\Moni2c.sys [2002-8-23 6494]
S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [2007-6-16 44344]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2007-6-23 6016]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [2008-3-10 12928]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"
.
=============== Created Last 30 ================
.
2013-02-25 18:53:32    29904    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d1bba548-14c7-4d7d-8bd7-76f7a2f8cbbd}\MpKsl2976d37f.sys
2013-02-22 01:14:44    6954968    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d1bba548-14c7-4d7d-8bd7-76f7a2f8cbbd}\mpengine.dll
2013-02-21 23:49:01    --------    d-----w-    c:\documents and settings\javierh\application data\Malwarebytes
2013-02-21 23:48:47    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-02-21 23:48:45    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-02-21 23:48:45    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-02-19 18:05:17    6991832    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-16 00:05:54    --------    d-----w-    c:\windows\system32\wbem\repository\FS
2013-02-16 00:05:54    --------    d-----w-    c:\windows\system32\wbem\Repository
2013-02-15 23:57:23    --------    d-----w-    c:\program files\iTunes
2013-02-15 23:57:23    --------    d-----w-    c:\program files\iPod
2013-02-15 23:57:23    --------    d-----w-    c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
==================== Find3M  ====================
.
2013-02-18 18:25:16    697712    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-02-18 18:25:15    74096    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53:21    232336    ------w-    c:\windows\system32\MpSigStub.exe
2013-01-26 03:55:44    552448    ----a-w-    c:\windows\system32\oleaut32.dll
2013-01-24 22:48:01    1409    ----a-w-    c:\windows\QTFont.for
2013-01-20 23:59:04    195296    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-01-07 01:19:45    2148864    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01    2027520    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00    1867264    ----a-w-    c:\windows\system32\win32k.sys
2013-01-04 01:20:00    1867264    ----a-w-    c:\windows\system32\win32k(2)(2).sys
2013-01-02 06:49:10    148992    ----a-w-    c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10    1292288    ----a-w-    c:\windows\system32\quartz.dll
2012-12-26 20:16:29    916480    ----a-w-    c:\windows\system32\wininet.dll
2012-12-26 20:16:29    916480    ----a-w-    c:\windows\system32\wininet(2)(4).dll
2012-12-26 20:16:29    1212928    ----a-w-    c:\windows\system32\urlmon(2)(4).dll
2012-12-26 20:16:29    105984    ----a-w-    c:\windows\system32\url(2)(4).dll
2012-12-26 20:16:28    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28    2004992    ----a-w-    c:\windows\system32\iertutil(2)(2).dll
2012-12-26 20:16:28    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2012-12-26 20:16:28    11111424    ----a-w-    c:\windows\system32\ieframe(2)(2).dll
2012-12-24 06:40:59    385024    ----a-w-    c:\windows\system32\html.iec
2012-12-16 12:23:59    290560    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-16 12:23:59    290560    ----a-w-    c:\windows\system32\atmfd(2)(2).dll
1997-06-23 19:06:50    287504    --sha-w-    c:\windows\system32\Msxbse35.dll
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HM120JI rev.YF100-15 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8B251ECC]<< 
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x8a668879; SUB DWORD [EBP-0x4], 0x8a668135; PUSH EDI; CALL 0xffffffffffffdf2c;  }
1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x8B2CAAB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\00000070[0x8B328A80]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> [0x8B2EB940]
[0x8B2C6920] -> IRP_MJ_CREATE -> 0x8B251ECC
kernel: MBR read successfully
_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d;  }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskSAMSUNG_HM120JI_________________________YF100-15#5&2e5a1c11&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8B251AF1
user & kernel MBR OK 
sectors 234441646 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 12:17:16.71 ===============
 

 



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 25 February 2013 - 10:32 PM


Hello bm6126349

Welcome to The Forums!!

Around here they call me Gringo and I'll be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-
  • Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-AdwCleaner-
  • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 26 February 2013 - 01:17 PM

Thanks for the prompt reply.

 

Did  what you asked.

 

=========================================================================

Security Check:

=========================================================================

 

 

 Results of screen317's Security Check version 0.99.59  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Windows Defender    
 Malwarebytes Anti-Malware version 1.70.0.1100  
 CCleaner     
 Java™ 6 Update 21  
 Java™ SE Runtime Environment 6 Update 1 
 Java™ 6 Update 7  
 Java version out of Date! 
 Adobe Flash Player     11.5.502.149  
 Adobe Reader 8 Adobe Reader out of Date! 
 Mozilla Firefox 11.0 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:: 10% 
````````````````````End of Log`````````````````````` 
 
 
=========================================================================
AdwCleaner:
=========================================================================
 

 

# AdwCleaner v2.113 - Logfile created 02/26/2013 at 09:38:12
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : javierh - DELL1705
# Boot Mode : Normal
# Running from : C:\Documents and Settings\javierh\Desktop\adwcleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
File Deleted : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\24x7 Help
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\RebateInformer
Folder Deleted : C:\Documents and Settings\Dorothy\Application Data\Mozilla\Firefox\Profiles\o5r9ml36.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Deleted : C:\Documents and Settings\Dorothy\Application Data\Mozilla\Firefox\Profiles\o5r9ml36.default\Searchqutoolbar
Folder Deleted : C:\Documents and Settings\javierh\Application Data\24x7 Help
Folder Deleted : C:\Documents and Settings\javierh\Application Data\Inbox Toolbar
Folder Deleted : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Deleted : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\extensions\AppGraffiti@AppGraffiti.com
Folder Deleted : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\Searchqutoolbar
Folder Deleted : C:\Documents and Settings\javierh\Application Data\Searchqutoolbar
Folder Deleted : C:\Documents and Settings\javierh\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Documents and Settings\javierh\Local Settings\Application Data\SanctionedMedia
Folder Deleted : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\v11nuoc4.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Deleted : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\v11nuoc4.default\Searchqutoolbar
Folder Deleted : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\ev55heij.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Deleted : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\ev55heij.default\Searchqutoolbar
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\Ilivid
Folder Deleted : C:\Program Files\Inbox Toolbar
Folder Deleted : C:\Program Files\RebateInformer
Folder Deleted : C:\Program Files\Searchqu Toolbar
Folder Deleted : C:\Program Files\Viewpoint
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\SanctionedMedia
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v11.0 (en-US)
 
File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\ev55heij.default\prefs.js
 
[OK] File is clean.
 
File : C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\v11nuoc4.default\prefs.js
 
[OK] File is clean.
 
File : C:\Documents and Settings\Dorothy\Application Data\Mozilla\Firefox\Profiles\o5r9ml36.default\prefs.js
 
[OK] File is clean.
 
File : C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\prefs.js
 
C:\Documents and Settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\user.js ... Deleted !
 
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("browser.search.selectedEngine", "Search Results");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406");
Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=421&systemid=406&sr=0&q=");
 
-\\ Google Chrome v24.0.1312.57
 
File : C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
Deleted [l.11] : homepage = "hxxp://www.inbox.com/homepage.aspx?tbid=82216&iwk=231&lng=en",
Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://www.inbox.com/homepage.aspx?tbid=82216&iwk=231&lng=[...]
Deleted [l.1478] : homepage = "hxxp://www.inbox.com/homepage.aspx?tbid=82216&iwk=231&lng=en",
Deleted [l.1856] : urls_to_restore_on_startup = [ "hxxp://www.inbox.com/homepage.aspx?tbid=82216&iwk=231&lng=en"[...]
 
*************************
 
AdwCleaner[S1].txt - [7924 octets] - [26/02/2013 09:38:12]
 
########## EOF - C:\AdwCleaner[S1].txt - [7984 octets] ##########
 

=========================================================================

RogueKiller (this came up with 2 files: RKreport[1] & RKreport[2])
posting both


=========================================================================
 
RKreport[1]_S_02262013_02d0959.txt
 

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : javierh [Admin rights]
Mode : Scan -- Date : 02/26/2013 09:59:57
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$ff2ff700ed24950be50a15a455e27e6e\@ [-] --> FOUND
[ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-18\$ff2ff700ed24950be50a15a455e27e6e\U --> FOUND
[ZeroAccess][FOLDER] $NtUninstallKB21211$ : C:\WINDOWS\$NtUninstallKB21211$ --> FOUND
 
¤¤¤ Driver : [LOADED] ¤¤¤
IRP[DriverStartIo] : ATAPI.SYS -> HOOKED ([MAJOR] Unknown @ 0x8B2AEAF1)
 
¤¤¤ Infection : ZeroAccess ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 36a12fa7d0e96eda109a38ee590d3d51
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 109293 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 223946100 | Size: 2047 Mo
3 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 228139065 | Size: 3074 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[1]_S_02262013_02d0959.txt >>
RKreport[1]_S_02262013_02d0959.txt
 

=========================================================================
RKreport[2]_D_02262013_02d1001.txt
 

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : javierh [Admin rights]
Mode : Remove -- Date : 02/26/2013 10:01:35
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$ff2ff700ed24950be50a15a455e27e6e\@ [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-18\$ff2ff700ed24950be50a15a455e27e6e\U --> REMOVED
[ZeroAccess][JUNCTION] C:\WINDOWS\$NtUninstallKB21211$ >> \systemroot\system32\config --> REMOVED
[Del.Parent][FILE] 1376991529 : C:\WINDOWS\$NtUninstallKB21211$\1376991529 [-] --> REMOVED
[Del.Parent][FILE] @ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\@ [-] --> REMOVED
[Del.Parent][FILE] bckfg.tmp : C:\WINDOWS\$NtUninstallKB21211$\2689594004\bckfg.tmp [-] --> REMOVED
[Del.Parent][FILE] cfg.ini : C:\WINDOWS\$NtUninstallKB21211$\2689594004\cfg.ini [-] --> REMOVED
[Del.Parent][FILE] Desktop.ini : C:\WINDOWS\$NtUninstallKB21211$\2689594004\Desktop.ini [-] --> REMOVED
[Del.Parent][FILE] keywords : C:\WINDOWS\$NtUninstallKB21211$\2689594004\keywords [-] --> REMOVED
[Del.Parent][FILE] kwrd.dll : C:\WINDOWS\$NtUninstallKB21211$\2689594004\kwrd.dll [-] --> REMOVED
[Del.Parent][FILE] iahonoel : C:\WINDOWS\$NtUninstallKB21211$\2689594004\L\iahonoel [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB21211$\2689594004\L --> REMOVED
[Del.Parent][FILE] lsflt7.ver : C:\WINDOWS\$NtUninstallKB21211$\2689594004\lsflt7.ver [-] --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\00000001.@ [-] --> REMOVED
[Del.Parent][FILE] 00000002.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\00000002.@ [-] --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\80000000.@ [-] --> REMOVED
[Del.Parent][FILE] 80000004.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\80000004.@ [-] --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U\80000032.@ [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB21211$\2689594004\U --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB21211$\2689594004 --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\WINDOWS\$NtUninstallKB21211$ --> REMOVED
 
¤¤¤ Driver : [LOADED] ¤¤¤
IRP[DriverStartIo] : ATAPI.SYS -> HOOKED ([MAJOR] Unknown @ 0x8B2AEAF1)
 
¤¤¤ Infection : ZeroAccess ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 36a12fa7d0e96eda109a38ee590d3d51
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 109293 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 223946100 | Size: 2047 Mo
3 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 228139065 | Size: 3074 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[2]_D_02262013_02d1001.txt >>
RKreport[1]_S_02262013_02d0959.txt ; RKreport[2]_D_02262013_02d1001.txt
 
========================================================================================
 
I was disconnected from the internet when running these programs.
 
Thanks
Mike
 
 


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 26 February 2013 - 01:23 PM


Hello Mike

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

  • Gringo



I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 26 February 2013 - 02:45 PM

Ran ComboFix, had to download Recovery Console, I don't believe it needed to reboot.

 

Thanks

 

==============================================================================

 

Here is the log:

 

 

ComboFix 13-02-26.01 - javierh 02/26/2013  11:24:42.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2795 [GMT -8:00]
Running from: c:\documents and settings\javierh\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\drivers\System
c:\documents and settings\drivers\System\addon\INFCACHE.1
c:\documents and settings\drivers\System\addon\rimmptsk.cat
c:\documents and settings\drivers\System\addon\Rimmptsk.inf
c:\documents and settings\drivers\System\addon\Rimmptsk.PNF
c:\documents and settings\drivers\System\addon\rimmptsk.sys
c:\documents and settings\drivers\System\addon\rimsptsk.cat
c:\documents and settings\drivers\System\addon\rimsptsk.inf
c:\documents and settings\drivers\System\addon\rimsptsk.PNF
c:\documents and settings\drivers\System\addon\Rimsptsk.sys
c:\documents and settings\drivers\System\addon\RixDICON.dll
c:\documents and settings\drivers\System\addon\rixdptsk.cat
c:\documents and settings\drivers\System\addon\rixdptsk.inf
c:\documents and settings\drivers\System\addon\rixdptsk.PNF
c:\documents and settings\drivers\System\addon\Rixdptsk.sys
c:\documents and settings\drivers\System\addon\snymsico.dll
c:\documents and settings\drivers\System\INFCACHE.1
c:\documents and settings\drivers\System\onboard\852.cat
c:\documents and settings\drivers\System\onboard\852.inf
c:\documents and settings\drivers\System\onboard\852.PNF
c:\documents and settings\drivers\System\onboard\855.cat
c:\documents and settings\drivers\System\onboard\855.inf
c:\documents and settings\drivers\System\onboard\855.PNF
c:\documents and settings\drivers\System\onboard\865.cat
c:\documents and settings\drivers\System\onboard\865.inf
c:\documents and settings\drivers\System\onboard\865.PNF
c:\documents and settings\drivers\System\onboard\915.cat
c:\documents and settings\drivers\System\onboard\915.inf
c:\documents and settings\drivers\System\onboard\915.PNF
c:\documents and settings\drivers\System\onboard\915M.cat
c:\documents and settings\drivers\System\onboard\915M.inf
c:\documents and settings\drivers\System\onboard\915M.PNF
c:\documents and settings\drivers\System\onboard\945.cat
c:\documents and settings\drivers\System\onboard\945.inf
c:\documents and settings\drivers\System\onboard\945.PNF
c:\documents and settings\drivers\System\onboard\945gm.cat
c:\documents and settings\drivers\System\onboard\945GM.inf
c:\documents and settings\drivers\System\onboard\945GM.PNF
c:\documents and settings\drivers\System\onboard\dmi_pci.cat
c:\documents and settings\drivers\System\onboard\dmi_pci.inf
c:\documents and settings\drivers\System\onboard\dmi_pci.PNF
c:\documents and settings\drivers\System\onboard\E7220.cat
c:\documents and settings\drivers\System\onboard\E7220.inf
c:\documents and settings\drivers\System\onboard\E7220.PNF
c:\documents and settings\drivers\System\onboard\e7230.cat
c:\documents and settings\drivers\System\onboard\E7230.inf
c:\documents and settings\drivers\System\onboard\E7230.PNF
c:\documents and settings\drivers\System\onboard\E7520.cat
c:\documents and settings\drivers\System\onboard\E7520.inf
c:\documents and settings\drivers\System\onboard\E7520.PNF
c:\documents and settings\drivers\System\onboard\E8500.cat
c:\documents and settings\drivers\System\onboard\E8500.inf
c:\documents and settings\drivers\System\onboard\E8500.PNF
c:\documents and settings\drivers\System\onboard\ich4core.cat
c:\documents and settings\drivers\System\onboard\ich4core.inf
c:\documents and settings\drivers\System\onboard\ich4core.PNF
c:\documents and settings\drivers\System\onboard\ich4ide.cat
c:\documents and settings\drivers\System\onboard\ich4ide.inf
c:\documents and settings\drivers\System\onboard\ich4ide.PNF
c:\documents and settings\drivers\System\onboard\ich4usb.cat
c:\documents and settings\drivers\System\onboard\ich4usb.inf
c:\documents and settings\drivers\System\onboard\ich4usb.PNF
c:\documents and settings\drivers\System\onboard\ich5core.cat
c:\documents and settings\drivers\System\onboard\ich5core.inf
c:\documents and settings\drivers\System\onboard\ich5core.PNF
c:\documents and settings\drivers\System\onboard\ich5ide.cat
c:\documents and settings\drivers\System\onboard\ich5ide.inf
c:\documents and settings\drivers\System\onboard\ich5ide.PNF
c:\documents and settings\drivers\System\onboard\ich5usb.cat
c:\documents and settings\drivers\System\onboard\ich5usb.inf
c:\documents and settings\drivers\System\onboard\ich5usb.PNF
c:\documents and settings\drivers\System\onboard\ich6core.cat
c:\documents and settings\drivers\System\onboard\ich6core.inf
c:\documents and settings\drivers\System\onboard\ich6core.PNF
c:\documents and settings\drivers\System\onboard\ich6ide.cat
c:\documents and settings\drivers\System\onboard\ich6ide.inf
c:\documents and settings\drivers\System\onboard\ich6ide.PNF
c:\documents and settings\drivers\System\onboard\ich6usb.cat
c:\documents and settings\drivers\System\onboard\ich6usb.inf
c:\documents and settings\drivers\System\onboard\ich6usb.PNF
c:\documents and settings\drivers\System\onboard\ich7core.cat
c:\documents and settings\drivers\System\onboard\ich7core.inf
c:\documents and settings\drivers\System\onboard\ich7core.PNF
c:\documents and settings\drivers\System\onboard\ich7ide.cat
c:\documents and settings\drivers\System\onboard\ich7ide.inf
c:\documents and settings\drivers\System\onboard\ich7ide.PNF
c:\documents and settings\drivers\System\onboard\ich7usb.cat
c:\documents and settings\drivers\System\onboard\ich7usb.inf
c:\documents and settings\drivers\System\onboard\ich7usb.PNF
c:\documents and settings\drivers\System\onboard\ichxdev.cat
c:\documents and settings\drivers\System\onboard\ichXdev.inf
c:\documents and settings\drivers\System\onboard\ichXdev.PNF
c:\documents and settings\drivers\System\onboard\INFAnswr.txt
c:\documents and settings\drivers\System\onboard\INFCACHE.1
c:\documents and settings\drivers\System\onboard\SP\ich4id2.cat
c:\documents and settings\drivers\System\onboard\SP\ich4ide.cat
c:\documents and settings\drivers\System\onboard\SP\ich5id2.cat
c:\documents and settings\drivers\System\onboard\SP\ich5id2.inf
c:\documents and settings\drivers\System\onboard\SP\ich5id2.PNF
c:\documents and settings\drivers\System\onboard\SP\ich6id2.cat
c:\documents and settings\drivers\System\onboard\SP\ich6id2.inf
c:\documents and settings\drivers\System\onboard\SP\ich6id2.PNF
c:\documents and settings\drivers\System\onboard\SP\ich7id2.cat
c:\documents and settings\drivers\System\onboard\SP\ich7id2.inf
c:\documents and settings\drivers\System\onboard\SP\ich7id2.PNF
c:\documents and settings\drivers\System\onboard\SP\INFCACHE.1
c:\documents and settings\javierh\phxqhstxwceswdng.exe
c:\documents and settings\javierh\WINDOWS
c:\documents and settings\John\g2mdlhlpx.exe
c:\documents and settings\John\WINDOWS
c:\windows\b.bat
c:\windows\system32\SET16.tmp
c:\windows\system32\SET17.tmp
c:\windows\system32\SET18.tmp
c:\windows\system32\SET19.tmp
c:\windows\system32\SET1F.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET25.tmp
c:\windows\system32\SET27.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2E.tmp
c:\windows\system32\SET88.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET94.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\Tasks\At1.job
c:\windows\Tasks\At10.job
c:\windows\Tasks\At11.job
c:\windows\Tasks\At12.job
c:\windows\Tasks\At13.job
c:\windows\Tasks\At14.job
c:\windows\Tasks\At15.job
c:\windows\Tasks\At16.job
c:\windows\Tasks\At17.job
c:\windows\Tasks\At18.job
c:\windows\Tasks\At19.job
c:\windows\Tasks\At2.job
c:\windows\Tasks\At20.job
c:\windows\Tasks\At21.job
c:\windows\Tasks\At22.job
c:\windows\Tasks\At23.job
c:\windows\Tasks\At24.job
c:\windows\Tasks\At3.job
c:\windows\Tasks\At4.job
c:\windows\Tasks\At5.job
c:\windows\Tasks\At6.job
c:\windows\Tasks\At7.job
c:\windows\Tasks\At8.job
c:\windows\Tasks\At9.job
.
.
(((((((((((((((((((((((((   Files Created from 2013-01-26 to 2013-02-26  )))))))))))))))))))))))))))))))
.
.
2013-02-26 17:58 . 2013-02-26 17:58    15616    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2013-02-22 01:14 . 2013-02-08 00:45    6954968    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D1BBA548-14C7-4D7D-8BD7-76F7A2F8CBBD}\mpengine.dll
2013-02-21 23:49 . 2013-02-21 23:49    --------    d-----w-    c:\documents and settings\javierh\Application Data\Malwarebytes
2013-02-21 23:48 . 2013-02-21 23:48    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2013-02-21 23:48 . 2013-02-21 23:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-02-21 23:48 . 2012-12-15 00:49    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-02-19 18:05 . 2013-01-08 04:57    6991832    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-16 00:05 . 2013-02-16 00:05    --------    d-----w-    c:\windows\system32\wbem\Repository
2013-02-15 23:59 . 2013-02-15 23:59    --------    d-----w-    c:\program files\QuickTime
2013-02-15 23:57 . 2013-02-15 23:58    --------    d-----w-    c:\program files\iTunes
2013-02-15 23:57 . 2013-02-15 23:57    --------    d-----w-    c:\program files\iPod
2013-02-15 23:57 . 2013-02-15 23:57    --------    d-----w-    c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-18 18:25 . 2012-09-13 14:34    697712    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-02-18 18:25 . 2011-08-30 01:58    74096    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2009-11-23 20:26    232336    ------w-    c:\windows\system32\MpSigStub.exe
2013-01-26 03:55 . 2004-08-11 22:00    552448    ----a-w-    c:\windows\system32\oleaut32.dll
2013-01-24 22:48 . 2013-01-24 22:48    1409    ----a-w-    c:\windows\QTFont.for
2013-01-20 23:59 . 2009-06-19 02:48    195296    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-01-07 01:19 . 2004-08-11 22:00    2148864    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2004-08-04 03:59    2027520    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-11 22:00    1867264    ----a-w-    c:\windows\system32\win32k.sys
2013-01-04 01:20 . 2004-08-11 22:00    1867264    ----a-w-    c:\windows\system32\win32k(2)(2).sys
2013-01-02 06:49 . 2004-08-11 22:00    1292288    ----a-w-    c:\windows\system32\quartz.dll
2013-01-02 06:49 . 2004-08-11 22:00    148992    ----a-w-    c:\windows\system32\mpg2splt.ax
2012-12-26 20:16 . 2004-08-11 22:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-11 22:00    916480    ----a-w-    c:\windows\system32\wininet(2)(4).dll
2012-12-26 20:16 . 2004-08-11 22:00    1212928    ----a-w-    c:\windows\system32\urlmon(2)(4).dll
2012-12-26 20:16 . 2004-08-11 22:00    105984    ----a-w-    c:\windows\system32\url(2)(4).dll
2012-12-26 20:16 . 2007-08-14 02:54    11111424    ----a-w-    c:\windows\system32\ieframe(2)(2).dll
2012-12-26 20:16 . 2007-08-14 02:34    2004992    ----a-w-    c:\windows\system32\iertutil(2)(2).dll
2012-12-26 20:16 . 2004-08-11 22:00    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-11 22:00    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-11 22:00    385024    ----a-w-    c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-11 22:00    290560    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-16 12:23 . 2004-08-11 22:00    290560    ----a-w-    c:\windows\system32\atmfd(2)(2).dll
2012-07-11 14:49 . 2012-03-08 16:06    97208    ----a-w-    c:\program files\mozilla firefox\components\browsercomps.dll
1997-06-23 19:06    287504    --sha-w-    c:\windows\system32\Msxbse35.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UMonit"="c:\windows\system32\umonit.exe" [2004-01-05 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-05-04 169984]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-08-03 1032192]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-22 1392640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-31 138008]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2010-09-02 1638400]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-5-3 24576]
Genero Desktop Client.lnk - c:\program files\FourJs\gdc\fitrix\bin\gdc.exe [2010-3-22 3837248]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logo Calibration Loader.lnk]
backup=c:\windows\pss\Logo Calibration Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ProfileReminder.lnk]
backup=c:\windows\pss\ProfileReminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SATARAID5.lnk]
backup=c:\windows\pss\SATARAID5.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Fitrix_410DE1\\bin\\wtk.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\FourJs\\gdc\\fitrix\\bin\\gdc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [6/16/2007 10:41 AM 14416]
S3 DDCCI;DDC/CI monitor;c:\windows\system32\drivers\Moni2c.sys [8/23/2002 6:19 AM 6494]
S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [6/16/2007 10:41 AM 44344]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [6/23/2007 11:56 AM 6016]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [3/10/2008 1:12 PM 12928]
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 18:25]
.
2013-02-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 19:59]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 19:59]
.
2013-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805846074-2967745241-3733673705-1007Core.job
- c:\documents and settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-11 17:25]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805846074-2967745241-3733673705-1007UA.job
- c:\documents and settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-11 17:25]
.
2013-02-26 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 19:11]
.
2013-02-26 c:\windows\Tasks\User_Feed_Synchronization-{1FFA98E3-42E5-403D-BE5B-C86FD608E224}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.100.253
FF - ProfilePath - c:\documents and settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - ExtSQL: 2013-02-08 07:38; AppGraffiti@AppGraffiti.com; c:\documents and settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\extensions\AppGraffiti@AppGraffiti.com
FF - ExtSQL: !HIDDEN! 2009-09-08 06:13; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-07-31 10:55; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil9d.exe
SafeBoot-WinDefend
MSConfigStartUp-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-26 11:32
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  UMonit = c:\windows\system32\umonit.exe?or.sys???8????????X$?8????X$?C?US????8???UB????????????????????????????A~?X??????????tq??l??????|p??|????m??|??D~?????????X$?B$?|??B~??B~*?,??X$???????????????????????????????B~????????????tq??????T???????????tq????????????? 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HM120JI rev.YF100-15 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8B2A3ECC]<< 
c:\docume~1\javierh\LOCALS~1\Temp\catchme.sys  
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x8a668879; SUB DWORD [EBP-0x4], 0x8a668135; PUSH EDI; CALL 0xffffffffffffdf2c;  }
1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x8B2DBAB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\00000070[0x8B27EF18]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> [0x8B2D0D98]
[0x8B2D9240] -> IRP_MJ_CREATE -> 0x8B2A3ECC
kernel: MBR read successfully
_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d;  }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskSAMSUNG_HM120JI_________________________YF100-15#5&2e5a1c11&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8B2A3AF1
user & kernel MBR OK 
sectors 234441646 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e0,f6,d3,17,d1,01,48,92,03,31,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e0,f6,d3,17,d1,01,48,92,03,31,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-02-26  11:36:52
ComboFix-quarantined-files.txt  2013-02-26 19:36
.
Pre-Run: 38,928,793,600 bytes free
Post-Run: 39,547,031,552 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 1400CAD8C927CE831E5FF69C93AD4127


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 26 February 2013 - 03:15 PM


Hello bm6126349


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it or you can upload it here and send me the link - http://www.speedyshare.com/

  • Malwarebytes Anti-Rootkit

    1.Download Malwarebytes Anti-Rootkit
    2.Unzip the contents to a folder in a convenient location.
    3.Open the folder where the contents were unzipped and run mbar.exe
    4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    6.Wait while the system shuts down and the cleanup process is performed.
    7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • •Internet access
      •Windows Update
      •Windows Firewall
    9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
    10.Verify that your system is now functioning normally.

    If you have any problems running either one come back and let me know

    please reply with the reports from TDSSKiller and MBAR

    Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 26 February 2013 - 05:11 PM

Looking good, I think! 

 

output from TDSSKiller:

=================================================================

 

 

12:44:25.0078 3044  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:44:25.0640 3044  ============================================================
12:44:25.0640 3044  Current date / time: 2013/02/26 12:44:25.0640
12:44:25.0640 3044  SystemInfo:
12:44:25.0640 3044  
12:44:25.0640 3044  OS Version: 5.1.2600 ServicePack: 3.0
12:44:25.0640 3044  Product type: Workstation
12:44:25.0640 3044  ComputerName: DELL1705
12:44:25.0640 3044  UserName: javierh
12:44:25.0640 3044  Windows directory: C:\WINDOWS
12:44:25.0640 3044  System windows directory: C:\WINDOWS
12:44:25.0640 3044  Processor architecture: Intel x86
12:44:25.0640 3044  Number of processors: 2
12:44:25.0640 3044  Page size: 0x1000
12:44:25.0640 3044  Boot type: Normal boot
12:44:25.0640 3044  ============================================================
12:44:27.0406 3044  BG loaded
12:44:28.0078 3044  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:44:28.0171 3044  ============================================================
12:44:28.0171 3044  \Device\Harddisk0\DR0:
12:44:28.0171 3044  MBR partitions:
12:44:28.0171 3044  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD576E2D
12:44:28.0203 3044  ============================================================
12:44:28.0359 3044  C: <-> \Device\Harddisk0\DR0\Partition1
12:44:28.0359 3044  ============================================================
12:44:28.0359 3044  Initialize success
12:44:28.0359 3044  ============================================================
12:49:23.0078 0676  ============================================================
12:49:23.0078 0676  Scan started
12:49:23.0078 0676  Mode: Manual; SigCheck; TDLFS; 
12:49:23.0078 0676  ============================================================
12:49:23.0468 0676  ================ Scan system memory ========================
12:49:27.0187 0676  System memory - ok
12:49:27.0187 0676  ================ Scan services =============================
12:49:27.0453 0676  [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
12:49:30.0093 0676  61883 - ok
12:49:30.0093 0676  Abiosdsk - ok
12:49:30.0140 0676  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:49:30.0328 0676  abp480n5 - ok
12:49:30.0375 0676  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:49:30.0578 0676  ACPI - ok
12:49:30.0609 0676  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:49:30.0718 0676  ACPIEC - ok
12:49:30.0843 0676  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:49:30.0890 0676  AdobeFlashPlayerUpdateSvc - ok
12:49:30.0921 0676  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:49:31.0015 0676  adpu160m - ok
12:49:31.0093 0676  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:49:31.0234 0676  aec - ok
12:49:31.0328 0676  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:49:31.0453 0676  AFD - ok
12:49:31.0609 0676  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
12:49:31.0765 0676  agp440 - ok
12:49:31.0796 0676  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:49:32.0000 0676  agpCPQ - ok
12:49:32.0031 0676  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:49:32.0109 0676  Aha154x - ok
12:49:32.0140 0676  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:49:32.0250 0676  aic78u2 - ok
12:49:32.0281 0676  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:49:32.0406 0676  aic78xx - ok
12:49:32.0468 0676  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:49:32.0578 0676  Alerter - ok
12:49:32.0593 0676  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
12:49:32.0671 0676  ALG - ok
12:49:32.0687 0676  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
12:49:32.0781 0676  AliIde - ok
12:49:32.0796 0676  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:49:32.0890 0676  alim1541 - ok
12:49:32.0906 0676  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:49:33.0000 0676  amdagp - ok
12:49:33.0015 0676  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
12:49:33.0093 0676  amsint - ok
12:49:33.0125 0676  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:49:33.0125 0676  APPDRV ( UnsignedFile.Multi.Generic ) - warning
12:49:33.0125 0676  APPDRV - detected UnsignedFile.Multi.Generic (1)
12:49:33.0265 0676  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:49:33.0281 0676  Apple Mobile Device - ok
12:49:33.0328 0676  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
12:49:33.0390 0676  AppMgmt - ok
12:49:33.0406 0676  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:49:33.0515 0676  Arp1394 - ok
12:49:33.0562 0676  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
12:49:33.0734 0676  asc - ok
12:49:33.0750 0676  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:49:33.0828 0676  asc3350p - ok
12:49:33.0843 0676  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:49:33.0968 0676  asc3550 - ok
12:49:34.0015 0676  [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
12:49:34.0015 0676  ASCTRM ( UnsignedFile.Multi.Generic ) - warning
12:49:34.0015 0676  ASCTRM - detected UnsignedFile.Multi.Generic (1)
12:49:34.0171 0676  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:49:34.0234 0676  aspnet_state - ok
12:49:34.0281 0676  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:49:34.0453 0676  AsyncMac - ok
12:49:34.0500 0676  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\ATAPI.SYS
12:49:34.0593 0676  atapi - ok
12:49:34.0593 0676  Atdisk - ok
12:49:34.0625 0676  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:49:34.0718 0676  Atmarpc - ok
12:49:34.0781 0676  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:49:34.0890 0676  AudioSrv - ok
12:49:34.0953 0676  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:49:35.0062 0676  audstub - ok
12:49:35.0140 0676  [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
12:49:35.0156 0676  Autodesk Licensing Service - ok
12:49:35.0171 0676  [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
12:49:35.0312 0676  Avc - ok
12:49:35.0390 0676  [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:49:35.0515 0676  BCM43XX - ok
12:49:35.0515 0676  [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:49:35.0562 0676  bcm4sbxp - ok
12:49:35.0578 0676  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:49:35.0734 0676  Beep - ok
12:49:35.0812 0676  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
12:49:36.0109 0676  BITS - ok
12:49:36.0171 0676  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:49:36.0203 0676  Bonjour Service - ok
12:49:36.0234 0676  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
12:49:36.0343 0676  Browser - ok
12:49:36.0546 0676  catchme - ok
12:49:36.0578 0676  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:49:36.0734 0676  cbidf - ok
12:49:36.0734 0676  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:49:36.0859 0676  cbidf2k - ok
12:49:36.0875 0676  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:49:37.0000 0676  CCDECODE - ok
12:49:37.0046 0676  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:49:37.0109 0676  cd20xrnt - ok
12:49:37.0140 0676  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:49:37.0218 0676  Cdaudio - ok
12:49:37.0265 0676  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:49:37.0375 0676  Cdfs - ok
12:49:37.0406 0676  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:49:37.0515 0676  Cdrom - ok
12:49:37.0531 0676  Changer - ok
12:49:37.0562 0676  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:49:37.0687 0676  CiSvc - ok
12:49:37.0734 0676  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:49:37.0843 0676  ClipSrv - ok
12:49:37.0890 0676  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:49:37.0968 0676  clr_optimization_v2.0.50727_32 - ok
12:49:37.0984 0676  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:49:38.0093 0676  CmBatt - ok
12:49:38.0140 0676  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:49:38.0250 0676  CmdIde - ok
12:49:38.0265 0676  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:49:38.0343 0676  Compbatt - ok
12:49:38.0359 0676  COMSysApp - ok
12:49:38.0390 0676  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:49:38.0484 0676  Cpqarray - ok
12:49:38.0531 0676  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:49:38.0640 0676  CryptSvc - ok
12:49:38.0687 0676  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:49:38.0812 0676  dac2w2k - ok
12:49:38.0843 0676  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:49:38.0937 0676  dac960nt - ok
12:49:39.0000 0676  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:49:39.0062 0676  DcomLaunch - ok
12:49:39.0125 0676  [ 1E433AB880A0D3686320096DB6E22104 ] DDCCI           C:\WINDOWS\system32\DRIVERS\Moni2c.sys
12:49:39.0125 0676  DDCCI ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0125 0676  DDCCI - detected UnsignedFile.Multi.Generic (1)
12:49:39.0156 0676  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:49:39.0328 0676  Dhcp - ok
12:49:39.0328 0676  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:49:39.0421 0676  Disk - ok
12:49:39.0437 0676  dmadmin - ok
12:49:39.0484 0676  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:49:39.0609 0676  dmboot - ok
12:49:39.0640 0676  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:49:39.0750 0676  dmio - ok
12:49:39.0796 0676  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:49:39.0906 0676  dmload - ok
12:49:39.0968 0676  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:49:40.0109 0676  dmserver - ok
12:49:40.0125 0676  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:49:40.0281 0676  DMusic - ok
12:49:40.0328 0676  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:49:40.0484 0676  Dnscache - ok
12:49:40.0546 0676  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:49:40.0687 0676  Dot3svc - ok
12:49:40.0718 0676  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:49:40.0875 0676  dpti2o - ok
12:49:40.0890 0676  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:49:41.0000 0676  drmkaud - ok
12:49:41.0078 0676  [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct         C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
12:49:41.0093 0676  DSproct ( UnsignedFile.Multi.Generic ) - warning
12:49:41.0093 0676  DSproct - detected UnsignedFile.Multi.Generic (1)
12:49:41.0109 0676  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:49:41.0218 0676  E100B - ok
12:49:41.0281 0676  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:49:41.0390 0676  EapHost - ok
12:49:41.0437 0676  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:49:41.0546 0676  ERSvc - ok
12:49:41.0625 0676  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
12:49:41.0671 0676  Eventlog - ok
12:49:41.0718 0676  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
12:49:41.0796 0676  EventSystem - ok
12:49:41.0843 0676  [ 8313A6AF9DE34A9D24DF2329A548B004 ] eyeonedp        C:\WINDOWS\system32\DRIVERS\eyeonedp.sys
12:49:41.0906 0676  eyeonedp - ok
12:49:41.0937 0676  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:49:42.0031 0676  Fastfat - ok
12:49:42.0078 0676  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:49:42.0171 0676  FastUserSwitchingCompatibility - ok
12:49:42.0203 0676  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:49:42.0328 0676  Fax - ok
12:49:42.0359 0676  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
12:49:42.0453 0676  Fdc - ok
12:49:42.0500 0676  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:49:42.0609 0676  Fips - ok
12:49:42.0703 0676  [ CDB568DB5E8985DCC623DA808AC61042 ] fixustor        C:\WINDOWS\system32\drivers\fixustor.sys
12:49:42.0703 0676  fixustor ( UnsignedFile.Multi.Generic ) - warning
12:49:42.0703 0676  fixustor - detected UnsignedFile.Multi.Generic (1)
12:49:42.0718 0676  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:49:42.0843 0676  Flpydisk - ok
12:49:42.0890 0676  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:49:42.0984 0676  FltMgr - ok
12:49:43.0093 0676  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:49:43.0109 0676  FontCache3.0.0.0 - ok
12:49:43.0140 0676  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:49:43.0234 0676  Fs_Rec - ok
12:49:43.0265 0676  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:49:43.0359 0676  Ftdisk - ok
12:49:43.0390 0676  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:49:43.0406 0676  GEARAspiWDM - ok
12:49:43.0421 0676  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:49:43.0531 0676  Gpc - ok
12:49:43.0609 0676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:49:43.0625 0676  gupdate - ok
12:49:43.0625 0676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:49:43.0640 0676  gupdatem - ok
12:49:43.0703 0676  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:49:43.0718 0676  gusvc - ok
12:49:43.0750 0676  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:49:43.0859 0676  HDAudBus - ok
12:49:43.0937 0676  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:49:44.0046 0676  helpsvc - ok
12:49:44.0125 0676  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:49:44.0234 0676  HidServ - ok
12:49:44.0250 0676  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:49:44.0359 0676  HidUsb - ok
12:49:44.0437 0676  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
12:49:44.0562 0676  hkmsvc - ok
12:49:44.0578 0676  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
12:49:44.0671 0676  hpn - ok
12:49:44.0812 0676  [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
12:49:44.0890 0676  HSF_DPV - ok
12:49:44.0953 0676  [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL        C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
12:49:44.0968 0676  HSXHWAZL - ok
12:49:45.0015 0676  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:49:45.0078 0676  HTTP - ok
12:49:45.0109 0676  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:49:45.0250 0676  HTTPFilter - ok
12:49:45.0296 0676  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
12:49:45.0390 0676  i2omgmt - ok
12:49:45.0437 0676  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:49:45.0546 0676  i2omp - ok
12:49:45.0593 0676  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:49:45.0703 0676  i8042prt - ok
12:49:46.0000 0676  [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:49:46.0296 0676  ialm - ok
12:49:46.0421 0676  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:49:46.0468 0676  idsvc - ok
12:49:46.0546 0676  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:49:46.0656 0676  Imapi - ok
12:49:46.0703 0676  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:49:46.0796 0676  ImapiService - ok
12:49:46.0828 0676  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:49:46.0937 0676  ini910u - ok
12:49:46.0968 0676  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
12:49:47.0078 0676  IntelIde - ok
12:49:47.0109 0676  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:49:47.0203 0676  intelppm - ok
12:49:47.0218 0676  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
12:49:47.0312 0676  Ip6Fw - ok
12:49:47.0343 0676  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:49:47.0468 0676  IpFilterDriver - ok
12:49:47.0484 0676  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:49:47.0578 0676  IpInIp - ok
12:49:47.0625 0676  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:49:47.0734 0676  IpNat - ok
12:49:47.0843 0676  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:49:47.0875 0676  iPod Service - ok
12:49:47.0937 0676  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:49:48.0062 0676  IPSec - ok
12:49:48.0093 0676  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:49:48.0171 0676  IRENUM - ok
12:49:48.0203 0676  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:49:48.0312 0676  isapnp - ok
12:49:48.0421 0676  [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:49:48.0437 0676  JavaQuickStarterService - ok
12:49:48.0468 0676  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:49:48.0562 0676  Kbdclass - ok
12:49:48.0625 0676  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:49:48.0718 0676  kbdhid - ok
12:49:48.0750 0676  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:49:48.0843 0676  kmixer - ok
12:49:48.0859 0676  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:49:49.0046 0676  KSecDD - ok
12:49:49.0093 0676  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:49:49.0140 0676  lanmanserver - ok
12:49:49.0171 0676  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:49:49.0281 0676  lanmanworkstation - ok
12:49:49.0281 0676  lbrtfdc - ok
12:49:49.0312 0676  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:49:49.0406 0676  LmHosts - ok
12:49:49.0468 0676  [ E6CB119EF2E148EAA1A247343550756E ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
12:49:49.0468 0676  McciCMService ( UnsignedFile.Multi.Generic ) - warning
12:49:49.0468 0676  McciCMService - detected UnsignedFile.Multi.Generic (1)
12:49:49.0515 0676  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:49:49.0546 0676  mdmxsdk - ok
12:49:49.0578 0676  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:49:49.0671 0676  Messenger - ok
12:49:49.0718 0676  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:49:49.0828 0676  mnmdd - ok
12:49:49.0890 0676  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:49:50.0015 0676  mnmsrvc - ok
12:49:50.0046 0676  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:49:50.0140 0676  Modem - ok
12:49:50.0156 0676  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:49:50.0281 0676  Mouclass - ok
12:49:50.0312 0676  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:49:50.0421 0676  mouhid - ok
12:49:50.0453 0676  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:49:50.0546 0676  MountMgr - ok
12:49:50.0562 0676  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:49:50.0578 0676  MpFilter - ok
12:49:50.0625 0676  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:49:50.0750 0676  mraid35x - ok
12:49:50.0812 0676  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
12:49:50.0812 0676  MREMP50 ( UnsignedFile.Multi.Generic ) - warning
12:49:50.0812 0676  MREMP50 - detected UnsignedFile.Multi.Generic (1)
12:49:50.0812 0676  MREMPR5 - ok
12:49:50.0812 0676  MRENDIS5 - ok
12:49:50.0828 0676  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
12:49:50.0843 0676  MRESP50 ( UnsignedFile.Multi.Generic ) - warning
12:49:50.0843 0676  MRESP50 - detected UnsignedFile.Multi.Generic (1)
12:49:50.0875 0676  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:49:50.0968 0676  MRxDAV - ok
12:49:51.0015 0676  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:49:51.0125 0676  MRxSmb - ok
12:49:51.0203 0676  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:49:51.0312 0676  MSDTC - ok
12:49:51.0359 0676  [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
12:49:51.0468 0676  MSDV - ok
12:49:51.0484 0676  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:49:51.0562 0676  Msfs - ok
12:49:51.0578 0676  MSIServer - ok
12:49:51.0640 0676  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:49:51.0734 0676  MSKSSRV - ok
12:49:51.0812 0676  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:49:51.0828 0676  MsMpSvc - ok
12:49:51.0859 0676  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:49:51.0984 0676  MSPCLOCK - ok
12:49:52.0015 0676  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:49:52.0156 0676  MSPQM - ok
12:49:52.0187 0676  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:49:52.0312 0676  mssmbios - ok
12:49:52.0343 0676  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:49:52.0500 0676  MSTEE - ok
12:49:52.0531 0676  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:49:52.0562 0676  Mup - ok
12:49:52.0640 0676  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:49:52.0734 0676  NABTSFEC - ok
12:49:52.0812 0676  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
12:49:52.0921 0676  napagent - ok
12:49:52.0953 0676  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:49:53.0062 0676  NDIS - ok
12:49:53.0109 0676  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:49:53.0187 0676  NdisIP - ok
12:49:53.0250 0676  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:49:53.0359 0676  NdisTapi - ok
12:49:53.0406 0676  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:49:53.0500 0676  Ndisuio - ok
12:49:53.0515 0676  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:49:53.0609 0676  NdisWan - ok
12:49:53.0640 0676  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:49:53.0687 0676  NDProxy - ok
12:49:53.0718 0676  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:49:53.0812 0676  NetBIOS - ok
12:49:53.0875 0676  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:49:53.0984 0676  NetBT - ok
12:49:54.0062 0676  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:49:54.0156 0676  NetDDE - ok
12:49:54.0171 0676  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:49:54.0250 0676  NetDDEdsdm - ok
12:49:54.0296 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:49:54.0406 0676  Netlogon - ok
12:49:54.0437 0676  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
12:49:54.0546 0676  Netman - ok
12:49:54.0625 0676  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:49:54.0656 0676  NetTcpPortSharing - ok
12:49:54.0671 0676  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:49:54.0796 0676  NIC1394 - ok
12:49:54.0843 0676  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:49:54.0875 0676  Nla - ok
12:49:54.0890 0676  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:49:54.0984 0676  Npfs - ok
12:49:55.0031 0676  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:49:55.0140 0676  Ntfs - ok
12:49:55.0156 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:49:55.0234 0676  NtLmSsp - ok
12:49:55.0328 0676  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:49:55.0437 0676  NtmsSvc - ok
12:49:55.0500 0676  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
12:49:55.0515 0676  NuidFltr - ok
12:49:55.0531 0676  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:49:55.0656 0676  Null - ok
12:49:55.0734 0676  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:49:55.0937 0676  nv - ok
12:49:55.0968 0676  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:49:56.0078 0676  NwlnkFlt - ok
12:49:56.0109 0676  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:49:56.0234 0676  NwlnkFwd - ok
12:49:56.0328 0676  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:49:56.0359 0676  odserv - ok
12:49:56.0390 0676  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:49:56.0515 0676  ohci1394 - ok
12:49:56.0562 0676  [ B17228142CEC9B3C222239FD935A37CA ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
12:49:56.0562 0676  omci ( UnsignedFile.Multi.Generic ) - warning
12:49:56.0562 0676  omci - detected UnsignedFile.Multi.Generic (1)
12:49:56.0609 0676  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:49:56.0640 0676  ose - ok
12:49:56.0703 0676  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:49:56.0859 0676  Parport - ok
12:49:56.0875 0676  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:49:56.0968 0676  PartMgr - ok
12:49:57.0000 0676  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:49:57.0093 0676  ParVdm - ok
12:49:57.0093 0676  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:49:57.0187 0676  PCI - ok
12:49:57.0187 0676  PCIDump - ok
12:49:57.0218 0676  [ AE562F486034ABB7B64FE963253378CB ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:49:57.0218 0676  Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\pciide.sys. Real md5: AE562F486034ABB7B64FE963253378CB, Fake md5: CCF5F451BB1A5A2A522A76E670000FF0
12:49:57.0218 0676  PCIIde ( Rootkit.Win32.TDSS.tdl3 ) - infected
12:49:57.0218 0676  PCIIde - detected Rootkit.Win32.TDSS.tdl3 (0)
12:49:57.0281 0676  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:49:57.0375 0676  Pcmcia - ok
12:49:57.0375 0676  PDCOMP - ok
12:49:57.0375 0676  PDFRAME - ok
12:49:57.0421 0676  [ 274FB48DC92E0EC012D4D8D866CFAF8A ] PDIHWCTL        C:\WINDOWS\system32\drivers\pdihwctl.sys
12:49:57.0421 0676  PDIHWCTL ( UnsignedFile.Multi.Generic ) - warning
12:49:57.0421 0676  PDIHWCTL - detected UnsignedFile.Multi.Generic (1)
12:49:57.0421 0676  PDRELI - ok
12:49:57.0421 0676  PDRFRAME - ok
12:49:57.0453 0676  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
12:49:57.0562 0676  perc2 - ok
12:49:57.0593 0676  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:49:57.0687 0676  perc2hib - ok
12:49:57.0734 0676  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:49:57.0750 0676  PlugPlay - ok
12:49:57.0765 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:49:57.0890 0676  PolicyAgent - ok
12:49:57.0921 0676  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:49:58.0031 0676  PptpMiniport - ok
12:49:58.0046 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:49:58.0140 0676  ProtectedStorage - ok
12:49:58.0140 0676  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:49:58.0234 0676  PSched - ok
12:49:58.0234 0676  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:49:58.0343 0676  Ptilink - ok
12:49:58.0343 0676  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:49:58.0437 0676  ql1080 - ok
12:49:58.0437 0676  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:49:58.0562 0676  Ql10wnt - ok
12:49:58.0593 0676  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:49:58.0671 0676  ql12160 - ok
12:49:58.0687 0676  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:49:58.0796 0676  ql1240 - ok
12:49:58.0828 0676  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:49:58.0921 0676  ql1280 - ok
12:49:58.0953 0676  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:49:59.0031 0676  RasAcd - ok
12:49:59.0125 0676  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:49:59.0234 0676  RasAuto - ok
12:49:59.0234 0676  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:49:59.0343 0676  Rasl2tp - ok
12:49:59.0406 0676  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:49:59.0500 0676  RasMan - ok
12:49:59.0515 0676  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:49:59.0593 0676  RasPppoe - ok
12:49:59.0609 0676  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:49:59.0687 0676  Raspti - ok
12:49:59.0734 0676  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:49:59.0828 0676  Rdbss - ok
12:49:59.0828 0676  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:49:59.0921 0676  RDPCDD - ok
12:49:59.0968 0676  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:50:00.0062 0676  rdpdr - ok
12:50:00.0109 0676  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:50:00.0218 0676  RDPWD - ok
12:50:00.0234 0676  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:50:00.0343 0676  RDSessMgr - ok
12:50:00.0375 0676  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:50:00.0500 0676  redbook - ok
12:50:00.0546 0676  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:50:00.0687 0676  RemoteAccess - ok
12:50:00.0765 0676  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:50:00.0890 0676  RemoteRegistry - ok
12:50:00.0937 0676  [ 24ED7AF20651F9FA1F249482E7C1F165 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:50:00.0968 0676  rimmptsk - ok
12:50:00.0968 0676  [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] rimsptsk        C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
12:50:01.0031 0676  rimsptsk - ok
12:50:01.0078 0676  [ F17713D108ACA124A139FDE877EEF68A ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
12:50:01.0109 0676  RimUsb - ok
12:50:01.0156 0676  [ F774ECD11A064F0DEBB2D4395418153C ] rismxdp         C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
12:50:01.0187 0676  rismxdp - ok
12:50:01.0234 0676  [ 7B9921A14BE8D230148B87322CF1917A ] ROCKEYNT        C:\WINDOWS\system32\DRIVERS\Rockey4.sys
12:50:01.0296 0676  ROCKEYNT - ok
12:50:01.0359 0676  [ E7B17E52E9DD2F37874C60C43B5D0047 ] Rockey_USB      C:\WINDOWS\system32\DRIVERS\Rockey4USB.sys
12:50:01.0406 0676  Rockey_USB - ok
12:50:01.0421 0676  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:50:01.0578 0676  RpcLocator - ok
12:50:01.0625 0676  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
12:50:01.0671 0676  RpcSs - ok
12:50:01.0718 0676  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:50:01.0875 0676  RSVP - ok
12:50:01.0921 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:50:02.0015 0676  SamSs - ok
12:50:02.0046 0676  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:50:02.0171 0676  SCardSvr - ok
12:50:02.0234 0676  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:50:02.0390 0676  Schedule - ok
12:50:02.0421 0676  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:50:02.0546 0676  sdbus - ok
12:50:02.0578 0676  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:50:02.0671 0676  Secdrv - ok
12:50:02.0687 0676  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:50:02.0796 0676  seclogon - ok
12:50:02.0843 0676  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
12:50:02.0953 0676  SENS - ok
12:50:03.0000 0676  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:50:03.0093 0676  serenum - ok
12:50:03.0156 0676  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:50:03.0250 0676  Serial - ok
12:50:03.0250 0676  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:50:03.0359 0676  sffdisk - ok
12:50:03.0406 0676  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:50:03.0531 0676  sffp_sd - ok
12:50:03.0546 0676  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:50:03.0640 0676  Sfloppy - ok
12:50:03.0718 0676  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:50:03.0828 0676  SharedAccess - ok
12:50:03.0859 0676  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:50:03.0875 0676  ShellHWDetection - ok
12:50:03.0921 0676  [ D1859818D5942F666819AC68B6156310 ] Si3132r5        C:\WINDOWS\system32\DRIVERS\Si3132r5.sys
12:50:03.0984 0676  Si3132r5 - ok
12:50:03.0984 0676  [ 72CF151FB410E544904DBC7D7F29B796 ] SiFilter        C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
12:50:04.0000 0676  SiFilter - ok
12:50:04.0000 0676  Simbad - ok
12:50:04.0015 0676  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:50:04.0109 0676  sisagp - ok
12:50:04.0140 0676  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:50:04.0281 0676  SLIP - ok
12:50:04.0312 0676  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:50:04.0437 0676  Sparrow - ok
12:50:04.0500 0676  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:50:04.0687 0676  splitter - ok
12:50:04.0765 0676  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:50:04.0796 0676  Spooler - ok
12:50:04.0796 0676  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:50:04.0859 0676  sr - ok
12:50:04.0906 0676  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:50:04.0953 0676  srservice - ok
12:50:04.0984 0676  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:50:05.0390 0676  Srv - ok
12:50:05.0437 0676  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:50:05.0546 0676  SSDPSRV - ok
12:50:05.0656 0676  [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
12:50:05.0781 0676  STHDA - ok
12:50:05.0843 0676  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:50:06.0015 0676  stisvc - ok
12:50:06.0046 0676  [ 31A9FEA9FFAFCE0F2D1D712CFD6AF568 ] Stltrk2k        C:\WINDOWS\system32\drivers\Stltrk2k.sys
12:50:06.0062 0676  Stltrk2k ( UnsignedFile.Multi.Generic ) - warning
12:50:06.0062 0676  Stltrk2k - detected UnsignedFile.Multi.Generic (1)
12:50:06.0109 0676  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:50:06.0218 0676  streamip - ok
12:50:06.0250 0676  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:50:06.0328 0676  swenum - ok
12:50:06.0359 0676  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:50:06.0484 0676  swmidi - ok
12:50:06.0500 0676  SwPrv - ok
12:50:06.0531 0676  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
12:50:06.0625 0676  symc810 - ok
12:50:06.0640 0676  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:50:06.0750 0676  symc8xx - ok
12:50:06.0781 0676  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:50:06.0859 0676  sym_hi - ok
12:50:06.0890 0676  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:50:06.0968 0676  sym_u3 - ok
12:50:07.0031 0676  [ FA2DAA32BED908023272A0F77D625DAE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:50:07.0078 0676  SynTP - ok
12:50:07.0093 0676  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:50:07.0171 0676  sysaudio - ok
12:50:07.0203 0676  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:50:07.0281 0676  SysmonLog - ok
12:50:07.0343 0676  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:50:07.0468 0676  TapiSrv - ok
12:50:07.0515 0676  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:50:07.0531 0676  Tcpip - ok
12:50:07.0562 0676  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:50:07.0687 0676  TDPIPE - ok
12:50:07.0718 0676  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:50:07.0843 0676  TDTCP - ok
12:50:07.0875 0676  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:50:08.0062 0676  TermDD - ok
12:50:08.0093 0676  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
12:50:08.0203 0676  TermService - ok
12:50:08.0234 0676  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:50:08.0250 0676  Themes - ok
12:50:08.0296 0676  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
12:50:08.0359 0676  TlntSvr - ok
12:50:08.0390 0676  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
12:50:08.0500 0676  TosIde - ok
12:50:08.0515 0676  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:50:08.0625 0676  TrkWks - ok
12:50:08.0703 0676  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\drivers\TrueSight.sys
12:50:08.0734 0676  TrueSight ( UnsignedFile.Multi.Generic ) - warning
12:50:08.0734 0676  TrueSight - detected UnsignedFile.Multi.Generic (1)
12:50:08.0765 0676  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:50:08.0875 0676  Udfs - ok
12:50:08.0906 0676  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
12:50:08.0984 0676  ultra - ok
12:50:09.0046 0676  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:50:09.0140 0676  Update - ok
12:50:09.0187 0676  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:50:09.0281 0676  upnphost - ok
12:50:09.0328 0676  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
12:50:09.0484 0676  UPS - ok
12:50:09.0546 0676  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
12:50:09.0593 0676  USBAAPL - ok
12:50:09.0640 0676  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:50:09.0734 0676  usbccgp - ok
12:50:09.0781 0676  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:50:09.0875 0676  usbehci - ok
12:50:09.0921 0676  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:50:10.0031 0676  usbhub - ok
12:50:10.0062 0676  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:50:10.0203 0676  usbprint - ok
12:50:10.0250 0676  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:50:10.0359 0676  usbscan - ok
12:50:10.0421 0676  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:50:10.0515 0676  USBSTOR - ok
12:50:10.0515 0676  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:50:10.0625 0676  usbuhci - ok
12:50:10.0656 0676  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:50:10.0765 0676  VgaSave - ok
12:50:10.0828 0676  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:50:10.0953 0676  viaagp - ok
12:50:10.0984 0676  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
12:50:11.0062 0676  ViaIde - ok
12:50:11.0109 0676  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:50:11.0203 0676  VolSnap - ok
12:50:11.0265 0676  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
12:50:11.0312 0676  VSS - ok
12:50:11.0343 0676  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
12:50:11.0453 0676  w32time - ok
12:50:11.0484 0676  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:50:11.0578 0676  Wanarp - ok
12:50:11.0578 0676  wanatw - ok
12:50:11.0625 0676  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:50:11.0656 0676  Wdf01000 - ok
12:50:11.0671 0676  WDICA - ok
12:50:11.0703 0676  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:50:11.0796 0676  wdmaud - ok
12:50:11.0828 0676  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:50:11.0937 0676  WebClient - ok
12:50:12.0015 0676  [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:50:12.0031 0676  winachsf - ok
12:50:12.0156 0676  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:50:12.0234 0676  winmgmt - ok
12:50:12.0250 0676  wltrysvc - ok
12:50:12.0312 0676  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:50:12.0406 0676  WmdmPmSN - ok
12:50:12.0515 0676  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
12:50:12.0546 0676  Wmi - ok
12:50:12.0593 0676  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:50:12.0781 0676  WmiAcpi - ok
12:50:12.0812 0676  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:50:12.0921 0676  WmiApSrv - ok
12:50:13.0062 0676  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
12:50:13.0140 0676  WMPNetworkSvc - ok
12:50:13.0218 0676  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:50:13.0218 0676  WpdUsb - ok
12:50:13.0265 0676  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:50:13.0359 0676  WS2IFSL - ok
12:50:13.0421 0676  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:50:13.0546 0676  wscsvc - ok
12:50:13.0578 0676  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:50:13.0687 0676  WSTCODEC - ok
12:50:13.0703 0676  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:50:13.0875 0676  wuauserv - ok
12:50:13.0906 0676  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:50:13.0953 0676  WudfPf - ok
12:50:14.0000 0676  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:50:14.0015 0676  WudfRd - ok
12:50:14.0046 0676  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
12:50:14.0078 0676  WudfSvc - ok
12:50:14.0125 0676  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:50:14.0234 0676  WZCSVC - ok
12:50:14.0250 0676  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:50:14.0390 0676  xmlprov - ok
12:50:14.0406 0676  ================ Scan global ===============================
12:50:14.0468 0676  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:50:14.0515 0676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:50:14.0562 0676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:50:14.0578 0676  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:50:14.0578 0676  [Global] - ok
12:50:14.0578 0676  ================ Scan MBR ==================================
12:50:14.0609 0676  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
12:50:15.0015 0676  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:50:15.0015 0676  \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:50:15.0015 0676  ================ Scan VBR ==================================
12:50:15.0046 0676  [ 67DAFABC2AFE358E37873EB9FD6DA305 ] \Device\Harddisk0\DR0\Partition1
12:50:15.0062 0676  \Device\Harddisk0\DR0\Partition1 - ok
12:50:15.0062 0676  ================ Scan active images ========================
12:50:15.0062 0676  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\nic1394.sys - ok
12:50:15.0062 0676  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\intelppm.sys - ok
12:50:15.0062 0676  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
12:50:15.0062 0676  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\cmbatt.sys - ok
12:50:15.0062 0676  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\videoprt.sys - ok
12:50:15.0062 0676  [ E8C7CC369C2FB657E0792AF70DF529E6 ] C:\WINDOWS\system32\drivers\igxpmp32.sys
12:50:15.0062 0676  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
12:50:15.0078 0676  [ B89BCF0A25AEB3B47030AC83287F894A ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
12:50:15.0078 0676  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
12:50:15.0078 0676  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\usbport.sys - ok
12:50:15.0078 0676  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\usbehci.sys - ok
12:50:15.0078 0676  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
12:50:15.0078 0676  [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
12:50:15.0078 0676  C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
12:50:15.0093 0676  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\sdbus.sys - ok
12:50:15.0093 0676  [ 24ED7AF20651F9FA1F249482E7C1F165 ] C:\WINDOWS\system32\drivers\rimmptsk.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\rimmptsk.sys - ok
12:50:15.0093 0676  [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] C:\WINDOWS\system32\drivers\rimsptsk.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\rimsptsk.sys - ok
12:50:15.0093 0676  [ F774ECD11A064F0DEBB2D4395418153C ] C:\WINDOWS\system32\drivers\rixdptsk.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\rixdptsk.sys - ok
12:50:15.0093 0676  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
12:50:15.0093 0676  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
12:50:15.0093 0676  C:\WINDOWS\system32\drivers\usbd.sys - ok
12:50:15.0109 0676  [ FA2DAA32BED908023272A0F77D625DAE ] C:\WINDOWS\system32\drivers\SynTP.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\SynTP.sys - ok
12:50:15.0109 0676  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\mouclass.sys - ok
12:50:15.0109 0676  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\imapi.sys - ok
12:50:15.0109 0676  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
12:50:15.0109 0676  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\cdrom.sys - ok
12:50:15.0109 0676  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
12:50:15.0109 0676  C:\WINDOWS\system32\drivers\ks.sys - ok
12:50:15.0109 0676  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\redbook.sys - ok
12:50:15.0125 0676  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
12:50:15.0125 0676  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\audstub.sys - ok
12:50:15.0125 0676  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
12:50:15.0125 0676  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
12:50:15.0125 0676  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
12:50:15.0125 0676  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
12:50:15.0125 0676  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
12:50:15.0140 0676  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\tdi.sys - ok
12:50:15.0140 0676  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\psched.sys - ok
12:50:15.0140 0676  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\raspptp.sys - ok
12:50:15.0140 0676  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\msgpc.sys - ok
12:50:15.0140 0676  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\ptilink.sys - ok
12:50:15.0140 0676  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
12:50:15.0140 0676  C:\WINDOWS\system32\drivers\raspti.sys - ok
12:50:15.0156 0676  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
12:50:15.0156 0676  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\swenum.sys - ok
12:50:15.0156 0676  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\termdd.sys - ok
12:50:15.0156 0676  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
12:50:15.0156 0676  [ B17228142CEC9B3C222239FD935A37CA ] C:\WINDOWS\system32\drivers\omci.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\omci.sys - ok
12:50:15.0156 0676  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
12:50:15.0156 0676  C:\WINDOWS\system32\drivers\update.sys - ok
12:50:15.0171 0676  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
12:50:15.0171 0676  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\drmk.sys - ok
12:50:15.0171 0676  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\portcls.sys - ok
12:50:15.0171 0676  [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] C:\WINDOWS\system32\drivers\sthda.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\sthda.sys - ok
12:50:15.0171 0676  [ 61478FA42EE04562E7F11F4DCA87E9C8 ] C:\WINDOWS\system32\drivers\HSXHWAZL.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\HSXHWAZL.sys - ok
12:50:15.0171 0676  [ E8EC1767EA315A39A0DD8989952CA0E9 ] C:\WINDOWS\system32\drivers\HSX_DPV.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\HSX_DPV.sys - ok
12:50:15.0171 0676  [ BA6B6FB242A6BA4068C8B763063BEB63 ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
12:50:15.0171 0676  C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
12:50:15.0187 0676  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\modem.sys - ok
12:50:15.0187 0676  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\usbhub.sys - ok
12:50:15.0187 0676  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
12:50:15.0187 0676  [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
12:50:15.0187 0676  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
12:50:15.0187 0676  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
12:50:15.0187 0676  C:\WINDOWS\system32\drivers\beep.sys - ok
12:50:15.0203 0676  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
12:50:15.0203 0676  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\hidparse.sys - ok
12:50:15.0203 0676  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
12:50:15.0203 0676  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\null.sys - ok
12:50:15.0203 0676  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
12:50:15.0203 0676  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
12:50:15.0203 0676  C:\WINDOWS\system32\drivers\vga.sys - ok
12:50:15.0218 0676  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
12:50:15.0218 0676  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\msfs.sys - ok
12:50:15.0218 0676  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\npfs.sys - ok
12:50:15.0218 0676  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\ipsec.sys - ok
12:50:15.0218 0676  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\rasacd.sys - ok
12:50:15.0218 0676  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\tcpip.sys - ok
12:50:15.0218 0676  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
12:50:15.0218 0676  C:\WINDOWS\system32\drivers\netbt.sys - ok
12:50:15.0234 0676  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\ipnat.sys - ok
12:50:15.0234 0676  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\afd.sys - ok
12:50:15.0234 0676  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
12:50:15.0234 0676  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\netbios.sys - ok
12:50:15.0234 0676  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\serial.sys - ok
12:50:15.0234 0676  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
12:50:15.0234 0676  C:\WINDOWS\system32\drivers\rdbss.sys - ok
12:50:15.0250 0676  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
12:50:15.0250 0676  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
12:50:15.0250 0676  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
12:50:15.0250 0676  C:\WINDOWS\system32\drivers\fips.sys - ok
12:50:15.0250 0676  [ EC94E05B76D033B74394E7B2175103CF ] C:\WINDOWS\system32\drivers\APPDRV.SYS
12:50:15.0250 0676  C:\WINDOWS\system32\drivers\APPDRV.SYS - ok
12:50:15.0250 0676  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
12:50:15.0250 0676  C:\WINDOWS\system32\smss.exe - ok
12:50:15.0250 0676  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
12:50:15.0250 0676  C:\WINDOWS\system32\ntdll.dll - ok
12:50:15.0250 0676  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
12:50:15.0250 0676  C:\WINDOWS\system32\autochk.exe - ok
12:50:15.0265 0676  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
12:50:15.0265 0676  C:\WINDOWS\system32\sfcfiles.dll - ok
12:50:15.0265 0676  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
12:50:15.0265 0676  C:\WINDOWS\system32\drivers\cdfs.sys - ok
12:50:15.0265 0676  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
12:50:15.0265 0676  C:\WINDOWS\system32\drivers\wanarp.sys - ok
12:50:15.0265 0676  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
12:50:15.0265 0676  C:\WINDOWS\system32\drivers\dxapi.sys - ok
12:50:15.0265 0676  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:50:15.0265 0676  C:\WINDOWS\system32\basesrv.dll - ok
12:50:15.0265 0676  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
12:50:15.0265 0676  C:\WINDOWS\system32\csrsrv.dll - ok
12:50:15.0281 0676  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
12:50:15.0281 0676  C:\WINDOWS\system32\csrss.exe - ok
12:50:15.0281 0676  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
12:50:15.0281 0676  C:\WINDOWS\system32\drivers\arp1394.sys - ok
12:50:15.0281 0676  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
12:50:15.0281 0676  C:\WINDOWS\system32\watchdog.sys - ok
12:50:15.0281 0676  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
12:50:15.0281 0676  C:\WINDOWS\system32\win32k.sys - ok
12:50:15.0281 0676  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:50:15.0281 0676  C:\WINDOWS\system32\winsrv.dll - ok
12:50:15.0281 0676  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
12:50:15.0281 0676  C:\WINDOWS\system32\gdi32.dll - ok
12:50:15.0296 0676  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
12:50:15.0296 0676  C:\WINDOWS\system32\kernel32.dll - ok
12:50:15.0296 0676  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
12:50:15.0296 0676  C:\WINDOWS\system32\user32.dll - ok
12:50:15.0296 0676  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
12:50:15.0296 0676  C:\WINDOWS\system32\drivers\dxg.sys - ok
12:50:15.0296 0676  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
12:50:15.0296 0676  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
12:50:15.0296 0676  [ B8180E7C022E261CFDD7BB40F417976A ] C:\WINDOWS\system32\igxpgd32.dll
12:50:15.0296 0676  C:\WINDOWS\system32\igxpgd32.dll - ok
12:50:15.0296 0676  [ 7D08AA6F3A6348FD8A84E077759D411E ] C:\WINDOWS\system32\igxprd32.dll
12:50:15.0296 0676  C:\WINDOWS\system32\igxprd32.dll - ok
12:50:15.0296 0676  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
12:50:15.0296 0676  C:\WINDOWS\system32\vga.dll - ok
12:50:15.0312 0676  [ 00B9719183E9ED0E5A93924E6C664A7A ] C:\WINDOWS\system32\igxpdv32.dll
12:50:15.0312 0676  C:\WINDOWS\system32\igxpdv32.dll - ok
12:50:15.0312 0676  [ 8A2EE74FA1C65CB30CFE2B112B871288 ] C:\WINDOWS\system32\igxpdx32.dll
12:50:15.0312 0676  C:\WINDOWS\system32\igxpdx32.dll - ok
12:50:15.0312 0676  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
12:50:15.0312 0676  C:\WINDOWS\system32\winlogon.exe - ok
12:50:15.0312 0676  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
12:50:15.0312 0676  C:\WINDOWS\system32\advapi32.dll - ok
12:50:15.0312 0676  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
12:50:15.0312 0676  C:\WINDOWS\system32\rpcrt4.dll - ok
12:50:15.0312 0676  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
12:50:15.0312 0676  C:\WINDOWS\system32\authz.dll - ok
12:50:15.0328 0676  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
12:50:15.0328 0676  C:\WINDOWS\system32\msvcrt.dll - ok
12:50:15.0328 0676  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
12:50:15.0328 0676  C:\WINDOWS\system32\secur32.dll - ok
12:50:15.0328 0676  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
12:50:15.0328 0676  C:\WINDOWS\system32\crypt32.dll - ok
12:50:15.0328 0676  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
12:50:15.0328 0676  C:\WINDOWS\system32\msasn1.dll - ok
12:50:15.0328 0676  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
12:50:15.0328 0676  C:\WINDOWS\system32\nddeapi.dll - ok
12:50:15.0328 0676  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
12:50:15.0328 0676  C:\WINDOWS\system32\netapi32.dll - ok
12:50:15.0343 0676  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
12:50:15.0343 0676  C:\WINDOWS\system32\profmap.dll - ok
12:50:15.0343 0676  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
12:50:15.0343 0676  C:\WINDOWS\system32\userenv.dll - ok
12:50:15.0343 0676  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
12:50:15.0343 0676  C:\WINDOWS\system32\psapi.dll - ok
12:50:15.0343 0676  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
12:50:15.0343 0676  C:\WINDOWS\system32\regapi.dll - ok
12:50:15.0343 0676  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
12:50:15.0343 0676  C:\WINDOWS\system32\setupapi.dll - ok
12:50:15.0343 0676  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
12:50:15.0343 0676  C:\WINDOWS\system32\version.dll - ok
12:50:15.0343 0676  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
12:50:15.0343 0676  C:\WINDOWS\system32\imagehlp.dll - ok
12:50:15.0359 0676  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
12:50:15.0359 0676  C:\WINDOWS\system32\winsta.dll - ok
12:50:15.0359 0676  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
12:50:15.0359 0676  C:\WINDOWS\system32\wintrust.dll - ok
12:50:15.0359 0676  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
12:50:15.0359 0676  C:\WINDOWS\system32\ws2_32.dll - ok
12:50:15.0359 0676  [ 054DE1AAE871B3D7397D9B3BC1C20E65 ] C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
12:50:15.0359 0676  C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL - ok
12:50:15.0359 0676  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
12:50:15.0359 0676  C:\WINDOWS\system32\imm32.dll - ok
12:50:15.0359 0676  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
12:50:15.0359 0676  C:\WINDOWS\system32\kbdus.dll - ok
12:50:15.0359 0676  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
12:50:15.0359 0676  C:\WINDOWS\system32\ws2help.dll - ok
12:50:15.0375 0676  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
12:50:15.0375 0676  C:\WINDOWS\system32\msgina.dll - ok
12:50:15.0375 0676  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
12:50:15.0375 0676  C:\WINDOWS\system32\comctl32.dll - ok
12:50:15.0375 0676  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
12:50:15.0375 0676  C:\WINDOWS\system32\odbc32.dll - ok
12:50:15.0375 0676  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
12:50:15.0375 0676  C:\WINDOWS\system32\comdlg32.dll - ok
12:50:15.0375 0676  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
12:50:15.0375 0676  C:\WINDOWS\system32\shell32.dll - ok
12:50:15.0390 0676  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
12:50:15.0390 0676  C:\WINDOWS\system32\shlwapi.dll - ok
12:50:15.0390 0676  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
12:50:15.0390 0676  C:\WINDOWS\system32\sxs.dll - ok
12:50:15.0390 0676  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
12:50:15.0390 0676  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
12:50:15.0390 0676  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
12:50:15.0390 0676  C:\WINDOWS\system32\odbcint.dll - ok
12:50:15.0390 0676  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
12:50:15.0390 0676  C:\WINDOWS\system32\sfc.dll - ok
12:50:15.0390 0676  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
12:50:15.0390 0676  C:\WINDOWS\system32\sfc_os.dll - ok
12:50:15.0406 0676  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
12:50:15.0406 0676  C:\WINDOWS\system32\shsvcs.dll - ok
12:50:15.0406 0676  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
12:50:15.0406 0676  C:\WINDOWS\system32\ole32.dll - ok
12:50:15.0406 0676  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
12:50:15.0406 0676  C:\WINDOWS\system32\apphelp.dll - ok
12:50:15.0406 0676  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
12:50:15.0406 0676  C:\WINDOWS\system32\lsass.exe - ok
12:50:15.0406 0676  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:50:15.0406 0676  C:\WINDOWS\system32\services.exe - ok
12:50:15.0406 0676  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
12:50:15.0406 0676  C:\WINDOWS\system32\lsasrv.dll - ok
12:50:15.0406 0676  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
12:50:15.0406 0676  C:\WINDOWS\system32\msvcp60.dll - ok
12:50:15.0421 0676  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
12:50:15.0421 0676  C:\WINDOWS\system32\ncobjapi.dll - ok
12:50:15.0421 0676  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
12:50:15.0421 0676  C:\WINDOWS\system32\mpr.dll - ok
12:50:15.0421 0676  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
12:50:15.0421 0676  C:\WINDOWS\system32\scesrv.dll - ok
12:50:15.0421 0676  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
12:50:15.0421 0676  C:\WINDOWS\system32\ntdsapi.dll - ok
12:50:15.0421 0676  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
12:50:15.0421 0676  C:\WINDOWS\system32\dnsapi.dll - ok
12:50:15.0421 0676  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
12:50:15.0421 0676  C:\WINDOWS\system32\umpnpmgr.dll - ok
12:50:15.0437 0676  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
12:50:15.0437 0676  C:\WINDOWS\system32\wldap32.dll - ok
12:50:15.0437 0676  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
12:50:15.0437 0676  C:\WINDOWS\system32\samlib.dll - ok
12:50:15.0437 0676  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
12:50:15.0437 0676  C:\WINDOWS\system32\shimeng.dll - ok
12:50:15.0437 0676  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
12:50:15.0437 0676  C:\WINDOWS\AppPatch\acadproc.dll - ok
12:50:15.0437 0676  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
12:50:15.0437 0676  C:\WINDOWS\system32\samsrv.dll - ok
12:50:15.0437 0676  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
12:50:15.0437 0676  C:\WINDOWS\AppPatch\acgenral.dll - ok
12:50:15.0453 0676  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
12:50:15.0453 0676  C:\WINDOWS\system32\cryptdll.dll - ok
12:50:15.0453 0676  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
12:50:15.0453 0676  C:\WINDOWS\system32\oleaut32.dll - ok
12:50:15.0453 0676  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
12:50:15.0453 0676  C:\WINDOWS\system32\winmm.dll - ok
12:50:15.0453 0676  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
12:50:15.0453 0676  C:\WINDOWS\system32\msacm32.dll - ok
12:50:15.0453 0676  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
12:50:15.0453 0676  C:\WINDOWS\system32\uxtheme.dll - ok
12:50:15.0453 0676  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
12:50:15.0453 0676  C:\WINDOWS\system32\msapsspc.dll - ok
12:50:15.0453 0676  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
12:50:15.0453 0676  C:\WINDOWS\system32\msvcrt40.dll - ok
12:50:15.0468 0676  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
12:50:15.0468 0676  C:\WINDOWS\system32\schannel.dll - ok
12:50:15.0468 0676  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
12:50:15.0468 0676  C:\WINDOWS\system32\digest.dll - ok
12:50:15.0468 0676  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
12:50:15.0468 0676  C:\WINDOWS\system32\msnsspc.dll - ok
12:50:15.0468 0676  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
12:50:15.0468 0676  C:\WINDOWS\system32\kerberos.dll - ok
12:50:15.0468 0676  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
12:50:15.0468 0676  C:\WINDOWS\system32\msctfime.ime - ok
12:50:15.0468 0676  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
12:50:15.0468 0676  C:\WINDOWS\system32\msprivs.dll - ok
12:50:15.0484 0676  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
12:50:15.0484 0676  C:\WINDOWS\system32\msv1_0.dll - ok
12:50:15.0484 0676  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
12:50:15.0484 0676  C:\WINDOWS\system32\iphlpapi.dll - ok
12:50:15.0484 0676  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
12:50:15.0484 0676  C:\WINDOWS\system32\netlogon.dll - ok
12:50:15.0484 0676  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
12:50:15.0484 0676  C:\WINDOWS\system32\w32time.dll - ok
12:50:15.0484 0676  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
12:50:15.0484 0676  C:\WINDOWS\system32\atmfd.dll - ok
12:50:15.0484 0676  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
12:50:15.0484 0676  C:\WINDOWS\system32\rsaenh.dll - ok
12:50:15.0500 0676  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
12:50:15.0500 0676  C:\WINDOWS\system32\wdigest.dll - ok
12:50:15.0500 0676  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
12:50:15.0500 0676  C:\WINDOWS\system32\winscard.dll - ok
12:50:15.0500 0676  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
12:50:15.0500 0676  C:\WINDOWS\system32\wtsapi32.dll - ok
12:50:15.0500 0676  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
12:50:15.0500 0676  C:\WINDOWS\system32\scecli.dll - ok
12:50:15.0500 0676  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
12:50:15.0500 0676  C:\WINDOWS\system32\svchost.exe - ok
12:50:15.0500 0676  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
12:50:15.0500 0676  C:\WINDOWS\system32\wininet.dll - ok
12:50:15.0515 0676  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
12:50:15.0515 0676  C:\WINDOWS\system32\normaliz.dll - ok
12:50:15.0515 0676  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
12:50:15.0515 0676  C:\WINDOWS\system32\urlmon.dll - ok
12:50:15.0515 0676  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
12:50:15.0515 0676  C:\WINDOWS\system32\iertutil.dll - ok
12:50:15.0515 0676  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
12:50:15.0515 0676  C:\WINDOWS\system32\ntmarta.dll - ok
12:50:15.0515 0676  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
12:50:15.0515 0676  C:\WINDOWS\system32\rpcss.dll - ok
12:50:15.0515 0676  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
12:50:15.0515 0676  C:\WINDOWS\system32\xpsp2res.dll - ok
12:50:15.0515 0676  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
12:50:15.0515 0676  C:\WINDOWS\system32\eventlog.dll - ok
12:50:15.0531 0676  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
12:50:15.0531 0676  C:\WINDOWS\system32\logonui.exe - ok
12:50:15.0531 0676  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
12:50:15.0531 0676  C:\WINDOWS\system32\duser.dll - ok
12:50:15.0531 0676  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
12:50:15.0531 0676  C:\WINDOWS\system32\msimg32.dll - ok
12:50:15.0531 0676  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
12:50:15.0531 0676  C:\WINDOWS\system32\oleacc.dll - ok
12:50:15.0531 0676  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
12:50:15.0531 0676  C:\WINDOWS\system32\clbcatq.dll - ok
12:50:15.0531 0676  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
12:50:15.0531 0676  C:\WINDOWS\system32\mswsock.dll - ok
12:50:15.0546 0676  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
12:50:15.0546 0676  C:\WINDOWS\system32\winrnr.dll - ok
12:50:15.0546 0676  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:50:15.0546 0676  C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:50:15.0546 0676  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
12:50:15.0546 0676  C:\WINDOWS\system32\comres.dll - ok
12:50:15.0546 0676  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
12:50:15.0546 0676  C:\WINDOWS\system32\rasadhlp.dll - ok
12:50:15.0546 0676  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:50:15.0546 0676  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
12:50:15.0546 0676  [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
12:50:15.0546 0676  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
12:50:15.0562 0676  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
12:50:15.0562 0676  C:\WINDOWS\system32\shgina.dll - ok
12:50:15.0562 0676  [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
12:50:15.0562 0676  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
12:50:15.0562 0676  [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
12:50:15.0562 0676  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
12:50:15.0562 0676  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
12:50:15.0562 0676  C:\WINDOWS\system32\fltlib.dll - ok
12:50:15.0562 0676  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
12:50:15.0562 0676  C:\WINDOWS\system32\cscdll.dll - ok
12:50:15.0562 0676  [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D1BBA548-14C7-4D7D-8BD7-76F7A2F8CBBD}\mpengine.dll
12:50:15.0562 0676  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D1BBA548-14C7-4D7D-8BD7-76F7A2F8CBBD}\mpengine.dll - ok
12:50:15.0578 0676  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
12:50:15.0578 0676  C:\WINDOWS\system32\dimsntfy.dll - ok
12:50:15.0593 0676  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
12:50:15.0593 0676  C:\WINDOWS\system32\winspool.drv - ok
12:50:15.0593 0676  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
12:50:15.0593 0676  C:\WINDOWS\system32\wlnotify.dll - ok
12:50:15.0593 0676  [ 8E7DDDCC5A262480E7A8342956732BD9 ] C:\WINDOWS\system32\WgaLogon.dll
12:50:15.0593 0676  C:\WINDOWS\system32\WgaLogon.dll - ok
12:50:15.0593 0676  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
12:50:15.0593 0676  C:\WINDOWS\system32\WudfSvc.dll - ok
12:50:15.0593 0676  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
12:50:15.0593 0676  C:\WINDOWS\system32\WudfPlatform.dll - ok
12:50:15.0593 0676  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
12:50:15.0593 0676  C:\WINDOWS\system32\msxml3.dll - ok
12:50:15.0609 0676  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
12:50:15.0609 0676  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
12:50:15.0609 0676  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
12:50:15.0609 0676  C:\WINDOWS\system32\dhcpcsvc.dll - ok
12:50:15.0609 0676  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
12:50:15.0609 0676  C:\WINDOWS\system32\dnsrslvr.dll - ok
12:50:15.0609 0676  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
12:50:15.0609 0676  C:\WINDOWS\system32\lmhsvc.dll - ok
12:50:15.0609 0676  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
12:50:15.0609 0676  C:\WINDOWS\system32\wzcsvc.dll - ok
12:50:15.0609 0676  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
12:50:15.0609 0676  C:\WINDOWS\system32\rtutils.dll - ok
12:50:15.0625 0676  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
12:50:15.0625 0676  C:\WINDOWS\system32\eapolqec.dll - ok
12:50:15.0625 0676  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
12:50:15.0625 0676  C:\WINDOWS\system32\wmi.dll - ok
12:50:15.0625 0676  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
12:50:15.0625 0676  C:\WINDOWS\system32\atl.dll - ok
12:50:15.0625 0676  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
12:50:15.0625 0676  C:\WINDOWS\system32\dot3api.dll - ok
12:50:15.0625 0676  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
12:50:15.0625 0676  C:\WINDOWS\system32\qutil.dll - ok
12:50:15.0625 0676  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
12:50:15.0625 0676  C:\WINDOWS\system32\esent.dll - ok
12:50:15.0640 0676  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
12:50:15.0640 0676  C:\WINDOWS\system32\rastls.dll - ok
12:50:15.0640 0676  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
12:50:15.0640 0676  C:\WINDOWS\system32\cryptui.dll - ok
12:50:15.0640 0676  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
12:50:15.0640 0676  C:\WINDOWS\system32\activeds.dll - ok
12:50:15.0640 0676  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
12:50:15.0640 0676  C:\WINDOWS\system32\mprapi.dll - ok
12:50:15.0640 0676  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
12:50:15.0640 0676  C:\WINDOWS\system32\adsldpc.dll - ok
12:50:15.0640 0676  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
12:50:15.0640 0676  C:\WINDOWS\system32\rasapi32.dll - ok
12:50:15.0640 0676  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
12:50:15.0640 0676  C:\WINDOWS\system32\rasman.dll - ok
12:50:15.0656 0676  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
12:50:15.0656 0676  C:\WINDOWS\system32\tapi32.dll - ok
12:50:15.0656 0676  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
12:50:15.0656 0676  C:\WINDOWS\system32\riched20.dll - ok
12:50:15.0656 0676  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
12:50:15.0656 0676  C:\WINDOWS\system32\raschap.dll - ok
12:50:15.0656 0676  [ 60714B1C15F815F55798C0B3D4819BEB ] C:\WINDOWS\system32\WLTRYSVC.EXE
12:50:15.0656 0676  C:\WINDOWS\system32\WLTRYSVC.EXE - ok
12:50:15.0656 0676  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\MSVCR71.DLL
12:50:15.0656 0676  C:\WINDOWS\system32\MSVCR71.DLL - ok
12:50:15.0656 0676  [ 618CCA5FD62EAD83C56D52824691C2FC ] C:\WINDOWS\system32\BCMWLTRY.EXE
12:50:15.0656 0676  C:\WINDOWS\system32\BCMWLTRY.EXE - ok
12:50:15.0671 0676  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
12:50:15.0671 0676  C:\WINDOWS\system32\hnetcfg.dll - ok
12:50:15.0671 0676  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
12:50:15.0671 0676  C:\WINDOWS\system32\wshtcpip.dll - ok
12:50:15.0671 0676  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
12:50:15.0671 0676  C:\WINDOWS\system32\schedsvc.dll - ok
12:50:15.0671 0676  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
12:50:15.0671 0676  C:\WINDOWS\system32\msidle.dll - ok
12:50:15.0671 0676  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
12:50:15.0671 0676  C:\WINDOWS\system32\spoolsv.exe - ok
12:50:15.0671 0676  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
12:50:15.0671 0676  C:\WINDOWS\system32\cfgmgr32.dll - ok
12:50:15.0687 0676  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
12:50:15.0687 0676  C:\WINDOWS\system32\powrprof.dll - ok
12:50:15.0687 0676  [ 4E8964A5564D27BE3F336AAD47D5D6E8 ] C:\WINDOWS\system32\bcm1xsup.dll
12:50:15.0687 0676  C:\WINDOWS\system32\bcm1xsup.dll - ok
12:50:15.0687 0676  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
12:50:15.0687 0676  C:\WINDOWS\system32\audiosrv.dll - ok
12:50:15.0687 0676  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
12:50:15.0687 0676  C:\WINDOWS\system32\wkssvc.dll - ok
12:50:15.0687 0676  [ 4DF537A09034434EA9481B88AB1D3C25 ] C:\WINDOWS\system32\bcmwlpkt.dll
12:50:15.0687 0676  C:\WINDOWS\system32\bcmwlpkt.dll - ok
12:50:15.0687 0676  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
12:50:15.0687 0676  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
12:50:15.0687 0676  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\WINDOWS\system32\MFC71.DLL
12:50:15.0687 0676  C:\WINDOWS\system32\MFC71.DLL - ok
12:50:15.0703 0676  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\MSVCP71.DLL
12:50:15.0703 0676  C:\WINDOWS\system32\MSVCP71.DLL - ok
12:50:15.0703 0676  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
12:50:15.0703 0676  C:\WINDOWS\system32\wsock32.dll - ok
12:50:15.0703 0676  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
12:50:15.0703 0676  C:\WINDOWS\system32\webclnt.dll - ok
12:50:15.0703 0676  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\ATL71.DLL
12:50:15.0703 0676  C:\WINDOWS\system32\ATL71.DLL - ok
12:50:15.0703 0676  [ 5F755A48D09444CEE0A1A7E74AC54D85 ] C:\WINDOWS\system32\wltrynt.dll
12:50:15.0703 0676  C:\WINDOWS\system32\wltrynt.dll - ok
12:50:15.0703 0676  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:50:15.0703 0676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
12:50:15.0718 0676  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
12:50:15.0718 0676  C:\WINDOWS\system32\es.dll - ok
12:50:15.0718 0676  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
12:50:15.0718 0676  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
12:50:15.0718 0676  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
12:50:15.0718 0676  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
12:50:15.0718 0676  [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
12:50:15.0718 0676  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
12:50:15.0718 0676  [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
12:50:15.0718 0676  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
12:50:15.0718 0676  [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
12:50:15.0718 0676  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
12:50:15.0734 0676  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
12:50:15.0734 0676  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
12:50:15.0734 0676  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
12:50:15.0734 0676  C:\WINDOWS\system32\mlang.dll - ok
12:50:15.0734 0676  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
12:50:15.0734 0676  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
12:50:15.0734 0676  [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
12:50:15.0734 0676  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
12:50:15.0734 0676  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
12:50:15.0734 0676  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
12:50:15.0734 0676  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
12:50:15.0734 0676  C:\WINDOWS\system32\xmlprovi.dll - ok
12:50:15.0750 0676  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
12:50:15.0750 0676  C:\WINDOWS\system32\wzcsapi.dll - ok
12:50:15.0750 0676  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
12:50:15.0750 0676  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
12:50:15.0750 0676  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
12:50:15.0750 0676  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
12:50:15.0750 0676  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
12:50:15.0750 0676  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
12:50:15.0750 0676  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
12:50:15.0750 0676  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
12:50:15.0750 0676  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
12:50:15.0750 0676  C:\WINDOWS\system32\dnssd.dll - ok
12:50:15.0750 0676  [ D880831279ED91F9A4190A2DB9539EA9 ] C:\WINDOWS\system32\drivers\asctrm.sys
12:50:15.0750 0676  C:\WINDOWS\system32\drivers\asctrm.sys - ok
12:50:15.0765 0676  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
12:50:15.0765 0676  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
12:50:15.0765 0676  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
12:50:15.0765 0676  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
12:50:15.0765 0676  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
12:50:15.0765 0676  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
12:50:15.0765 0676  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
12:50:15.0765 0676  C:\Program Files\Bonjour\mDNSResponder.exe - ok
12:50:15.0765 0676  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
12:50:15.0765 0676  C:\WINDOWS\system32\qmgr.dll - ok
12:50:15.0765 0676  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
12:50:15.0765 0676  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
12:50:15.0781 0676  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
12:50:15.0781 0676  C:\WINDOWS\system32\shfolder.dll - ok
12:50:15.0781 0676  [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
12:50:15.0781 0676  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
12:50:15.0781 0676  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
12:50:15.0781 0676  C:\WINDOWS\system32\winhttp.dll - ok
12:50:15.0781 0676  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
12:50:15.0781 0676  C:\WINDOWS\system32\netman.dll - ok
12:50:15.0781 0676  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
12:50:15.0781 0676  C:\WINDOWS\system32\cryptsvc.dll - ok
12:50:15.0781 0676  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
12:50:15.0781 0676  C:\WINDOWS\system32\netshell.dll - ok
12:50:15.0796 0676  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
12:50:15.0796 0676  C:\WINDOWS\system32\certcli.dll - ok
12:50:15.0796 0676  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
12:50:15.0796 0676  C:\WINDOWS\system32\ersvc.dll - ok
12:50:15.0796 0676  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
12:50:15.0796 0676  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
12:50:15.0796 0676  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
12:50:15.0796 0676  C:\WINDOWS\system32\credui.dll - ok
12:50:15.0796 0676  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
12:50:15.0796 0676  C:\WINDOWS\system32\dot3dlg.dll - ok
12:50:15.0796 0676  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
12:50:15.0796 0676  C:\WINDOWS\system32\onex.dll - ok
12:50:15.0812 0676  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
12:50:15.0812 0676  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
12:50:15.0812 0676  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
12:50:15.0812 0676  C:\WINDOWS\system32\eappcfg.dll - ok
12:50:15.0812 0676  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
12:50:15.0812 0676  C:\WINDOWS\system32\eappprxy.dll - ok
12:50:15.0812 0676  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
12:50:15.0812 0676  C:\WINDOWS\system32\msi.dll - ok
12:50:15.0812 0676  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
12:50:15.0812 0676  C:\WINDOWS\system32\dbghelp.dll - ok
12:50:15.0812 0676  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
12:50:15.0812 0676  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
12:50:15.0812 0676  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
12:50:15.0812 0676  C:\WINDOWS\system32\hidserv.dll - ok
12:50:15.0828 0676  [ 126A16F569122AE00AD3D12EF831D651 ] C:\Program Files\Java\jre6\bin\jqs.exe
12:50:15.0828 0676  C:\Program Files\Java\jre6\bin\jqs.exe - ok
12:50:15.0828 0676  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
12:50:15.0828 0676  C:\WINDOWS\system32\hid.dll - ok
12:50:15.0828 0676  [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WINDOW~3\MpShHook.dll
12:50:15.0828 0676  C:\PROGRA~1\WINDOW~3\MpShHook.dll - ok
12:50:15.0828 0676  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
12:50:15.0828 0676  C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
12:50:15.0828 0676  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
12:50:15.0828 0676  C:\WINDOWS\system32\pdh.dll - ok
12:50:15.0828 0676  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
12:50:15.0828 0676  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
12:50:15.0843 0676  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
12:50:15.0843 0676  C:\WINDOWS\system32\mstask.dll - ok
12:50:15.0843 0676  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
12:50:15.0843 0676  C:\WINDOWS\system32\odbcbcp.dll - ok
12:50:15.0843 0676  [ E6CB119EF2E148EAA1A247343550756E ] C:\Program Files\Common Files\Motive\McciCMService.exe
12:50:15.0843 0676  C:\Program Files\Common Files\Motive\McciCMService.exe - ok
12:50:15.0843 0676  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
12:50:15.0843 0676  C:\WINDOWS\system32\srvsvc.dll - ok
12:50:15.0843 0676  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
12:50:15.0843 0676  C:\WINDOWS\system32\netmsg.dll - ok
12:50:15.0843 0676  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
12:50:15.0843 0676  C:\WINDOWS\system32\drivers\srv.sys - ok
12:50:15.0843 0676  [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
12:50:15.0843 0676  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
12:50:15.0859 0676  [ 274FB48DC92E0EC012D4D8D866CFAF8A ] C:\WINDOWS\system32\drivers\pdihwctl.sys
12:50:15.0859 0676  C:\WINDOWS\system32\drivers\pdihwctl.sys - ok
12:50:15.0859 0676  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
12:50:15.0859 0676  C:\WINDOWS\system32\ipsecsvc.dll - ok
12:50:15.0859 0676  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
12:50:15.0859 0676  C:\WINDOWS\system32\spoolss.dll - ok
12:50:15.0859 0676  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] C:\WINDOWS\system32\mprdim.dll
12:50:15.0859 0676  C:\WINDOWS\system32\mprdim.dll - ok
12:50:15.0859 0676  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
12:50:15.0859 0676  C:\WINDOWS\system32\oakley.dll - ok
12:50:15.0859 0676  [ D607DE5917421F789C78C2A10626DEFC ] C:\WINDOWS\system32\ADIMON.DLL
12:50:15.0859 0676  C:\WINDOWS\system32\ADIMON.DLL - ok
12:50:15.0875 0676  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
12:50:15.0875 0676  C:\WINDOWS\system32\localspl.dll - ok
12:50:15.0875 0676  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
12:50:15.0875 0676  C:\WINDOWS\system32\perfos.dll - ok
12:50:15.0875 0676  [ 5D2C27A8D1D0F137D7EBB747960F754D ] C:\WINDOWS\system32\HEIDI3.DLL
12:50:15.0875 0676  C:\WINDOWS\system32\HEIDI3.DLL - ok
12:50:15.0875 0676  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
12:50:15.0875 0676  C:\WINDOWS\system32\seclogon.dll - ok
12:50:15.0875 0676  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
12:50:15.0875 0676  C:\WINDOWS\system32\sens.dll - ok
12:50:15.0875 0676  [ 6CB1C20F2CE3402A60F3F766D73B15B8 ] C:\WINDOWS\system32\iprtrmgr.dll
12:50:15.0875 0676  C:\WINDOWS\system32\iprtrmgr.dll - ok
12:50:15.0890 0676  [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
12:50:15.0890 0676  C:\WINDOWS\system32\msvcirt.dll - ok
12:50:15.0890 0676  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
12:50:15.0890 0676  C:\WINDOWS\system32\perfdisk.dll - ok
12:50:15.0890 0676  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
12:50:15.0890 0676  C:\WINDOWS\system32\psbase.dll - ok
12:50:15.0890 0676  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
12:50:15.0890 0676  C:\WINDOWS\system32\pstorsvc.dll - ok
12:50:15.0890 0676  [ B92A85618A470F4406CEE8785CE89B4F ] C:\WINDOWS\system32\rtm.dll
12:50:15.0890 0676  C:\WINDOWS\system32\rtm.dll - ok
12:50:15.0890 0676  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
12:50:15.0890 0676  C:\WINDOWS\system32\winipsec.dll - ok
12:50:15.0890 0676  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
12:50:15.0890 0676  C:\WINDOWS\system32\dssenh.dll - ok
12:50:15.0906 0676  [ B5247F381EC1E2C568421F182867EC8A ] C:\WINDOWS\system32\iprtprio.dll
12:50:15.0906 0676  C:\WINDOWS\system32\iprtprio.dll - ok
12:50:15.0906 0676  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
12:50:15.0906 0676  C:\WINDOWS\system32\cnbjmon.dll - ok
12:50:15.0906 0676  [ A4EC6B9766E2A7FAA77283697BC5C307 ] C:\WINDOWS\system32\E_FLBCXA.DLL
12:50:15.0906 0676  C:\WINDOWS\system32\E_FLBCXA.DLL - ok
12:50:15.0906 0676  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
12:50:15.0906 0676  C:\WINDOWS\system32\srsvc.dll - ok
12:50:15.0906 0676  [ CDD6CD8D385763A07676ECA50EB713C9 ] C:\WINDOWS\system32\EKIJ5000MON.dll
12:50:15.0906 0676  C:\WINDOWS\system32\EKIJ5000MON.dll - ok
12:50:15.0906 0676  [ 31A9FEA9FFAFCE0F2D1D712CFD6AF568 ] C:\WINDOWS\system32\drivers\STLTRK2K.sys
12:50:15.0906 0676  C:\WINDOWS\system32\drivers\STLTRK2K.sys - ok
12:50:15.0921 0676  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
12:50:15.0921 0676  C:\WINDOWS\system32\wiaservc.dll - ok
12:50:15.0921 0676  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
12:50:15.0921 0676  C:\WINDOWS\system32\tapisrv.dll - ok
12:50:15.0921 0676  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
12:50:15.0921 0676  C:\WINDOWS\system32\mscms.dll - ok
12:50:15.0921 0676  [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
12:50:15.0921 0676  C:\WINDOWS\system32\fxsevent.dll - ok
12:50:15.0921 0676  [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
12:50:15.0921 0676  C:\WINDOWS\system32\fxsmon.dll - ok
12:50:15.0921 0676  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
12:50:15.0921 0676  C:\WINDOWS\system32\trkwks.dll - ok
12:50:15.0937 0676  [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
12:50:15.0937 0676  C:\WINDOWS\system32\mgmtapi.dll - ok
12:50:15.0937 0676  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
12:50:15.0937 0676  C:\WINDOWS\system32\pjlmon.dll - ok
12:50:15.0937 0676  [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll
12:50:15.0937 0676  C:\WINDOWS\system32\tcpmib.dll - ok
12:50:15.0937 0676  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
12:50:15.0937 0676  C:\WINDOWS\system32\tcpmon.dll - ok
12:50:15.0937 0676  [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
12:50:15.0937 0676  C:\WINDOWS\system32\fxssvc.exe - ok
12:50:15.0937 0676  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
12:50:15.0937 0676  C:\WINDOWS\system32\snmpapi.dll - ok
12:50:15.0937 0676  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
12:50:15.0937 0676  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
12:50:15.0953 0676  [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
12:50:15.0953 0676  C:\WINDOWS\system32\wsnmp32.dll - ok
12:50:15.0953 0676  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
12:50:15.0953 0676  C:\WINDOWS\system32\usbmon.dll - ok
12:50:15.0953 0676  [ 1AE4CFD38465A4678023A097E17D3C5F ] C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
12:50:15.0953 0676  C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll - ok
12:50:15.0953 0676  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
12:50:15.0953 0676  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
12:50:15.0953 0676  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
12:50:15.0953 0676  C:\WINDOWS\system32\vssapi.dll - ok
12:50:15.0953 0676  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
12:50:15.0953 0676  C:\WINDOWS\system32\wuaueng.dll - ok
12:50:15.0968 0676  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
12:50:15.0968 0676  C:\WINDOWS\system32\wuauserv.dll - ok
12:50:15.0968 0676  [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
12:50:15.0968 0676  C:\WINDOWS\system32\fxstiff.dll - ok
12:50:15.0968 0676  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
12:50:15.0968 0676  C:\WINDOWS\system32\win32spl.dll - ok
12:50:15.0968 0676  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
12:50:15.0968 0676  C:\WINDOWS\system32\netrap.dll - ok
12:50:15.0968 0676  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
12:50:15.0968 0676  C:\WINDOWS\system32\inetpp.dll - ok
12:50:15.0968 0676  [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
12:50:15.0968 0676  C:\WINDOWS\system32\fxsapi.dll - ok
12:50:15.0984 0676  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
12:50:15.0984 0676  C:\WINDOWS\system32\cabinet.dll - ok
12:50:15.0984 0676  [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
12:50:15.0984 0676  C:\WINDOWS\system32\fxst30.dll - ok
12:50:15.0984 0676  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
12:50:15.0984 0676  C:\WINDOWS\system32\actxprxy.dll - ok
12:50:15.0984 0676  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
12:50:15.0984 0676  C:\WINDOWS\system32\mspatcha.dll - ok
12:50:15.0984 0676  [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
12:50:15.0984 0676  C:\WINDOWS\system32\fxsroute.dll - ok
12:50:15.0984 0676  [ 3DCA91DA05450DB41EE7115B54E528D3 ] C:\WINDOWS\system32\mprddm.dll
12:50:15.0984 0676  C:\WINDOWS\system32\mprddm.dll - ok
12:50:15.0984 0676  [ D07AE9626E383A785440CDF25702326C ] C:\WINDOWS\system32\iashlpr.dll
12:50:15.0984 0676  C:\WINDOWS\system32\iashlpr.dll - ok
12:50:16.0000 0676  [ A44AD395C672B5BACE38773E996BAE95 ] C:\WINDOWS\system32\iaspolcy.dll
12:50:16.0000 0676  C:\WINDOWS\system32\iaspolcy.dll - ok
12:50:16.0000 0676  [ 18E03F4113D731142B571B259EA67848 ] C:\WINDOWS\system32\iasrad.dll
12:50:16.0000 0676  C:\WINDOWS\system32\iasrad.dll - ok
12:50:16.0000 0676  [ 6F99509944223527E4B18954CAC981D5 ] C:\WINDOWS\system32\iassvcs.dll
12:50:16.0000 0676  C:\WINDOWS\system32\iassvcs.dll - ok
12:50:16.0000 0676  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
12:50:16.0000 0676  C:\WINDOWS\system32\rasppp.dll - ok
12:50:16.0000 0676  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
12:50:16.0000 0676  C:\WINDOWS\system32\ntlsapi.dll - ok
12:50:16.0000 0676  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
12:50:16.0000 0676  C:\WINDOWS\system32\unimdm.tsp - ok
12:50:16.0015 0676  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
12:50:16.0015 0676  C:\WINDOWS\system32\uniplat.dll - ok
12:50:16.0015 0676  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
12:50:16.0015 0676  C:\WINDOWS\system32\wscsvc.dll - ok
12:50:16.0015 0676  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
12:50:16.0015 0676  C:\WINDOWS\system32\netcfgx.dll - ok
12:50:16.0015 0676  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
12:50:16.0015 0676  C:\WINDOWS\system32\rasmans.dll - ok
12:50:16.0015 0676  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
12:50:16.0015 0676  C:\WINDOWS\system32\clusapi.dll - ok
12:50:16.0015 0676  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
12:50:16.0015 0676  C:\WINDOWS\system32\ipnathlp.dll - ok
12:50:16.0031 0676  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
12:50:16.0031 0676  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
12:50:16.0031 0676  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
12:50:16.0031 0676  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
12:50:16.0031 0676  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
12:50:16.0031 0676  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
12:50:16.0031 0676  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
12:50:16.0031 0676  C:\WINDOWS\system32\wbem\esscli.dll - ok
12:50:16.0031 0676  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
12:50:16.0031 0676  C:\WINDOWS\system32\wbem\fastprox.dll - ok
12:50:16.0031 0676  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
12:50:16.0031 0676  C:\WINDOWS\system32\browser.dll - ok
12:50:16.0031 0676  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
12:50:16.0031 0676  C:\WINDOWS\system32\unimdmat.dll - ok
12:50:16.0046 0676  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
12:50:16.0046 0676  C:\WINDOWS\system32\modemui.dll - ok
12:50:16.0046 0676  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
12:50:16.0046 0676  C:\WINDOWS\system32\wups.dll - ok
12:50:16.0046 0676  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
12:50:16.0046 0676  C:\WINDOWS\system32\comsvcs.dll - ok
12:50:16.0046 0676  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
12:50:16.0046 0676  C:\WINDOWS\system32\kmddsp.tsp - ok
12:50:16.0046 0676  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
12:50:16.0046 0676  C:\WINDOWS\system32\colbact.dll - ok
12:50:16.0046 0676  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
12:50:16.0046 0676  C:\WINDOWS\system32\mtxclu.dll - ok
12:50:16.0062 0676  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
12:50:16.0062 0676  C:\WINDOWS\system32\resutils.dll - ok
12:50:16.0062 0676  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
12:50:16.0062 0676  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
12:50:16.0062 0676  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
12:50:16.0062 0676  C:\WINDOWS\system32\ipconf.tsp - ok
12:50:16.0062 0676  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
12:50:16.0062 0676  C:\WINDOWS\system32\ndptsp.tsp - ok
12:50:16.0062 0676  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
12:50:16.0062 0676  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
12:50:16.0062 0676  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
12:50:16.0062 0676  C:\WINDOWS\system32\wups2.dll - ok
12:50:16.0078 0676  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
12:50:16.0078 0676  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
12:50:16.0078 0676  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
12:50:16.0078 0676  C:\WINDOWS\system32\h323.tsp - ok
12:50:16.0078 0676  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
12:50:16.0078 0676  C:\WINDOWS\system32\hidphone.tsp - ok
12:50:16.0078 0676  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
12:50:16.0078 0676  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
12:50:16.0078 0676  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
12:50:16.0078 0676  C:\WINDOWS\system32\wuauclt.exe - ok
12:50:16.0078 0676  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
12:50:16.0078 0676  C:\WINDOWS\system32\wbem\wbemess.dll - ok
12:50:16.0078 0676  [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
12:50:16.0078 0676  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
12:50:16.0093 0676  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
12:50:16.0093 0676  C:\WINDOWS\system32\wuapi.dll - ok
12:50:16.0093 0676  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
12:50:16.0093 0676  C:\WINDOWS\system32\wbem\ncprov.dll - ok
12:50:16.0093 0676  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
12:50:16.0093 0676  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
12:50:16.0093 0676  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
12:50:16.0093 0676  C:\WINDOWS\system32\rastapi.dll - ok
12:50:16.0093 0676  [ 058710B720282CA82B909912D3EF28DB ] C:\WINDOWS\regedit.exe
12:50:16.0093 0676  C:\WINDOWS\regedit.exe - ok
12:50:16.0093 0676  [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
12:50:16.0093 0676  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
12:50:16.0109 0676  [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
12:50:16.0109 0676  C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
12:50:16.0109 0676  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
12:50:16.0109 0676  C:\WINDOWS\system32\alg.exe - ok
12:50:16.0109 0676  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
12:50:16.0109 0676  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
12:50:16.0109 0676  [ 96A0066AB9872D3575575A463C53FF6C ] C:\WINDOWS\system32\aclui.dll
12:50:16.0109 0676  C:\WINDOWS\system32\aclui.dll - ok
12:50:16.0109 0676  [ 751068D5D0ECD64A4810379729A1F0BC ] C:\WINDOWS\system32\ulib.dll
12:50:16.0109 0676  C:\WINDOWS\system32\ulib.dll - ok
12:50:16.0109 0676  [ 37461F2C3F212CF508A20FDC729ABDE5 ] C:\WINDOWS\system32\clb.dll
12:50:16.0109 0676  C:\WINDOWS\system32\clb.dll - ok
12:50:16.0109 0676  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
12:50:16.0109 0676  C:\WINDOWS\system32\rasqec.dll - ok
12:50:16.0125 0676  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
12:50:16.0125 0676  C:\WINDOWS\system32\licwmi.dll - ok
12:50:16.0125 0676  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
12:50:16.0125 0676  C:\WINDOWS\system32\wbem\framedyn.dll - ok
12:50:16.0125 0676  [ 7AC715A7F6B8D1F8ACDBF567D580E1D0 ] C:\WINDOWS\system32\iassdo.dll
12:50:16.0125 0676  C:\WINDOWS\system32\iassdo.dll - ok
12:50:16.0125 0676  [ B9D26DE2FF120199A0217F62C4230A9A ] C:\WINDOWS\system32\iasrecst.dll
12:50:16.0125 0676  C:\WINDOWS\system32\iasrecst.dll - ok
12:50:16.0125 0676  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
12:50:16.0125 0676  C:\WINDOWS\system32\licdll.dll - ok
12:50:16.0125 0676  [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
12:50:16.0125 0676  C:\WINDOWS\system32\msjetoledb40.dll - ok
12:50:16.0140 0676  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
12:50:16.0140 0676  C:\WINDOWS\system32\dpcdll.dll - ok
12:50:16.0140 0676  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
12:50:16.0140 0676  C:\WINDOWS\system32\msjet40.dll - ok
12:50:16.0140 0676  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
12:50:16.0140 0676  C:\WINDOWS\system32\mswstr10.dll - ok
12:50:16.0140 0676  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
12:50:16.0140 0676  C:\WINDOWS\system32\msjter40.dll - ok
12:50:16.0140 0676  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
12:50:16.0140 0676  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
12:50:16.0140 0676  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
12:50:16.0140 0676  C:\WINDOWS\system32\msjint40.dll - ok
12:50:16.0140 0676  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
12:50:16.0140 0676  C:\WINDOWS\system32\msdart.dll - ok
12:50:16.0156 0676  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
12:50:16.0156 0676  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
12:50:16.0156 0676  [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
12:50:16.0156 0676  C:\WINDOWS\system32\msjtes40.dll - ok
12:50:16.0156 0676  [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
12:50:16.0156 0676  C:\WINDOWS\system32\expsrv.dll - ok
12:50:16.0156 0676  [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
12:50:16.0156 0676  C:\WINDOWS\system32\vbajet32.dll - ok
12:50:16.0156 0676  [ F96E689699A68A69916227F4D29A87FD ] C:\WINDOWS\system32\iasnap.dll
12:50:16.0156 0676  C:\WINDOWS\system32\iasnap.dll - ok
12:50:16.0156 0676  [ A6169405D73FA5BC4392839D65420568 ] C:\WINDOWS\system32\iasacct.dll
12:50:16.0156 0676  C:\WINDOWS\system32\iasacct.dll - ok
12:50:16.0171 0676  [ C2689CC0535E6939D1A0732808E2CAFB ] C:\WINDOWS\system32\iassam.dll
12:50:16.0171 0676  C:\WINDOWS\system32\iassam.dll - ok
12:50:16.0171 0676  [ 45431B613631B8018188B5FF7681D2D6 ] C:\Program Files\Java\jre6\bin\awt.dll
12:50:16.0171 0676  C:\Program Files\Java\jre6\bin\awt.dll - ok
12:50:16.0171 0676  [ 34812A4786E9898C29DCD11E71E6CD2A ] C:\Program Files\Java\jre6\bin\client\jvm.dll
12:50:16.0171 0676  C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
12:50:16.0171 0676  [ 51F5543A923881555859A464ED42C789 ] C:\Program Files\Java\jre6\bin\dcpr.dll
12:50:16.0171 0676  C:\Program Files\Java\jre6\bin\dcpr.dll - ok
12:50:16.0171 0676  [ 0C96B3DD657C6E30CB12DD3FFD965FA2 ] C:\Program Files\Java\jre6\bin\deploy.dll
12:50:16.0171 0676  C:\Program Files\Java\jre6\bin\deploy.dll - ok
12:50:16.0171 0676  [ 4FE2589F81258AB47549E1BC9F09808B ] C:\Program Files\Java\jre6\bin\fontmanager.dll
12:50:16.0171 0676  C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
12:50:16.0187 0676  [ BE988A809AA97CE669B30F7684953107 ] C:\Program Files\Java\jre6\bin\hpi.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\hpi.dll - ok
12:50:16.0187 0676  [ 033DBE7F938B8A96F130A2AEC0DDFA90 ] C:\Program Files\Java\jre6\bin\java.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\java.dll - ok
12:50:16.0187 0676  [ 359B080F9226D078847E363C7AEDA903 ] C:\Program Files\Java\jre6\bin\javaw.exe
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\javaw.exe - ok
12:50:16.0187 0676  [ 56B768C0146433EDA2BA855C14A35612 ] C:\Program Files\Java\jre6\bin\jp2native.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\jp2native.dll - ok
12:50:16.0187 0676  [ 53D40B19DFE745A3C5AF4799F2DAEFEE ] C:\Program Files\Java\jre6\bin\jpeg.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\jpeg.dll - ok
12:50:16.0187 0676  [ 364AADEAB4E1AA7362F0FD43E2C39212 ] C:\Program Files\Java\jre6\bin\net.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\net.dll - ok
12:50:16.0187 0676  [ 5A50A8F9E3164FB0AFC102E03FEB4FA9 ] C:\Program Files\Java\jre6\bin\nio.dll
12:50:16.0187 0676  C:\Program Files\Java\jre6\bin\nio.dll - ok
12:50:16.0203 0676  [ 90FBFCA1DAFF50771E4BFB28ACCD198E ] C:\Program Files\Java\jre6\bin\regutils.dll
12:50:16.0203 0676  C:\Program Files\Java\jre6\bin\regutils.dll - ok
12:50:16.0203 0676  [ 356420645BF81CD9EEB0F3DAB215DB92 ] C:\Program Files\Java\jre6\bin\verify.dll
12:50:16.0203 0676  C:\Program Files\Java\jre6\bin\verify.dll - ok
12:50:16.0203 0676  [ 57F1C20AF66160B892166F6826C7CAF8 ] C:\Program Files\Java\jre6\bin\zip.dll
12:50:16.0203 0676  C:\Program Files\Java\jre6\bin\zip.dll - ok
12:50:16.0203 0676  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
12:50:16.0203 0676  C:\WINDOWS\system32\mpnotify.exe - ok
12:50:16.0203 0676  [ F49DABE4B824B9BF35E5F541A6CAAF26 ] C:\WINDOWS\system32\BCMLogon.dll
12:50:16.0203 0676  C:\WINDOWS\system32\BCMLogon.dll - ok
12:50:16.0203 0676  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
12:50:16.0203 0676  C:\WINDOWS\system32\cscui.dll - ok
12:50:16.0218 0676  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
12:50:16.0218 0676  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
12:50:16.0218 0676  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
12:50:16.0218 0676  C:\WINDOWS\system32\wdmaud.drv - ok
12:50:16.0218 0676  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
12:50:16.0218 0676  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
12:50:16.0218 0676  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
12:50:16.0218 0676  C:\WINDOWS\system32\drivers\splitter.sys - ok
12:50:16.0218 0676  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
12:50:16.0218 0676  C:\WINDOWS\system32\drivers\aec.sys - ok
12:50:16.0218 0676  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
12:50:16.0218 0676  C:\WINDOWS\system32\drivers\swmidi.sys - ok
12:50:16.0234 0676  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
12:50:16.0234 0676  C:\WINDOWS\system32\drivers\dmusic.sys - ok
12:50:16.0234 0676  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
12:50:16.0234 0676  C:\WINDOWS\system32\termsrv.dll - ok
12:50:16.0234 0676  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
12:50:16.0234 0676  C:\WINDOWS\system32\userinit.exe - ok
12:50:16.0234 0676  [ 6A8E1ED7790C55106B6C2BD6DB0E0F1D ] C:\WINDOWS\system32\WgaTray.exe
12:50:16.0234 0676  C:\WINDOWS\system32\WgaTray.exe - ok
12:50:16.0234 0676  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
12:50:16.0234 0676  C:\WINDOWS\system32\icaapi.dll - ok
12:50:16.0234 0676  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
12:50:16.0234 0676  C:\WINDOWS\system32\mstlsapi.dll - ok
12:50:16.0234 0676  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
12:50:16.0234 0676  C:\WINDOWS\system32\drivers\kmixer.sys - ok
12:50:16.0250 0676  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
12:50:16.0250 0676  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
12:50:16.0250 0676  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
12:50:16.0250 0676  C:\WINDOWS\system32\msacm32.drv - ok
12:50:16.0250 0676  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
12:50:16.0250 0676  C:\WINDOWS\system32\midimap.dll - ok
12:50:16.0250 0676  [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
12:50:16.0250 0676  C:\WINDOWS\system32\wscntfy.exe - ok
12:50:16.0250 0676  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
12:50:16.0250 0676  C:\WINDOWS\explorer.exe - ok
12:50:16.0250 0676  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
12:50:16.0250 0676  C:\WINDOWS\system32\browseui.dll - ok
12:50:16.0265 0676  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
12:50:16.0265 0676  C:\WINDOWS\system32\shdocvw.dll - ok
12:50:16.0265 0676  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
12:50:16.0265 0676  C:\WINDOWS\system32\cryptnet.dll - ok
12:50:16.0265 0676  [ F29937A86031341FC60CE316D7F88881 ] C:\WINDOWS\system32\AcSignIcon.dll
12:50:16.0265 0676  C:\WINDOWS\system32\AcSignIcon.dll - ok
12:50:16.0265 0676  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
12:50:16.0265 0676  C:\WINDOWS\system32\sensapi.dll - ok
12:50:16.0265 0676  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
12:50:16.0265 0676  C:\WINDOWS\system32\desk.cpl - ok
12:50:16.0265 0676  [ D0E44C9C8BD85350828458EAD715BD30 ] C:\WINDOWS\system32\LegitCheckControl.dll
12:50:16.0265 0676  C:\WINDOWS\system32\LegitCheckControl.dll - ok
12:50:16.0281 0676  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
12:50:16.0281 0676  C:\WINDOWS\system32\themeui.dll - ok
12:50:16.0281 0676  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
12:50:16.0281 0676  C:\WINDOWS\system32\cmd.exe - ok
12:50:16.0281 0676  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
12:50:16.0281 0676  C:\WINDOWS\system32\msxml6.dll - ok
12:50:16.0281 0676  [ A0CE23EDA79A33ABA807A948EAC0D679 ] C:\PROGRA~1\Google\GOOGLE~1\GOA66E~1.DLL
12:50:16.0281 0676  C:\PROGRA~1\Google\GOOGLE~1\GOA66E~1.DLL - ok
12:50:16.0281 0676  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
12:50:16.0281 0676  C:\WINDOWS\system32\ieframe.dll - ok
12:50:16.0281 0676  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
12:50:16.0281 0676  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
12:50:16.0281 0676  [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
12:50:16.0281 0676  C:\WINDOWS\system32\qmgrprxy.dll - ok
12:50:16.0296 0676  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
12:50:16.0296 0676  C:\WINDOWS\system32\security.dll - ok
12:50:16.0296 0676  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
12:50:16.0296 0676  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
12:50:16.0296 0676  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
12:50:16.0296 0676  C:\WINDOWS\system32\wucltui.dll - ok
12:50:16.0296 0676  [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
12:50:16.0296 0676  C:\WINDOWS\system32\wuaucpl.cpl - ok
12:50:16.0296 0676  [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
12:50:16.0296 0676  C:\WINDOWS\system32\mucltui.dll - ok
12:50:16.0296 0676  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\javierh\LOCALS~1\temp\EEF101DE-E79E-4E62-8AB2-ADBA367FBB80.exe
12:50:16.0296 0676  C:\DOCUME~1\javierh\LOCALS~1\temp\EEF101DE-E79E-4E62-8AB2-ADBA367FBB80.exe - ok
12:50:16.0312 0676  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
12:50:16.0312 0676  C:\WINDOWS\system32\linkinfo.dll - ok
12:50:16.0312 0676  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
12:50:16.0312 0676  C:\WINDOWS\system32\ntshrui.dll - ok
12:50:16.0312 0676  [ F49821B3D4392CF4E9620FF417C6C149 ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
12:50:16.0312 0676  C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
12:50:16.0312 0676  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
12:50:16.0312 0676  C:\WINDOWS\system32\imapi.exe - ok
12:50:16.0312 0676  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\05319785.sys
12:50:16.0312 0676  C:\WINDOWS\system32\drivers\05319785.sys - ok
12:50:16.0312 0676  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
12:50:16.0312 0676  C:\WINDOWS\system32\verclsid.exe - ok
12:50:16.0328 0676  [ C1760626A42ABEEC280254E21AEF222C ] C:\WINDOWS\system32\umonit.exe
12:50:16.0328 0676  C:\WINDOWS\system32\umonit.exe - ok
12:50:16.0328 0676  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
12:50:16.0328 0676  C:\WINDOWS\system32\upnp.dll - ok
12:50:16.0328 0676  [ ABB85828C394CEACACBC90373C59C529 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:50:16.0328 0676  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
12:50:16.0328 0676  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
12:50:16.0328 0676  C:\WINDOWS\system32\ssdpapi.dll - ok
12:50:16.0328 0676  [ AD2506958DE1937C16C553C0A1BE0572 ] C:\WINDOWS\stsystra.exe
12:50:16.0328 0676  C:\WINDOWS\stsystra.exe - ok
12:50:16.0328 0676  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
12:50:16.0328 0676  C:\WINDOWS\system32\mfc42.dll - ok
12:50:16.0328 0676  [ E5A3C50686EA89B1ED8D9C232193A461 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:50:16.0328 0676  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe - ok
12:50:16.0343 0676  [ C41FE114D9D7710EDA1189D304D85088 ] C:\Program Files\QuickTime\QTTask.exe
12:50:16.0343 0676  C:\Program Files\QuickTime\QTTask.exe - ok
12:50:16.0343 0676  [ A2DC1E0E4C74D5D9598E18B2FDC7CEE4 ] C:\Program Files\Dell\QuickSet\quickset.exe
12:50:16.0343 0676  C:\Program Files\Dell\QuickSet\quickset.exe - ok
12:50:16.0343 0676  [ 17CEC1CB41C5580DBE20984FC73BC4F4 ] C:\WINDOWS\system32\WLTRAY.EXE
12:50:16.0343 0676  C:\WINDOWS\system32\WLTRAY.EXE - ok
12:50:16.0343 0676  [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
12:50:16.0343 0676  C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
12:50:16.0343 0676  [ 554BF964313238DB774F1E3406766C63 ] C:\WINDOWS\system32\igfxtray.exe
12:50:16.0343 0676  C:\WINDOWS\system32\igfxtray.exe - ok
12:50:16.0343 0676  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
12:50:16.0343 0676  C:\WINDOWS\system32\webcheck.dll - ok
12:50:16.0343 0676  [ 2C0F5B7992CF976C2EFE75E394F2487F ] C:\WINDOWS\system32\hkcmd.exe
12:50:16.0343 0676  C:\WINDOWS\system32\hkcmd.exe - ok
12:50:16.0359 0676  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
12:50:16.0359 0676  C:\WINDOWS\system32\stobject.dll - ok
12:50:16.0359 0676  [ D35DA7C7BD0E96B370DBDA2C8FDDBCB0 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
12:50:16.0359 0676  C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll - ok
12:50:16.0359 0676  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
12:50:16.0359 0676  C:\WINDOWS\system32\batmeter.dll - ok
12:50:16.0359 0676  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
12:50:16.0359 0676  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
12:50:16.0359 0676  [ 381E144D2111593F87FBAF85347FCF28 ] C:\WINDOWS\system32\stlang.dll
12:50:16.0359 0676  C:\WINDOWS\system32\stlang.dll - ok
12:50:16.0359 0676  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
12:50:16.0359 0676  C:\WINDOWS\system32\mydocs.dll - ok
12:50:16.0375 0676  [ 0557F18CA388BD2D2EAF9F0474FD75C7 ] C:\WINDOWS\system32\SynCOM.dll
12:50:16.0375 0676  C:\WINDOWS\system32\SynCOM.dll - ok
12:50:16.0375 0676  [ AB1B1FFA1609B13D93DF1AFC7858469D ] C:\WINDOWS\system32\hccutils.dll
12:50:16.0375 0676  C:\WINDOWS\system32\hccutils.dll - ok
12:50:16.0375 0676  [ 3B00D3D63E89B7383475CE5D1FC750FB ] C:\WINDOWS\system32\igfxpers.exe
12:50:16.0375 0676  C:\WINDOWS\system32\igfxpers.exe - ok
12:50:16.0375 0676  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
12:50:16.0375 0676  C:\WINDOWS\system32\mfc42u.dll - ok
12:50:16.0375 0676  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
12:50:16.0375 0676  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
12:50:16.0390 0676  [ C6A7045E0D5C975028976E940CE76BB8 ] C:\WINDOWS\system32\SynTPAPI.dll
12:50:16.0390 0676  C:\WINDOWS\system32\SynTPAPI.dll - ok
12:50:16.0390 0676  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
12:50:16.0390 0676  C:\WINDOWS\system32\rasdlg.dll - ok
12:50:16.0390 0676  [ 8FB740D758B14B1BC950CC347C21E461 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
12:50:16.0390 0676  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - ok
12:50:16.0390 0676  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
12:50:16.0390 0676  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
12:50:16.0390 0676  [ A1D6BE93E9FF2A21D6064B0C365C1315 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
12:50:16.0390 0676  C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe - ok
12:50:16.0390 0676  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
12:50:16.0390 0676  C:\WINDOWS\system32\riched32.dll - ok
12:50:16.0390 0676  [ 9A88D107F64110094DE268C093F8A69D ] C:\Program Files\Dell\QuickSet\IWH9.dll
12:50:16.0390 0676  C:\Program Files\Dell\QuickSet\IWH9.dll - ok
12:50:16.0406 0676  [ 958AADA0659E5C312524865C56BFB771 ] C:\Program Files\Dell\QuickSet\IWH10.dll
12:50:16.0406 0676  C:\Program Files\Dell\QuickSet\IWH10.dll - ok
12:50:16.0406 0676  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
12:50:16.0406 0676  C:\WINDOWS\system32\oledlg.dll - ok
12:50:16.0406 0676  [ 535203DEA5820F3B5F3FAACE0D51252C ] C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll
12:50:16.0406 0676  C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll - ok
12:50:16.0406 0676  [ 1BF756F3FE89A1CF7A9207CD7E9ACB2B ] C:\WINDOWS\system32\igfxsrvc.exe
12:50:16.0406 0676  C:\WINDOWS\system32\igfxsrvc.exe - ok
12:50:16.0406 0676  [ F802B6381408D3BED6EE1DF87BFE1EB8 ] C:\WINDOWS\system32\stacapi.dll
12:50:16.0406 0676  C:\WINDOWS\system32\stacapi.dll - ok
12:50:16.0406 0676  [ CF75FD7FFE804C50F9DB51095C35B77A ] C:\WINDOWS\system32\igfxsrvc.dll
12:50:16.0406 0676  C:\WINDOWS\system32\igfxsrvc.dll - ok
12:50:16.0421 0676  [ DC2BAB079FF4C52412A8593CDAE59AFE ] C:\WINDOWS\system32\igfxdev.dll
12:50:16.0421 0676  C:\WINDOWS\system32\igfxdev.dll - ok
12:50:16.0421 0676  [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
12:50:16.0421 0676  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
12:50:16.0421 0676  [ 4450B803847C9B18902D999D78599BDF ] C:\WINDOWS\system32\igfxres.dll
12:50:16.0421 0676  C:\WINDOWS\system32\igfxres.dll - ok
12:50:16.0421 0676  [ 2993E6F76ECCF3B27DA30065356FD542 ] C:\WINDOWS\system32\igfxress.dll
12:50:16.0421 0676  C:\WINDOWS\system32\igfxress.dll - ok
12:50:16.0421 0676  [ A3CF6E5E3AF52AEC92551A6D4F011C3D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
12:50:16.0421 0676  C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe - ok
12:50:16.0421 0676  [ E5792F83FE0A2AB0A9CA5BB397EECFA2 ] C:\Program Files\Dell\QuickSet\preflibcl.dll
12:50:16.0421 0676  C:\Program Files\Dell\QuickSet\preflibcl.dll - ok
12:50:16.0437 0676  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
12:50:16.0437 0676  C:\Program Files\Microsoft Security Client\msseces.exe - ok
12:50:16.0437 0676  [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:50:16.0437 0676  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
12:50:16.0437 0676  [ 2A5A6D43CFE2FB2C89B175E4F07FF635 ] C:\WINDOWS\system32\preflib.dll
12:50:16.0437 0676  C:\WINDOWS\system32\preflib.dll - ok
12:50:16.0437 0676  [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
12:50:16.0437 0676  C:\Program Files\iTunes\iTunesHelper.exe - ok
12:50:16.0437 0676  [ 676B1D0BFA5EF8005395AB43F33DE1F1 ] C:\Program Files\NetWaiting\netwaiting.exe
12:50:16.0437 0676  C:\Program Files\NetWaiting\netwaiting.exe - ok
12:50:16.0437 0676  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
12:50:16.0437 0676  C:\WINDOWS\system32\msisip.dll - ok
12:50:16.0437 0676  [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
12:50:16.0437 0676  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
12:50:16.0453 0676  [ 131966DA924DDFFBE8AE6AAD0F048630 ] C:\Program Files\NetWaiting\BVRPDiag.dll
12:50:16.0453 0676  C:\Program Files\NetWaiting\BVRPDiag.dll - ok
12:50:16.0453 0676  [ F48B53237362A8B58DE532C7D88C9070 ] C:\Program Files\Dell\QuickSet\dadkeyb.dll
12:50:16.0453 0676  C:\Program Files\Dell\QuickSet\dadkeyb.dll - ok
12:50:16.0453 0676  [ 208E667393822BA7C9349BE19CADBEE8 ] C:\Program Files\NetWaiting\ModemMOH.dll
12:50:16.0453 0676  C:\Program Files\NetWaiting\ModemMOH.dll - ok
12:50:16.0453 0676  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
12:50:16.0453 0676  C:\WINDOWS\system32\wshext.dll - ok
12:50:16.0453 0676  [ 8B1DB47AE508698BE86B84DFB4A3526A ] C:\Program Files\NetWaiting\BVRPCTLN.DLL
12:50:16.0453 0676  C:\Program Files\NetWaiting\BVRPCTLN.DLL - ok
12:50:16.0453 0676  [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
12:50:16.0453 0676  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
12:50:16.0468 0676  [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
12:50:16.0468 0676  C:\Program Files\iTunes\iTunesHelper.dll - ok
12:50:16.0468 0676  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
12:50:16.0468 0676  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
12:50:16.0468 0676  [ 3F71578DEC7FD3377362222D6D0F7610 ] C:\Program Files\Dell\QuickSet\Brightness.exe
12:50:16.0468 0676  C:\Program Files\Dell\QuickSet\Brightness.exe - ok
12:50:16.0468 0676  [ AD61C37E1D1E56FAFC5FF7E3CB2D3EFA ] C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
12:50:16.0468 0676  C:\Program Files\Common Files\Autodesk Shared\acstart17.exe - ok
12:50:16.0468 0676  [ B66E56733E2CD6A10FDA5919625FBF46 ] C:\Program Files\Digital Line Detect\DLG.exe
12:50:16.0468 0676  C:\Program Files\Digital Line Detect\DLG.exe - ok
12:50:16.0468 0676  [ DDB011875BCC78C4EFE4AF17994FF53F ] C:\WINDOWS\system32\mdmxsdk.dll
12:50:16.0468 0676  C:\WINDOWS\system32\mdmxsdk.dll - ok
12:50:16.0484 0676  [ B9DE7C4455E2CD810B9EC31FC6ED12F3 ] C:\Program Files\FourJs\gdc\fitrix\bin\gdc.exe
12:50:16.0484 0676  C:\Program Files\FourJs\gdc\fitrix\bin\gdc.exe - ok
12:50:16.0484 0676  [ A476968C08667B1E09F2A95234E8CEEF ] C:\Program Files\Digital Line Detect\BVRPDiag.dll
12:50:16.0484 0676  C:\Program Files\Digital Line Detect\BVRPDiag.dll - ok
12:50:16.0484 0676  [ C6B8670B36DA884C2B9C94A73AA17AB2 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll
12:50:16.0484 0676  C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll - ok
12:50:16.0484 0676  [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
12:50:16.0484 0676  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
12:50:16.0484 0676  [ EF69247E60C86DA701FCD288290BA41B ] C:\Program Files\Microsoft Office\Office\OSA9.EXE
12:50:16.0484 0676  C:\Program Files\Microsoft Office\Office\OSA9.EXE - ok
12:50:16.0484 0676  [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
12:50:16.0484 0676  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
12:50:16.0500 0676  [ DB91B173EF3A98C793E1480A1F5E58E8 ] C:\Program Files\Dell\QuickSet\AlsSlider.ocx
12:50:16.0500 0676  C:\Program Files\Dell\QuickSet\AlsSlider.ocx - ok
12:50:16.0500 0676  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
12:50:16.0500 0676  C:\WINDOWS\system32\mscoree.dll - ok
12:50:16.0500 0676  [ D96C9FED31152E6786BD4AC3A7104C2F ] C:\Program Files\Microsoft Office\Office\MSO9.DLL
12:50:16.0500 0676  C:\Program Files\Microsoft Office\Office\MSO9.DLL - ok
12:50:16.0500 0676  [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
12:50:16.0500 0676  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
12:50:16.0500 0676  [ 871C3A10A9319D6261D38E1F0CCF59FA ] C:\WINDOWS\system32\igfxext.exe
12:50:16.0500 0676  C:\WINDOWS\system32\igfxext.exe - ok
12:50:16.0500 0676  [ 2F92ED73AC0335C73B07AADC9CA79674 ] C:\Program Files\NetWaiting\mohrc.dll
12:50:16.0500 0676  C:\Program Files\NetWaiting\mohrc.dll - ok
12:50:16.0515 0676  [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
12:50:16.0515 0676  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
12:50:16.0515 0676  [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
12:50:16.0515 0676  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
12:50:16.0515 0676  [ B3D6AC3198835F3ADDC21428952DBA6C ] C:\WINDOWS\system32\igfxexps.dll
12:50:16.0515 0676  C:\WINDOWS\system32\igfxexps.dll - ok
12:50:16.0515 0676  [ 21343229C29B5195B6F7D2B8EB56F8F2 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtTest4.dll
12:50:16.0515 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtTest4.dll - ok
12:50:16.0515 0676  [ 0CAF7D0EC2B158F72244657B1C16D5CF ] C:\Program Files\FourJs\gdc\fitrix\bin\QtCore4.dll
12:50:16.0515 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtCore4.dll - ok
12:50:16.0515 0676  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
12:50:16.0515 0676  C:\WINDOWS\system32\mmcshext.dll - ok
12:50:16.0531 0676  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
12:50:16.0531 0676  C:\WINDOWS\system32\hhsetup.dll - ok
12:50:16.0531 0676  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
12:50:16.0531 0676  C:\WINDOWS\system32\msftedit.dll - ok
12:50:16.0531 0676  [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
12:50:16.0531 0676  C:\WINDOWS\system32\fxsst.dll - ok
12:50:16.0531 0676  [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
12:50:16.0531 0676  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
12:50:16.0531 0676  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
12:50:16.0531 0676  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
12:50:16.0531 0676  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
12:50:16.0531 0676  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
12:50:16.0531 0676  [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
12:50:16.0531 0676  C:\Program Files\iPod\bin\iPodService.exe - ok
12:50:16.0546 0676  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
12:50:16.0546 0676  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
12:50:16.0546 0676  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
12:50:16.0546 0676  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
12:50:16.0546 0676  [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
12:50:16.0546 0676  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
12:50:16.0546 0676  [ B4201177B822BD8F3C2A706D33CA5816 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtWebKit4.dll
12:50:16.0546 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtWebKit4.dll - ok
12:50:16.0546 0676  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
12:50:16.0546 0676  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
12:50:16.0546 0676  [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
12:50:16.0546 0676  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
12:50:16.0562 0676  [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
12:50:16.0562 0676  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
12:50:16.0562 0676  [ 7A7831A07950CD7E8AC82AFA7E44A816 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
12:50:16.0562 0676  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll - ok
12:50:16.0562 0676  [ 982E7190DF0B0A79954EF1886D42047D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
12:50:16.0562 0676  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll - ok
12:50:16.0562 0676  [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
12:50:16.0562 0676  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
12:50:16.0562 0676  [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
12:50:16.0562 0676  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok
12:50:16.0562 0676  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
12:50:16.0562 0676  C:\WINDOWS\system32\drprov.dll - ok
12:50:16.0578 0676  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
12:50:16.0578 0676  C:\WINDOWS\system32\ntlanman.dll - ok
12:50:16.0578 0676  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
12:50:16.0578 0676  C:\WINDOWS\system32\netui0.dll - ok
12:50:16.0578 0676  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
12:50:16.0578 0676  C:\WINDOWS\system32\netui1.dll - ok
12:50:16.0578 0676  [ BA83FBBE9FAF77749DA1CA366FE1DB49 ] C:\Program Files\FourJs\gdc\fitrix\bin\phonon4.dll
12:50:16.0578 0676  C:\Program Files\FourJs\gdc\fitrix\bin\phonon4.dll - ok
12:50:16.0578 0676  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
12:50:16.0578 0676  C:\WINDOWS\system32\davclnt.dll - ok
12:50:16.0578 0676  [ A30CCC300040BFA9048D5D90E7FDD518 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtGui4.dll
12:50:16.0578 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtGui4.dll - ok
12:50:16.0609 0676  [ F03DFE068165BD3E1069A3FBC2E948EA ] C:\Program Files\FourJs\gdc\fitrix\bin\QtNetwork4.dll
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtNetwork4.dll - ok
12:50:16.0609 0676  [ 5159FEF0C282F3E6DAF6968D9611A650 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtSvg4.dll
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtSvg4.dll - ok
12:50:16.0609 0676  [ 36249A838A15F04BC334724E9BAD0193 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtXml4.dll
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\bin\QtXml4.dll - ok
12:50:16.0609 0676  [ 86C1FF9D55F0820B838633017CD0A3B3 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportviewer.exe
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportviewer.exe - ok
12:50:16.0609 0676  [ 3E89594675EB9CA864A5805D42CD7A36 ] C:\Program Files\FourJs\gdc\fitrix\bin\imageformats\qsvg4.dll
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\bin\imageformats\qsvg4.dll - ok
12:50:16.0609 0676  [ CAE28DBC5298154ED8A9EA2A7F37D501 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportwidgets.dll
12:50:16.0609 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportwidgets.dll - ok
12:50:16.0625 0676  [ EBE59FA3C73EEE19E3CFA6ED7A1E3AC3 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtSvg4.dll
12:50:16.0625 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtSvg4.dll - ok
12:50:16.0625 0676  [ FD7D56F3030C60B9FBC0D331EA0AA43F ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtXml4.dll
12:50:16.0625 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtXml4.dll - ok
12:50:16.0625 0676  [ 7596AC2694689E98B91E195422BC7211 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtCore4.dll
12:50:16.0625 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtCore4.dll - ok
12:50:16.0625 0676  [ 4E797CA9C800B2924B082C26861AC40A ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtGui4.dll
12:50:16.0625 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtGui4.dll - ok
12:50:16.0625 0676  [ DF8E0E304FC8B577316A60A65F47401E ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtNetwork4.dll
12:50:16.0625 0676  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtNetwork4.dll - ok
12:50:16.0625 0676  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
12:50:16.0625 0676  C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
12:50:16.0640 0676  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll
12:50:16.0640 0676  C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll - ok
12:50:16.0640 0676  ============================================================
12:50:16.0640 0676  Scan finished
12:50:16.0640 0676  ============================================================
12:50:16.0750 0800  Detected object count: 14
12:50:16.0750 0800  Actual detected object count: 14
12:53:01.0812 0800  APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0812 0800  ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0812 0800  DDCCI ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  DDCCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0812 0800  DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0812 0800  fixustor ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  fixustor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0812 0800  McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0812 0800  McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0828 0800  MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0828 0800  MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0828 0800  MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0828 0800  MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0828 0800  omci ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:01.0828 0800  omci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:01.0890 0800  C:\WINDOWS\system32\DRIVERS\pciide.sys - copied to quarantine
12:53:02.0078 0800  \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
12:53:02.0078 0800  \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
12:53:02.0093 0800  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:53:02.0093 0800  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:53:02.0109 0800  \Device\Harddisk0\DR0\TDLFS\module.dll - copied to quarantine
12:53:02.0140 0800  \Device\Harddisk0\DR0\TDLFS\clc.dll - copied to quarantine
12:53:02.0421 0800  Backup copy found, using it..
12:53:02.0421 0800  C:\WINDOWS\system32\DRIVERS\pciide.sys - will be cured on reboot
12:53:02.0421 0800  PCIIde ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure 
12:53:02.0421 0800  PDIHWCTL ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:02.0421 0800  PDIHWCTL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:02.0437 0800  Stltrk2k ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:02.0437 0800  Stltrk2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:02.0437 0800  TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
12:53:02.0437 0800  TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:53:02.0437 0800  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:53:02.0437 0800  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
12:53:21.0234 3008  Deinitialize success
 
========================================================================
 
ran the anti-rootkit and came up clean!
 
internet works
windows updates seems to work
windows security center back
firewall and AV working.,
 
Mike


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 26 February 2013 - 08:56 PM

I want you to rerun TDSSKiller again for me and when it comes to this part



12:53:02.0437 0800 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:53:02.0437 0800 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Thia time I want you to select delete



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 27 February 2013 - 11:54 AM

This is a Dell laptop, could the unknown filesystem be one of those

'hidden' partitions to re-install?

 

thanks

Mike



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 27 February 2013 - 01:25 PM

no that has to do with a virus
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 27 February 2013 - 01:54 PM

OK, thanks

Here is the TDSSKiller file:

 

 

09:26:13.0921 3820  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:26:13.0937 3820  ============================================================
09:26:13.0937 3820  Current date / time: 2013/02/27 09:26:13.0937
09:26:13.0937 3820  SystemInfo:
09:26:13.0937 3820  
09:26:13.0937 3820  OS Version: 5.1.2600 ServicePack: 3.0
09:26:13.0937 3820  Product type: Workstation
09:26:13.0937 3820  ComputerName: DELL1705
09:26:13.0937 3820  UserName: javierh
09:26:13.0937 3820  Windows directory: C:\WINDOWS
09:26:13.0937 3820  System windows directory: C:\WINDOWS
09:26:13.0937 3820  Processor architecture: Intel x86
09:26:13.0937 3820  Number of processors: 2
09:26:13.0937 3820  Page size: 0x1000
09:26:13.0937 3820  Boot type: Normal boot
09:26:13.0937 3820  ============================================================
09:26:16.0265 3820  BG loaded
09:26:16.0531 3820  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:26:16.0531 3820  ============================================================
09:26:16.0531 3820  \Device\Harddisk0\DR0:
09:26:16.0531 3820  MBR partitions:
09:26:16.0531 3820  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD576E2D
09:26:16.0562 3820  ============================================================
09:26:16.0703 3820  C: <-> \Device\Harddisk0\DR0\Partition1
09:26:16.0703 3820  ============================================================
09:26:16.0703 3820  Initialize success
09:26:16.0703 3820  ============================================================
10:47:09.0000 4068  ============================================================
10:47:09.0000 4068  Scan started
10:47:09.0000 4068  Mode: Manual; SigCheck; TDLFS; 
10:47:09.0000 4068  ============================================================
10:47:09.0875 4068  ================ Scan system memory ========================
10:47:13.0718 4068  System memory - ok
10:47:13.0718 4068  ================ Scan services =============================
10:47:13.0968 4068  [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
10:47:16.0156 4068  61883 - ok
10:47:16.0171 4068  Abiosdsk - ok
10:47:16.0187 4068  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:47:16.0265 4068  abp480n5 - ok
10:47:16.0312 4068  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:47:16.0437 4068  ACPI - ok
10:47:16.0484 4068  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:47:16.0609 4068  ACPIEC - ok
10:47:16.0734 4068  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:47:16.0765 4068  AdobeFlashPlayerUpdateSvc - ok
10:47:16.0812 4068  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:47:16.0937 4068  adpu160m - ok
10:47:16.0984 4068  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:47:17.0187 4068  aec - ok
10:47:17.0250 4068  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:47:17.0359 4068  AFD - ok
10:47:17.0406 4068  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
10:47:17.0562 4068  agp440 - ok
10:47:17.0593 4068  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:47:17.0734 4068  agpCPQ - ok
10:47:17.0765 4068  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:47:17.0828 4068  Aha154x - ok
10:47:17.0843 4068  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:47:18.0000 4068  aic78u2 - ok
10:47:18.0046 4068  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:47:18.0203 4068  aic78xx - ok
10:47:18.0296 4068  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:47:18.0453 4068  Alerter - ok
10:47:18.0500 4068  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:47:18.0578 4068  ALG - ok
10:47:18.0625 4068  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
10:47:18.0812 4068  AliIde - ok
10:47:18.0843 4068  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:47:19.0015 4068  alim1541 - ok
10:47:19.0031 4068  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:47:19.0125 4068  amdagp - ok
10:47:19.0125 4068  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
10:47:19.0203 4068  amsint - ok
10:47:19.0234 4068  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
10:47:19.0234 4068  APPDRV ( UnsignedFile.Multi.Generic ) - warning
10:47:19.0234 4068  APPDRV - detected UnsignedFile.Multi.Generic (1)
10:47:19.0359 4068  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:47:19.0375 4068  Apple Mobile Device - ok
10:47:19.0437 4068  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:47:19.0484 4068  AppMgmt - ok
10:47:19.0500 4068  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:47:19.0593 4068  Arp1394 - ok
10:47:19.0640 4068  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
10:47:19.0765 4068  asc - ok
10:47:19.0812 4068  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:47:19.0906 4068  asc3350p - ok
10:47:19.0937 4068  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:47:20.0093 4068  asc3550 - ok
10:47:20.0125 4068  [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
10:47:20.0171 4068  ASCTRM ( UnsignedFile.Multi.Generic ) - warning
10:47:20.0171 4068  ASCTRM - detected UnsignedFile.Multi.Generic (1)
10:47:20.0328 4068  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:47:20.0359 4068  aspnet_state - ok
10:47:20.0421 4068  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:47:20.0609 4068  AsyncMac - ok
10:47:20.0656 4068  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\ATAPI.SYS
10:47:20.0750 4068  atapi - ok
10:47:20.0765 4068  Atdisk - ok
10:47:20.0781 4068  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:47:20.0875 4068  Atmarpc - ok
10:47:20.0937 4068  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:47:21.0046 4068  AudioSrv - ok
10:47:21.0109 4068  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:47:21.0203 4068  audstub - ok
10:47:21.0296 4068  [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
10:47:21.0531 4068  Autodesk Licensing Service - ok
10:47:21.0578 4068  [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
10:47:21.0734 4068  Avc - ok
10:47:21.0828 4068  [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
10:47:21.0921 4068  BCM43XX - ok
10:47:21.0921 4068  [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
10:47:21.0968 4068  bcm4sbxp - ok
10:47:22.0015 4068  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:47:22.0171 4068  Beep - ok
10:47:22.0250 4068  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:47:22.0546 4068  BITS - ok
10:47:22.0625 4068  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:47:22.0640 4068  Bonjour Service - ok
10:47:22.0687 4068  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:47:22.0781 4068  Browser - ok
10:47:22.0984 4068  catchme - ok
10:47:23.0000 4068  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:47:23.0125 4068  cbidf - ok
10:47:23.0125 4068  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:47:23.0218 4068  cbidf2k - ok
10:47:23.0250 4068  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:47:23.0359 4068  CCDECODE - ok
10:47:23.0390 4068  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:47:23.0468 4068  cd20xrnt - ok
10:47:23.0515 4068  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:47:23.0609 4068  Cdaudio - ok
10:47:23.0656 4068  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:47:23.0765 4068  Cdfs - ok
10:47:23.0781 4068  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:47:23.0890 4068  Cdrom - ok
10:47:23.0906 4068  Changer - ok
10:47:23.0937 4068  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:47:24.0062 4068  CiSvc - ok
10:47:24.0093 4068  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:47:24.0187 4068  ClipSrv - ok
10:47:24.0250 4068  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:47:24.0328 4068  clr_optimization_v2.0.50727_32 - ok
10:47:24.0375 4068  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:47:24.0468 4068  CmBatt - ok
10:47:24.0500 4068  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:47:24.0625 4068  CmdIde - ok
10:47:24.0640 4068  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:47:24.0734 4068  Compbatt - ok
10:47:24.0734 4068  COMSysApp - ok
10:47:24.0734 4068  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:47:24.0828 4068  Cpqarray - ok
10:47:24.0859 4068  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:47:24.0968 4068  CryptSvc - ok
10:47:25.0000 4068  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:47:25.0125 4068  dac2w2k - ok
10:47:25.0156 4068  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:47:25.0250 4068  dac960nt - ok
10:47:25.0312 4068  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:47:25.0390 4068  DcomLaunch - ok
10:47:25.0468 4068  [ 1E433AB880A0D3686320096DB6E22104 ] DDCCI           C:\WINDOWS\system32\DRIVERS\Moni2c.sys
10:47:25.0484 4068  DDCCI ( UnsignedFile.Multi.Generic ) - warning
10:47:25.0484 4068  DDCCI - detected UnsignedFile.Multi.Generic (1)
10:47:25.0515 4068  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:47:25.0625 4068  Dhcp - ok
10:47:25.0625 4068  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:47:25.0734 4068  Disk - ok
10:47:25.0750 4068  dmadmin - ok
10:47:25.0796 4068  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:47:25.0937 4068  dmboot - ok
10:47:25.0968 4068  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:47:26.0078 4068  dmio - ok
10:47:26.0125 4068  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:47:26.0234 4068  dmload - ok
10:47:26.0328 4068  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:47:26.0437 4068  dmserver - ok
10:47:26.0468 4068  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:47:26.0593 4068  DMusic - ok
10:47:26.0625 4068  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:47:26.0781 4068  Dnscache - ok
10:47:26.0828 4068  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:47:26.0921 4068  Dot3svc - ok
10:47:26.0953 4068  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:47:27.0046 4068  dpti2o - ok
10:47:27.0078 4068  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:47:27.0187 4068  drmkaud - ok
10:47:27.0281 4068  [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct         C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
10:47:27.0296 4068  DSproct ( UnsignedFile.Multi.Generic ) - warning
10:47:27.0296 4068  DSproct - detected UnsignedFile.Multi.Generic (1)
10:47:27.0343 4068  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:47:27.0468 4068  E100B - ok
10:47:27.0484 4068  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:47:27.0625 4068  EapHost - ok
10:47:27.0656 4068  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:47:27.0781 4068  ERSvc - ok
10:47:27.0828 4068  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:47:27.0859 4068  Eventlog - ok
10:47:27.0921 4068  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
10:47:28.0015 4068  EventSystem - ok
10:47:28.0078 4068  [ 8313A6AF9DE34A9D24DF2329A548B004 ] eyeonedp        C:\WINDOWS\system32\DRIVERS\eyeonedp.sys
10:47:28.0140 4068  eyeonedp - ok
10:47:28.0171 4068  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:47:28.0281 4068  Fastfat - ok
10:47:28.0328 4068  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:47:28.0406 4068  FastUserSwitchingCompatibility - ok
10:47:28.0453 4068  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:47:28.0562 4068  Fax - ok
10:47:28.0593 4068  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:47:28.0687 4068  Fdc - ok
10:47:28.0734 4068  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:47:28.0843 4068  Fips - ok
10:47:28.0890 4068  [ CDB568DB5E8985DCC623DA808AC61042 ] fixustor        C:\WINDOWS\system32\drivers\fixustor.sys
10:47:28.0906 4068  fixustor ( UnsignedFile.Multi.Generic ) - warning
10:47:28.0906 4068  fixustor - detected UnsignedFile.Multi.Generic (1)
10:47:28.0921 4068  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:47:29.0046 4068  Flpydisk - ok
10:47:29.0093 4068  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:47:29.0203 4068  FltMgr - ok
10:47:29.0343 4068  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:47:29.0359 4068  FontCache3.0.0.0 - ok
10:47:29.0390 4068  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:47:29.0484 4068  Fs_Rec - ok
10:47:29.0515 4068  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:47:29.0593 4068  Ftdisk - ok
10:47:29.0656 4068  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:47:29.0671 4068  GEARAspiWDM - ok
10:47:29.0687 4068  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:47:29.0796 4068  Gpc - ok
10:47:29.0890 4068  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:47:29.0906 4068  gupdate - ok
10:47:29.0921 4068  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:47:29.0921 4068  gupdatem - ok
10:47:29.0984 4068  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:47:30.0000 4068  gusvc - ok
10:47:30.0031 4068  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:47:30.0140 4068  HDAudBus - ok
10:47:30.0218 4068  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:47:30.0343 4068  helpsvc - ok
10:47:30.0406 4068  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:47:30.0562 4068  HidServ - ok
10:47:30.0593 4068  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:47:30.0750 4068  HidUsb - ok
10:47:30.0796 4068  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:47:30.0921 4068  hkmsvc - ok
10:47:30.0953 4068  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
10:47:31.0046 4068  hpn - ok
10:47:31.0140 4068  [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
10:47:31.0250 4068  HSF_DPV - ok
10:47:31.0281 4068  [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL        C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
10:47:31.0296 4068  HSXHWAZL - ok
10:47:31.0343 4068  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:47:31.0406 4068  HTTP - ok
10:47:31.0421 4068  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:47:31.0593 4068  HTTPFilter - ok
10:47:31.0609 4068  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
10:47:31.0781 4068  i2omgmt - ok
10:47:31.0796 4068  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:47:31.0921 4068  i2omp - ok
10:47:31.0968 4068  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:47:32.0078 4068  i8042prt - ok
10:47:32.0390 4068  [ E8C7CC369C2FB657E0792AF70DF529E6 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:47:32.0750 4068  ialm - ok
10:47:32.0875 4068  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:47:32.0953 4068  idsvc - ok
10:47:32.0984 4068  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:47:33.0171 4068  Imapi - ok
10:47:33.0250 4068  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:47:33.0343 4068  ImapiService - ok
10:47:33.0375 4068  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:47:33.0484 4068  ini910u - ok
10:47:33.0531 4068  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
10:47:33.0656 4068  IntelIde - ok
10:47:33.0671 4068  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:47:33.0765 4068  intelppm - ok
10:47:33.0796 4068  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:47:33.0906 4068  Ip6Fw - ok
10:47:33.0937 4068  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:47:34.0062 4068  IpFilterDriver - ok
10:47:34.0093 4068  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:47:34.0203 4068  IpInIp - ok
10:47:34.0250 4068  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:47:34.0359 4068  IpNat - ok
10:47:34.0453 4068  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:47:34.0484 4068  iPod Service - ok
10:47:34.0562 4068  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:47:34.0687 4068  IPSec - ok
10:47:34.0718 4068  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:47:34.0812 4068  IRENUM - ok
10:47:34.0843 4068  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:47:35.0000 4068  isapnp - ok
10:47:35.0093 4068  [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:47:35.0109 4068  JavaQuickStarterService - ok
10:47:35.0140 4068  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:47:35.0296 4068  Kbdclass - ok
10:47:35.0328 4068  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:47:35.0468 4068  kbdhid - ok
10:47:35.0531 4068  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:47:35.0687 4068  kmixer - ok
10:47:35.0718 4068  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:47:35.0890 4068  KSecDD - ok
10:47:35.0937 4068  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:47:35.0984 4068  lanmanserver - ok
10:47:36.0031 4068  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:47:36.0078 4068  lanmanworkstation - ok
10:47:36.0093 4068  lbrtfdc - ok
10:47:36.0125 4068  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:47:36.0218 4068  LmHosts - ok
10:47:36.0265 4068  [ E6CB119EF2E148EAA1A247343550756E ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
10:47:36.0281 4068  McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:47:36.0281 4068  McciCMService - detected UnsignedFile.Multi.Generic (1)
10:47:36.0312 4068  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:47:36.0359 4068  mdmxsdk - ok
10:47:36.0390 4068  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:47:36.0562 4068  Messenger - ok
10:47:36.0578 4068  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:47:36.0687 4068  mnmdd - ok
10:47:36.0734 4068  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:47:36.0859 4068  mnmsrvc - ok
10:47:36.0921 4068  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:47:37.0015 4068  Modem - ok
10:47:37.0046 4068  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:47:37.0203 4068  Mouclass - ok
10:47:37.0250 4068  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:47:37.0390 4068  mouhid - ok
10:47:37.0421 4068  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:47:37.0546 4068  MountMgr - ok
10:47:37.0578 4068  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:47:37.0593 4068  MpFilter - ok
10:47:37.0796 4068  [ A69630D039C38018689190234F866D77 ] MpKsl473f08fe   c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F83D3967-C0CE-43BC-8091-E8BFFC646B22}\MpKsl473f08fe.sys
10:47:37.0812 4068  MpKsl473f08fe - ok
10:47:37.0843 4068  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:47:37.0968 4068  mraid35x - ok
10:47:38.0015 4068  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:47:38.0031 4068  MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:47:38.0031 4068  MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:47:38.0031 4068  MREMPR5 - ok
10:47:38.0031 4068  MRENDIS5 - ok
10:47:38.0062 4068  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:47:38.0062 4068  MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:47:38.0062 4068  MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:47:38.0109 4068  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:47:38.0203 4068  MRxDAV - ok
10:47:38.0250 4068  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:47:38.0343 4068  MRxSmb - ok
10:47:38.0406 4068  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:47:38.0515 4068  MSDTC - ok
10:47:38.0546 4068  [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
10:47:38.0671 4068  MSDV - ok
10:47:38.0671 4068  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:47:38.0765 4068  Msfs - ok
10:47:38.0765 4068  MSIServer - ok
10:47:38.0812 4068  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:47:38.0906 4068  MSKSSRV - ok
10:47:38.0984 4068  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:47:39.0000 4068  MsMpSvc - ok
10:47:39.0031 4068  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:47:39.0125 4068  MSPCLOCK - ok
10:47:39.0156 4068  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:47:39.0281 4068  MSPQM - ok
10:47:39.0312 4068  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:47:39.0421 4068  mssmbios - ok
10:47:39.0453 4068  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:47:39.0593 4068  MSTEE - ok
10:47:39.0609 4068  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:47:39.0656 4068  Mup - ok
10:47:39.0687 4068  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:47:39.0796 4068  NABTSFEC - ok
10:47:39.0859 4068  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:47:39.0968 4068  napagent - ok
10:47:40.0015 4068  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:47:40.0125 4068  NDIS - ok
10:47:40.0156 4068  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:47:40.0250 4068  NdisIP - ok
10:47:40.0296 4068  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:47:40.0406 4068  NdisTapi - ok
10:47:40.0437 4068  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:47:40.0531 4068  Ndisuio - ok
10:47:40.0531 4068  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:47:40.0625 4068  NdisWan - ok
10:47:40.0671 4068  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:47:40.0734 4068  NDProxy - ok
10:47:40.0765 4068  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:47:40.0937 4068  NetBIOS - ok
10:47:40.0953 4068  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:47:41.0078 4068  NetBT - ok
10:47:41.0125 4068  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:47:41.0218 4068  NetDDE - ok
10:47:41.0234 4068  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:47:41.0328 4068  NetDDEdsdm - ok
10:47:41.0375 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:47:41.0484 4068  Netlogon - ok
10:47:41.0531 4068  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:47:41.0640 4068  Netman - ok
10:47:41.0687 4068  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:47:41.0703 4068  NetTcpPortSharing - ok
10:47:41.0734 4068  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:47:41.0859 4068  NIC1394 - ok
10:47:41.0921 4068  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:47:41.0968 4068  Nla - ok
10:47:41.0968 4068  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:47:42.0125 4068  Npfs - ok
10:47:42.0156 4068  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:47:42.0390 4068  Ntfs - ok
10:47:42.0390 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:47:42.0546 4068  NtLmSsp - ok
10:47:42.0609 4068  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:47:42.0734 4068  NtmsSvc - ok
10:47:42.0796 4068  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:47:42.0812 4068  NuidFltr - ok
10:47:42.0843 4068  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:47:42.0953 4068  Null - ok
10:47:43.0046 4068  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:47:43.0281 4068  nv - ok
10:47:43.0312 4068  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:47:43.0453 4068  NwlnkFlt - ok
10:47:43.0515 4068  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:47:43.0671 4068  NwlnkFwd - ok
10:47:43.0781 4068  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:47:43.0828 4068  odserv - ok
10:47:43.0843 4068  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:47:44.0000 4068  ohci1394 - ok
10:47:44.0046 4068  [ B17228142CEC9B3C222239FD935A37CA ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
10:47:44.0078 4068  omci ( UnsignedFile.Multi.Generic ) - warning
10:47:44.0078 4068  omci - detected UnsignedFile.Multi.Generic (1)
10:47:44.0125 4068  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:47:44.0156 4068  ose - ok
10:47:44.0218 4068  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:47:44.0390 4068  Parport - ok
10:47:44.0406 4068  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:47:44.0500 4068  PartMgr - ok
10:47:44.0515 4068  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:47:44.0609 4068  ParVdm - ok
10:47:44.0609 4068  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:47:44.0718 4068  PCI - ok
10:47:44.0718 4068  PCIDump - ok
10:47:44.0750 4068  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:47:44.0843 4068  PCIIde - ok
10:47:44.0875 4068  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:47:44.0968 4068  Pcmcia - ok
10:47:44.0968 4068  PDCOMP - ok
10:47:44.0968 4068  PDFRAME - ok
10:47:45.0015 4068  [ 274FB48DC92E0EC012D4D8D866CFAF8A ] PDIHWCTL        C:\WINDOWS\system32\drivers\pdihwctl.sys
10:47:45.0046 4068  PDIHWCTL ( UnsignedFile.Multi.Generic ) - warning
10:47:45.0046 4068  PDIHWCTL - detected UnsignedFile.Multi.Generic (1)
10:47:45.0046 4068  PDRELI - ok
10:47:45.0062 4068  PDRFRAME - ok
10:47:45.0093 4068  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
10:47:45.0203 4068  perc2 - ok
10:47:45.0218 4068  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:47:45.0312 4068  perc2hib - ok
10:47:45.0359 4068  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:47:45.0375 4068  PlugPlay - ok
10:47:45.0375 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:47:45.0468 4068  PolicyAgent - ok
10:47:45.0484 4068  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:47:45.0609 4068  PptpMiniport - ok
10:47:45.0609 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:47:45.0703 4068  ProtectedStorage - ok
10:47:45.0718 4068  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:47:45.0812 4068  PSched - ok
10:47:45.0812 4068  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:47:45.0890 4068  Ptilink - ok
10:47:45.0906 4068  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:47:46.0000 4068  ql1080 - ok
10:47:46.0000 4068  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:47:46.0093 4068  Ql10wnt - ok
10:47:46.0109 4068  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:47:46.0203 4068  ql12160 - ok
10:47:46.0218 4068  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:47:46.0328 4068  ql1240 - ok
10:47:46.0359 4068  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:47:46.0437 4068  ql1280 - ok
10:47:46.0484 4068  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:47:46.0562 4068  RasAcd - ok
10:47:46.0609 4068  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:47:46.0718 4068  RasAuto - ok
10:47:46.0750 4068  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:47:46.0875 4068  Rasl2tp - ok
10:47:46.0937 4068  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:47:47.0046 4068  RasMan - ok
10:47:47.0046 4068  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:47:47.0156 4068  RasPppoe - ok
10:47:47.0156 4068  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:47:47.0296 4068  Raspti - ok
10:47:47.0328 4068  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:47:47.0437 4068  Rdbss - ok
10:47:47.0437 4068  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:47:47.0546 4068  RDPCDD - ok
10:47:47.0609 4068  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:47:47.0718 4068  rdpdr - ok
10:47:47.0765 4068  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:47:47.0890 4068  RDPWD - ok
10:47:47.0921 4068  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:47:48.0031 4068  RDSessMgr - ok
10:47:48.0046 4068  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:47:48.0203 4068  redbook - ok
10:47:48.0265 4068  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:47:48.0406 4068  RemoteAccess - ok
10:47:48.0453 4068  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:47:48.0578 4068  RemoteRegistry - ok
10:47:48.0609 4068  [ 24ED7AF20651F9FA1F249482E7C1F165 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
10:47:48.0656 4068  rimmptsk - ok
10:47:48.0656 4068  [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] rimsptsk        C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
10:47:48.0703 4068  rimsptsk - ok
10:47:48.0750 4068  [ F17713D108ACA124A139FDE877EEF68A ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
10:47:48.0843 4068  RimUsb - ok
10:47:48.0875 4068  [ F774ECD11A064F0DEBB2D4395418153C ] rismxdp         C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
10:47:48.0921 4068  rismxdp - ok
10:47:48.0968 4068  [ 7B9921A14BE8D230148B87322CF1917A ] ROCKEYNT        C:\WINDOWS\system32\DRIVERS\Rockey4.sys
10:47:49.0046 4068  ROCKEYNT - ok
10:47:49.0109 4068  [ E7B17E52E9DD2F37874C60C43B5D0047 ] Rockey_USB      C:\WINDOWS\system32\DRIVERS\Rockey4USB.sys
10:47:49.0140 4068  Rockey_USB - ok
10:47:49.0187 4068  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:47:49.0281 4068  RpcLocator - ok
10:47:49.0343 4068  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
10:47:49.0375 4068  RpcSs - ok
10:47:49.0437 4068  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:47:49.0546 4068  RSVP - ok
10:47:49.0578 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:47:49.0671 4068  SamSs - ok
10:47:49.0718 4068  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:47:49.0812 4068  SCardSvr - ok
10:47:49.0859 4068  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:47:49.0984 4068  Schedule - ok
10:47:50.0015 4068  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:47:50.0125 4068  sdbus - ok
10:47:50.0171 4068  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:47:50.0250 4068  Secdrv - ok
10:47:50.0281 4068  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:47:50.0359 4068  seclogon - ok
10:47:50.0390 4068  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:47:50.0484 4068  SENS - ok
10:47:50.0562 4068  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:47:50.0640 4068  serenum - ok
10:47:50.0687 4068  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:47:50.0765 4068  Serial - ok
10:47:50.0812 4068  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:47:50.0921 4068  sffdisk - ok
10:47:50.0953 4068  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:47:51.0062 4068  sffp_sd - ok
10:47:51.0093 4068  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:47:51.0187 4068  Sfloppy - ok
10:47:51.0234 4068  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:47:51.0390 4068  SharedAccess - ok
10:47:51.0406 4068  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:47:51.0421 4068  ShellHWDetection - ok
10:47:51.0468 4068  [ D1859818D5942F666819AC68B6156310 ] Si3132r5        C:\WINDOWS\system32\DRIVERS\Si3132r5.sys
10:47:51.0578 4068  Si3132r5 - ok
10:47:51.0593 4068  [ 72CF151FB410E544904DBC7D7F29B796 ] SiFilter        C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
10:47:51.0593 4068  SiFilter - ok
10:47:51.0609 4068  Simbad - ok
10:47:51.0625 4068  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:47:51.0718 4068  sisagp - ok
10:47:51.0734 4068  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:47:51.0812 4068  SLIP - ok
10:47:51.0859 4068  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:47:51.0937 4068  Sparrow - ok
10:47:51.0968 4068  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:47:52.0062 4068  splitter - ok
10:47:52.0093 4068  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:47:52.0140 4068  Spooler - ok
10:47:52.0140 4068  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:47:52.0234 4068  sr - ok
10:47:52.0281 4068  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:47:52.0328 4068  srservice - ok
10:47:52.0359 4068  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:47:52.0453 4068  Srv - ok
10:47:52.0484 4068  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:47:52.0546 4068  SSDPSRV - ok
10:47:52.0656 4068  [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
10:47:52.0765 4068  STHDA - ok
10:47:52.0796 4068  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:47:52.0906 4068  stisvc - ok
10:47:52.0953 4068  [ 31A9FEA9FFAFCE0F2D1D712CFD6AF568 ] Stltrk2k        C:\WINDOWS\system32\drivers\Stltrk2k.sys
10:47:52.0968 4068  Stltrk2k ( UnsignedFile.Multi.Generic ) - warning
10:47:52.0968 4068  Stltrk2k - detected UnsignedFile.Multi.Generic (1)
10:47:53.0015 4068  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:47:53.0140 4068  streamip - ok
10:47:53.0156 4068  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:47:53.0250 4068  swenum - ok
10:47:53.0281 4068  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:47:53.0390 4068  swmidi - ok
10:47:53.0390 4068  SwPrv - ok
10:47:53.0421 4068  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
10:47:53.0515 4068  symc810 - ok
10:47:53.0531 4068  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:47:53.0609 4068  symc8xx - ok
10:47:53.0640 4068  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:47:53.0734 4068  sym_hi - ok
10:47:53.0750 4068  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:47:53.0843 4068  sym_u3 - ok
10:47:53.0906 4068  [ FA2DAA32BED908023272A0F77D625DAE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:47:53.0968 4068  SynTP - ok
10:47:54.0000 4068  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:47:54.0093 4068  sysaudio - ok
10:47:54.0109 4068  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:47:54.0203 4068  SysmonLog - ok
10:47:54.0250 4068  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:47:54.0343 4068  TapiSrv - ok
10:47:54.0390 4068  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:47:54.0406 4068  Tcpip - ok
10:47:54.0437 4068  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:47:54.0546 4068  TDPIPE - ok
10:47:54.0578 4068  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:47:54.0703 4068  TDTCP - ok
10:47:54.0734 4068  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:47:54.0828 4068  TermDD - ok
10:47:54.0875 4068  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:47:54.0984 4068  TermService - ok
10:47:55.0031 4068  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:47:55.0046 4068  Themes - ok
10:47:55.0093 4068  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:47:55.0156 4068  TlntSvr - ok
10:47:55.0187 4068  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
10:47:55.0296 4068  TosIde - ok
10:47:55.0296 4068  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:47:55.0406 4068  TrkWks - ok
10:47:55.0453 4068  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\drivers\TrueSight.sys
10:47:55.0562 4068  TrueSight ( UnsignedFile.Multi.Generic ) - warning
10:47:55.0562 4068  TrueSight - detected UnsignedFile.Multi.Generic (1)
10:47:55.0593 4068  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:47:55.0671 4068  Udfs - ok
10:47:55.0703 4068  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
10:47:55.0781 4068  ultra - ok
10:47:55.0828 4068  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:47:55.0921 4068  Update - ok
10:47:55.0968 4068  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:47:56.0015 4068  upnphost - ok
10:47:56.0046 4068  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:47:56.0140 4068  UPS - ok
10:47:56.0187 4068  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
10:47:56.0281 4068  USBAAPL - ok
10:47:56.0312 4068  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:47:56.0406 4068  usbccgp - ok
10:47:56.0437 4068  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:47:56.0546 4068  usbehci - ok
10:47:56.0578 4068  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:47:56.0671 4068  usbhub - ok
10:47:56.0703 4068  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:47:56.0796 4068  usbprint - ok
10:47:56.0796 4068  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:47:56.0890 4068  usbscan - ok
10:47:56.0906 4068  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:47:57.0000 4068  USBSTOR - ok
10:47:57.0000 4068  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:47:57.0109 4068  usbuhci - ok
10:47:57.0171 4068  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:47:57.0281 4068  VgaSave - ok
10:47:57.0312 4068  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:47:57.0421 4068  viaagp - ok
10:47:57.0453 4068  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
10:47:57.0546 4068  ViaIde - ok
10:47:57.0593 4068  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:47:57.0750 4068  VolSnap - ok
10:47:57.0796 4068  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:47:57.0875 4068  VSS - ok
10:47:57.0921 4068  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
10:47:58.0078 4068  w32time - ok
10:47:58.0093 4068  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:47:58.0234 4068  Wanarp - ok
10:47:58.0234 4068  wanatw - ok
10:47:58.0328 4068  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:47:58.0359 4068  Wdf01000 - ok
10:47:58.0359 4068  WDICA - ok
10:47:58.0390 4068  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:47:58.0468 4068  wdmaud - ok
10:47:58.0531 4068  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:47:58.0640 4068  WebClient - ok
10:47:58.0734 4068  [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
10:47:58.0750 4068  winachsf - ok
10:47:58.0875 4068  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:47:59.0031 4068  winmgmt - ok
10:47:59.0046 4068  wltrysvc - ok
10:47:59.0093 4068  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:47:59.0171 4068  WmdmPmSN - ok
10:47:59.0234 4068  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:47:59.0265 4068  Wmi - ok
10:47:59.0328 4068  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:47:59.0437 4068  WmiAcpi - ok
10:47:59.0468 4068  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:47:59.0593 4068  WmiApSrv - ok
10:47:59.0718 4068  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
10:47:59.0828 4068  WMPNetworkSvc - ok
10:47:59.0859 4068  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:47:59.0875 4068  WpdUsb - ok
10:47:59.0906 4068  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:48:00.0031 4068  WS2IFSL - ok
10:48:00.0078 4068  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:48:00.0281 4068  wscsvc - ok
10:48:00.0312 4068  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:48:00.0421 4068  WSTCODEC - ok
10:48:00.0468 4068  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:48:00.0625 4068  wuauserv - ok
10:48:00.0671 4068  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:48:00.0718 4068  WudfPf - ok
10:48:00.0750 4068  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:48:00.0765 4068  WudfRd - ok
10:48:00.0812 4068  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:48:00.0843 4068  WudfSvc - ok
10:48:00.0906 4068  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:48:01.0046 4068  WZCSVC - ok
10:48:01.0078 4068  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:48:01.0234 4068  xmlprov - ok
10:48:01.0250 4068  ================ Scan global ===============================
10:48:01.0296 4068  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:48:01.0343 4068  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:48:01.0343 4068  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:48:01.0375 4068  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:48:01.0375 4068  [Global] - ok
10:48:01.0375 4068  ================ Scan MBR ==================================
10:48:01.0390 4068  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
10:48:01.0796 4068  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:48:01.0796 4068  \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:48:01.0796 4068  ================ Scan VBR ==================================
10:48:01.0828 4068  [ 67DAFABC2AFE358E37873EB9FD6DA305 ] \Device\Harddisk0\DR0\Partition1
10:48:01.0828 4068  \Device\Harddisk0\DR0\Partition1 - ok
10:48:01.0828 4068  ================ Scan active images ========================
10:48:01.0828 4068  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
10:48:01.0828 4068  C:\WINDOWS\system32\drivers\nic1394.sys - ok
10:48:01.0843 4068  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
10:48:01.0843 4068  C:\WINDOWS\system32\drivers\intelppm.sys - ok
10:48:01.0843 4068  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
10:48:01.0843 4068  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
10:48:01.0843 4068  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
10:48:01.0843 4068  C:\WINDOWS\system32\drivers\cmbatt.sys - ok
10:48:01.0859 4068  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
10:48:01.0859 4068  C:\WINDOWS\system32\drivers\videoprt.sys - ok
10:48:01.0859 4068  [ E8C7CC369C2FB657E0792AF70DF529E6 ] C:\WINDOWS\system32\drivers\igxpmp32.sys
10:48:01.0859 4068  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
10:48:01.0859 4068  [ B89BCF0A25AEB3B47030AC83287F894A ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
10:48:01.0859 4068  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
10:48:01.0875 4068  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
10:48:01.0875 4068  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
10:48:01.0875 4068  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
10:48:01.0875 4068  C:\WINDOWS\system32\drivers\usbport.sys - ok
10:48:01.0875 4068  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
10:48:01.0875 4068  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
10:48:01.0875 4068  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
10:48:01.0875 4068  C:\WINDOWS\system32\drivers\usbehci.sys - ok
10:48:01.0890 4068  [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
10:48:01.0890 4068  C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
10:48:01.0890 4068  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys
10:48:01.0890 4068  C:\WINDOWS\system32\drivers\sdbus.sys - ok
10:48:01.0890 4068  [ 24ED7AF20651F9FA1F249482E7C1F165 ] C:\WINDOWS\system32\drivers\rimmptsk.sys
10:48:01.0890 4068  C:\WINDOWS\system32\drivers\rimmptsk.sys - ok
10:48:01.0890 4068  [ 1BDBA2D2D402415A78A4BA766DFE0F7B ] C:\WINDOWS\system32\drivers\rimsptsk.sys
10:48:01.0890 4068  C:\WINDOWS\system32\drivers\rimsptsk.sys - ok
10:48:01.0906 4068  [ F774ECD11A064F0DEBB2D4395418153C ] C:\WINDOWS\system32\drivers\rixdptsk.sys
10:48:01.0906 4068  C:\WINDOWS\system32\drivers\rixdptsk.sys - ok
10:48:01.0906 4068  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
10:48:01.0906 4068  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
10:48:01.0906 4068  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
10:48:01.0906 4068  C:\WINDOWS\system32\drivers\usbd.sys - ok
10:48:01.0921 4068  [ FA2DAA32BED908023272A0F77D625DAE ] C:\WINDOWS\system32\drivers\SynTP.sys
10:48:01.0921 4068  C:\WINDOWS\system32\drivers\SynTP.sys - ok
10:48:01.0921 4068  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
10:48:01.0921 4068  C:\WINDOWS\system32\drivers\mouclass.sys - ok
10:48:01.0921 4068  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
10:48:01.0921 4068  C:\WINDOWS\system32\drivers\imapi.sys - ok
10:48:01.0921 4068  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
10:48:01.0921 4068  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
10:48:01.0937 4068  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
10:48:01.0937 4068  C:\WINDOWS\system32\drivers\cdrom.sys - ok
10:48:01.0937 4068  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
10:48:01.0937 4068  C:\WINDOWS\system32\drivers\ks.sys - ok
10:48:01.0937 4068  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
10:48:01.0937 4068  C:\WINDOWS\system32\drivers\redbook.sys - ok
10:48:01.0953 4068  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
10:48:01.0953 4068  C:\WINDOWS\system32\drivers\audstub.sys - ok
10:48:01.0953 4068  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
10:48:01.0953 4068  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
10:48:01.0953 4068  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
10:48:01.0953 4068  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
10:48:01.0953 4068  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
10:48:01.0953 4068  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
10:48:01.0968 4068  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
10:48:01.0968 4068  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
10:48:01.0968 4068  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
10:48:01.0968 4068  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
10:48:01.0968 4068  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
10:48:01.0968 4068  C:\WINDOWS\system32\drivers\tdi.sys - ok
10:48:01.0984 4068  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\raspptp.sys - ok
10:48:01.0984 4068  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\psched.sys - ok
10:48:01.0984 4068  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\msgpc.sys - ok
10:48:01.0984 4068  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\ptilink.sys - ok
10:48:01.0984 4068  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\raspti.sys - ok
10:48:01.0984 4068  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
10:48:01.0984 4068  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
10:48:02.0000 4068  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\termdd.sys - ok
10:48:02.0000 4068  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\swenum.sys - ok
10:48:02.0000 4068  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\update.sys - ok
10:48:02.0000 4068  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
10:48:02.0000 4068  [ B17228142CEC9B3C222239FD935A37CA ] C:\WINDOWS\system32\drivers\omci.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\omci.sys - ok
10:48:02.0000 4068  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
10:48:02.0000 4068  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
10:48:02.0000 4068  C:\WINDOWS\system32\drivers\drmk.sys - ok
10:48:02.0015 4068  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\portcls.sys - ok
10:48:02.0015 4068  [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] C:\WINDOWS\system32\drivers\sthda.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\sthda.sys - ok
10:48:02.0015 4068  [ 61478FA42EE04562E7F11F4DCA87E9C8 ] C:\WINDOWS\system32\drivers\HSXHWAZL.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\HSXHWAZL.sys - ok
10:48:02.0015 4068  [ E8EC1767EA315A39A0DD8989952CA0E9 ] C:\WINDOWS\system32\drivers\HSX_DPV.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\HSX_DPV.sys - ok
10:48:02.0015 4068  [ BA6B6FB242A6BA4068C8B763063BEB63 ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
10:48:02.0015 4068  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
10:48:02.0015 4068  C:\WINDOWS\system32\drivers\modem.sys - ok
10:48:02.0031 4068  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\usbhub.sys - ok
10:48:02.0031 4068  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
10:48:02.0031 4068  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
10:48:02.0031 4068  [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
10:48:02.0031 4068  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
10:48:02.0031 4068  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
10:48:02.0031 4068  C:\WINDOWS\system32\drivers\beep.sys - ok
10:48:02.0046 4068  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\hidparse.sys - ok
10:48:02.0046 4068  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
10:48:02.0046 4068  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\null.sys - ok
10:48:02.0046 4068  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\vga.sys - ok
10:48:02.0046 4068  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
10:48:02.0046 4068  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
10:48:02.0046 4068  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
10:48:02.0062 4068  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\msfs.sys - ok
10:48:02.0062 4068  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\ipsec.sys - ok
10:48:02.0062 4068  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\npfs.sys - ok
10:48:02.0062 4068  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\rasacd.sys - ok
10:48:02.0062 4068  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\tcpip.sys - ok
10:48:02.0062 4068  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\ipnat.sys - ok
10:48:02.0062 4068  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
10:48:02.0062 4068  C:\WINDOWS\system32\drivers\netbt.sys - ok
10:48:02.0078 4068  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
10:48:02.0078 4068  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\afd.sys - ok
10:48:02.0078 4068  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\netbios.sys - ok
10:48:02.0078 4068  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\serial.sys - ok
10:48:02.0078 4068  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\rdbss.sys - ok
10:48:02.0078 4068  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
10:48:02.0078 4068  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
10:48:02.0093 4068  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
10:48:02.0093 4068  C:\WINDOWS\system32\drivers\fips.sys - ok
10:48:02.0093 4068  [ EC94E05B76D033B74394E7B2175103CF ] C:\WINDOWS\system32\drivers\APPDRV.SYS
10:48:02.0093 4068  C:\WINDOWS\system32\drivers\APPDRV.SYS - ok
10:48:02.0093 4068  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
10:48:02.0093 4068  C:\WINDOWS\system32\ntdll.dll - ok
10:48:02.0093 4068  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
10:48:02.0093 4068  C:\WINDOWS\system32\smss.exe - ok
10:48:02.0093 4068  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
10:48:02.0093 4068  C:\WINDOWS\system32\autochk.exe - ok
10:48:02.0093 4068  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
10:48:02.0093 4068  C:\WINDOWS\system32\sfcfiles.dll - ok
10:48:02.0109 4068  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
10:48:02.0109 4068  C:\WINDOWS\system32\drivers\cdfs.sys - ok
10:48:02.0109 4068  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\ATAPI.SYS
10:48:02.0109 4068  C:\WINDOWS\system32\drivers\ATAPI.SYS - ok
10:48:02.0109 4068  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
10:48:02.0109 4068  C:\WINDOWS\system32\drivers\wmilib.sys - ok
10:48:02.0109 4068  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
10:48:02.0109 4068  C:\WINDOWS\system32\drivers\wanarp.sys - ok
10:48:02.0109 4068  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
10:48:02.0109 4068  C:\WINDOWS\system32\drivers\dxapi.sys - ok
10:48:02.0109 4068  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
10:48:02.0109 4068  C:\WINDOWS\system32\watchdog.sys - ok
10:48:02.0125 4068  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
10:48:02.0125 4068  C:\WINDOWS\system32\win32k.sys - ok
10:48:02.0125 4068  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:48:02.0125 4068  C:\WINDOWS\system32\basesrv.dll - ok
10:48:02.0125 4068  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
10:48:02.0125 4068  C:\WINDOWS\system32\csrsrv.dll - ok
10:48:02.0125 4068  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
10:48:02.0125 4068  C:\WINDOWS\system32\csrss.exe - ok
10:48:02.0125 4068  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
10:48:02.0125 4068  C:\WINDOWS\system32\drivers\arp1394.sys - ok
10:48:02.0125 4068  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
10:48:02.0125 4068  C:\WINDOWS\system32\gdi32.dll - ok
10:48:02.0125 4068  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:48:02.0125 4068  C:\WINDOWS\system32\winsrv.dll - ok
10:48:02.0140 4068  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
10:48:02.0140 4068  C:\WINDOWS\system32\drivers\dxg.sys - ok
10:48:02.0140 4068  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
10:48:02.0140 4068  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
10:48:02.0140 4068  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
10:48:02.0140 4068  C:\WINDOWS\system32\kernel32.dll - ok
10:48:02.0140 4068  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
10:48:02.0140 4068  C:\WINDOWS\system32\user32.dll - ok
10:48:02.0140 4068  [ B8180E7C022E261CFDD7BB40F417976A ] C:\WINDOWS\system32\igxpgd32.dll
10:48:02.0140 4068  C:\WINDOWS\system32\igxpgd32.dll - ok
10:48:02.0140 4068  [ 7D08AA6F3A6348FD8A84E077759D411E ] C:\WINDOWS\system32\igxprd32.dll
10:48:02.0140 4068  C:\WINDOWS\system32\igxprd32.dll - ok
10:48:02.0156 4068  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
10:48:02.0156 4068  C:\WINDOWS\system32\vga.dll - ok
10:48:02.0156 4068  [ 00B9719183E9ED0E5A93924E6C664A7A ] C:\WINDOWS\system32\igxpdv32.dll
10:48:02.0156 4068  C:\WINDOWS\system32\igxpdv32.dll - ok
10:48:02.0156 4068  [ 8A2EE74FA1C65CB30CFE2B112B871288 ] C:\WINDOWS\system32\igxpdx32.dll
10:48:02.0156 4068  C:\WINDOWS\system32\igxpdx32.dll - ok
10:48:02.0156 4068  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
10:48:02.0156 4068  C:\WINDOWS\system32\advapi32.dll - ok
10:48:02.0156 4068  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
10:48:02.0156 4068  C:\WINDOWS\system32\rpcrt4.dll - ok
10:48:02.0156 4068  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
10:48:02.0156 4068  C:\WINDOWS\system32\winlogon.exe - ok
10:48:02.0171 4068  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
10:48:02.0171 4068  C:\WINDOWS\system32\authz.dll - ok
10:48:02.0171 4068  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
10:48:02.0171 4068  C:\WINDOWS\system32\crypt32.dll - ok
10:48:02.0171 4068  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
10:48:02.0171 4068  C:\WINDOWS\system32\msasn1.dll - ok
10:48:02.0171 4068  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
10:48:02.0171 4068  C:\WINDOWS\system32\msvcrt.dll - ok
10:48:02.0171 4068  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
10:48:02.0171 4068  C:\WINDOWS\system32\nddeapi.dll - ok
10:48:02.0171 4068  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
10:48:02.0171 4068  C:\WINDOWS\system32\netapi32.dll - ok
10:48:02.0171 4068  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
10:48:02.0171 4068  C:\WINDOWS\system32\profmap.dll - ok
10:48:02.0187 4068  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
10:48:02.0187 4068  C:\WINDOWS\system32\psapi.dll - ok
10:48:02.0187 4068  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
10:48:02.0187 4068  C:\WINDOWS\system32\regapi.dll - ok
10:48:02.0187 4068  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
10:48:02.0187 4068  C:\WINDOWS\system32\secur32.dll - ok
10:48:02.0187 4068  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
10:48:02.0187 4068  C:\WINDOWS\system32\setupapi.dll - ok
10:48:02.0187 4068  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
10:48:02.0187 4068  C:\WINDOWS\system32\userenv.dll - ok
10:48:02.0187 4068  [ 054DE1AAE871B3D7397D9B3BC1C20E65 ] C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
10:48:02.0187 4068  C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL - ok
10:48:02.0203 4068  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
10:48:02.0203 4068  C:\WINDOWS\system32\imagehlp.dll - ok
10:48:02.0203 4068  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
10:48:02.0203 4068  C:\WINDOWS\system32\imm32.dll - ok
10:48:02.0203 4068  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
10:48:02.0203 4068  C:\WINDOWS\system32\kbdus.dll - ok
10:48:02.0203 4068  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
10:48:02.0203 4068  C:\WINDOWS\system32\version.dll - ok
10:48:02.0203 4068  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
10:48:02.0203 4068  C:\WINDOWS\system32\winsta.dll - ok
10:48:02.0203 4068  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
10:48:02.0203 4068  C:\WINDOWS\system32\wintrust.dll - ok
10:48:02.0218 4068  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
10:48:02.0218 4068  C:\WINDOWS\system32\ws2help.dll - ok
10:48:02.0218 4068  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
10:48:02.0218 4068  C:\WINDOWS\system32\ws2_32.dll - ok
10:48:02.0218 4068  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
10:48:02.0218 4068  C:\WINDOWS\system32\msgina.dll - ok
10:48:02.0218 4068  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
10:48:02.0218 4068  C:\WINDOWS\system32\comctl32.dll - ok
10:48:02.0218 4068  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
10:48:02.0218 4068  C:\WINDOWS\system32\comdlg32.dll - ok
10:48:02.0234 4068  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
10:48:02.0234 4068  C:\WINDOWS\system32\odbc32.dll - ok
10:48:02.0234 4068  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
10:48:02.0234 4068  C:\WINDOWS\system32\shell32.dll - ok
10:48:02.0234 4068  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
10:48:02.0234 4068  C:\WINDOWS\system32\shlwapi.dll - ok
10:48:02.0234 4068  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
10:48:02.0234 4068  C:\WINDOWS\system32\sxs.dll - ok
10:48:02.0234 4068  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
10:48:02.0234 4068  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
10:48:02.0234 4068  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
10:48:02.0234 4068  C:\WINDOWS\system32\odbcint.dll - ok
10:48:02.0250 4068  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
10:48:02.0250 4068  C:\WINDOWS\system32\ole32.dll - ok
10:48:02.0250 4068  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
10:48:02.0250 4068  C:\WINDOWS\system32\sfc.dll - ok
10:48:02.0250 4068  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
10:48:02.0250 4068  C:\WINDOWS\system32\sfc_os.dll - ok
10:48:02.0250 4068  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
10:48:02.0250 4068  C:\WINDOWS\system32\shsvcs.dll - ok
10:48:02.0250 4068  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
10:48:02.0250 4068  C:\WINDOWS\system32\apphelp.dll - ok
10:48:02.0250 4068  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
10:48:02.0250 4068  C:\WINDOWS\system32\dnsapi.dll - ok
10:48:02.0250 4068  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
10:48:02.0250 4068  C:\WINDOWS\system32\lsasrv.dll - ok
10:48:02.0265 4068  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
10:48:02.0265 4068  C:\WINDOWS\system32\lsass.exe - ok
10:48:02.0265 4068  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
10:48:02.0265 4068  C:\WINDOWS\system32\mpr.dll - ok
10:48:02.0265 4068  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
10:48:02.0265 4068  C:\WINDOWS\system32\msvcp60.dll - ok
10:48:02.0265 4068  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
10:48:02.0265 4068  C:\WINDOWS\system32\ncobjapi.dll - ok
10:48:02.0265 4068  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
10:48:02.0265 4068  C:\WINDOWS\system32\ntdsapi.dll - ok
10:48:02.0265 4068  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
10:48:02.0265 4068  C:\WINDOWS\system32\scesrv.dll - ok
10:48:02.0281 4068  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:48:02.0281 4068  C:\WINDOWS\system32\services.exe - ok
10:48:02.0281 4068  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
10:48:02.0281 4068  C:\WINDOWS\system32\shimeng.dll - ok
10:48:02.0281 4068  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
10:48:02.0281 4068  C:\WINDOWS\system32\umpnpmgr.dll - ok
10:48:02.0281 4068  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
10:48:02.0281 4068  C:\WINDOWS\AppPatch\acadproc.dll - ok
10:48:02.0281 4068  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
10:48:02.0281 4068  C:\WINDOWS\AppPatch\acgenral.dll - ok
10:48:02.0281 4068  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
10:48:02.0281 4068  C:\WINDOWS\system32\cryptdll.dll - ok
10:48:02.0281 4068  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
10:48:02.0281 4068  C:\WINDOWS\system32\samlib.dll - ok
10:48:02.0296 4068  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
10:48:02.0296 4068  C:\WINDOWS\system32\samsrv.dll - ok
10:48:02.0296 4068  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
10:48:02.0296 4068  C:\WINDOWS\system32\winmm.dll - ok
10:48:02.0296 4068  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
10:48:02.0296 4068  C:\WINDOWS\system32\wldap32.dll - ok
10:48:02.0296 4068  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
10:48:02.0296 4068  C:\WINDOWS\system32\msacm32.dll - ok
10:48:02.0296 4068  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
10:48:02.0296 4068  C:\WINDOWS\system32\oleaut32.dll - ok
10:48:02.0296 4068  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
10:48:02.0296 4068  C:\WINDOWS\system32\uxtheme.dll - ok
10:48:02.0312 4068  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
10:48:02.0312 4068  C:\WINDOWS\system32\digest.dll - ok
10:48:02.0312 4068  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
10:48:02.0312 4068  C:\WINDOWS\system32\msapsspc.dll - ok
10:48:02.0312 4068  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
10:48:02.0312 4068  C:\WINDOWS\system32\msnsspc.dll - ok
10:48:02.0312 4068  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
10:48:02.0312 4068  C:\WINDOWS\system32\msvcrt40.dll - ok
10:48:02.0312 4068  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
10:48:02.0312 4068  C:\WINDOWS\system32\schannel.dll - ok
10:48:02.0312 4068  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
10:48:02.0312 4068  C:\WINDOWS\system32\kerberos.dll - ok
10:48:02.0328 4068  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
10:48:02.0328 4068  C:\WINDOWS\system32\msctfime.ime - ok
10:48:02.0328 4068  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
10:48:02.0328 4068  C:\WINDOWS\system32\msprivs.dll - ok
10:48:02.0328 4068  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
10:48:02.0328 4068  C:\WINDOWS\system32\iphlpapi.dll - ok
10:48:02.0328 4068  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
10:48:02.0328 4068  C:\WINDOWS\system32\msv1_0.dll - ok
10:48:02.0328 4068  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
10:48:02.0328 4068  C:\WINDOWS\system32\netlogon.dll - ok
10:48:02.0328 4068  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
10:48:02.0328 4068  C:\WINDOWS\system32\w32time.dll - ok
10:48:02.0343 4068  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
10:48:02.0343 4068  C:\WINDOWS\system32\rsaenh.dll - ok
10:48:02.0343 4068  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
10:48:02.0343 4068  C:\WINDOWS\system32\wdigest.dll - ok
10:48:02.0343 4068  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
10:48:02.0343 4068  C:\WINDOWS\system32\winscard.dll - ok
10:48:02.0343 4068  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
10:48:02.0343 4068  C:\WINDOWS\system32\wtsapi32.dll - ok
10:48:02.0343 4068  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
10:48:02.0343 4068  C:\WINDOWS\system32\atmfd.dll - ok
10:48:02.0343 4068  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
10:48:02.0343 4068  C:\WINDOWS\system32\scecli.dll - ok
10:48:02.0343 4068  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
10:48:02.0343 4068  C:\WINDOWS\system32\svchost.exe - ok
10:48:02.0359 4068  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
10:48:02.0359 4068  C:\WINDOWS\system32\ntmarta.dll - ok
10:48:02.0359 4068  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
10:48:02.0359 4068  C:\WINDOWS\system32\rpcss.dll - ok
10:48:02.0359 4068  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
10:48:02.0359 4068  C:\WINDOWS\system32\xpsp2res.dll - ok
10:48:02.0359 4068  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
10:48:02.0359 4068  C:\WINDOWS\system32\eventlog.dll - ok
10:48:02.0359 4068  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
10:48:02.0359 4068  C:\WINDOWS\system32\mswsock.dll - ok
10:48:02.0359 4068  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
10:48:02.0359 4068  C:\Program Files\Bonjour\mdnsNSP.dll - ok
10:48:02.0375 4068  [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:48:02.0375 4068  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:48:02.0375 4068  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:48:02.0375 4068  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:48:02.0375 4068  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
10:48:02.0375 4068  C:\WINDOWS\system32\rasadhlp.dll - ok
10:48:02.0375 4068  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
10:48:02.0375 4068  C:\WINDOWS\system32\winrnr.dll - ok
10:48:02.0375 4068  [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:48:02.0375 4068  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:48:02.0375 4068  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
10:48:02.0375 4068  C:\WINDOWS\system32\WudfPlatform.dll - ok
10:48:02.0390 4068  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
10:48:02.0390 4068  C:\WINDOWS\system32\WudfSvc.dll - ok
10:48:02.0390 4068  [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:48:02.0390 4068  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:48:02.0390 4068  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
10:48:02.0390 4068  C:\WINDOWS\system32\fltlib.dll - ok
10:48:02.0390 4068  [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F83D3967-C0CE-43BC-8091-E8BFFC646B22}\mpengine.dll
10:48:02.0390 4068  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F83D3967-C0CE-43BC-8091-E8BFFC646B22}\mpengine.dll - ok
10:48:02.0390 4068  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
10:48:02.0390 4068  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
10:48:02.0390 4068  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
10:48:02.0390 4068  C:\WINDOWS\system32\cscdll.dll - ok
10:48:02.0390 4068  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
10:48:02.0390 4068  C:\WINDOWS\system32\dhcpcsvc.dll - ok
10:48:02.0406 4068  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
10:48:02.0406 4068  C:\WINDOWS\system32\dimsntfy.dll - ok
10:48:02.0406 4068  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
10:48:02.0406 4068  C:\WINDOWS\system32\logonui.exe - ok
10:48:02.0406 4068  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
10:48:02.0406 4068  C:\WINDOWS\system32\winspool.drv - ok
10:48:02.0406 4068  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
10:48:02.0406 4068  C:\WINDOWS\system32\wlnotify.dll - ok
10:48:02.0406 4068  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
10:48:02.0406 4068  C:\WINDOWS\system32\duser.dll - ok
10:48:02.0406 4068  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
10:48:02.0406 4068  C:\WINDOWS\system32\msimg32.dll - ok
10:48:02.0421 4068  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
10:48:02.0421 4068  C:\WINDOWS\system32\oleacc.dll - ok
10:48:02.0421 4068  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
10:48:02.0421 4068  C:\WINDOWS\system32\clbcatq.dll - ok
10:48:02.0421 4068  [ 8E7DDDCC5A262480E7A8342956732BD9 ] C:\WINDOWS\system32\WgaLogon.dll
10:48:02.0421 4068  C:\WINDOWS\system32\WgaLogon.dll - ok
10:48:02.0421 4068  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
10:48:02.0421 4068  C:\WINDOWS\system32\comres.dll - ok
10:48:02.0421 4068  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
10:48:02.0421 4068  C:\WINDOWS\system32\dnsrslvr.dll - ok
10:48:02.0421 4068  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
10:48:02.0421 4068  C:\WINDOWS\system32\msxml3.dll - ok
10:48:02.0437 4068  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
10:48:02.0437 4068  C:\WINDOWS\system32\shgina.dll - ok
10:48:02.0437 4068  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
10:48:02.0437 4068  C:\WINDOWS\system32\lmhsvc.dll - ok
10:48:02.0437 4068  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
10:48:02.0437 4068  C:\WINDOWS\system32\wzcsvc.dll - ok
10:48:02.0437 4068  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
10:48:02.0437 4068  C:\WINDOWS\system32\atl.dll - ok
10:48:02.0437 4068  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
10:48:02.0437 4068  C:\WINDOWS\system32\dot3api.dll - ok
10:48:02.0437 4068  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
10:48:02.0437 4068  C:\WINDOWS\system32\eapolqec.dll - ok
10:48:02.0453 4068  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
10:48:02.0453 4068  C:\WINDOWS\system32\esent.dll - ok
10:48:02.0453 4068  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
10:48:02.0453 4068  C:\WINDOWS\system32\qutil.dll - ok
10:48:02.0453 4068  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
10:48:02.0453 4068  C:\WINDOWS\system32\rtutils.dll - ok
10:48:02.0453 4068  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
10:48:02.0453 4068  C:\WINDOWS\system32\wmi.dll - ok
10:48:02.0453 4068  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
10:48:02.0453 4068  C:\WINDOWS\system32\cryptui.dll - ok
10:48:02.0453 4068  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
10:48:02.0453 4068  C:\WINDOWS\system32\rastls.dll - ok
10:48:02.0453 4068  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
10:48:02.0453 4068  C:\WINDOWS\system32\normaliz.dll - ok
10:48:02.0468 4068  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
10:48:02.0468 4068  C:\WINDOWS\system32\urlmon.dll - ok
10:48:02.0468 4068  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
10:48:02.0468 4068  C:\WINDOWS\system32\wininet.dll - ok
10:48:02.0468 4068  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
10:48:02.0468 4068  C:\WINDOWS\system32\activeds.dll - ok
10:48:02.0468 4068  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
10:48:02.0468 4068  C:\WINDOWS\system32\adsldpc.dll - ok
10:48:02.0468 4068  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
10:48:02.0468 4068  C:\WINDOWS\system32\iertutil.dll - ok
10:48:02.0468 4068  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
10:48:02.0468 4068  C:\WINDOWS\system32\mprapi.dll - ok
10:48:02.0484 4068  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
10:48:02.0484 4068  C:\WINDOWS\system32\rasapi32.dll - ok
10:48:02.0484 4068  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
10:48:02.0484 4068  C:\WINDOWS\system32\rasman.dll - ok
10:48:02.0484 4068  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
10:48:02.0484 4068  C:\WINDOWS\system32\tapi32.dll - ok
10:48:02.0484 4068  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
10:48:02.0484 4068  C:\WINDOWS\system32\riched20.dll - ok
10:48:02.0484 4068  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
10:48:02.0484 4068  C:\WINDOWS\system32\raschap.dll - ok
10:48:02.0484 4068  [ 60714B1C15F815F55798C0B3D4819BEB ] C:\WINDOWS\system32\WLTRYSVC.EXE
10:48:02.0484 4068  C:\WINDOWS\system32\WLTRYSVC.EXE - ok
10:48:02.0500 4068  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\MSVCR71.DLL
10:48:02.0500 4068  C:\WINDOWS\system32\MSVCR71.DLL - ok
10:48:02.0500 4068  [ 618CCA5FD62EAD83C56D52824691C2FC ] C:\WINDOWS\system32\BCMWLTRY.EXE
10:48:02.0500 4068  C:\WINDOWS\system32\BCMWLTRY.EXE - ok
10:48:02.0500 4068  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
10:48:02.0500 4068  C:\WINDOWS\system32\hnetcfg.dll - ok
10:48:02.0500 4068  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
10:48:02.0500 4068  C:\WINDOWS\system32\wshtcpip.dll - ok
10:48:02.0500 4068  [ 4E8964A5564D27BE3F336AAD47D5D6E8 ] C:\WINDOWS\system32\bcm1xsup.dll
10:48:02.0500 4068  C:\WINDOWS\system32\bcm1xsup.dll - ok
10:48:02.0500 4068  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
10:48:02.0500 4068  C:\WINDOWS\system32\cfgmgr32.dll - ok
10:48:02.0500 4068  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
10:48:02.0500 4068  C:\WINDOWS\system32\powrprof.dll - ok
10:48:02.0515 4068  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
10:48:02.0515 4068  C:\WINDOWS\system32\schedsvc.dll - ok
10:48:02.0515 4068  [ 4DF537A09034434EA9481B88AB1D3C25 ] C:\WINDOWS\system32\bcmwlpkt.dll
10:48:02.0515 4068  C:\WINDOWS\system32\bcmwlpkt.dll - ok
10:48:02.0515 4068  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\WINDOWS\system32\MFC71.DLL
10:48:02.0515 4068  C:\WINDOWS\system32\MFC71.DLL - ok
10:48:02.0515 4068  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\MSVCP71.DLL
10:48:02.0515 4068  C:\WINDOWS\system32\MSVCP71.DLL - ok
10:48:02.0515 4068  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
10:48:02.0515 4068  C:\WINDOWS\system32\wsock32.dll - ok
10:48:02.0515 4068  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\ATL71.DLL
10:48:02.0515 4068  C:\WINDOWS\system32\ATL71.DLL - ok
10:48:02.0531 4068  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
10:48:02.0531 4068  C:\WINDOWS\system32\es.dll - ok
10:48:02.0531 4068  [ 5F755A48D09444CEE0A1A7E74AC54D85 ] C:\WINDOWS\system32\wltrynt.dll
10:48:02.0531 4068  C:\WINDOWS\system32\wltrynt.dll - ok
10:48:02.0531 4068  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
10:48:02.0531 4068  C:\WINDOWS\system32\msidle.dll - ok
10:48:02.0531 4068  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
10:48:02.0531 4068  C:\WINDOWS\system32\spoolsv.exe - ok
10:48:02.0531 4068  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
10:48:02.0531 4068  C:\WINDOWS\system32\audiosrv.dll - ok
10:48:02.0531 4068  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
10:48:02.0531 4068  C:\WINDOWS\system32\wkssvc.dll - ok
10:48:02.0546 4068  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
10:48:02.0546 4068  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
10:48:02.0546 4068  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
10:48:02.0546 4068  C:\WINDOWS\system32\webclnt.dll - ok
10:48:02.0546 4068  [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
10:48:02.0546 4068  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
10:48:02.0546 4068  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:48:02.0546 4068  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
10:48:02.0546 4068  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
10:48:02.0546 4068  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
10:48:02.0546 4068  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
10:48:02.0546 4068  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
10:48:02.0546 4068  [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
10:48:02.0546 4068  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
10:48:02.0562 4068  [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
10:48:02.0562 4068  [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
10:48:02.0562 4068  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
10:48:02.0562 4068  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
10:48:02.0562 4068  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
10:48:02.0562 4068  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
10:48:02.0562 4068  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
10:48:02.0578 4068  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
10:48:02.0578 4068  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
10:48:02.0578 4068  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
10:48:02.0578 4068  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
10:48:02.0578 4068  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
10:48:02.0578 4068  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
10:48:02.0578 4068  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
10:48:02.0578 4068  C:\WINDOWS\system32\dnssd.dll - ok
10:48:02.0578 4068  [ D880831279ED91F9A4190A2DB9539EA9 ] C:\WINDOWS\system32\drivers\asctrm.sys
10:48:02.0578 4068  C:\WINDOWS\system32\drivers\asctrm.sys - ok
10:48:02.0578 4068  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
10:48:02.0578 4068  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
10:48:02.0593 4068  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
10:48:02.0593 4068  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
10:48:02.0593 4068  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
10:48:02.0593 4068  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
10:48:02.0593 4068  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
10:48:02.0593 4068  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
10:48:02.0593 4068  [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
10:48:02.0593 4068  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
10:48:02.0593 4068  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
10:48:02.0593 4068  C:\WINDOWS\system32\qmgr.dll - ok
10:48:02.0593 4068  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
10:48:02.0593 4068  C:\Program Files\Bonjour\mDNSResponder.exe - ok
10:48:02.0609 4068  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
10:48:02.0609 4068  C:\WINDOWS\system32\shfolder.dll - ok
10:48:02.0609 4068  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
10:48:02.0609 4068  C:\WINDOWS\system32\winhttp.dll - ok
10:48:02.0609 4068  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
10:48:02.0609 4068  C:\WINDOWS\system32\netman.dll - ok
10:48:02.0609 4068  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
10:48:02.0609 4068  C:\WINDOWS\system32\credui.dll - ok
10:48:02.0609 4068  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
10:48:02.0609 4068  C:\WINDOWS\system32\cryptsvc.dll - ok
10:48:02.0609 4068  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
10:48:02.0609 4068  C:\WINDOWS\system32\dot3dlg.dll - ok
10:48:02.0625 4068  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
10:48:02.0625 4068  C:\WINDOWS\system32\netshell.dll - ok
10:48:02.0625 4068  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
10:48:02.0625 4068  C:\WINDOWS\system32\onex.dll - ok
10:48:02.0625 4068  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:48:02.0625 4068  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:48:02.0625 4068  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
10:48:02.0625 4068  C:\WINDOWS\system32\certcli.dll - ok
10:48:02.0625 4068  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
10:48:02.0625 4068  C:\WINDOWS\system32\eappcfg.dll - ok
10:48:02.0625 4068  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
10:48:02.0625 4068  C:\WINDOWS\system32\eappprxy.dll - ok
10:48:02.0625 4068  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
10:48:02.0625 4068  C:\WINDOWS\system32\ersvc.dll - ok
10:48:02.0640 4068  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
10:48:02.0640 4068  C:\WINDOWS\system32\wzcsapi.dll - ok
10:48:02.0640 4068  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
10:48:02.0640 4068  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
10:48:02.0640 4068  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
10:48:02.0640 4068  C:\WINDOWS\system32\msi.dll - ok
10:48:02.0640 4068  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
10:48:02.0640 4068  C:\WINDOWS\system32\dbghelp.dll - ok
10:48:02.0640 4068  [ 126A16F569122AE00AD3D12EF831D651 ] C:\Program Files\Java\jre6\bin\jqs.exe
10:48:02.0640 4068  C:\Program Files\Java\jre6\bin\jqs.exe - ok
10:48:02.0640 4068  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
10:48:02.0640 4068  C:\WINDOWS\system32\hid.dll - ok
10:48:02.0656 4068  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
10:48:02.0656 4068  C:\WINDOWS\system32\hidserv.dll - ok
10:48:02.0656 4068  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
10:48:02.0656 4068  C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
10:48:02.0656 4068  [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WINDOW~3\MpShHook.dll
10:48:02.0656 4068  C:\PROGRA~1\WINDOW~3\MpShHook.dll - ok
10:48:02.0656 4068  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
10:48:02.0656 4068  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
10:48:02.0656 4068  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
10:48:02.0656 4068  C:\WINDOWS\system32\pdh.dll - ok
10:48:02.0656 4068  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
10:48:02.0656 4068  C:\WINDOWS\system32\odbcbcp.dll - ok
10:48:02.0671 4068  [ E6CB119EF2E148EAA1A247343550756E ] C:\Program Files\Common Files\Motive\McciCMService.exe
10:48:02.0671 4068  C:\Program Files\Common Files\Motive\McciCMService.exe - ok
10:48:02.0671 4068  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
10:48:02.0671 4068  C:\WINDOWS\system32\netmsg.dll - ok
10:48:02.0671 4068  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
10:48:02.0671 4068  C:\WINDOWS\system32\srvsvc.dll - ok
10:48:02.0671 4068  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
10:48:02.0671 4068  C:\WINDOWS\system32\drivers\srv.sys - ok
10:48:02.0671 4068  [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
10:48:02.0671 4068  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
10:48:02.0671 4068  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
10:48:02.0671 4068  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
10:48:02.0687 4068  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
10:48:02.0687 4068  C:\WINDOWS\system32\mstask.dll - ok
10:48:02.0687 4068  [ 274FB48DC92E0EC012D4D8D866CFAF8A ] C:\WINDOWS\system32\drivers\pdihwctl.sys
10:48:02.0687 4068  C:\WINDOWS\system32\drivers\pdihwctl.sys - ok
10:48:02.0687 4068  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
10:48:02.0687 4068  C:\WINDOWS\system32\ipsecsvc.dll - ok
10:48:02.0687 4068  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
10:48:02.0687 4068  C:\WINDOWS\system32\oakley.dll - ok
10:48:02.0687 4068  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
10:48:02.0687 4068  C:\WINDOWS\system32\psbase.dll - ok
10:48:02.0687 4068  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
10:48:02.0687 4068  C:\WINDOWS\system32\pstorsvc.dll - ok
10:48:02.0687 4068  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
10:48:02.0687 4068  C:\WINDOWS\system32\winipsec.dll - ok
10:48:02.0703 4068  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
10:48:02.0703 4068  C:\WINDOWS\system32\dssenh.dll - ok
10:48:02.0703 4068  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
10:48:02.0703 4068  C:\WINDOWS\system32\mlang.dll - ok
10:48:02.0703 4068  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] C:\WINDOWS\system32\mprdim.dll
10:48:02.0703 4068  C:\WINDOWS\system32\mprdim.dll - ok
10:48:02.0703 4068  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
10:48:02.0703 4068  C:\WINDOWS\system32\seclogon.dll - ok
10:48:02.0703 4068  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
10:48:02.0703 4068  C:\WINDOWS\system32\sens.dll - ok
10:48:02.0703 4068  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
10:48:02.0703 4068  C:\WINDOWS\system32\spoolss.dll - ok
10:48:02.0718 4068  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
10:48:02.0718 4068  C:\WINDOWS\system32\srsvc.dll - ok
10:48:02.0718 4068  [ B5247F381EC1E2C568421F182867EC8A ] C:\WINDOWS\system32\iprtprio.dll
10:48:02.0718 4068  C:\WINDOWS\system32\iprtprio.dll - ok
10:48:02.0718 4068  [ 6CB1C20F2CE3402A60F3F766D73B15B8 ] C:\WINDOWS\system32\iprtrmgr.dll
10:48:02.0718 4068  C:\WINDOWS\system32\iprtrmgr.dll - ok
10:48:02.0718 4068  [ B92A85618A470F4406CEE8785CE89B4F ] C:\WINDOWS\system32\rtm.dll
10:48:02.0718 4068  C:\WINDOWS\system32\rtm.dll - ok
10:48:02.0718 4068  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
10:48:02.0718 4068  C:\WINDOWS\system32\xmlprovi.dll - ok
10:48:02.0718 4068  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
10:48:02.0718 4068  C:\WINDOWS\system32\mscms.dll - ok
10:48:02.0734 4068  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
10:48:02.0734 4068  C:\WINDOWS\system32\wiaservc.dll - ok
10:48:02.0734 4068  [ D07AE9626E383A785440CDF25702326C ] C:\WINDOWS\system32\iashlpr.dll
10:48:02.0734 4068  C:\WINDOWS\system32\iashlpr.dll - ok
10:48:02.0734 4068  [ A44AD395C672B5BACE38773E996BAE95 ] C:\WINDOWS\system32\iaspolcy.dll
10:48:02.0734 4068  C:\WINDOWS\system32\iaspolcy.dll - ok
10:48:02.0734 4068  [ 18E03F4113D731142B571B259EA67848 ] C:\WINDOWS\system32\iasrad.dll
10:48:02.0734 4068  C:\WINDOWS\system32\iasrad.dll - ok
10:48:02.0734 4068  [ 6F99509944223527E4B18954CAC981D5 ] C:\WINDOWS\system32\iassvcs.dll
10:48:02.0734 4068  C:\WINDOWS\system32\iassvcs.dll - ok
10:48:02.0734 4068  [ 3DCA91DA05450DB41EE7115B54E528D3 ] C:\WINDOWS\system32\mprddm.dll
10:48:02.0734 4068  C:\WINDOWS\system32\mprddm.dll - ok
10:48:02.0734 4068  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
10:48:02.0734 4068  C:\WINDOWS\system32\ntlsapi.dll - ok
10:48:02.0750 4068  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
10:48:02.0750 4068  C:\WINDOWS\system32\rasmans.dll - ok
10:48:02.0750 4068  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
10:48:02.0750 4068  C:\WINDOWS\system32\rasppp.dll - ok
10:48:02.0750 4068  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
10:48:02.0750 4068  C:\WINDOWS\system32\clusapi.dll - ok
10:48:02.0750 4068  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
10:48:02.0750 4068  C:\WINDOWS\system32\netcfgx.dll - ok
10:48:02.0750 4068  [ 31A9FEA9FFAFCE0F2D1D712CFD6AF568 ] C:\WINDOWS\system32\drivers\STLTRK2K.sys
10:48:02.0750 4068  C:\WINDOWS\system32\drivers\STLTRK2K.sys - ok
10:48:02.0750 4068  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
10:48:02.0750 4068  C:\WINDOWS\system32\localspl.dll - ok
10:48:02.0765 4068  [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
10:48:02.0765 4068  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
10:48:02.0765 4068  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
10:48:02.0765 4068  C:\WINDOWS\system32\perfos.dll - ok
10:48:02.0765 4068  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
10:48:02.0765 4068  C:\WINDOWS\system32\perfdisk.dll - ok
10:48:02.0765 4068  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
10:48:02.0765 4068  C:\WINDOWS\system32\tapisrv.dll - ok
10:48:02.0765 4068  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
10:48:02.0765 4068  C:\WINDOWS\system32\trkwks.dll - ok
10:48:02.0765 4068  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
10:48:02.0765 4068  C:\WINDOWS\system32\vssapi.dll - ok
10:48:02.0781 4068  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
10:48:02.0781 4068  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
10:48:02.0781 4068  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
10:48:02.0781 4068  C:\WINDOWS\system32\wuaueng.dll - ok
10:48:02.0781 4068  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
10:48:02.0781 4068  C:\WINDOWS\system32\wuauserv.dll - ok
10:48:02.0781 4068  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
10:48:02.0781 4068  C:\WINDOWS\system32\cabinet.dll - ok
10:48:02.0781 4068  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
10:48:02.0781 4068  C:\WINDOWS\system32\mspatcha.dll - ok
10:48:02.0781 4068  [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
10:48:02.0781 4068  C:\WINDOWS\system32\fxssvc.exe - ok
10:48:02.0796 4068  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
10:48:02.0796 4068  C:\WINDOWS\system32\ipnathlp.dll - ok
10:48:02.0796 4068  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wscsvc.dll - ok
10:48:02.0796 4068  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
10:48:02.0796 4068  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
10:48:02.0796 4068  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
10:48:02.0796 4068  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wbem\esscli.dll - ok
10:48:02.0796 4068  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
10:48:02.0796 4068  C:\WINDOWS\system32\wbem\fastprox.dll - ok
10:48:02.0812 4068  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
10:48:02.0812 4068  C:\WINDOWS\system32\comsvcs.dll - ok
10:48:02.0812 4068  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
10:48:02.0812 4068  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
10:48:02.0812 4068  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
10:48:02.0812 4068  C:\WINDOWS\system32\colbact.dll - ok
10:48:02.0812 4068  [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
10:48:02.0812 4068  C:\WINDOWS\system32\fxsapi.dll - ok
10:48:02.0812 4068  [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
10:48:02.0812 4068  C:\WINDOWS\system32\fxsevent.dll - ok
10:48:02.0812 4068  [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
10:48:02.0812 4068  C:\WINDOWS\system32\fxstiff.dll - ok
10:48:02.0828 4068  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
10:48:02.0828 4068  C:\WINDOWS\system32\mtxclu.dll - ok
10:48:02.0828 4068  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
10:48:02.0828 4068  C:\WINDOWS\system32\resutils.dll - ok
10:48:02.0828 4068  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
10:48:02.0828 4068  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
10:48:02.0828 4068  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
10:48:02.0828 4068  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
10:48:02.0828 4068  [ D607DE5917421F789C78C2A10626DEFC ] C:\WINDOWS\system32\ADIMON.DLL
10:48:02.0828 4068  C:\WINDOWS\system32\ADIMON.DLL - ok
10:48:02.0828 4068  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
10:48:02.0828 4068  C:\WINDOWS\system32\wups.dll - ok
10:48:02.0843 4068  [ 5D2C27A8D1D0F137D7EBB747960F754D ] C:\WINDOWS\system32\HEIDI3.DLL
10:48:02.0843 4068  C:\WINDOWS\system32\HEIDI3.DLL - ok
10:48:02.0843 4068  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
10:48:02.0843 4068  C:\WINDOWS\system32\wups2.dll - ok
10:48:02.0843 4068  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
10:48:02.0843 4068  C:\WINDOWS\system32\cnbjmon.dll - ok
10:48:02.0843 4068  [ CDD6CD8D385763A07676ECA50EB713C9 ] C:\WINDOWS\system32\EKIJ5000MON.dll
10:48:02.0843 4068  C:\WINDOWS\system32\EKIJ5000MON.dll - ok
10:48:02.0843 4068  [ A4EC6B9766E2A7FAA77283697BC5C307 ] C:\WINDOWS\system32\E_FLBCXA.DLL
10:48:02.0843 4068  C:\WINDOWS\system32\E_FLBCXA.DLL - ok
10:48:02.0843 4068  [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
10:48:02.0843 4068  C:\WINDOWS\system32\msvcirt.dll - ok
10:48:02.0843 4068  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
10:48:02.0843 4068  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
10:48:02.0859 4068  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
10:48:02.0859 4068  C:\WINDOWS\system32\wbem\wbemess.dll - ok
10:48:02.0859 4068  [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
10:48:02.0859 4068  C:\WINDOWS\system32\fxsmon.dll - ok
10:48:02.0859 4068  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
10:48:02.0859 4068  C:\WINDOWS\system32\pjlmon.dll - ok
10:48:02.0859 4068  [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll
10:48:02.0859 4068  C:\WINDOWS\system32\tcpmib.dll - ok
10:48:02.0859 4068  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
10:48:02.0859 4068  C:\WINDOWS\system32\tcpmon.dll - ok
10:48:02.0859 4068  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
10:48:02.0859 4068  C:\WINDOWS\system32\wuapi.dll - ok
10:48:02.0875 4068  [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
10:48:02.0875 4068  C:\WINDOWS\system32\mgmtapi.dll - ok
10:48:02.0875 4068  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
10:48:02.0875 4068  C:\WINDOWS\system32\snmpapi.dll - ok
10:48:02.0875 4068  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
10:48:02.0875 4068  C:\WINDOWS\system32\usbmon.dll - ok
10:48:02.0875 4068  [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
10:48:02.0875 4068  C:\WINDOWS\system32\wsnmp32.dll - ok
10:48:02.0875 4068  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
10:48:02.0875 4068  C:\WINDOWS\system32\wuauclt.exe - ok
10:48:02.0875 4068  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
10:48:02.0875 4068  C:\WINDOWS\system32\wbem\ncprov.dll - ok
10:48:02.0890 4068  [ 1AE4CFD38465A4678023A097E17D3C5F ] C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
10:48:02.0890 4068  C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll - ok
10:48:02.0890 4068  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
10:48:02.0890 4068  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
10:48:02.0890 4068  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
10:48:02.0890 4068  C:\WINDOWS\system32\netrap.dll - ok
10:48:02.0890 4068  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
10:48:02.0890 4068  C:\WINDOWS\system32\win32spl.dll - ok
10:48:02.0890 4068  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
10:48:02.0890 4068  C:\WINDOWS\system32\inetpp.dll - ok
10:48:02.0890 4068  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
10:48:02.0890 4068  C:\WINDOWS\system32\browser.dll - ok
10:48:02.0890 4068  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
10:48:02.0890 4068  C:\WINDOWS\system32\actxprxy.dll - ok
10:48:02.0906 4068  [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
10:48:02.0906 4068  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
10:48:02.0906 4068  [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
10:48:02.0906 4068  C:\WINDOWS\system32\fxsroute.dll - ok
10:48:02.0906 4068  [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
10:48:02.0906 4068  C:\WINDOWS\system32\fxst30.dll - ok
10:48:02.0906 4068  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
10:48:02.0906 4068  C:\WINDOWS\system32\unimdm.tsp - ok
10:48:02.0906 4068  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
10:48:02.0906 4068  C:\WINDOWS\system32\uniplat.dll - ok
10:48:02.0906 4068  [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
10:48:02.0906 4068  C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
10:48:02.0921 4068  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
10:48:02.0921 4068  C:\WINDOWS\system32\kmddsp.tsp - ok
10:48:02.0921 4068  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
10:48:02.0921 4068  C:\WINDOWS\system32\modemui.dll - ok
10:48:02.0921 4068  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
10:48:02.0921 4068  C:\WINDOWS\system32\unimdmat.dll - ok
10:48:02.0921 4068  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
10:48:02.0921 4068  C:\WINDOWS\system32\h323.tsp - ok
10:48:02.0921 4068  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
10:48:02.0921 4068  C:\WINDOWS\system32\hidphone.tsp - ok
10:48:02.0921 4068  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
10:48:02.0921 4068  C:\WINDOWS\system32\ipconf.tsp - ok
10:48:02.0937 4068  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
10:48:02.0937 4068  C:\WINDOWS\system32\ndptsp.tsp - ok
10:48:02.0937 4068  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
10:48:02.0937 4068  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
10:48:02.0937 4068  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
10:48:02.0937 4068  C:\WINDOWS\system32\licwmi.dll - ok
10:48:02.0937 4068  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
10:48:02.0937 4068  C:\WINDOWS\system32\wbem\framedyn.dll - ok
10:48:02.0937 4068  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
10:48:02.0937 4068  C:\WINDOWS\system32\licdll.dll - ok
10:48:02.0937 4068  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
10:48:02.0937 4068  C:\WINDOWS\system32\dpcdll.dll - ok
10:48:02.0953 4068  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
10:48:02.0953 4068  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
10:48:02.0953 4068  [ 058710B720282CA82B909912D3EF28DB ] C:\WINDOWS\regedit.exe
10:48:02.0953 4068  C:\WINDOWS\regedit.exe - ok
10:48:02.0953 4068  [ 96A0066AB9872D3575575A463C53FF6C ] C:\WINDOWS\system32\aclui.dll
10:48:02.0953 4068  C:\WINDOWS\system32\aclui.dll - ok
10:48:02.0953 4068  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
10:48:02.0953 4068  C:\WINDOWS\system32\rastapi.dll - ok
10:48:02.0953 4068  [ 37461F2C3F212CF508A20FDC729ABDE5 ] C:\WINDOWS\system32\clb.dll
10:48:02.0953 4068  C:\WINDOWS\system32\clb.dll - ok
10:48:02.0953 4068  [ 751068D5D0ECD64A4810379729A1F0BC ] C:\WINDOWS\system32\ulib.dll
10:48:02.0953 4068  C:\WINDOWS\system32\ulib.dll - ok
10:48:02.0953 4068  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
10:48:02.0953 4068  C:\WINDOWS\system32\alg.exe - ok
10:48:02.0968 4068  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
10:48:02.0968 4068  C:\WINDOWS\system32\rasqec.dll - ok
10:48:02.0968 4068  [ B9D26DE2FF120199A0217F62C4230A9A ] C:\WINDOWS\system32\iasrecst.dll
10:48:02.0968 4068  C:\WINDOWS\system32\iasrecst.dll - ok
10:48:02.0968 4068  [ 7AC715A7F6B8D1F8ACDBF567D580E1D0 ] C:\WINDOWS\system32\iassdo.dll
10:48:02.0968 4068  C:\WINDOWS\system32\iassdo.dll - ok
10:48:02.0968 4068  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
10:48:02.0968 4068  C:\WINDOWS\system32\msjet40.dll - ok
10:48:02.0968 4068  [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
10:48:02.0968 4068  C:\WINDOWS\system32\msjetoledb40.dll - ok
10:48:02.0968 4068  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
10:48:02.0968 4068  C:\WINDOWS\system32\msjint40.dll - ok
10:48:02.0984 4068  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
10:48:02.0984 4068  C:\WINDOWS\system32\msjter40.dll - ok
10:48:02.0984 4068  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
10:48:02.0984 4068  C:\WINDOWS\system32\mswstr10.dll - ok
10:48:02.0984 4068  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
10:48:02.0984 4068  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
10:48:02.0984 4068  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
10:48:02.0984 4068  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
10:48:02.0984 4068  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
10:48:02.0984 4068  C:\WINDOWS\system32\msdart.dll - ok
10:48:02.0984 4068  [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
10:48:02.0984 4068  C:\WINDOWS\system32\expsrv.dll - ok
10:48:03.0000 4068  [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
10:48:03.0000 4068  C:\WINDOWS\system32\msjtes40.dll - ok
10:48:03.0000 4068  [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
10:48:03.0000 4068  C:\WINDOWS\system32\vbajet32.dll - ok
10:48:03.0000 4068  [ F96E689699A68A69916227F4D29A87FD ] C:\WINDOWS\system32\iasnap.dll
10:48:03.0000 4068  C:\WINDOWS\system32\iasnap.dll - ok
10:48:03.0000 4068  [ C2689CC0535E6939D1A0732808E2CAFB ] C:\WINDOWS\system32\iassam.dll
10:48:03.0000 4068  C:\WINDOWS\system32\iassam.dll - ok
10:48:03.0000 4068  [ A6169405D73FA5BC4392839D65420568 ] C:\WINDOWS\system32\iasacct.dll
10:48:03.0000 4068  C:\WINDOWS\system32\iasacct.dll - ok
10:48:03.0000 4068  [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F83D3967-C0CE-43BC-8091-E8BFFC646B22}\MpKsl473f08fe.sys
10:48:03.0000 4068  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F83D3967-C0CE-43BC-8091-E8BFFC646B22}\MpKsl473f08fe.sys - ok
10:48:03.0000 4068  [ 45431B613631B8018188B5FF7681D2D6 ] C:\Program Files\Java\jre6\bin\awt.dll
10:48:03.0000 4068  C:\Program Files\Java\jre6\bin\awt.dll - ok
10:48:03.0015 4068  [ 34812A4786E9898C29DCD11E71E6CD2A ] C:\Program Files\Java\jre6\bin\client\jvm.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
10:48:03.0015 4068  [ 51F5543A923881555859A464ED42C789 ] C:\Program Files\Java\jre6\bin\dcpr.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\dcpr.dll - ok
10:48:03.0015 4068  [ 0C96B3DD657C6E30CB12DD3FFD965FA2 ] C:\Program Files\Java\jre6\bin\deploy.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\deploy.dll - ok
10:48:03.0015 4068  [ 4FE2589F81258AB47549E1BC9F09808B ] C:\Program Files\Java\jre6\bin\fontmanager.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
10:48:03.0015 4068  [ BE988A809AA97CE669B30F7684953107 ] C:\Program Files\Java\jre6\bin\hpi.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\hpi.dll - ok
10:48:03.0015 4068  [ 033DBE7F938B8A96F130A2AEC0DDFA90 ] C:\Program Files\Java\jre6\bin\java.dll
10:48:03.0015 4068  C:\Program Files\Java\jre6\bin\java.dll - ok
10:48:03.0031 4068  [ 359B080F9226D078847E363C7AEDA903 ] C:\Program Files\Java\jre6\bin\javaw.exe
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\javaw.exe - ok
10:48:03.0031 4068  [ 56B768C0146433EDA2BA855C14A35612 ] C:\Program Files\Java\jre6\bin\jp2native.dll
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\jp2native.dll - ok
10:48:03.0031 4068  [ 53D40B19DFE745A3C5AF4799F2DAEFEE ] C:\Program Files\Java\jre6\bin\jpeg.dll
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\jpeg.dll - ok
10:48:03.0031 4068  [ 364AADEAB4E1AA7362F0FD43E2C39212 ] C:\Program Files\Java\jre6\bin\net.dll
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\net.dll - ok
10:48:03.0031 4068  [ 5A50A8F9E3164FB0AFC102E03FEB4FA9 ] C:\Program Files\Java\jre6\bin\nio.dll
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\nio.dll - ok
10:48:03.0031 4068  [ 90FBFCA1DAFF50771E4BFB28ACCD198E ] C:\Program Files\Java\jre6\bin\regutils.dll
10:48:03.0031 4068  C:\Program Files\Java\jre6\bin\regutils.dll - ok
10:48:03.0046 4068  [ 356420645BF81CD9EEB0F3DAB215DB92 ] C:\Program Files\Java\jre6\bin\verify.dll
10:48:03.0046 4068  C:\Program Files\Java\jre6\bin\verify.dll - ok
10:48:03.0046 4068  [ 57F1C20AF66160B892166F6826C7CAF8 ] C:\Program Files\Java\jre6\bin\zip.dll
10:48:03.0046 4068  C:\Program Files\Java\jre6\bin\zip.dll - ok
10:48:03.0046 4068  [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
10:48:03.0046 4068  C:\WINDOWS\system32\qmgrprxy.dll - ok
10:48:03.0046 4068  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
10:48:03.0046 4068  C:\WINDOWS\system32\termsrv.dll - ok
10:48:03.0046 4068  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
10:48:03.0046 4068  C:\WINDOWS\system32\icaapi.dll - ok
10:48:03.0046 4068  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
10:48:03.0046 4068  C:\WINDOWS\system32\mstlsapi.dll - ok
10:48:03.0046 4068  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
10:48:03.0046 4068  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
10:48:03.0062 4068  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
10:48:03.0062 4068  C:\WINDOWS\system32\security.dll - ok
10:48:03.0062 4068  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
10:48:03.0062 4068  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
10:48:03.0062 4068  [ 1C9A58EFA9E65EA27C45E12F38C6E2A8 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
10:48:03.0062 4068  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
10:48:03.0062 4068  [ EC807244904FA170C299AB06D87FBDBE ] C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:48:03.0062 4068  C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - ok
10:48:03.0062 4068  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
10:48:03.0062 4068  C:\WINDOWS\system32\mpnotify.exe - ok
10:48:03.0062 4068  [ F49DABE4B824B9BF35E5F541A6CAAF26 ] C:\WINDOWS\system32\BCMLogon.dll
10:48:03.0062 4068  C:\WINDOWS\system32\BCMLogon.dll - ok
10:48:03.0078 4068  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
10:48:03.0078 4068  C:\WINDOWS\system32\cscui.dll - ok
10:48:03.0078 4068  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
10:48:03.0078 4068  C:\WINDOWS\system32\wdmaud.drv - ok
10:48:03.0078 4068  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
10:48:03.0078 4068  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
10:48:03.0078 4068  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
10:48:03.0078 4068  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
10:48:03.0078 4068  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
10:48:03.0078 4068  C:\WINDOWS\system32\drivers\splitter.sys - ok
10:48:03.0078 4068  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
10:48:03.0078 4068  C:\WINDOWS\system32\drivers\aec.sys - ok
10:48:03.0093 4068  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
10:48:03.0093 4068  C:\WINDOWS\system32\userinit.exe - ok
10:48:03.0093 4068  [ 6A8E1ED7790C55106B6C2BD6DB0E0F1D ] C:\WINDOWS\system32\WgaTray.exe
10:48:03.0093 4068  C:\WINDOWS\system32\WgaTray.exe - ok
10:48:03.0093 4068  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
10:48:03.0093 4068  C:\WINDOWS\system32\drivers\swmidi.sys - ok
10:48:03.0093 4068  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
10:48:03.0093 4068  C:\WINDOWS\system32\drivers\dmusic.sys - ok
10:48:03.0093 4068  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
10:48:03.0093 4068  C:\WINDOWS\system32\drivers\kmixer.sys - ok
10:48:03.0093 4068  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
10:48:03.0093 4068  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
10:48:03.0109 4068  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
10:48:03.0109 4068  C:\WINDOWS\system32\msacm32.drv - ok
10:48:03.0109 4068  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
10:48:03.0109 4068  C:\WINDOWS\system32\midimap.dll - ok
10:48:03.0109 4068  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
10:48:03.0109 4068  C:\WINDOWS\explorer.exe - ok
10:48:03.0109 4068  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
10:48:03.0109 4068  C:\WINDOWS\system32\cryptnet.dll - ok
10:48:03.0109 4068  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
10:48:03.0109 4068  C:\WINDOWS\system32\sensapi.dll - ok
10:48:03.0109 4068  [ D0E44C9C8BD85350828458EAD715BD30 ] C:\WINDOWS\system32\LegitCheckControl.dll
10:48:03.0109 4068  C:\WINDOWS\system32\LegitCheckControl.dll - ok
10:48:03.0125 4068  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
10:48:03.0125 4068  C:\WINDOWS\system32\browseui.dll - ok
10:48:03.0125 4068  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
10:48:03.0125 4068  C:\WINDOWS\system32\shdocvw.dll - ok
10:48:03.0125 4068  [ F29937A86031341FC60CE316D7F88881 ] C:\WINDOWS\system32\AcSignIcon.dll
10:48:03.0125 4068  C:\WINDOWS\system32\AcSignIcon.dll - ok
10:48:03.0125 4068  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
10:48:03.0125 4068  C:\WINDOWS\system32\msxml6.dll - ok
10:48:03.0125 4068  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
10:48:03.0125 4068  C:\WINDOWS\system32\desk.cpl - ok
10:48:03.0125 4068  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
10:48:03.0125 4068  C:\WINDOWS\system32\themeui.dll - ok
10:48:03.0125 4068  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
10:48:03.0125 4068  C:\WINDOWS\system32\cmd.exe - ok
10:48:03.0140 4068  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
10:48:03.0140 4068  C:\WINDOWS\system32\ieframe.dll - ok
10:48:03.0140 4068  [ A0CE23EDA79A33ABA807A948EAC0D679 ] C:\PROGRA~1\Google\GOOGLE~1\GOA66E~1.DLL
10:48:03.0140 4068  C:\PROGRA~1\Google\GOOGLE~1\GOA66E~1.DLL - ok
10:48:03.0140 4068  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\javierh\LOCALS~1\temp\7897E100-71B7-4C37-92D6-8E406E6DE153.exe
10:48:03.0140 4068  C:\DOCUME~1\javierh\LOCALS~1\temp\7897E100-71B7-4C37-92D6-8E406E6DE153.exe - ok
10:48:03.0140 4068  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
10:48:03.0140 4068  C:\WINDOWS\system32\linkinfo.dll - ok
10:48:03.0140 4068  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
10:48:03.0140 4068  C:\WINDOWS\system32\ntshrui.dll - ok
10:48:03.0140 4068  [ F49821B3D4392CF4E9620FF417C6C149 ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
10:48:03.0140 4068  C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
10:48:03.0156 4068  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\01608974.sys
10:48:03.0156 4068  C:\WINDOWS\system32\drivers\01608974.sys - ok
10:48:03.0156 4068  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
10:48:03.0156 4068  C:\WINDOWS\system32\imapi.exe - ok
10:48:03.0156 4068  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
10:48:03.0156 4068  C:\WINDOWS\system32\verclsid.exe - ok
10:48:03.0156 4068  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
10:48:03.0156 4068  C:\WINDOWS\system32\upnp.dll - ok
10:48:03.0156 4068  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
10:48:03.0156 4068  C:\WINDOWS\system32\webcheck.dll - ok
10:48:03.0156 4068  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
10:48:03.0156 4068  C:\WINDOWS\system32\ssdpapi.dll - ok
10:48:03.0171 4068  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
10:48:03.0171 4068  C:\WINDOWS\system32\rasdlg.dll - ok
10:48:03.0171 4068  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
10:48:03.0171 4068  C:\WINDOWS\system32\stobject.dll - ok
10:48:03.0171 4068  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
10:48:03.0171 4068  C:\WINDOWS\system32\batmeter.dll - ok
10:48:03.0171 4068  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
10:48:03.0171 4068  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
10:48:03.0171 4068  [ C1760626A42ABEEC280254E21AEF222C ] C:\WINDOWS\system32\umonit.exe
10:48:03.0171 4068  C:\WINDOWS\system32\umonit.exe - ok
10:48:03.0171 4068  [ ABB85828C394CEACACBC90373C59C529 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:48:03.0171 4068  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:48:03.0187 4068  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
10:48:03.0187 4068  C:\WINDOWS\system32\mydocs.dll - ok
10:48:03.0187 4068  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
10:48:03.0187 4068  C:\WINDOWS\system32\mfc42.dll - ok
10:48:03.0187 4068  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
10:48:03.0187 4068  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
10:48:03.0187 4068  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
10:48:03.0187 4068  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
10:48:03.0187 4068  [ AD2506958DE1937C16C553C0A1BE0572 ] C:\WINDOWS\stsystra.exe
10:48:03.0187 4068  C:\WINDOWS\stsystra.exe - ok
10:48:03.0187 4068  [ 0557F18CA388BD2D2EAF9F0474FD75C7 ] C:\WINDOWS\system32\SynCOM.dll
10:48:03.0187 4068  C:\WINDOWS\system32\SynCOM.dll - ok
10:48:03.0187 4068  [ C6A7045E0D5C975028976E940CE76BB8 ] C:\WINDOWS\system32\SynTPAPI.dll
10:48:03.0187 4068  C:\WINDOWS\system32\SynTPAPI.dll - ok
10:48:03.0203 4068  [ C41FE114D9D7710EDA1189D304D85088 ] C:\Program Files\QuickTime\QTTask.exe
10:48:03.0203 4068  C:\Program Files\QuickTime\QTTask.exe - ok
10:48:03.0203 4068  [ E5A3C50686EA89B1ED8D9C232193A461 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:48:03.0203 4068  C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe - ok
10:48:03.0203 4068  [ 381E144D2111593F87FBAF85347FCF28 ] C:\WINDOWS\system32\stlang.dll
10:48:03.0203 4068  C:\WINDOWS\system32\stlang.dll - ok
10:48:03.0203 4068  [ D35DA7C7BD0E96B370DBDA2C8FDDBCB0 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
10:48:03.0203 4068  C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll - ok
10:48:03.0203 4068  [ A2DC1E0E4C74D5D9598E18B2FDC7CEE4 ] C:\Program Files\Dell\QuickSet\quickset.exe
10:48:03.0203 4068  C:\Program Files\Dell\QuickSet\quickset.exe - ok
10:48:03.0203 4068  [ 17CEC1CB41C5580DBE20984FC73BC4F4 ] C:\WINDOWS\system32\WLTRAY.EXE
10:48:03.0203 4068  C:\WINDOWS\system32\WLTRAY.EXE - ok
10:48:03.0218 4068  [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
10:48:03.0218 4068  C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
10:48:03.0218 4068  [ 554BF964313238DB774F1E3406766C63 ] C:\WINDOWS\system32\igfxtray.exe
10:48:03.0218 4068  C:\WINDOWS\system32\igfxtray.exe - ok
10:48:03.0218 4068  [ 2C0F5B7992CF976C2EFE75E394F2487F ] C:\WINDOWS\system32\hkcmd.exe
10:48:03.0218 4068  C:\WINDOWS\system32\hkcmd.exe - ok
10:48:03.0218 4068  [ 3B00D3D63E89B7383475CE5D1FC750FB ] C:\WINDOWS\system32\igfxpers.exe
10:48:03.0218 4068  C:\WINDOWS\system32\igfxpers.exe - ok
10:48:03.0218 4068  [ 8FB740D758B14B1BC950CC347C21E461 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
10:48:03.0218 4068  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - ok
10:48:03.0234 4068  [ A3CF6E5E3AF52AEC92551A6D4F011C3D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
10:48:03.0234 4068  C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe - ok
10:48:03.0234 4068  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
10:48:03.0234 4068  C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:48:03.0234 4068  [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:48:03.0234 4068  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
10:48:03.0234 4068  [ 535203DEA5820F3B5F3FAACE0D51252C ] C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll
10:48:03.0234 4068  C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll - ok
10:48:03.0234 4068  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
10:48:03.0234 4068  C:\WINDOWS\system32\mfc42u.dll - ok
10:48:03.0234 4068  [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
10:48:03.0234 4068  C:\Program Files\iTunes\iTunesHelper.exe - ok
10:48:03.0250 4068  [ AB1B1FFA1609B13D93DF1AFC7858469D ] C:\WINDOWS\system32\hccutils.dll
10:48:03.0250 4068  C:\WINDOWS\system32\hccutils.dll - ok
10:48:03.0250 4068  [ A1D6BE93E9FF2A21D6064B0C365C1315 ] C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
10:48:03.0250 4068  C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe - ok
10:48:03.0250 4068  [ 676B1D0BFA5EF8005395AB43F33DE1F1 ] C:\Program Files\NetWaiting\netwaiting.exe
10:48:03.0250 4068  C:\Program Files\NetWaiting\netwaiting.exe - ok
10:48:03.0250 4068  [ 131966DA924DDFFBE8AE6AAD0F048630 ] C:\Program Files\NetWaiting\BVRPDiag.dll
10:48:03.0250 4068  C:\Program Files\NetWaiting\BVRPDiag.dll - ok
10:48:03.0250 4068  [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
10:48:03.0250 4068  C:\Program Files\iTunes\iTunesHelper.dll - ok
10:48:03.0250 4068  [ 1BF756F3FE89A1CF7A9207CD7E9ACB2B ] C:\WINDOWS\system32\igfxsrvc.exe
10:48:03.0250 4068  C:\WINDOWS\system32\igfxsrvc.exe - ok
10:48:03.0250 4068  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
10:48:03.0250 4068  C:\WINDOWS\system32\oledlg.dll - ok
10:48:03.0265 4068  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
10:48:03.0265 4068  C:\WINDOWS\system32\ctfmon.exe - ok
10:48:03.0265 4068  [ 208E667393822BA7C9349BE19CADBEE8 ] C:\Program Files\NetWaiting\ModemMOH.dll
10:48:03.0265 4068  C:\Program Files\NetWaiting\ModemMOH.dll - ok
10:48:03.0265 4068  [ F802B6381408D3BED6EE1DF87BFE1EB8 ] C:\WINDOWS\system32\stacapi.dll
10:48:03.0265 4068  C:\WINDOWS\system32\stacapi.dll - ok
10:48:03.0265 4068  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
10:48:03.0265 4068  C:\WINDOWS\system32\msisip.dll - ok
10:48:03.0265 4068  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
10:48:03.0265 4068  C:\WINDOWS\system32\riched32.dll - ok
10:48:03.0265 4068  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
10:48:03.0265 4068  C:\WINDOWS\system32\wshext.dll - ok
10:48:03.0281 4068  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
10:48:03.0281 4068  C:\WINDOWS\system32\msctf.dll - ok
10:48:03.0281 4068  [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
10:48:03.0281 4068  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
10:48:03.0281 4068  [ AD61C37E1D1E56FAFC5FF7E3CB2D3EFA ] C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
10:48:03.0281 4068  C:\Program Files\Common Files\Autodesk Shared\acstart17.exe - ok
10:48:03.0281 4068  [ B66E56733E2CD6A10FDA5919625FBF46 ] C:\Program Files\Digital Line Detect\DLG.exe
10:48:03.0281 4068  C:\Program Files\Digital Line Detect\DLG.exe - ok
10:48:03.0281 4068  [ 8B1DB47AE508698BE86B84DFB4A3526A ] C:\Program Files\NetWaiting\BVRPCTLN.DLL
10:48:03.0281 4068  C:\Program Files\NetWaiting\BVRPCTLN.DLL - ok
10:48:03.0281 4068  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
10:48:03.0281 4068  C:\WINDOWS\system32\msutb.dll - ok
10:48:03.0281 4068  [ C6B8670B36DA884C2B9C94A73AA17AB2 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll
10:48:03.0281 4068  C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll - ok
10:48:03.0296 4068  [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
10:48:03.0296 4068  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
10:48:03.0296 4068  [ A476968C08667B1E09F2A95234E8CEEF ] C:\Program Files\Digital Line Detect\BVRPDiag.dll
10:48:03.0296 4068  C:\Program Files\Digital Line Detect\BVRPDiag.dll - ok
10:48:03.0296 4068  [ 958AADA0659E5C312524865C56BFB771 ] C:\Program Files\Dell\QuickSet\IWH10.dll
10:48:03.0296 4068  C:\Program Files\Dell\QuickSet\IWH10.dll - ok
10:48:03.0296 4068  [ 9A88D107F64110094DE268C093F8A69D ] C:\Program Files\Dell\QuickSet\IWH9.dll
10:48:03.0296 4068  C:\Program Files\Dell\QuickSet\IWH9.dll - ok
10:48:03.0296 4068  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
10:48:03.0296 4068  C:\WINDOWS\ime\sptip.dll - ok
10:48:03.0296 4068  [ DDB011875BCC78C4EFE4AF17994FF53F ] C:\WINDOWS\system32\mdmxsdk.dll
10:48:03.0296 4068  C:\WINDOWS\system32\mdmxsdk.dll - ok
10:48:03.0312 4068  [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
10:48:03.0312 4068  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
10:48:03.0312 4068  [ CF75FD7FFE804C50F9DB51095C35B77A ] C:\WINDOWS\system32\igfxsrvc.dll
10:48:03.0312 4068  C:\WINDOWS\system32\igfxsrvc.dll - ok
10:48:03.0312 4068  [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
10:48:03.0312 4068  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
10:48:03.0312 4068  [ DC2BAB079FF4C52412A8593CDAE59AFE ] C:\WINDOWS\system32\igfxdev.dll
10:48:03.0312 4068  C:\WINDOWS\system32\igfxdev.dll - ok
10:48:03.0312 4068  [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
10:48:03.0312 4068  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
10:48:03.0312 4068  [ B9DE7C4455E2CD810B9EC31FC6ED12F3 ] C:\Program Files\FourJs\gdc\fitrix\bin\gdc.exe
10:48:03.0312 4068  C:\Program Files\FourJs\gdc\fitrix\bin\gdc.exe - ok
10:48:03.0328 4068  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
10:48:03.0328 4068  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
10:48:03.0328 4068  [ EF69247E60C86DA701FCD288290BA41B ] C:\Program Files\Microsoft Office\Office\OSA9.EXE
10:48:03.0328 4068  C:\Program Files\Microsoft Office\Office\OSA9.EXE - ok
10:48:03.0328 4068  [ E5792F83FE0A2AB0A9CA5BB397EECFA2 ] C:\Program Files\Dell\QuickSet\preflibcl.dll
10:48:03.0328 4068  C:\Program Files\Dell\QuickSet\preflibcl.dll - ok
10:48:03.0328 4068  [ 2A5A6D43CFE2FB2C89B175E4F07FF635 ] C:\WINDOWS\system32\preflib.dll
10:48:03.0328 4068  C:\WINDOWS\system32\preflib.dll - ok
10:48:03.0328 4068  [ F48B53237362A8B58DE532C7D88C9070 ] C:\Program Files\Dell\QuickSet\dadkeyb.dll
10:48:03.0328 4068  C:\Program Files\Dell\QuickSet\dadkeyb.dll - ok
10:48:03.0328 4068  [ 4450B803847C9B18902D999D78599BDF ] C:\WINDOWS\system32\igfxres.dll
10:48:03.0328 4068  C:\WINDOWS\system32\igfxres.dll - ok
10:48:03.0343 4068  [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
10:48:03.0343 4068  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
10:48:03.0343 4068  [ 2F92ED73AC0335C73B07AADC9CA79674 ] C:\Program Files\NetWaiting\mohrc.dll
10:48:03.0343 4068  C:\Program Files\NetWaiting\mohrc.dll - ok
10:48:03.0343 4068  [ D96C9FED31152E6786BD4AC3A7104C2F ] C:\Program Files\Microsoft Office\Office\MSO9.DLL
10:48:03.0343 4068  C:\Program Files\Microsoft Office\Office\MSO9.DLL - ok
10:48:03.0343 4068  [ 2993E6F76ECCF3B27DA30065356FD542 ] C:\WINDOWS\system32\igfxress.dll
10:48:03.0343 4068  C:\WINDOWS\system32\igfxress.dll - ok
10:48:03.0343 4068  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
10:48:03.0343 4068  C:\WINDOWS\system32\mscoree.dll - ok
10:48:03.0343 4068  [ 3F71578DEC7FD3377362222D6D0F7610 ] C:\Program Files\Dell\QuickSet\Brightness.exe
10:48:03.0343 4068  C:\Program Files\Dell\QuickSet\Brightness.exe - ok
10:48:03.0343 4068  [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:48:03.0343 4068  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:48:03.0359 4068  [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:48:03.0359 4068  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:48:03.0359 4068  [ 21343229C29B5195B6F7D2B8EB56F8F2 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtTest4.dll
10:48:03.0359 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtTest4.dll - ok
10:48:03.0359 4068  [ DB91B173EF3A98C793E1480A1F5E58E8 ] C:\Program Files\Dell\QuickSet\AlsSlider.ocx
10:48:03.0359 4068  C:\Program Files\Dell\QuickSet\AlsSlider.ocx - ok
10:48:03.0359 4068  [ 871C3A10A9319D6261D38E1F0CCF59FA ] C:\WINDOWS\system32\igfxext.exe
10:48:03.0359 4068  C:\WINDOWS\system32\igfxext.exe - ok
10:48:03.0359 4068  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
10:48:03.0359 4068  C:\WINDOWS\system32\msftedit.dll - ok
10:48:03.0359 4068  [ 0CAF7D0EC2B158F72244657B1C16D5CF ] C:\Program Files\FourJs\gdc\fitrix\bin\QtCore4.dll
10:48:03.0359 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtCore4.dll - ok
10:48:03.0375 4068  [ B3D6AC3198835F3ADDC21428952DBA6C ] C:\WINDOWS\system32\igfxexps.dll
10:48:03.0375 4068  C:\WINDOWS\system32\igfxexps.dll - ok
10:48:03.0375 4068  [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
10:48:03.0375 4068  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
10:48:03.0375 4068  [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
10:48:03.0375 4068  C:\WINDOWS\system32\fxsst.dll - ok
10:48:03.0375 4068  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
10:48:03.0375 4068  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
10:48:03.0375 4068  [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
10:48:03.0375 4068  C:\Program Files\iPod\bin\iPodService.exe - ok
10:48:03.0375 4068  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
10:48:03.0375 4068  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
10:48:03.0390 4068  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
10:48:03.0390 4068  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
10:48:03.0390 4068  [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
10:48:03.0390 4068  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
10:48:03.0390 4068  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
10:48:03.0390 4068  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
10:48:03.0390 4068  [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
10:48:03.0390 4068  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
10:48:03.0390 4068  [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
10:48:03.0390 4068  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
10:48:03.0390 4068  [ B4201177B822BD8F3C2A706D33CA5816 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtWebKit4.dll
10:48:03.0390 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtWebKit4.dll - ok
10:48:03.0406 4068  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
10:48:03.0406 4068  C:\WINDOWS\system32\mmcshext.dll - ok
10:48:03.0406 4068  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
10:48:03.0406 4068  C:\WINDOWS\system32\hhsetup.dll - ok
10:48:03.0406 4068  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
10:48:03.0406 4068  C:\WINDOWS\system32\drprov.dll - ok
10:48:03.0406 4068  [ 7A7831A07950CD7E8AC82AFA7E44A816 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
10:48:03.0406 4068  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll - ok
10:48:03.0406 4068  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
10:48:03.0406 4068  C:\WINDOWS\system32\ntlanman.dll - ok
10:48:03.0406 4068  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
10:48:03.0406 4068  C:\WINDOWS\system32\netui0.dll - ok
10:48:03.0421 4068  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
10:48:03.0421 4068  C:\WINDOWS\system32\netui1.dll - ok
10:48:03.0421 4068  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
10:48:03.0421 4068  C:\WINDOWS\system32\davclnt.dll - ok
10:48:03.0421 4068  [ 982E7190DF0B0A79954EF1886D42047D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
10:48:03.0421 4068  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll - ok
10:48:03.0421 4068  [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:48:03.0421 4068  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:48:03.0421 4068  [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
10:48:03.0421 4068  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok
10:48:03.0421 4068  [ BA83FBBE9FAF77749DA1CA366FE1DB49 ] C:\Program Files\FourJs\gdc\fitrix\bin\phonon4.dll
10:48:03.0421 4068  C:\Program Files\FourJs\gdc\fitrix\bin\phonon4.dll - ok
10:48:03.0437 4068  [ A30CCC300040BFA9048D5D90E7FDD518 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtGui4.dll
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtGui4.dll - ok
10:48:03.0437 4068  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
10:48:03.0437 4068  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
10:48:03.0437 4068  [ F03DFE068165BD3E1069A3FBC2E948EA ] C:\Program Files\FourJs\gdc\fitrix\bin\QtNetwork4.dll
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtNetwork4.dll - ok
10:48:03.0437 4068  [ 5159FEF0C282F3E6DAF6968D9611A650 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtSvg4.dll
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtSvg4.dll - ok
10:48:03.0437 4068  [ 36249A838A15F04BC334724E9BAD0193 ] C:\Program Files\FourJs\gdc\fitrix\bin\QtXml4.dll
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\bin\QtXml4.dll - ok
10:48:03.0437 4068  [ 86C1FF9D55F0820B838633017CD0A3B3 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportviewer.exe
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportviewer.exe - ok
10:48:03.0437 4068  [ 3E89594675EB9CA864A5805D42CD7A36 ] C:\Program Files\FourJs\gdc\fitrix\bin\imageformats\qsvg4.dll
10:48:03.0437 4068  C:\Program Files\FourJs\gdc\fitrix\bin\imageformats\qsvg4.dll - ok
10:48:03.0453 4068  [ CAE28DBC5298154ED8A9EA2A7F37D501 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportwidgets.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\reportwidgets.dll - ok
10:48:03.0453 4068  [ EBE59FA3C73EEE19E3CFA6ED7A1E3AC3 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtSvg4.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtSvg4.dll - ok
10:48:03.0453 4068  [ FD7D56F3030C60B9FBC0D331EA0AA43F ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtXml4.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtXml4.dll - ok
10:48:03.0453 4068  [ 7596AC2694689E98B91E195422BC7211 ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtCore4.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtCore4.dll - ok
10:48:03.0453 4068  [ 4E797CA9C800B2924B082C26861AC40A ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtGui4.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtGui4.dll - ok
10:48:03.0453 4068  [ DF8E0E304FC8B577316A60A65F47401E ] C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtNetwork4.dll
10:48:03.0453 4068  C:\Program Files\FourJs\gdc\fitrix\grv\bin\QtNetwork4.dll - ok
10:48:03.0468 4068  [ 9FAD7DFF67555FF1E06BC4A3893024A7 ] C:\WINDOWS\system32\logon.scr
10:48:03.0468 4068  C:\WINDOWS\system32\logon.scr - ok
10:48:03.0468 4068  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
10:48:03.0468 4068  C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
10:48:03.0468 4068  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll
10:48:03.0468 4068  C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\goopdate.dll - ok
10:48:03.0468 4068  [ 1C074E661B522E7F40D3534089FC225E ] C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\psuser.dll
10:48:03.0468 4068  C:\Documents and Settings\javierh\Local Settings\Application Data\Google\Update\1.3.21.135\psuser.dll - ok
10:48:03.0468 4068  [ C56DE8185672B9F17F127EA282DD5E07 ] C:\Program Files\Google\Update\1.3.21.135\psmachine.dll
10:48:03.0468 4068  C:\Program Files\Google\Update\1.3.21.135\psmachine.dll - ok
10:48:03.0468 4068  ============================================================
10:48:03.0468 4068  Scan finished
10:48:03.0468 4068  ============================================================
10:48:03.0578 0456  Detected object count: 13
10:48:03.0578 0456  Actual detected object count: 13
10:50:11.0625 0456  APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0625 0456  APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0625 0456  ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0625 0456  ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  DDCCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  DDCCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  fixustor ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  fixustor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  omci ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  omci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0640 0456  PDIHWCTL ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0640 0456  PDIHWCTL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0656 0456  Stltrk2k ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0656 0456  Stltrk2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0656 0456  TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:11.0656 0456  TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:50:11.0796 0456  \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
10:50:11.0812 0456  \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
10:50:11.0828 0456  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
10:50:11.0843 0456  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
10:50:12.0031 0456  \Device\Harddisk0\DR0\TDLFS\module.dll - copied to quarantine
10:50:12.0093 0456  \Device\Harddisk0\DR0\TDLFS\clc.dll - copied to quarantine
10:50:12.0218 0456  \Device\Harddisk0\DR0\TDLFS - deleted
10:50:12.0218 0456  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 
10:50:24.0140 3776  Deinitialize success


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 27 February 2013 - 09:26 PM


Hello bm6126349

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:
 ClearJavaCache:: 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 28 February 2013 - 02:19 PM

Thanks Gringo.
 
Ran the ComboFix script. 
Everything seems to be OK. 
 
=============================================================================================
 
ComboFix 13-02-26.01 - javierh 02/28/2013  10:16:23.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2732 [GMT -8:00]
Running from: c:\documents and settings\javierh\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\javierh\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\javierh\Application Data\result.db
c:\documents and settings\John\Start Menu\Internet Explorer.lnk
c:\documents and settings\LocalService\Application Data\result.db
c:\program files\Internet Explorer\msimg32.dll
C:\Thumbs.db
c:\windows\AutoRun.ini
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\regobj.dll
c:\windows\wininit.ini
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected 
Restored copy from - c:\windows\erdnt\cache\services.exe 
.
.
(((((((((((((((((((((((((   Files Created from 2013-01-28 to 2013-02-28  )))))))))))))))))))))))))))))))
.
.
2013-02-28 18:31 . 2013-02-08 00:45    6954968    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0416797D-F382-49F1-A23E-DC99A0490DD9}\mpengine.dll
2013-02-26 21:31 . 2013-02-08 00:45    6954968    ------w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-26 20:53 . 2013-02-27 18:50    --------    dc----w-    C:\TDSSKiller_Quarantine
2013-02-26 17:58 . 2013-02-26 17:58    15616    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2013-02-21 23:49 . 2013-02-21 23:49    --------    d-----w-    c:\documents and settings\javierh\Application Data\Malwarebytes
2013-02-21 23:48 . 2013-02-21 23:48    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2013-02-21 23:48 . 2013-02-21 23:48    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-02-21 23:48 . 2012-12-15 00:49    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-02-16 00:05 . 2013-02-16 00:05    --------    d-----w-    c:\windows\system32\wbem\Repository
2013-02-15 23:59 . 2013-02-15 23:59    --------    d-----w-    c:\program files\QuickTime
2013-02-15 23:57 . 2013-02-15 23:58    --------    d-----w-    c:\program files\iTunes
2013-02-15 23:57 . 2013-02-15 23:57    --------    d-----w-    c:\program files\iPod
2013-02-15 23:57 . 2013-02-15 23:57    --------    d-----w-    c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 20:53 . 2001-08-17 18:51    3328    ----a-w-    c:\windows\system32\drivers\pciide.sys
2013-02-18 18:25 . 2012-09-13 14:34    697712    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-02-18 18:25 . 2011-08-30 01:58    74096    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2009-11-23 20:26    232336    ------w-    c:\windows\system32\MpSigStub.exe
2013-01-26 03:55 . 2004-08-11 22:00    552448    ----a-w-    c:\windows\system32\oleaut32.dll
2013-01-24 22:48 . 2013-01-24 22:48    1409    ----a-w-    c:\windows\QTFont.for
2013-01-20 23:59 . 2009-06-19 02:48    195296    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-01-07 01:19 . 2004-08-11 22:00    2148864    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2004-08-04 03:59    2027520    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-11 22:00    1867264    ----a-w-    c:\windows\system32\win32k.sys
2013-01-04 01:20 . 2004-08-11 22:00    1867264    ----a-w-    c:\windows\system32\win32k(2)(2).sys
2013-01-02 06:49 . 2004-08-11 22:00    1292288    ----a-w-    c:\windows\system32\quartz.dll
2013-01-02 06:49 . 2004-08-11 22:00    148992    ----a-w-    c:\windows\system32\mpg2splt.ax
2012-12-26 20:16 . 2004-08-11 22:00    916480    ----a-w-    c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-11 22:00    916480    ----a-w-    c:\windows\system32\wininet(2)(4).dll
2012-12-26 20:16 . 2004-08-11 22:00    1212928    ----a-w-    c:\windows\system32\urlmon(2)(4).dll
2012-12-26 20:16 . 2004-08-11 22:00    105984    ----a-w-    c:\windows\system32\url(2)(4).dll
2012-12-26 20:16 . 2007-08-14 02:54    11111424    ----a-w-    c:\windows\system32\ieframe(2)(2).dll
2012-12-26 20:16 . 2007-08-14 02:34    2004992    ----a-w-    c:\windows\system32\iertutil(2)(2).dll
2012-12-26 20:16 . 2004-08-11 22:00    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-11 22:00    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-11 22:00    385024    ----a-w-    c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-11 22:00    290560    ----a-w-    c:\windows\system32\atmfd.dll
2012-12-16 12:23 . 2004-08-11 22:00    290560    ----a-w-    c:\windows\system32\atmfd(2)(2).dll
2012-07-11 14:49 . 2012-03-08 16:06    97208    ----a-w-    c:\program files\mozilla firefox\components\browsercomps.dll
1997-06-23 19:06    287504    --sha-w-    c:\windows\system32\Msxbse35.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UMonit"="c:\windows\system32\umonit.exe" [2004-01-05 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-05-04 169984]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-08-03 1032192]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-22 1392640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-31 138008]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2010-09-02 1638400]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-5-3 24576]
Genero Desktop Client.lnk - c:\program files\FourJs\gdc\fitrix\bin\gdc.exe [2010-3-22 3837248]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logo Calibration Loader.lnk]
backup=c:\windows\pss\Logo Calibration Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ProfileReminder.lnk]
backup=c:\windows\pss\ProfileReminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SATARAID5.lnk]
backup=c:\windows\pss\SATARAID5.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Fitrix_410DE1\\bin\\wtk.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\FourJs\\gdc\\fitrix\\bin\\gdc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [6/16/2007 10:41 AM 14416]
S3 DDCCI;DDC/CI monitor;c:\windows\system32\drivers\Moni2c.sys [8/23/2002 6:19 AM 6494]
S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [6/16/2007 10:41 AM 44344]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [6/23/2007 11:56 AM 6016]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [3/10/2008 1:12 PM 12928]
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 18:25]
.
2013-02-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2013-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 19:59]
.
2013-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 19:59]
.
2013-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805846074-2967745241-3733673705-1007Core.job
- c:\documents and settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-11 17:25]
.
2013-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3805846074-2967745241-3733673705-1007UA.job
- c:\documents and settings\javierh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-11 17:25]
.
2013-02-28 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 19:11]
.
2013-02-28 c:\windows\Tasks\User_Feed_Synchronization-{1FFA98E3-42E5-403D-BE5B-C86FD608E224}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.100.253
FF - ProfilePath - c:\documents and settings\javierh\Application Data\Mozilla\Firefox\Profiles\ljexw853.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - ExtSQL: !HIDDEN! 2009-09-08 06:13; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-06892759.sys
SafeBoot-79499485.sys
SafeBoot-88195121.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 10:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  UMonit = c:\windows\system32\umonit.exe?or.sys???8????????X$?8????X$?C?US????8???UB????????????????????????????A~?X??????????tq??l??????|p??|????m??|??D~?????????X$?B$?|??B~??B~*?,??X$???????????????????????????????B~????????????tq??????T???????????tq????????????? 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e0,f6,d3,17,d1,01,48,92,03,31,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,e0,f6,d3,17,d1,01,48,92,03,31,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2676)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\wscntfy.exe
c:\windows\stsystra.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2013-02-28  11:02:37 - machine was rebooted
ComboFix-quarantined-files.txt  2013-02-28 19:02
ComboFix2.txt  2013-02-26 19:36
.
Pre-Run: 41,137,963,008 bytes free
Post-Run: 41,195,102,208 bytes free
.
- - End Of File - - 5235AEDB9E246AE237D45EC3D1BA581C


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:58 PM

Posted 28 February 2013 - 05:34 PM


Hello bm6126349

I would like to see a report that combofix makes.

extra combofix report
C:\Qoobox\Add-Remove Programs.txt
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
    • click ok
  • copy and paste the report into this topic for me to review

    Gringo



I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 bm6126349

bm6126349
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:58 AM

Posted 28 February 2013 - 06:41 PM

OK

 

here is the file:

 

=============================================================================

 

 

3132 SATARAID5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.6
AnswerWorks Runtime
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoCAD 2007 - English
AutoCAD LT 97
AutoCAD LT Learning Assistance
Autodesk Architectural Desktop 3.3
Autodesk DWF Viewer
Autopano Pro
Bonjour
Broadcom Management Programs
CCleaner
Conexant HDA D110 MDC V.92 Modem
Dell Support 3.2.1
Dell System Restore
Dell Wireless WLAN Card
DeLorme Topo USA 6.0
DeLorme Topo USA 6.0 Merge Modules
DeLorme Topo USA 6.0 West Data
Digital Line Detect
Documentation & Support Launcher
Earthmate Image Tagger
EPSON Printer Software
EPSON R2880 Reference Guide
Facebook Plug-In
Fitrix 4.10.DE1 3.53.1a
Four J's Genero Desktop Client 2.22.03
Games, Music, & Photos Launcher
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel® Graphics Media Accelerator Driver
InterActual Player
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 21
Java™ 6 Update 7
Java™ SE Runtime Environment 6 Update 1
Malwarebytes Anti-Malware version 1.70.0.1100
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Color Control Panel Applet for Windows XP
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox 11.0 (x86 en-US)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB973688)
NEC DISPLAY SOLUTIONS: Monitor Installer
NetWaiting
OGA Notifier 2.0.0048.0
OutlookAddinSetup
PhotoPresets with One-Click WOW!
Picasa 3
PowerDVD
QuickSet
QuickTime
RealPlayer Basic
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
swMSM
Synaptics Pointing Device Driver
System Requirements Lab
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB 2.0 MMC/SD Card Reader
USB MMC-SD Reader
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
XP Codec Pack
Xvid 1.1.3 final uninstall





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users