Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't update Windows or MSE after exploit virus!


  • Please log in to reply
33 replies to this topic

#1 fourelms

fourelms

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 03 March 2013 - 05:14 AM


 

Hi guys, long time lurker and never had to post before, until today! I'm not too good on computers so be gentle!


 

OK, XP home 2002 service pack 3, using Microsoft Security Essentials as health checker. I had a virus, exploit:java/cve-2013-0422, which I struggled to clean, MSE kept finding it and cleaning only to find it came back, Safety Scanner also found it and cleaned....but I think I finally nailed it thru Kaspersky TDSS (see below rkill though!).....when I run TDSS after a start up no threats found.


 

My problems are


 

1/ Windows will not update, I get a 0x800A0046 error and tells me to enable 'user persistance' in custom security.....but it IS enabled?


 

2/ MSE will not update with error 0x80070005 could not access updates, authentication failed or method not supported


 

....I have tried the cure all 'windows update components' 'fix-it' which always find 2 issues, says its corrected them, but if I run the 'fix-it' again finds the same problems see here


 

[attachment=135752:fix it ResultReport.htm]


 

But this maybe of interest? When I run rkill this is the result.....it finds one process to terminate and MSDTC is missing whatever that is!

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 03/03/2013 10:06:32 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * c:\windows\system\hpsysdrv.exe (PID: 2968) [WD-HEUR]


 

1 proccess terminated!


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


 

Performing miscellaneous checks:


 

 * No issues found.


 

Checking Windows Service Integrity:


 

 * MSDTC [Missing Service]


 

Searching for Missing Digital Signatures:


 

 * No issues found.


 

Checking HOSTS File:


 

 * HOSTS file entries found:


 

  127.0.0.1       localhost


 

Program finished at: 03/03/2013 10:07:16 AM
Execution time: 0 hours(s), 0 minute(s), and 43 seconds(s)

 

cheers guys, any help most welcome


Edited by hamluis, 03 March 2013 - 07:20 AM.
Moved from XP to Am I Infected - Hamlus.


BC AdBot (Login to Remove)

 


#2 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 03 March 2013 - 05:35 AM

sorry, forgot to add, I also have Malwarebytes but this doesn't find anything amiss in deep scan



#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:04 AM

Posted 03 March 2013 - 08:38 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#4 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 04 March 2013 - 04:16 AM

many thanks for your help!....will post results asap!

 

 



#5 bcole2750

bcole2750

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 04 March 2013 - 04:22 AM

I have brought the infected computer



#6 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 04 March 2013 - 05:14 AM

I have brought the infected computer

 

 

erm really?



#7 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 04 March 2013 - 05:19 AM

I'm having an issue posting results in one hit so here goes for TDSS:-

20:46:33.0500 0668  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:46:34.0125 0668  ============================================================
20:46:34.0125 0668  Current date / time: 2013/03/03 20:46:34.0125
20:46:34.0125 0668  SystemInfo:
20:46:34.0125 0668 
20:46:34.0125 0668  OS Version: 5.1.2600 ServicePack: 3.0
20:46:34.0125 0668  Product type: Workstation
20:46:34.0125 0668  ComputerName: YOUR-C94F920E24
20:46:34.0125 0668  UserName: Compaq_Owner
20:46:34.0125 0668  Windows directory: C:\WINDOWS
20:46:34.0125 0668  System windows directory: C:\WINDOWS
20:46:34.0125 0668  Processor architecture: Intel x86
20:46:34.0125 0668  Number of processors: 1
20:46:34.0125 0668  Page size: 0x1000
20:46:34.0125 0668  Boot type: Normal boot
20:46:34.0125 0668  ============================================================
20:47:00.0093 0668  BG loaded
20:47:01.0796 0668  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:47:02.0234 0668  ============================================================
20:47:02.0234 0668  \Device\Harddisk0\DR0:
20:47:02.0468 0668  MBR partitions:
20:47:02.0468 0668  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8A2D93C
20:47:02.0468 0668  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x8A3183C, BlocksNum 0xADCC85
20:47:02.0468 0668  ============================================================
20:47:03.0203 0668  C: <-> \Device\Harddisk0\DR0\Partition1
20:47:03.0218 0668  D: <-> \Device\Harddisk0\DR0\Partition2
20:47:03.0718 0668  ============================================================
20:47:03.0718 0668  Initialize success
20:47:03.0718 0668  ============================================================
20:47:29.0921 3388  ============================================================
20:47:29.0921 3388  Scan started
20:47:29.0921 3388  Mode: Manual;
20:47:29.0921 3388  ============================================================
20:47:31.0546 3388  ================ Scan system memory ========================
20:47:31.0546 3388  System memory - ok
20:47:31.0546 3388  ================ Scan services =============================
20:47:34.0328 3388  Abiosdsk - ok
20:47:34.0343 3388  abp480n5 - ok
20:47:34.0484 3388  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:47:34.0484 3388  ACPI - ok
20:47:34.0578 3388  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:47:34.0843 3388  ACPIEC - ok
20:47:34.0859 3388  adpu160m - ok
20:47:34.0906 3388  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:47:34.0906 3388  aec - ok
20:47:34.0968 3388  [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:47:34.0984 3388  AFD - ok
20:47:35.0000 3388  Aha154x - ok
20:47:35.0015 3388  aic78u2 - ok
20:47:35.0015 3388  aic78xx - ok
20:47:35.0796 3388  [ 7F26D024355CBADB60838F53DFB171EC ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:47:37.0078 3388  ALCXWDM - ok
20:47:37.0187 3388  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:47:37.0218 3388  Alerter - ok
20:47:37.0234 3388  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
20:47:37.0234 3388  ALG - ok
20:47:37.0250 3388  AliIde - ok
20:47:37.0328 3388  [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:47:37.0343 3388  AmdK8 - ok
20:47:37.0359 3388  amsint - ok
20:47:37.0375 3388  AppMgmt - ok
20:47:37.0437 3388  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:47:37.0453 3388  Arp1394 - ok
20:47:37.0453 3388  asc - ok
20:47:37.0468 3388  asc3350p - ok
20:47:37.0484 3388  asc3550 - ok
20:47:38.0171 3388  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:47:38.0640 3388  aspnet_state - ok
20:47:38.0812 3388  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:47:38.0843 3388  AsyncMac - ok
20:47:38.0875 3388  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:47:38.0890 3388  atapi - ok
20:47:38.0890 3388  Atdisk - ok
20:47:38.0953 3388  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:47:39.0000 3388  Atmarpc - ok
20:47:39.0109 3388  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:47:39.0140 3388  AudioSrv - ok
20:47:39.0218 3388  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:47:39.0234 3388  audstub - ok
20:47:39.0265 3388  [ 7270D070173B20AC9487EA16BB08B45F ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
20:47:39.0265 3388  bb-run - ok
20:47:39.0281 3388  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:47:39.0296 3388  Beep - ok
20:47:39.0421 3388  [ B46CA7A8D52D878408DB9554445C41A1 ] BEHRINGER_2902  C:\WINDOWS\system32\Drivers\BUSB2902.sys
20:47:39.0828 3388  BEHRINGER_2902 - ok
20:47:39.0953 3388  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:47:40.0703 3388  BITS - ok
20:47:40.0765 3388  [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser         C:\WINDOWS\System32\browser.dll
20:47:40.0781 3388  Browser - ok
20:47:40.0859 3388  [ F1D6AD745DBF94A141D077B6C9E22F00 ] BUSB_AUDIO_WDM  C:\WINDOWS\system32\drivers\busbwdm.sys
20:47:41.0000 3388  BUSB_AUDIO_WDM - ok
20:47:41.0078 3388  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:47:41.0109 3388  cbidf2k - ok
20:47:41.0109 3388  cd20xrnt - ok
20:47:41.0171 3388  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:47:41.0187 3388  Cdaudio - ok
20:47:41.0250 3388  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:47:41.0296 3388  Cdfs - ok
20:47:41.0328 3388  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:47:41.0343 3388  Cdrom - ok
20:47:41.0359 3388  Changer - ok
20:47:41.0468 3388  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:47:41.0484 3388  CiSvc - ok
20:47:41.0515 3388  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:47:41.0546 3388  ClipSrv - ok
20:47:41.0593 3388  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:42.0781 3388  clr_optimization_v2.0.50727_32 - ok
20:47:42.0781 3388  CmdIde - ok
20:47:42.0796 3388  COMSysApp - ok
20:47:42.0828 3388  Cpqarray - ok
20:47:43.0000 3388  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:47:43.0000 3388  CryptSvc - ok
20:47:43.0015 3388  dac2w2k - ok
20:47:43.0031 3388  dac960nt - ok
20:47:47.0843 3388  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:47:47.0875 3388  DcomLaunch - ok
20:47:47.0953 3388  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:47:48.0000 3388  Dhcp - ok
20:47:48.0046 3388  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:47:48.0078 3388  Disk - ok
20:47:48.0078 3388  dmadmin - ok
20:47:48.0359 3388  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:47:49.0281 3388  dmboot - ok
20:47:49.0781 3388  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:47:49.0953 3388  dmio - ok
20:47:50.0140 3388  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:47:50.0156 3388  dmload - ok
20:47:50.0312 3388  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:47:50.0390 3388  dmserver - ok
20:47:50.0484 3388  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:47:50.0484 3388  DMusic - ok
20:47:50.0781 3388  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:47:50.0796 3388  Dnscache - ok
20:47:51.0000 3388  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:47:51.0156 3388  Dot3svc - ok
20:47:51.0171 3388  dpti2o - ok
20:47:51.0328 3388  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:47:51.0328 3388  drmkaud - ok
20:47:51.0562 3388  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:47:51.0625 3388  EapHost - ok
20:47:52.0437 3388  efipsk - ok
20:47:52.0687 3388  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:47:52.0687 3388  ERSvc - ok
20:47:52.0968 3388  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
20:47:53.0109 3388  Eventlog - ok
20:47:53.0453 3388  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
20:47:53.0453 3388  EventSystem - ok
20:47:53.0750 3388  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:47:53.0859 3388  Fastfat - ok
20:47:54.0031 3388  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:47:54.0203 3388  FastUserSwitchingCompatibility - ok
20:47:54.0375 3388  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
20:47:54.0437 3388  Fdc - ok
20:47:54.0656 3388  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:47:54.0703 3388  Fips - ok
20:47:59.0125 3388  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
20:47:59.0156 3388  Flpydisk - ok
20:47:59.0781 3388  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:47:59.0921 3388  FltMgr - ok
20:48:00.0296 3388  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:48:00.0500 3388  FontCache3.0.0.0 - ok
20:48:00.0687 3388  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:48:00.0718 3388  Fs_Rec - ok
20:48:00.0843 3388  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:48:00.0921 3388  Ftdisk - ok
20:48:01.0093 3388  [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
20:48:01.0203 3388  ftsata2 - ok
20:48:01.0484 3388  [ F2F431D1573EE632975C524418655B84 ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:48:01.0531 3388  GEARAspiWDM - ok
20:48:01.0906 3388  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:48:01.0921 3388  Gpc - ok
20:48:03.0062 3388  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:03.0062 3388  gupdate - ok
20:48:03.0171 3388  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:48:03.0171 3388  gupdatem - ok
20:48:03.0546 3388  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:48:03.0828 3388  gusvc - ok
20:48:04.0281 3388  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:48:04.0281 3388  helpsvc - ok
20:48:04.0484 3388  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:48:04.0500 3388  HidServ - ok
20:48:04.0718 3388  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:48:04.0734 3388  HidUsb - ok
20:48:05.0093 3388  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:48:05.0140 3388  hkmsvc - ok
20:48:05.0156 3388  hpn - ok
20:48:05.0359 3388  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:48:05.0406 3388  HPZid412 - ok
20:48:05.0828 3388  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:48:05.0859 3388  HPZipr12 - ok
20:48:06.0000 3388  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:48:06.0078 3388  HPZius12 - ok
20:48:06.0218 3388  [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32        C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
20:48:06.0218 3388  HTCAND32 - ok
20:48:06.0421 3388  [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
20:48:06.0500 3388  htcnprot - ok
20:48:06.0859 3388  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:48:07.0015 3388  HTTP - ok
20:48:07.0062 3388  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:48:07.0109 3388  HTTPFilter - ok
20:48:07.0125 3388  i2omgmt - ok
20:48:07.0140 3388  i2omp - ok
20:48:07.0250 3388  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:48:07.0281 3388  i8042prt - ok
20:48:07.0656 3388  [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
20:48:08.0234 3388  iaStor - ok
20:48:08.0562 3388  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:48:09.0484 3388  idsvc - ok
20:48:09.0656 3388  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:48:09.0703 3388  Imapi - ok
20:48:09.0890 3388  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:48:10.0015 3388  ImapiService - ok
20:48:10.0031 3388  ini910u - ok
20:48:10.0109 3388  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:48:10.0140 3388  IntelIde - ok
20:48:10.0203 3388  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:48:10.0218 3388  intelppm - ok
20:48:10.0312 3388  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:48:10.0328 3388  Ip6Fw - ok
20:48:10.0484 3388  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:48:10.0562 3388  IpFilterDriver - ok
20:48:10.0640 3388  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:48:10.0687 3388  IpInIp - ok
20:48:10.0718 3388  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:48:10.0875 3388  IpNat - ok
20:48:10.0906 3388  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:48:10.0984 3388  IPSec - ok
20:48:11.0062 3388  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:48:11.0093 3388  IRENUM - ok
20:48:11.0109 3388  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:48:11.0125 3388  isapnp - ok
20:48:11.0171 3388  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:48:11.0218 3388  Kbdclass - ok
20:48:11.0312 3388  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:48:11.0375 3388  kbdhid - ok
20:48:11.0437 3388  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:48:11.0515 3388  kmixer - ok
20:48:12.0703 3388  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:48:12.0796 3388  KSecDD - ok
20:48:12.0921 3388  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:48:12.0921 3388  lanmanserver - ok
20:48:13.0046 3388  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:48:13.0093 3388  lanmanworkstation - ok
20:48:13.0109 3388  lbrtfdc - ok
20:48:13.0203 3388  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:48:13.0234 3388  LmHosts - ok
20:48:13.0406 3388  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:48:13.0484 3388  Messenger - ok
20:48:13.0671 3388  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:13.0703 3388  mnmdd - ok
20:48:13.0781 3388  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:48:13.0812 3388  mnmsrvc - ok
20:48:13.0906 3388  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:48:13.0921 3388  Modem - ok
20:48:13.0984 3388  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:48:14.0000 3388  Mouclass - ok
20:48:14.0078 3388  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:48:14.0093 3388  mouhid - ok
20:48:14.0156 3388  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:48:14.0187 3388  MountMgr - ok
20:48:14.0281 3388  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:48:14.0359 3388  MpFilter - ok
20:48:14.0359 3388  mraid35x - ok
20:48:14.0468 3388  MREMP50 - ok
20:48:14.0484 3388  MREMP50a64 - ok
20:48:14.0500 3388  MREMPR5 - ok
20:48:14.0515 3388  MRENDIS5 - ok
20:48:14.0515 3388  MRESP50 - ok
20:48:14.0531 3388  MRESP50a64 - ok
20:48:14.0687 3388  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:48:15.0015 3388  MRxDAV - ok
20:48:15.0187 3388  [ F3AEFB11ABC521122B67095044169E98 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:48:15.0296 3388  MRxSmb - ok
20:48:15.0390 3388  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:48:15.0421 3388  Msfs - ok
20:48:15.0437 3388  MSIServer - ok
20:48:15.0515 3388  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:48:15.0578 3388  MSKSSRV - ok
20:48:15.0953 3388  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:48:15.0984 3388  MsMpSvc - ok
20:48:16.0015 3388  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:48:16.0031 3388  MSPCLOCK - ok
20:48:16.0078 3388  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:48:16.0093 3388  MSPQM - ok
20:48:16.0187 3388  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:48:16.0218 3388  mssmbios - ok
20:48:16.0312 3388  [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:48:16.0359 3388  Mup - ok
20:48:16.0484 3388  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:48:16.0515 3388  napagent - ok
20:48:16.0546 3388  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:48:16.0578 3388  NDIS - ok
20:48:16.0625 3388  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:48:16.0687 3388  NdisTapi - ok
20:48:16.0781 3388  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:48:16.0812 3388  Ndisuio - ok
20:48:16.0906 3388  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:48:16.0968 3388  NdisWan - ok
20:48:17.0046 3388  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:48:17.0078 3388  NDProxy - ok
20:48:17.0109 3388  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:48:17.0140 3388  NetBIOS - ok
20:48:17.0265 3388  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:48:17.0296 3388  NetBT - ok
20:48:17.0484 3388  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:48:17.0578 3388  NetDDE - ok
20:48:17.0703 3388  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:48:17.0703 3388  NetDDEdsdm - ok
20:48:17.0796 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:48:17.0843 3388  Netlogon - ok
20:48:17.0984 3388  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
20:48:18.0078 3388  Netman - ok
20:48:18.0187 3388  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:48:18.0312 3388  NetTcpPortSharing - ok
20:48:18.0343 3388  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:48:18.0375 3388  NIC1394 - ok
20:48:18.0468 3388  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:48:18.0468 3388  Nla - ok
20:48:18.0500 3388  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:48:18.0515 3388  Npfs - ok
20:48:18.0718 3388  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:48:18.0875 3388  Ntfs - ok
20:48:19.0125 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:48:19.0125 3388  NtLmSsp - ok
20:48:19.0437 3388  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:48:19.0828 3388  NtmsSvc - ok
20:48:19.0984 3388  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:48:20.0031 3388  Null - ok
20:48:21.0500 3388  [ CEAB17BA3E0F7DE96A4649F896B35131 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:48:24.0109 3388  nv - ok
20:48:24.0218 3388  [ DF6FD57D6807AE459B3463FBFDA02D49 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
20:48:24.0265 3388  NVSvc - ok
20:48:24.0343 3388  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:48:24.0343 3388  NwlnkFlt - ok
20:48:24.0453 3388  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:48:24.0578 3388  NwlnkFwd - ok
20:48:24.0671 3388  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\OHCI1394.SYS
20:48:24.0734 3388  ohci1394 - ok
20:48:24.0890 3388  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:48:24.0984 3388  ose - ok
20:48:25.0109 3388  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:48:25.0156 3388  Parport - ok
20:48:25.0218 3388  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:48:25.0234 3388  PartMgr - ok
20:48:25.0312 3388  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:48:25.0375 3388  ParVdm - ok
20:48:25.0656 3388  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:48:25.0703 3388  PCI - ok
20:48:25.0718 3388  PCIDump - ok
20:48:25.0781 3388  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:48:25.0796 3388  PCIIde - ok
20:48:25.0906 3388  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:48:26.0000 3388  Pcmcia - ok
20:48:26.0000 3388  PDCOMP - ok
20:48:26.0015 3388  PDFRAME - ok
20:48:26.0031 3388  PDRELI - ok
20:48:26.0046 3388  PDRFRAME - ok
20:48:26.0062 3388  perc2 - ok
20:48:26.0078 3388  perc2hib - ok
20:48:26.0140 3388  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:48:26.0156 3388  PlugPlay - ok
20:48:26.0234 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:48:26.0234 3388  PolicyAgent - ok
20:48:26.0375 3388  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:48:26.0375 3388  PptpMiniport - ok
20:48:26.0500 3388  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
20:48:26.0500 3388  Processor - ok
20:48:26.0578 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:48:26.0578 3388  ProtectedStorage - ok
20:48:26.0812 3388  [ 390C204CED3785609AB24E9C52054A84 ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
20:48:26.0859 3388  Ps2 - ok
20:48:26.0953 3388  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:48:26.0953 3388  PSched - ok
20:48:27.0031 3388  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:48:27.0046 3388  Ptilink - ok
20:48:27.0078 3388  ql1080 - ok
20:48:27.0078 3388  Ql10wnt - ok
20:48:27.0109 3388  ql12160 - ok
20:48:27.0125 3388  ql1240 - ok
20:48:27.0250 3388  ql1280 - ok
20:48:29.0328 3388  [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
20:48:29.0578 3388  RapportCerberus_43926 - ok
20:48:30.0593 3388  [ 8D0A8AF4AD6BE98D2C807BF7B643B8BC ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
20:48:30.0718 3388  RapportEI - ok
20:48:31.0015 3388  [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso     c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
20:48:31.0062 3388  RapportIaso - ok
20:48:31.0359 3388  [ 2DA510F53AA703D68D95E8AF82F5F2B4 ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
20:48:31.0500 3388  RapportKELL - ok
20:48:36.0203 3388  [ 9B0E9AF5C264521C635A3C3CB966AF85 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
20:48:37.0187 3388  RapportMgmtService - ok
20:48:37.0593 3388  [ 11C5C0FDB224E88AAD8B6B712D1FE7DF ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
20:48:37.0781 3388  RapportPG - ok
20:48:38.0031 3388  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:48:38.0046 3388  RasAcd - ok
20:48:38.0531 3388  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:48:38.0562 3388  RasAuto - ok
20:48:38.0593 3388  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:48:38.0640 3388  Rasl2tp - ok
20:48:39.0750 3388  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:48:39.0859 3388  RasMan - ok
20:48:39.0937 3388  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:48:39.0953 3388  RasPppoe - ok
20:48:40.0046 3388  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:48:40.0062 3388  Raspti - ok
20:48:40.0125 3388  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:48:40.0140 3388  Rdbss - ok
20:48:40.0171 3388  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:48:40.0187 3388  RDPCDD - ok
20:48:40.0296 3388  [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:48:40.0328 3388  RDPWD - ok
20:48:40.0468 3388  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:48:40.0484 3388  RDSessMgr - ok
20:48:40.0765 3388  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:48:40.0781 3388  RealNetworks Downloader Resolver Service - ok
20:48:41.0000 3388  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:48:41.0031 3388  redbook - ok
20:48:41.0078 3388  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:48:41.0093 3388  RemoteAccess - ok
20:48:41.0156 3388  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:48:41.0203 3388  RpcLocator - ok
20:48:41.0375 3388  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:48:41.0515 3388  RpcSs - ok
20:48:41.0656 3388  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:48:41.0687 3388  RSVP - ok
20:48:41.0781 3388  [ 7889E3981E0A5D347E037ABD467D53A5 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
20:48:41.0921 3388  RTL8023xp - ok
20:48:42.0343 3388  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:48:42.0421 3388  rtl8139 - ok
20:48:42.0546 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:48:42.0546 3388  SamSs - ok
20:48:42.0625 3388  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:48:42.0656 3388  SCardSvr - ok
20:48:42.0765 3388  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:48:42.0828 3388  Schedule - ok
20:48:43.0109 3388  [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:48:43.0125 3388  SeaPort - ok
20:48:43.0203 3388  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:48:43.0203 3388  Secdrv - ok
20:48:43.0265 3388  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:48:43.0281 3388  seclogon - ok
20:48:43.0328 3388  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
20:48:43.0328 3388  SENS - ok
20:48:43.0406 3388  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
20:48:43.0421 3388  Serial - ok
20:48:43.0546 3388  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:48:43.0593 3388  Sfloppy - ok
20:48:43.0750 3388  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:48:43.0937 3388  SharedAccess - ok
20:48:44.0062 3388  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:48:44.0187 3388  ShellHWDetection - ok
20:48:44.0187 3388  Simbad - ok
20:48:44.0281 3388  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
20:48:44.0328 3388  SONYPVU1 - ok
20:48:44.0328 3388  Sparrow - ok
20:48:44.0421 3388  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:48:44.0468 3388  splitter - ok
20:48:44.0531 3388  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:48:44.0562 3388  Spooler - ok
20:48:44.0593 3388  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:48:44.0640 3388  sr - ok
20:48:44.0687 3388  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:48:44.0703 3388  srservice - ok
20:48:45.0046 3388  [ 0F6AEFAD3641A657E18081F52D0C15AF ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:48:45.0046 3388  Srv - ok
20:48:45.0125 3388  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:48:45.0171 3388  SSDPSRV - ok
20:48:45.0265 3388  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:48:45.0265 3388  stisvc - ok
20:48:45.0359 3388  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:48:45.0375 3388  swenum - ok
20:48:45.0421 3388  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:48:45.0437 3388  swmidi - ok
20:48:45.0437 3388  SwPrv - ok
20:48:45.0984 3388  [ 438FAFE708C93B2236FC26B6F2BD5FD0 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
20:48:47.0406 3388  Symantec Core LC - ok
20:48:47.0421 3388  symc810 - ok
20:48:47.0453 3388  symc8xx - ok
20:48:47.0468 3388  SymIM - ok
20:48:47.0468 3388  SymIMMP - ok
20:48:47.0546 3388  [ B226F8A4D780ACDF76145B58BB791D5B ] symlcbrd        C:\WINDOWS\system32\drivers\symlcbrd.sys
20:48:47.0578 3388  symlcbrd - ok
20:48:47.0625 3388  sym_hi - ok
20:48:47.0640 3388  sym_u3 - ok
20:48:47.0671 3388  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:47.0687 3388  sysaudio - ok
20:48:47.0859 3388  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:48:47.0984 3388  SysmonLog - ok
20:48:48.0453 3388  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:48:48.0468 3388  TapiSrv - ok
20:48:48.0578 3388  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:48:48.0734 3388  Tcpip - ok
20:48:48.0859 3388  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:48:48.0937 3388  TDPIPE - ok
20:48:48.0984 3388  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:48:49.0000 3388  TDTCP - ok
20:48:49.0078 3388  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:48:49.0078 3388  TermDD - ok
20:48:49.0281 3388  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
20:48:49.0562 3388  TermService - ok
20:48:49.0625 3388  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:48:49.0625 3388  Themes - ok
20:48:49.0640 3388  TosIde - ok
20:48:49.0750 3388  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:48:49.0750 3388  TrkWks - ok
20:48:49.0828 3388  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:48:49.0890 3388  Udfs - ok
20:48:49.0906 3388  ultra - ok
20:48:50.0078 3388  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:48:50.0546 3388  Update - ok
20:48:50.0671 3388  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:48:50.0687 3388  upnphost - ok
20:48:50.0718 3388  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
20:48:50.0750 3388  UPS - ok
20:48:50.0765 3388  USBAAPL - ok
20:48:50.0875 3388  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:48:51.0109 3388  usbaudio - ok
20:48:51.0171 3388  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:48:51.0218 3388  usbccgp - ok
20:48:51.0296 3388  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:48:51.0328 3388  usbehci - ok
20:48:51.0390 3388  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:48:51.0421 3388  usbhub - ok
20:48:51.0453 3388  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:48:51.0468 3388  usbohci - ok
20:48:51.0531 3388  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:48:51.0546 3388  usbprint - ok
20:48:51.0578 3388  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:48:51.0609 3388  usbscan - ok
20:48:51.0625 3388  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:48:51.0640 3388  usbstor - ok
20:48:51.0703 3388  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:48:51.0750 3388  usbuhci - ok
20:48:51.0953 3388  [ BEE793D4A059CAEA55D6AC20E19B3A8F ] USB_RNDIS       C:\WINDOWS\system32\DRIVERS\usb8023.sys
20:48:51.0953 3388  USB_RNDIS - ok
20:48:51.0984 3388  [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
20:48:52.0000 3388  usb_rndisx - ok
20:48:52.0078 3388  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:48:52.0109 3388  VgaSave - ok
20:48:52.0140 3388  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:48:52.0156 3388  ViaIde - ok
20:48:52.0171 3388  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:48:52.0171 3388  VolSnap - ok
20:48:52.0328 3388  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
20:48:52.0390 3388  VSS - ok
20:48:52.0468 3388  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
20:48:52.0484 3388  W32Time - ok
20:48:52.0515 3388  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:48:52.0515 3388  Wanarp - ok
20:48:52.0609 3388  [ 4A954A20A4C73D6DB13C0FE25F3F1B0C ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:48:52.0656 3388  wceusbsh - ok
20:48:52.0765 3388  [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
20:48:52.0812 3388  Wdf01000 - ok
20:48:52.0812 3388  WDICA - ok
20:48:52.0843 3388  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:52.0859 3388  wdmaud - ok
20:48:52.0937 3388  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:48:52.0937 3388  WebClient - ok
20:48:53.0156 3388  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:48:53.0171 3388  winmgmt - ok
20:48:53.0265 3388  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:48:53.0281 3388  WmdmPmSN - ok
20:48:53.0375 3388  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:48:53.0453 3388  WmiApSrv - ok
20:48:53.0687 3388  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
20:48:53.0796 3388  WMPNetworkSvc - ok
20:48:53.0843 3388  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:48:53.0859 3388  WpdUsb - ok
20:48:53.0921 3388  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:48:53.0937 3388  wscsvc - ok
20:48:53.0968 3388  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:48:54.0000 3388  wuauserv - ok
20:48:54.0078 3388  [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:48:54.0093 3388  WudfPf - ok
20:48:54.0125 3388  [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:48:54.0125 3388  WudfRd - ok
20:48:54.0234 3388  [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
20:48:54.0250 3388  WudfSvc - ok
20:48:54.0468 3388  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:48:55.0390 3388  WZCSVC - ok
20:48:55.0515 3388  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:48:55.0562 3388  xmlprov - ok
20:48:55.0593 3388  ================ Scan global ===============================
20:48:55.0656 3388  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:55.0828 3388  [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
20:48:56.0031 3388  [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
20:48:56.0078 3388  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:56.0078 3388  [Global] - ok
20:48:56.0078 3388  ================ Scan MBR ==================================
20:48:56.0109 3388  [ ED18B096BC416BFB306882A7C2EBA877 ] \Device\Harddisk0\DR0
20:48:58.0031 3388  \Device\Harddisk0\DR0 - ok
20:48:58.0031 3388  ================ Scan VBR ==================================
20:48:58.0046 3388  [ A5928600E6EB8EB6699C1550B03B1609 ] \Device\Harddisk0\DR0\Partition1
20:48:58.0046 3388  \Device\Harddisk0\DR0\Partition1 - ok
20:48:58.0093 3388  [ E8BA6CBD4F596480A3DDF21BD5F28D15 ] \Device\Harddisk0\DR0\Partition2
20:48:58.0093 3388  \Device\Harddisk0\DR0\Partition2 - ok
20:48:58.0093 3388  ================ Scan active images ========================
20:48:58.0109 3388  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
20:48:58.0109 3388  C:\WINDOWS\system32\drivers\nic1394.sys - ok
20:48:58.0140 3388  [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
20:48:58.0140 3388  C:\WINDOWS\system32\drivers\AmdK8.sys - ok
20:48:58.0140 3388  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
20:48:58.0140 3388  C:\WINDOWS\system32\drivers\videoprt.sys - ok
20:48:58.0156 3388  [ CEAB17BA3E0F7DE96A4649F896B35131 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
20:48:58.0156 3388  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
20:48:58.0187 3388  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
20:48:58.0187 3388  C:\WINDOWS\system32\drivers\usbport.sys - ok
20:48:58.0203 3388  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
20:48:58.0203 3388  C:\WINDOWS\system32\drivers\usbohci.sys - ok
20:48:58.0203 3388  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
20:48:58.0234 3388  C:\WINDOWS\system32\drivers\usbehci.sys - ok
20:48:58.0234 3388  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
20:48:58.0234 3388  C:\WINDOWS\system32\drivers\imapi.sys - ok
20:48:58.0250 3388  [ 7889E3981E0A5D347E037ABD467D53A5 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
20:48:58.0250 3388  C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
20:48:58.0281 3388  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
20:48:58.0281 3388  C:\WINDOWS\system32\drivers\ks.sys - ok
20:48:58.0281 3388  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
20:48:58.0281 3388  C:\WINDOWS\system32\drivers\drmk.sys - ok
20:48:58.0296 3388  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
20:48:58.0328 3388  C:\WINDOWS\system32\drivers\portcls.sys - ok
20:48:58.0328 3388  [ 7F26D024355CBADB60838F53DFB171EC ] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:48:58.0328 3388  C:\WINDOWS\system32\drivers\ALCXWDM.SYS - ok
20:48:58.0343 3388  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
20:48:58.0343 3388  C:\WINDOWS\system32\drivers\parport.sys - ok
20:48:58.0375 3388  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
20:48:58.0375 3388  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
20:48:58.0375 3388  [ 390C204CED3785609AB24E9C52054A84 ] C:\WINDOWS\system32\drivers\PS2.sys
20:48:58.0375 3388  C:\WINDOWS\system32\drivers\PS2.sys - ok
20:48:58.0390 3388  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
20:48:58.0390 3388  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
20:48:58.0421 3388  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
20:48:58.0421 3388  C:\WINDOWS\system32\drivers\audstub.sys - ok
20:48:58.0437 3388  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
20:48:58.0437 3388  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
20:48:58.0468 3388  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys
20:48:58.0468 3388  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
20:48:58.0468 3388  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
20:48:58.0468 3388  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
20:48:58.0484 3388  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
20:48:58.0484 3388  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
20:48:58.0515 3388  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
20:48:58.0515 3388  C:\WINDOWS\system32\drivers\raspptp.sys - ok
20:48:58.0531 3388  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
20:48:58.0531 3388  C:\WINDOWS\system32\drivers\tdi.sys - ok
20:48:58.0531 3388  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
20:48:58.0562 3388  C:\WINDOWS\system32\drivers\psched.sys - ok
20:48:58.0562 3388  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
20:48:58.0562 3388  C:\WINDOWS\system32\drivers\msgpc.sys - ok
20:48:58.0578 3388  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
20:48:58.0578 3388  C:\WINDOWS\system32\drivers\ptilink.sys - ok
20:48:58.0609 3388  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
20:48:58.0609 3388  C:\WINDOWS\system32\drivers\raspti.sys - ok
20:48:58.0609 3388  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
20:48:58.0609 3388  C:\WINDOWS\system32\drivers\termdd.sys - ok
20:48:58.0625 3388  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
20:48:58.0656 3388  C:\WINDOWS\system32\drivers\mouclass.sys - ok
20:48:58.0656 3388  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
20:48:58.0656 3388  C:\WINDOWS\system32\drivers\swenum.sys - ok
20:48:58.0671 3388  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
20:48:58.0671 3388  C:\WINDOWS\system32\drivers\update.sys - ok
20:48:58.0703 3388  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
20:48:58.0703 3388  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
20:48:58.0703 3388  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
20:48:58.0703 3388  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
20:48:58.0718 3388  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
20:48:58.0718 3388  C:\WINDOWS\system32\drivers\usbd.sys - ok
20:48:58.0734 3388  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
20:48:58.0734 3388  C:\WINDOWS\system32\drivers\usbhub.sys - ok
20:48:58.0734 3388  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
20:48:58.0734 3388  C:\WINDOWS\system32\drivers\fdc.sys - ok
20:48:58.0750 3388  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
20:48:58.0750 3388  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
20:48:58.0765 3388  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
20:48:58.0765 3388  C:\WINDOWS\system32\drivers\cdrom.sys - ok
20:48:58.0765 3388  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
20:48:58.0765 3388  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
20:48:58.0781 3388  [ 3AF684252780CF87DC2809F85B8F7591 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
20:48:58.0781 3388  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys - ok
20:48:58.0781 3388  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
20:48:58.0781 3388  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
20:48:58.0796 3388  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
20:48:58.0796 3388  C:\WINDOWS\system32\drivers\beep.sys - ok
20:48:58.0812 3388  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
20:48:58.0812 3388  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
20:48:58.0812 3388  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
20:48:58.0812 3388  C:\WINDOWS\system32\drivers\null.sys - ok
20:48:58.0828 3388  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
20:48:58.0828 3388  C:\WINDOWS\system32\drivers\hidparse.sys - ok
20:48:58.0828 3388  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
20:48:58.0828 3388  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
20:48:58.0843 3388  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
20:48:58.0843 3388  C:\WINDOWS\system32\drivers\vga.sys - ok
20:48:58.0859 3388  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:58.0859 3388  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
20:48:58.0875 3388  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
20:48:58.0875 3388  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
20:48:58.0875 3388  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
20:48:58.0875 3388  C:\WINDOWS\system32\drivers\msfs.sys - ok
20:48:58.0890 3388  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
20:48:58.0890 3388  C:\WINDOWS\system32\drivers\npfs.sys - ok
20:48:58.0890 3388  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
20:48:58.0890 3388  C:\WINDOWS\system32\drivers\ipsec.sys - ok
20:48:58.0906 3388  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
20:48:58.0906 3388  C:\WINDOWS\system32\drivers\rasacd.sys - ok
20:48:58.0921 3388  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
20:48:58.0921 3388  C:\WINDOWS\system32\drivers\tcpip.sys - ok
20:48:58.0921 3388  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
20:48:58.0921 3388  C:\WINDOWS\system32\drivers\ipnat.sys - ok
20:48:58.0937 3388  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
20:48:58.0937 3388  C:\WINDOWS\system32\drivers\netbt.sys - ok
20:48:58.0937 3388  [ 7E775010EF291DA96AD17CA4B17137D7 ] C:\WINDOWS\system32\drivers\afd.sys
20:48:58.0937 3388  C:\WINDOWS\system32\drivers\afd.sys - ok
20:48:58.0953 3388  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
20:48:58.0953 3388  C:\WINDOWS\system32\drivers\arp1394.sys - ok
20:48:58.0968 3388  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
20:48:58.0968 3388  C:\WINDOWS\system32\drivers\netbios.sys - ok
20:48:58.0968 3388  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
20:48:58.0968 3388  C:\WINDOWS\system32\drivers\processr.sys - ok
20:48:58.0984 3388  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
20:48:58.0984 3388  C:\WINDOWS\system32\drivers\wanarp.sys - ok
20:48:58.0984 3388  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
20:48:58.0984 3388  C:\WINDOWS\system32\drivers\redbook.sys - ok
20:48:59.0000 3388  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
20:48:59.0000 3388  C:\WINDOWS\system32\drivers\rdbss.sys - ok
20:48:59.0015 3388  [ 11C5C0FDB224E88AAD8B6B712D1FE7DF ] C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
20:48:59.0015 3388  C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys - ok
20:48:59.0015 3388  [ 8D0A8AF4AD6BE98D2C807BF7B643B8BC ] C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
20:48:59.0015 3388  C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys - ok
20:48:59.0031 3388  [ F3AEFB11ABC521122B67095044169E98 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
20:48:59.0031 3388  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
20:48:59.0031 3388  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
20:48:59.0031 3388  C:\WINDOWS\system32\drivers\fips.sys - ok
20:48:59.0046 3388  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
20:48:59.0046 3388  C:\WINDOWS\system32\ntdll.dll - ok
20:48:59.0062 3388  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
20:48:59.0062 3388  C:\WINDOWS\system32\smss.exe - ok
20:48:59.0062 3388  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
20:48:59.0062 3388  C:\WINDOWS\system32\autochk.exe - ok
20:48:59.0078 3388  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
20:48:59.0078 3388  C:\WINDOWS\system32\drivers\fastfat.sys - ok
20:48:59.0093 3388  [ 601844CBCF617FF8C868130CA5B2039D ] C:\WINDOWS\system32\drivers\rndismp.sys
20:48:59.0093 3388  C:\WINDOWS\system32\drivers\rndismp.sys - ok
20:48:59.0093 3388  [ BEE793D4A059CAEA55D6AC20E19B3A8F ] C:\WINDOWS\system32\drivers\usb8023.sys
20:48:59.0093 3388  C:\WINDOWS\system32\drivers\usb8023.sys - ok
20:48:59.0109 3388  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
20:48:59.0109 3388  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
20:48:59.0109 3388  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
20:48:59.0109 3388  C:\WINDOWS\system32\drivers\hidclass.sys - ok
20:48:59.0125 3388  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
20:48:59.0125 3388  C:\WINDOWS\system32\drivers\hidusb.sys - ok
20:48:59.0140 3388  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] C:\WINDOWS\system32\drivers\usbscan.sys
20:48:59.0140 3388  C:\WINDOWS\system32\drivers\usbscan.sys - ok
20:48:59.0140 3388  [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
20:48:59.0140 3388  C:\WINDOWS\system32\drivers\usbprint.sys - ok
20:48:59.0156 3388  [ ABCB05CCDBF03000354B9553820E39F8 ] C:\WINDOWS\system32\drivers\HPZius12.sys
20:48:59.0156 3388  C:\WINDOWS\system32\drivers\HPZius12.sys - ok
20:48:59.0156 3388  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
20:48:59.0156 3388  C:\WINDOWS\system32\drivers\mouhid.sys - ok
20:48:59.0171 3388  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] C:\WINDOWS\system32\drivers\HPZid412.sys
20:48:59.0171 3388  C:\WINDOWS\system32\drivers\HPZid412.sys - ok
20:48:59.0187 3388  [ 89F41658929393487B6B7D13C8528CE3 ] C:\WINDOWS\system32\drivers\HPZipr12.sys
20:48:59.0187 3388  C:\WINDOWS\system32\drivers\HPZipr12.sys - ok
20:48:59.0187 3388  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
20:48:59.0187 3388  C:\WINDOWS\system32\drivers\wmilib.sys - ok
20:48:59.0203 3388  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
20:48:59.0203 3388  C:\WINDOWS\system32\drivers\atapi.sys - ok
20:48:59.0203 3388  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
20:48:59.0203 3388  C:\WINDOWS\system32\drivers\dxapi.sys - ok
20:48:59.0218 3388  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
20:48:59.0218 3388  C:\WINDOWS\system32\watchdog.sys - ok
20:48:59.0234 3388  [ 4F404415E13DDC541CB34294D266B65C ] C:\WINDOWS\system32\win32k.sys
20:48:59.0234 3388  C:\WINDOWS\system32\win32k.sys - ok
20:48:59.0234 3388  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:48:59.0234 3388  C:\WINDOWS\system32\basesrv.dll - ok
20:48:59.0250 3388  [ 6100D350770A5595FBF4C96F3510BADC ] C:\WINDOWS\system32\csrsrv.dll
20:48:59.0250 3388  C:\WINDOWS\system32\csrsrv.dll - ok
20:48:59.0250 3388  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
20:48:59.0250 3388  C:\WINDOWS\system32\csrss.exe - ok
20:48:59.0265 3388  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
20:48:59.0265 3388  C:\WINDOWS\system32\gdi32.dll - ok
20:48:59.0281 3388  [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
20:48:59.0281 3388  C:\WINDOWS\system32\kernel32.dll - ok
20:48:59.0281 3388  [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
20:48:59.0281 3388  C:\WINDOWS\system32\winsrv.dll - ok
20:48:59.0296 3388  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
20:48:59.0296 3388  C:\WINDOWS\system32\advapi32.dll - ok
20:48:59.0296 3388  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
20:48:59.0296 3388  C:\WINDOWS\system32\lpk.dll - ok
20:48:59.0312 3388  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
20:48:59.0312 3388  C:\WINDOWS\system32\user32.dll - ok
20:48:59.0328 3388  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
20:48:59.0328 3388  C:\WINDOWS\system32\usp10.dll - ok
20:48:59.0328 3388  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
20:48:59.0328 3388  C:\WINDOWS\system32\drivers\dxg.sys - ok
20:48:59.0343 3388  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
20:48:59.0343 3388  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
20:48:59.0343 3388  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
20:48:59.0343 3388  C:\WINDOWS\system32\rpcrt4.dll - ok
20:48:59.0359 3388  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
20:48:59.0359 3388  C:\WINDOWS\system32\secur32.dll - ok
20:48:59.0359 3388  [ 0B3AD4AB0E28973744B91BC2AD2A6BC7 ] C:\WINDOWS\system32\nv4_disp.dll
20:48:59.0359 3388  C:\WINDOWS\system32\nv4_disp.dll - ok
20:48:59.0375 3388  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
20:48:59.0375 3388  C:\WINDOWS\system32\vga.dll - ok
20:48:59.0390 3388  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
20:48:59.0390 3388  C:\WINDOWS\system32\winlogon.exe - ok
20:48:59.0390 3388  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
20:48:59.0390 3388  C:\WINDOWS\system32\authz.dll - ok
20:48:59.0406 3388  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
20:48:59.0406 3388  C:\WINDOWS\system32\msvcrt.dll - ok
20:48:59.0406 3388  [ BDAAF79DD63F194434D31A74B9BB8B77 ] C:\WINDOWS\system32\crypt32.dll
20:48:59.0406 3388  C:\WINDOWS\system32\crypt32.dll - ok
20:48:59.0421 3388  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
20:48:59.0421 3388  C:\WINDOWS\system32\msasn1.dll - ok
20:48:59.0421 3388  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
20:48:59.0421 3388  C:\WINDOWS\system32\nddeapi.dll - ok
20:48:59.0437 3388  [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll
20:48:59.0437 3388  C:\WINDOWS\system32\netapi32.dll - ok
20:48:59.0453 3388  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
20:48:59.0453 3388  C:\WINDOWS\system32\profmap.dll - ok
20:48:59.0453 3388  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
20:48:59.0453 3388  C:\WINDOWS\system32\userenv.dll - ok
20:48:59.0468 3388  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
20:48:59.0468 3388  C:\WINDOWS\system32\psapi.dll - ok
20:48:59.0468 3388  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
20:48:59.0468 3388  C:\WINDOWS\system32\regapi.dll - ok
20:48:59.0484 3388  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
20:48:59.0484 3388  C:\WINDOWS\system32\setupapi.dll - ok
20:48:59.0500 3388  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
20:48:59.0500 3388  C:\WINDOWS\system32\version.dll - ok
20:48:59.0500 3388  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
20:48:59.0500 3388  C:\WINDOWS\system32\winsta.dll - ok
20:48:59.0515 3388  [ CA648BD638245EB83F971FF71B031BEC ] C:\WINDOWS\system32\imagehlp.dll
20:48:59.0515 3388  C:\WINDOWS\system32\imagehlp.dll - ok
20:48:59.0515 3388  [ AEADC4FE32D6D60F36D9B9ACE5C642A2 ] C:\WINDOWS\system32\wintrust.dll
20:48:59.0515 3388  C:\WINDOWS\system32\wintrust.dll - ok
20:48:59.0531 3388  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
20:48:59.0531 3388  C:\WINDOWS\system32\ws2help.dll - ok
20:48:59.0546 3388  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
20:48:59.0546 3388  C:\WINDOWS\system32\ws2_32.dll - ok
20:48:59.0546 3388  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
20:48:59.0546 3388  C:\WINDOWS\system32\imm32.dll - ok
20:48:59.0562 3388  [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
20:48:59.0562 3388  C:\WINDOWS\system32\kbduk.dll - ok
20:48:59.0578 3388  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
20:48:59.0578 3388  C:\WINDOWS\system32\kbdus.dll - ok
20:48:59.0578 3388  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
20:48:59.0578 3388  C:\WINDOWS\system32\msgina.dll - ok
20:48:59.0593 3388  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
20:48:59.0593 3388  C:\WINDOWS\system32\comctl32.dll - ok
20:48:59.0593 3388  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
20:48:59.0593 3388  C:\WINDOWS\system32\odbc32.dll - ok
20:48:59.0609 3388  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
20:48:59.0609 3388  C:\WINDOWS\system32\comdlg32.dll - ok
20:48:59.0625 3388  [ E86423AA9AA8C382AF02B94A058DC2AA ] C:\WINDOWS\system32\shell32.dll
20:48:59.0625 3388  C:\WINDOWS\system32\shell32.dll - ok
20:48:59.0625 3388  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
20:48:59.0625 3388  C:\WINDOWS\system32\shlwapi.dll - ok
20:48:59.0640 3388  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
20:48:59.0640 3388  C:\WINDOWS\system32\sxs.dll - ok
20:48:59.0640 3388  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
20:48:59.0640 3388  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
20:48:59.0656 3388  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
20:48:59.0656 3388  C:\WINDOWS\system32\odbcint.dll - ok
20:48:59.0671 3388  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
20:48:59.0671 3388  C:\WINDOWS\system32\shsvcs.dll - ok
20:48:59.0671 3388  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
20:48:59.0671 3388  C:\WINDOWS\system32\sfc.dll - ok
20:48:59.0687 3388  [ 7A6A7900B5E322763430BA6FD9A31224 ] C:\WINDOWS\system32\ole32.dll
20:48:59.0687 3388  C:\WINDOWS\system32\ole32.dll - ok
20:48:59.0703 3388  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
20:48:59.0703 3388  C:\WINDOWS\system32\sfc_os.dll - ok
20:48:59.0703 3388  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
20:48:59.0703 3388  C:\WINDOWS\system32\apphelp.dll - ok
20:48:59.0718 3388  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:48:59.0718 3388  C:\WINDOWS\system32\services.exe - ok
20:48:59.0734 3388  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
20:48:59.0734 3388  C:\WINDOWS\system32\lsasrv.dll - ok
20:48:59.0734 3388  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
20:48:59.0734 3388  C:\WINDOWS\system32\lsass.exe - ok
20:48:59.0750 3388  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
20:48:59.0750 3388  C:\WINDOWS\system32\ncobjapi.dll - ok
20:48:59.0750 3388  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
20:48:59.0750 3388  C:\WINDOWS\system32\mpr.dll - ok
20:48:59.0765 3388  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
20:48:59.0765 3388  C:\WINDOWS\system32\msvcp60.dll - ok
20:48:59.0781 3388  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
20:48:59.0781 3388  C:\WINDOWS\system32\scesrv.dll - ok
20:48:59.0781 3388  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
20:48:59.0781 3388  C:\WINDOWS\system32\ntdsapi.dll - ok
20:48:59.0796 3388  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
20:48:59.0796 3388  C:\WINDOWS\system32\umpnpmgr.dll - ok
20:48:59.0796 3388  [ 5D3FDE8FB2801A2041D1B965372C4928 ] C:\WINDOWS\system32\dnsapi.dll
20:48:59.0796 3388  C:\WINDOWS\system32\dnsapi.dll - ok
20:48:59.0812 3388  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
20:48:59.0812 3388  C:\WINDOWS\system32\shimeng.dll - ok
20:48:59.0828 3388  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
20:48:59.0828 3388  C:\WINDOWS\system32\wldap32.dll - ok
20:48:59.0828 3388  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
20:48:59.0828 3388  C:\WINDOWS\AppPatch\acadproc.dll - ok
20:48:59.0843 3388  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
20:48:59.0843 3388  C:\WINDOWS\system32\samlib.dll - ok
20:48:59.0843 3388  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
20:48:59.0843 3388  C:\WINDOWS\system32\samsrv.dll - ok
20:48:59.0859 3388  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
20:48:59.0859 3388  C:\WINDOWS\system32\cryptdll.dll - ok
20:48:59.0875 3388  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
20:48:59.0875 3388  C:\WINDOWS\AppPatch\acgenral.dll - ok
20:48:59.0875 3388  [ F1300D0B4C40754A01DF16F350F0EF60 ] C:\WINDOWS\system32\winmm.dll
20:48:59.0875 3388  C:\WINDOWS\system32\winmm.dll - ok
20:48:59.0890 3388  [ 387006CF9983000BAB76DD250D424045 ] C:\WINDOWS\system32\oleaut32.dll
20:48:59.0890 3388  C:\WINDOWS\system32\oleaut32.dll - ok
20:48:59.0906 3388  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
20:48:59.0906 3388  C:\WINDOWS\system32\msacm32.dll - ok
20:48:59.0906 3388  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
20:48:59.0906 3388  C:\WINDOWS\system32\uxtheme.dll - ok
20:48:59.0921 3388  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
20:48:59.0921 3388  C:\WINDOWS\system32\msapsspc.dll - ok
20:48:59.0937 3388  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
20:48:59.0937 3388  C:\WINDOWS\system32\msvcrt40.dll - ok
20:48:59.0937 3388  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
20:48:59.0937 3388  C:\WINDOWS\system32\digest.dll - ok
20:48:59.0953 3388  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
20:48:59.0953 3388  C:\WINDOWS\system32\msnsspc.dll - ok
20:48:59.0953 3388  [ 30ACE70B3C0242F0D1AC3B4FA708710F ] C:\WINDOWS\system32\schannel.dll
20:48:59.0953 3388  C:\WINDOWS\system32\schannel.dll - ok
20:48:59.0968 3388  [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
20:48:59.0968 3388  C:\WINDOWS\system32\msctfime.ime - ok
20:48:59.0984 3388  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
20:48:59.0984 3388  C:\WINDOWS\system32\msprivs.dll - ok
20:48:59.0984 3388  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
20:48:59.0984 3388  C:\WINDOWS\system32\sfcfiles.dll - ok
20:49:00.0000 3388  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
20:49:00.0000 3388  C:\WINDOWS\system32\kerberos.dll - ok
20:49:00.0015 3388  [ 003F80D9BBAFF98BF3AF06B9B543ABDC ] C:\WINDOWS\system32\atmfd.dll
20:49:00.0015 3388  C:\WINDOWS\system32\atmfd.dll - ok
20:49:00.0015 3388  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
20:49:00.0015 3388  C:\WINDOWS\system32\msv1_0.dll - ok
20:49:00.0031 3388  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
20:49:00.0031 3388  C:\WINDOWS\system32\iphlpapi.dll - ok
20:49:00.0046 3388  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
20:49:00.0046 3388  C:\WINDOWS\system32\netlogon.dll - ok
20:49:00.0046 3388  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
20:49:00.0046 3388  C:\WINDOWS\system32\w32time.dll - ok
20:49:00.0062 3388  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
20:49:00.0062 3388  C:\WINDOWS\system32\wdigest.dll - ok
20:49:00.0078 3388  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
20:49:00.0078 3388  C:\WINDOWS\system32\rsaenh.dll - ok
20:49:00.0078 3388  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
20:49:00.0078 3388  C:\WINDOWS\system32\winscard.dll - ok
20:49:00.0093 3388  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
20:49:00.0093 3388  C:\WINDOWS\system32\wtsapi32.dll - ok
20:49:00.0093 3388  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
20:49:00.0093 3388  C:\WINDOWS\system32\scecli.dll - ok
20:49:00.0109 3388  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
20:49:00.0109 3388  C:\WINDOWS\system32\svchost.exe - ok
20:49:00.0125 3388  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
20:49:00.0125 3388  C:\WINDOWS\system32\ntmarta.dll - ok
20:49:00.0125 3388  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
20:49:00.0125 3388  C:\WINDOWS\system32\rpcss.dll - ok
20:49:00.0140 3388  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
20:49:00.0140 3388  C:\WINDOWS\system32\xpsp2res.dll - ok
20:49:00.0156 3388  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
20:49:00.0156 3388  C:\WINDOWS\system32\eventlog.dll - ok
20:49:00.0171 3388  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] C:\WINDOWS\system32\mswsock.dll
20:49:00.0171 3388  C:\WINDOWS\system32\mswsock.dll - ok
20:49:00.0171 3388  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
20:49:00.0171 3388  C:\WINDOWS\system32\logonui.exe - ok
20:49:00.0187 3388  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
20:49:00.0187 3388  C:\WINDOWS\system32\hnetcfg.dll - ok
20:49:00.0187 3388  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
20:49:00.0187 3388  C:\WINDOWS\system32\duser.dll - ok
20:49:00.0203 3388  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
20:49:00.0203 3388  C:\WINDOWS\system32\msimg32.dll - ok
20:49:00.0218 3388  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
20:49:00.0218 3388  C:\WINDOWS\system32\oleacc.dll - ok
20:49:00.0218 3388  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
20:49:00.0218 3388  C:\WINDOWS\system32\wshtcpip.dll - ok
20:49:00.0234 3388  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
20:49:00.0234 3388  C:\WINDOWS\system32\winrnr.dll - ok
20:49:00.0250 3388  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
20:49:00.0250 3388  C:\WINDOWS\system32\rasadhlp.dll - ok
20:49:00.0250 3388  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:49:00.0250 3388  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:49:00.0265 3388  [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:49:00.0265 3388  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:49:00.0296 3388  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
20:49:00.0296 3388  C:\WINDOWS\system32\clbcatq.dll - ok
20:49:00.0312 3388  [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:49:00.0312 3388  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:49:00.0312 3388  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
20:49:00.0312 3388  C:\WINDOWS\system32\comres.dll - ok
20:49:00.0328 3388  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
20:49:00.0328 3388  C:\WINDOWS\system32\shgina.dll - ok
20:49:00.0328 3388  [ 9B0E9AF5C264521C635A3C3CB966AF85 ] C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
20:49:00.0328 3388  C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe - ok
20:49:00.0343 3388  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
20:49:00.0343 3388  C:\WINDOWS\system32\cscdll.dll - ok
20:49:00.0406 3388  [ AE93084D2D236887BA56467AE42B4955 ] C:\WINDOWS\system32\WudfSvc.dll
20:49:00.0406 3388  C:\WINDOWS\system32\WudfSvc.dll - ok
20:49:00.0453 3388  [ 904120AAB6EF27B6AF73C19D09EB2695 ] C:\WINDOWS\system32\WudfPlatform.dll
20:49:00.0453 3388  C:\WINDOWS\system32\WudfPlatform.dll - ok
20:49:00.0515 3388  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
20:49:00.0515 3388  C:\WINDOWS\system32\dimsntfy.dll - ok
20:49:00.0578 3388  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
20:49:00.0578 3388  C:\WINDOWS\system32\wlnotify.dll - ok
20:49:00.0609 3388  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
20:49:00.0609 3388  C:\WINDOWS\system32\winspool.drv - ok
20:49:00.0671 3388  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
20:49:00.0671 3388  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
20:49:00.0734 3388  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
20:49:00.0734 3388  C:\WINDOWS\system32\dhcpcsvc.dll - ok
20:49:00.0765 3388  [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:49:00.0765 3388  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:49:00.0796 3388  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
20:49:00.0796 3388  C:\WINDOWS\system32\fltlib.dll - ok
20:49:00.0796 3388  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
20:49:00.0796 3388  C:\WINDOWS\system32\dnsrslvr.dll - ok
20:49:00.0812 3388  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
20:49:00.0812 3388  C:\WINDOWS\system32\lmhsvc.dll - ok
20:49:00.0828 3388  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
20:49:00.0828 3388  C:\WINDOWS\system32\wzcsvc.dll - ok
20:49:00.0828 3388  [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2A50153B-EC88-4C3D-96E6-36D9C3DCE007}\mpengine.dll
20:49:00.0828 3388  C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2A50153B-EC88-4C3D-96E6-36D9C3DCE007}\mpengine.dll - ok
20:49:00.0843 3388  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
20:49:00.0843 3388  C:\WINDOWS\system32\rtutils.dll - ok
20:49:00.0843 3388  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
20:49:00.0843 3388  C:\WINDOWS\system32\wmi.dll - ok
20:49:00.0859 3388  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
20:49:00.0859 3388  C:\WINDOWS\system32\eapolqec.dll - ok
20:49:00.0859 3388  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
20:49:00.0859 3388  C:\WINDOWS\system32\atl.dll - ok
20:49:00.0875 3388  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
20:49:00.0875 3388  C:\WINDOWS\system32\qutil.dll - ok
20:49:00.0890 3388  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
20:49:00.0890 3388  C:\WINDOWS\system32\dot3api.dll - ok
20:49:00.0890 3388  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
20:49:00.0890 3388  C:\WINDOWS\system32\esent.dll - ok
20:49:00.0906 3388  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
20:49:00.0906 3388  C:\WINDOWS\system32\mlang.dll - ok
20:49:00.0921 3388  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
20:49:00.0921 3388  C:\WINDOWS\system32\rastls.dll - ok
20:49:00.0921 3388  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
20:49:00.0921 3388  C:\WINDOWS\system32\cryptui.dll - ok
20:49:00.0937 3388  [ 552263502EA8C24D301A0C43FF90B3ED ] C:\WINDOWS\system32\wininet.dll
20:49:00.0937 3388  C:\WINDOWS\system32\wininet.dll - ok
20:49:00.0953 3388  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
20:49:00.0953 3388  C:\WINDOWS\system32\normaliz.dll - ok
20:49:00.0953 3388  [ 496CE99BBBB7680323921DF30B405C36 ] C:\WINDOWS\system32\urlmon.dll
20:49:00.0953 3388  C:\WINDOWS\system32\urlmon.dll - ok
20:49:00.0968 3388  [ 1AB894FA897E26B23CA53BEED72F61F4 ] C:\WINDOWS\system32\iertutil.dll
20:49:00.0968 3388  C:\WINDOWS\system32\iertutil.dll - ok
20:49:00.0968 3388  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
20:49:00.0968 3388  C:\WINDOWS\system32\mprapi.dll - ok
20:49:00.0984 3388  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
20:49:00.0984 3388  C:\WINDOWS\system32\activeds.dll - ok
20:49:01.0000 3388  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
20:49:01.0000 3388  C:\WINDOWS\system32\adsldpc.dll - ok
20:49:01.0000 3388  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
20:49:01.0000 3388  C:\WINDOWS\system32\rasapi32.dll - ok
20:49:01.0015 3388  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
20:49:01.0015 3388  C:\WINDOWS\system32\rasman.dll - ok
20:49:01.0031 3388  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
20:49:01.0031 3388  C:\WINDOWS\system32\tapi32.dll - ok
20:49:01.0031 3388  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
20:49:01.0031 3388  C:\WINDOWS\system32\riched20.dll - ok
20:49:01.0046 3388  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
20:49:01.0046 3388  C:\WINDOWS\system32\raschap.dll - ok
20:49:01.0062 3388  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
20:49:01.0062 3388  C:\WINDOWS\system32\xmlprovi.dll - ok
20:49:01.0062 3388  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
20:49:01.0062 3388  C:\WINDOWS\system32\wzcsapi.dll - ok
20:49:01.0078 3388  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
20:49:01.0078 3388  C:\WINDOWS\system32\schedsvc.dll - ok
20:49:01.0093 3388  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
20:49:01.0093 3388  C:\WINDOWS\system32\msidle.dll - ok
20:49:01.0093 3388  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
20:49:01.0093 3388  C:\WINDOWS\system32\spoolsv.exe - ok
20:49:01.0109 3388  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
20:49:01.0109 3388  C:\WINDOWS\system32\audiosrv.dll - ok
20:49:01.0125 3388  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
20:49:01.0125 3388  C:\WINDOWS\system32\wkssvc.dll - ok
20:49:01.0125 3388  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
20:49:01.0125 3388  C:\WINDOWS\system32\cscui.dll - ok
20:49:01.0140 3388  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
20:49:01.0140 3388  C:\WINDOWS\system32\powrprof.dll - ok
20:49:01.0140 3388  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
20:49:01.0140 3388  C:\WINDOWS\system32\dpcdll.dll - ok
20:49:01.0156 3388  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
20:49:01.0156 3388  C:\WINDOWS\system32\wdmaud.drv - ok
20:49:01.0218 3388  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
20:49:01.0218 3388  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
20:49:01.0250 3388  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
20:49:01.0250 3388  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
20:49:01.0312 3388  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
20:49:01.0312 3388  C:\WINDOWS\system32\drivers\splitter.sys - ok
20:49:01.0328 3388  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
20:49:01.0328 3388  C:\WINDOWS\system32\drivers\aec.sys - ok
20:49:01.0328 3388  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
20:49:01.0328 3388  C:\WINDOWS\system32\userinit.exe - ok
20:49:01.0359 3388  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
20:49:01.0359 3388  C:\WINDOWS\system32\drivers\swmidi.sys - ok
20:49:01.0390 3388  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
20:49:01.0390 3388  C:\WINDOWS\system32\drivers\dmusic.sys - ok
20:49:01.0453 3388  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
20:49:01.0453 3388  C:\WINDOWS\system32\drivers\kmixer.sys - ok
20:49:01.0515 3388  [ 9A7F1691F76E019C11481B6355125072 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
20:49:01.0515 3388  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
20:49:01.0578 3388  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
20:49:01.0578 3388  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
20:49:01.0625 3388  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
20:49:01.0625 3388  C:\WINDOWS\explorer.exe - ok
20:49:01.0640 3388  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
20:49:01.0640 3388  C:\WINDOWS\system32\msacm32.drv - ok
20:49:01.0640 3388  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
20:49:01.0640 3388  C:\WINDOWS\system32\midimap.dll - ok
20:49:01.0640 3388  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
20:49:01.0640 3388  C:\WINDOWS\system32\msvcr100.dll - ok
20:49:01.0656 3388  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
20:49:01.0656 3388  C:\WINDOWS\system32\browseui.dll - ok
20:49:01.0718 3388  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
20:49:01.0718 3388  C:\WINDOWS\system32\msvcp100.dll - ok
20:49:01.0750 3388  [ B7D0F1FA8926F0D58B7A000E5DAB4B3E ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
20:49:01.0750 3388  C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
20:49:01.0750 3388  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:49:01.0750 3388  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:49:01.0765 3388  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
20:49:01.0765 3388  C:\WINDOWS\system32\shdocvw.dll - ok
20:49:01.0781 3388  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
20:49:01.0781 3388  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
20:49:01.0781 3388  [ 8F9D6B4AB86A39319078814ABBDD40BC ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
20:49:01.0781 3388  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
20:49:01.0796 3388  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
20:49:01.0796 3388  C:\WINDOWS\system32\msi.dll - ok
20:49:01.0796 3388  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
20:49:01.0796 3388  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
20:49:01.0812 3388  [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:49:01.0812 3388  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:49:01.0828 3388  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
20:49:01.0828 3388  C:\WINDOWS\system32\webclnt.dll - ok
20:49:01.0828 3388  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
20:49:01.0828 3388  C:\WINDOWS\system32\cabinet.dll - ok
20:49:01.0843 3388  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
20:49:01.0843 3388  C:\WINDOWS\system32\drivers\serial.sys - ok
20:49:01.0843 3388  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
20:49:01.0843 3388  C:\WINDOWS\system32\qmgr.dll - ok
20:49:01.0859 3388  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
20:49:01.0859 3388  C:\WINDOWS\system32\shfolder.dll - ok
20:49:01.0859 3388  [ 8C77ECF3C7DCBB926312B7ECED6ECA75 ] C:\WINDOWS\system32\winhttp.dll
20:49:01.0875 3388  C:\WINDOWS\system32\winhttp.dll - ok
20:49:01.0875 3388  [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:49:01.0875 3388  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:49:01.0890 3388  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
20:49:01.0890 3388  C:\WINDOWS\system32\es.dll - ok
20:49:01.0890 3388  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
20:49:01.0890 3388  C:\WINDOWS\system32\dbghelp.dll - ok
20:49:01.0906 3388  [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
20:49:01.0906 3388  C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
20:49:01.0906 3388  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
20:49:01.0906 3388  C:\WINDOWS\system32\ersvc.dll - ok
20:49:01.0921 3388  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
20:49:01.0921 3388  C:\WINDOWS\system32\cryptsvc.dll - ok
20:49:01.0921 3388  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
20:49:01.0921 3388  C:\WINDOWS\system32\certcli.dll - ok
20:49:01.0937 3388  [ 47188B0092466FD476E23DEA70CC1D4F ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
20:49:01.0937 3388  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
20:49:01.0953 3388  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
20:49:01.0953 3388  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
20:49:01.0953 3388  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
20:49:01.0953 3388  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
20:49:01.0968 3388  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
20:49:01.0968 3388  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
20:49:01.0968 3388  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
20:49:01.0968 3388  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
20:49:01.0984 3388  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
20:49:01.0984 3388  C:\WINDOWS\system32\mstask.dll - ok
20:49:02.0000 3388  [ 5879D691E842574A20FE63817CB76DF9 ] C:\WINDOWS\system32\msiexec.exe
20:49:02.0000 3388  C:\WINDOWS\system32\msiexec.exe - ok
20:49:02.0000 3388  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
20:49:02.0000 3388  C:\WINDOWS\system32\netman.dll - ok
20:49:02.0015 3388  [ DF6FD57D6807AE459B3463FBFDA02D49 ] C:\WINDOWS\system32\nvsvc32.exe
20:49:02.0015 3388  C:\WINDOWS\system32\nvsvc32.exe - ok
20:49:02.0015 3388  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
20:49:02.0015 3388  C:\WINDOWS\system32\netshell.dll - ok
20:49:02.0031 3388  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
20:49:02.0031 3388  C:\WINDOWS\system32\desk.cpl - ok
20:49:02.0031 3388  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
20:49:02.0031 3388  C:\WINDOWS\system32\ipsecsvc.dll - ok
20:49:02.0046 3388  [ D65603E2C5713C4CD011F83D89213678 ] C:\WINDOWS\system32\nvcpl.dll
20:49:02.0046 3388  C:\WINDOWS\system32\nvcpl.dll - ok
20:49:02.0062 3388  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:49:02.0062 3388  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
20:49:02.0062 3388  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
20:49:02.0062 3388  C:\WINDOWS\system32\themeui.dll - ok
20:49:02.0078 3388  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
20:49:02.0078 3388  C:\WINDOWS\system32\oakley.dll - ok
20:49:02.0093 3388  [ 271077B91D7AD1B616F8AFDFE8E3F981 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:49:02.0093 3388  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
20:49:02.0109 3388  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
20:49:02.0109 3388  C:\WINDOWS\system32\wsock32.dll - ok
20:49:02.0109 3388  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
20:49:02.0109 3388  C:\WINDOWS\system32\winipsec.dll - ok
20:49:02.0125 3388  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
20:49:02.0125 3388  C:\WINDOWS\system32\sensapi.dll - ok
20:49:02.0140 3388  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
20:49:02.0140 3388  C:\WINDOWS\system32\pstorsvc.dll - ok
20:49:02.0140 3388  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
20:49:02.0140 3388  C:\WINDOWS\system32\credui.dll - ok
20:49:02.0140 3388  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
20:49:02.0156 3388  C:\WINDOWS\system32\psbase.dll - ok
20:49:02.0156 3388  [ 0AD792A78419867BF5D750853D80FA11 ] C:\WINDOWS\system32\msxml3.dll
20:49:02.0156 3388  C:\WINDOWS\system32\msxml3.dll - ok
20:49:02.0171 3388  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
20:49:02.0171 3388  C:\WINDOWS\system32\dot3dlg.dll - ok
20:49:02.0171 3388  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
20:49:02.0171 3388  C:\WINDOWS\system32\onex.dll - ok
20:49:02.0187 3388  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
20:49:02.0187 3388  C:\WINDOWS\system32\dssenh.dll - ok
20:49:02.0187 3388  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
20:49:02.0187 3388  C:\WINDOWS\system32\eappcfg.dll - ok
20:49:02.0203 3388  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
20:49:02.0203 3388  C:\WINDOWS\system32\eappprxy.dll - ok
20:49:02.0218 3388  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
20:49:02.0218 3388  C:\WINDOWS\system32\actxprxy.dll - ok
20:49:02.0218 3388  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
20:49:02.0218 3388  C:\WINDOWS\system32\srvsvc.dll - ok
20:49:02.0234 3388  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
20:49:02.0234 3388  C:\WINDOWS\system32\hidserv.dll - ok
20:49:02.0234 3388  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
20:49:02.0234 3388  C:\WINDOWS\system32\hid.dll - ok
20:49:02.0250 3388  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\system32\drivers\secdrv.sys
20:49:02.0250 3388  C:\WINDOWS\system32\drivers\secdrv.sys - ok
20:49:02.0265 3388  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
20:49:02.0265 3388  C:\WINDOWS\system32\netmsg.dll - ok
20:49:02.0265 3388  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
20:49:02.0265 3388  C:\WINDOWS\system32\seclogon.dll - ok
20:49:02.0281 3388  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
20:49:02.0281 3388  C:\WINDOWS\system32\srsvc.dll - ok
20:49:02.0281 3388  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
20:49:02.0281 3388  C:\WINDOWS\system32\wiaservc.dll - ok
20:49:02.0296 3388  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
20:49:02.0296 3388  C:\WINDOWS\system32\spoolss.dll - ok
20:49:02.0312 3388  [ B226F8A4D780ACDF76145B58BB791D5B ] C:\WINDOWS\system32\drivers\symlcbrd.sys
20:49:02.0312 3388  C:\WINDOWS\system32\drivers\symlcbrd.sys - ok
20:49:02.0312 3388  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
20:49:02.0312 3388  C:\WINDOWS\system32\sens.dll - ok
20:49:02.0328 3388  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
20:49:02.0328 3388  C:\WINDOWS\system32\cmd.exe - ok
20:49:02.0328 3388  [ 0B8FB29CDA02015448C9F5260A013F19 ] C:\WINDOWS\system32\ieframe.dll
20:49:02.0328 3388  C:\WINDOWS\system32\ieframe.dll - ok
20:49:02.0343 3388  [ AA897735D5AB916297A6823A9B2D61B1 ] C:\WINDOWS\system32\localspl.dll
20:49:02.0343 3388  C:\WINDOWS\system32\localspl.dll - ok
20:49:02.0359 3388  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
20:49:02.0359 3388  C:\WINDOWS\system32\wuauserv.dll - ok
20:49:02.0375 3388  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
20:49:02.0375 3388  C:\WINDOWS\system32\cfgmgr32.dll - ok
20:49:02.0390 3388  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
20:49:02.0390 3388  C:\WINDOWS\system32\mscms.dll - ok
20:49:02.0390 3388  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
20:49:02.0390 3388  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
20:49:02.0406 3388  [ 0F6AEFAD3641A657E18081F52D0C15AF ] C:\WINDOWS\system32\drivers\srv.sys
20:49:02.0406 3388  C:\WINDOWS\system32\drivers\srv.sys - ok
20:49:02.0406 3388  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
20:49:02.0406 3388  C:\WINDOWS\system32\vssapi.dll - ok
20:49:02.0421 3388  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
20:49:02.0421 3388  C:\WINDOWS\system32\cnbjmon.dll - ok
20:49:02.0437 3388  [ F7BAD13C9327213635ABCA22386FA3C9 ] C:\WINDOWS\system32\EBPMON3.DLL
20:49:02.0437 3388  C:\WINDOWS\system32\EBPMON3.DLL - ok
20:49:02.0437 3388  [ 3183BFA7BDF50662F9094BC720EB7AF9 ] C:\WINDOWS\system32\hpzll5ha.dll
20:49:02.0437 3388  C:\WINDOWS\system32\hpzll5ha.dll - ok
20:49:02.0453 3388  [ 6F26FD49E2CE5E4619AC74A8B5E280E6 ] C:\WINDOWS\system32\hpowiax3.dll
20:49:02.0453 3388  C:\WINDOWS\system32\hpowiax3.dll - ok
20:49:02.0468 3388  [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\system32\wuaueng.dll
20:49:02.0468 3388  C:\WINDOWS\system32\wuaueng.dll - ok
20:49:02.0468 3388  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
20:49:02.0468 3388  C:\WINDOWS\system32\pjlmon.dll - ok
20:49:02.0484 3388  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
20:49:02.0484 3388  C:\WINDOWS\system32\tcpmon.dll - ok
20:49:02.0515 3388  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
20:49:02.0515 3388  C:\WINDOWS\system32\usbmon.dll - ok
20:49:02.0531 3388  [ D0E39177C896D2F8191A9C96636276DF ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll
20:49:02.0531 3388  C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
20:49:02.0578 3388  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
20:49:02.0578 3388  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
20:49:02.0578 3388  [ 006AE13434FFCEEC751AADB25BBB6ABC ] C:\WINDOWS\system32\nvrseng.dll
20:49:02.0578 3388  C:\WINDOWS\system32\nvrseng.dll - ok
20:49:02.0625 3388  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
20:49:02.0625 3388  C:\WINDOWS\system32\win32spl.dll - ok
20:49:02.0640 3388  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
20:49:02.0640 3388  C:\WINDOWS\system32\netrap.dll - ok
20:49:02.0640 3388  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
20:49:02.0640 3388  C:\WINDOWS\system32\mspatcha.dll - ok
20:49:02.0656 3388  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
20:49:02.0656 3388  C:\WINDOWS\system32\inetpp.dll - ok
20:49:02.0656 3388  [ C42671F177940F17AF1079F935FC9F8C ] C:\WINDOWS\system32\nvapi.dll
20:49:02.0656 3388  C:\WINDOWS\system32\nvapi.dll - ok
20:49:02.0671 3388  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
20:49:02.0671 3388  C:\WINDOWS\system32\trkwks.dll - ok
20:49:02.0671 3388  [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll
20:49:02.0671 3388  C:\WINDOWS\system32\browser.dll - ok
20:49:02.0687 3388  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
20:49:02.0687 3388  C:\WINDOWS\system32\cryptnet.dll - ok
20:49:02.0703 3388  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
20:49:02.0703 3388  C:\WINDOWS\system32\rundll32.exe - ok
20:49:02.0703 3388  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
20:49:02.0703 3388  C:\WINDOWS\system32\ipnathlp.dll - ok
20:49:02.0718 3388  [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\system32\wups.dll
20:49:02.0718 3388  C:\WINDOWS\system32\wups.dll - ok
20:49:02.0718 3388  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
20:49:02.0718 3388  C:\WINDOWS\system32\wscsvc.dll - ok
20:49:02.0734 3388  [ 5BD1234E11B39C63BBA87022AF6D43C2 ] C:\WINDOWS\system32\wups2.dll
20:49:02.0734 3388  C:\WINDOWS\system32\wups2.dll - ok
20:49:02.0750 3388  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
20:49:02.0750 3388  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
20:49:02.0750 3388  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
20:49:02.0750 3388  C:\WINDOWS\system32\wbem\esscli.dll - ok
20:49:02.0796 3388  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
20:49:02.0796 3388  C:\WINDOWS\system32\wbem\fastprox.dll - ok
20:49:02.0859 3388  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
20:49:02.0859 3388  C:\WINDOWS\system32\comsvcs.dll - ok
20:49:02.0890 3388  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
20:49:02.0890 3388  C:\WINDOWS\system32\colbact.dll - ok
20:49:02.0890 3388  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
20:49:02.0890 3388  C:\WINDOWS\system32\mtxclu.dll - ok
20:49:02.0906 3388  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
20:49:02.0906 3388  C:\WINDOWS\system32\clusapi.dll - ok
20:49:02.0921 3388  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
20:49:02.0921 3388  C:\WINDOWS\system32\resutils.dll - ok
20:49:02.0921 3388  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
20:49:02.0921 3388  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
20:49:02.0937 3388  [ 62BB79160F86CD962F312C68C6239BFD ] C:\WINDOWS\system32\wuauclt.exe
20:49:02.0937 3388  C:\WINDOWS\system32\wuauclt.exe - ok
20:49:02.0937 3388  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
20:49:02.0937 3388  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
20:49:02.0953 3388  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
20:49:02.0953 3388  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
20:49:02.0968 3388  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
20:49:02.0968 3388  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
20:49:02.0968 3388  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
20:49:02.0968 3388  C:\WINDOWS\system32\wbem\wbemess.dll - ok
20:49:02.0984 3388  [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll
20:49:02.0984 3388  C:\WINDOWS\system32\wuapi.dll - ok
20:49:02.0984 3388  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
20:49:02.0984 3388  C:\WINDOWS\system32\wbem\ncprov.dll - ok
20:49:03.0000 3388  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
20:49:03.0000 3388  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
20:49:03.0015 3388  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
20:49:03.0015 3388  C:\WINDOWS\system32\termsrv.dll - ok
20:49:03.0015 3388  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\EF04C8B6-B788-41D5-AB5A-2E72FE5A2273.exe
20:49:03.0015 3388  C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\EF04C8B6-B788-41D5-AB5A-2E72FE5A2273.exe - ok
20:49:03.0031 3388  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
20:49:03.0031 3388  C:\WINDOWS\system32\icaapi.dll - ok
20:49:03.0031 3388  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
20:49:03.0031 3388  C:\WINDOWS\system32\mstlsapi.dll - ok
20:49:03.0046 3388  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
20:49:03.0046 3388  C:\WINDOWS\system32\tapisrv.dll - ok
20:49:03.0046 3388  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
20:49:03.0046 3388  C:\WINDOWS\system32\msutb.dll - ok
20:49:03.0062 3388  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
20:49:03.0062 3388  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
20:49:03.0078 3388  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
20:49:03.0078 3388  C:\WINDOWS\system32\msctf.dll - ok
20:49:03.0078 3388  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
20:49:03.0078 3388  C:\WINDOWS\system32\rasmans.dll - ok
20:49:03.0093 3388  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
20:49:03.0093 3388  C:\WINDOWS\system32\netcfgx.dll - ok
20:49:03.0093 3388  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
20:49:03.0093 3388  C:\WINDOWS\system32\licwmi.dll - ok
20:49:03.0109 3388  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
20:49:03.0109 3388  C:\WINDOWS\system32\rastapi.dll - ok
20:49:03.0125 3388  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
20:49:03.0125 3388  C:\WINDOWS\system32\alg.exe - ok
20:49:03.0125 3388  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
20:49:03.0125 3388  C:\WINDOWS\system32\wbem\framedyn.dll - ok
20:49:03.0140 3388  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
20:49:03.0140 3388  C:\WINDOWS\system32\unimdm.tsp - ok
20:49:03.0140 3388  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
20:49:03.0140 3388  C:\WINDOWS\system32\uniplat.dll - ok
20:49:03.0156 3388  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
20:49:03.0156 3388  C:\WINDOWS\system32\licdll.dll - ok
20:49:03.0156 3388  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
20:49:03.0156 3388  C:\WINDOWS\system32\linkinfo.dll - ok
20:49:03.0171 3388  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
20:49:03.0171 3388  C:\WINDOWS\system32\ntshrui.dll - ok
20:49:03.0171 3388  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\91628589.sys
20:49:03.0171 3388  C:\WINDOWS\system32\drivers\91628589.sys - ok
20:49:03.0187 3388  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
20:49:03.0187 3388  C:\WINDOWS\system32\webcheck.dll - ok
20:49:03.0203 3388  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
20:49:03.0203 3388  C:\WINDOWS\system32\stobject.dll - ok
20:49:03.0203 3388  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
20:49:03.0203 3388  C:\WINDOWS\system32\batmeter.dll - ok
20:49:03.0218 3388  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
20:49:03.0218 3388  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
20:49:03.0218 3388  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
20:49:03.0218 3388  C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
20:49:03.0234 3388  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
20:49:03.0234 3388  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
20:49:03.0234 3388  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
20:49:03.0234 3388  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
20:49:03.0250 3388  [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe
20:49:03.0250 3388  C:\WINDOWS\SMINST\Recguard.exe - ok
20:49:03.0265 3388  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
20:49:03.0265 3388  C:\WINDOWS\system32\oledlg.dll - ok
20:49:03.0281 3388  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
20:49:03.0281 3388  C:\WINDOWS\system32\olepro32.dll - ok
20:49:03.0296 3388  [ C865B582DB1F7D42FE30ECB623805D46 ] C:\WINDOWS\system32\nwiz.exe
20:49:03.0296 3388  C:\WINDOWS\system32\nwiz.exe - ok
20:49:03.0312 3388  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
20:49:03.0312 3388  C:\Program Files\Microsoft Security Client\msseces.exe - ok
20:49:03.0375 3388  [ CCED25EE33B049512BCB8D406A21C9F4 ] C:\WINDOWS\system32\nvmctray.dll
20:49:03.0375 3388  C:\WINDOWS\system32\nvmctray.dll - ok
20:49:03.0390 3388  [ 842D0968906CA259EAA1700752D2D6D5 ] C:\WINDOWS\system32\nview.dll
20:49:03.0390 3388  C:\WINDOWS\system32\nview.dll - ok
20:49:03.0390 3388  [ 799D3B219B84CA5AB76CB13619389A73 ] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
20:49:03.0390 3388  C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe - ok
20:49:03.0406 3388  [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
20:49:03.0406 3388  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
20:49:03.0421 3388  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
20:49:03.0421 3388  C:\WINDOWS\system32\kmddsp.tsp - ok
20:49:03.0421 3388  [ 42DCC44CF5FA41100D7A5BE01D866180 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
20:49:03.0421 3388  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
20:49:03.0437 3388  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
20:49:03.0437 3388  C:\WINDOWS\system32\ndptsp.tsp - ok
20:49:03.0453 3388  [ 7AF5A466CF4AECA28E3DCBCF5B6FD220 ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
20:49:03.0453 3388  C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
20:49:03.0453 3388  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
20:49:03.0453 3388  C:\WINDOWS\system32\ipconf.tsp - ok
20:49:03.0468 3388  [ 66FCD568BF0797BE89085034C21D11CE ] C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
20:49:03.0468 3388  C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll - ok
20:49:03.0468 3388  [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Program Files\HTC\HTC Sync 3.0\MFC71u.dll
20:49:03.0468 3388  C:\Program Files\HTC\HTC Sync 3.0\MFC71u.dll - ok
20:49:03.0484 3388  [ E42247F2C6303C345AD5E133CDE6307E ] C:\WINDOWS\system32\nvwrseng.dll
20:49:03.0484 3388  C:\WINDOWS\system32\nvwrseng.dll - ok
20:49:03.0500 3388  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
20:49:03.0500 3388  C:\WINDOWS\system32\h323.tsp - ok
20:49:03.0500 3388  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\HTC\HTC Sync 3.0\msvcr71.dll
20:49:03.0500 3388  C:\Program Files\HTC\HTC Sync 3.0\msvcr71.dll - ok
20:49:03.0515 3388  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\HTC\HTC Sync 3.0\msvcp71.dll
20:49:03.0515 3388  C:\Program Files\HTC\HTC Sync 3.0\msvcp71.dll - ok
20:49:03.0515 3388  [ 7DEA54CE6051D36D6B56ADFD95467082 ] C:\Program Files\HTC\HTC Sync 3.0\UPCT_DB.dll
20:49:03.0515 3388  C:\Program Files\HTC\HTC Sync 3.0\UPCT_DB.dll - ok
20:49:03.0531 3388  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
20:49:03.0531 3388  C:\WINDOWS\system32\hidphone.tsp - ok
20:49:03.0546 3388  [ D6485A6F897C9A1FB036AF686804132A ] C:\WINDOWS\system32\nvwddi.dll
20:49:03.0546 3388  C:\WINDOWS\system32\nvwddi.dll - ok
20:49:03.0546 3388  [ 6515C8E7AA6787CD9672ECE6F9BB6C0A ] C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
20:49:03.0546 3388  C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll - ok
20:49:03.0562 3388  [ B8ED44B59233B1872AE4CC246C6BBFE2 ] C:\WINDOWS\system32\ftutil2.dll
20:49:03.0562 3388  C:\WINDOWS\system32\ftutil2.dll - ok
20:49:03.0578 3388  [ 3F5A73A49355241E5D9D5CF3EE14DBB8 ] C:\Program Files\HTC\HTC Sync 3.0\PIMAccess.dll
20:49:03.0578 3388  C:\Program Files\HTC\HTC Sync 3.0\PIMAccess.dll - ok
20:49:03.0578 3388  [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:49:03.0578 3388  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:49:03.0593 3388  [ 06CEEBD701C41782C884F17833D06706 ] C:\Program Files\HTC\HTC Sync 3.0\UpdateHelper.dll
20:49:03.0593 3388  C:\Program Files\HTC\HTC Sync 3.0\UpdateHelper.dll - ok
20:49:03.0609 3388  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
20:49:03.0609 3388  C:\WINDOWS\system32\ctfmon.exe - ok
20:49:03.0609 3388  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
20:49:03.0609 3388  C:\WINDOWS\system32\msftedit.dll - ok
20:49:03.0625 3388  [ 5DD84DF95D1177846B312F12CAC4ADDF ] C:\Program Files\Microsoft ActiveSync\wcescomm.exe
20:49:03.0625 3388  C:\Program Files\Microsoft ActiveSync\wcescomm.exe - ok
20:49:03.0625 3388  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
20:49:03.0625 3388  C:\WINDOWS\system32\rasppp.dll - ok
20:49:03.0640 3388  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
20:49:03.0640 3388  C:\WINDOWS\ime\sptip.dll - ok
20:49:03.0640 3388  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
20:49:03.0640 3388  C:\WINDOWS\system32\ntlsapi.dll - ok
20:49:03.0656 3388  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
20:49:03.0656 3388  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
20:49:03.0656 3388  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
20:49:03.0656 3388  C:\WINDOWS\system32\riched32.dll - ok
20:49:03.0671 3388  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:49:03.0671 3388  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:49:03.0687 3388  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
20:49:03.0687 3388  C:\WINDOWS\system32\rasqec.dll - ok
20:49:03.0687 3388  [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\WINDOWS\system32\MFC71ENU.DLL
20:49:03.0687 3388  C:\WINDOWS\system32\MFC71ENU.DLL - ok
20:49:03.0703 3388  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
20:49:03.0703 3388  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
20:49:03.0703 3388  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
20:49:03.0703 3388  C:\WINDOWS\system32\rasdlg.dll - ok
20:49:03.0718 3388  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
20:49:03.0718 3388  C:\WINDOWS\system32\mscoree.dll - ok
20:49:03.0734 3388  [ 556B4EF055F96EA974F931F497F85DB4 ] C:\WINDOWS\system32\ceutil.dll
20:49:03.0734 3388  C:\WINDOWS\system32\ceutil.dll - ok
20:49:03.0734 3388  [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\WINDOWS\system32\MSVCR71.DLL
20:49:03.0734 3388  C:\WINDOWS\system32\MSVCR71.DLL - ok
20:49:03.0750 3388  [ D119C7B389A2098712B8F5A9577C3E05 ] C:\WINDOWS\system32\rapi.dll
20:49:03.0750 3388  C:\WINDOWS\system32\rapi.dll - ok
20:49:03.0750 3388  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
20:49:03.0750 3388  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
20:49:03.0765 3388  [ 1E46E27E1400400CBD700864F6BF79E6 ] C:\Program Files\Microsoft ActiveSync\tcp2udp.dll
20:49:03.0765 3388  C:\Program Files\Microsoft ActiveSync\tcp2udp.dll - ok
20:49:03.0781 3388  [ 2E61C409474416CC78D66300F1BCB722 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
20:49:03.0781 3388  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll - ok
20:49:03.0781 3388  [ 8DF981C3CE92765D8DEC78B85777B50B ] C:\PROGRA~1\MI3AA1~1\rapimgr.exe
20:49:03.0781 3388  C:\PROGRA~1\MI3AA1~1\rapimgr.exe - ok
20:49:03.0796 3388  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\PROGRA~1\MI3AA1~1\msvcp71.dll
20:49:03.0796 3388  C:\PROGRA~1\MI3AA1~1\msvcp71.dll - ok
20:49:03.0796 3388  [ 1C4D0F52B4238B9388F2A28DD0903588 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
20:49:03.0796 3388  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll - ok
20:49:03.0812 3388  [ 51201F338ABCB964F79BE0FAB97D4941 ] C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
20:49:03.0812 3388  C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll - ok
20:49:03.0828 3388  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
20:49:03.0828 3388  C:\WINDOWS\system32\perfos.dll - ok
20:49:03.0828 3388  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
20:49:03.0828 3388  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
20:49:03.0843 3388  [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
20:49:03.0843 3388  C:\WINDOWS\system32\pschdprf.dll - ok
20:49:03.0843 3388  [ ED6DB7A5998BF5ECF84D6744BEEFD0DC ] C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
20:49:03.0843 3388  C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll - ok
20:49:03.0859 3388  [ 398124F4F26AC33C6E21603C77F7AF03 ] C:\Program Files\Microsoft ActiveSync\dtptdns.dll
20:49:03.0859 3388  C:\Program Files\Microsoft ActiveSync\dtptdns.dll - ok
20:49:03.0875 3388  [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
20:49:03.0875 3388  C:\WINDOWS\system32\traffic.dll - ok
20:49:03.0875 3388  [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll
20:49:03.0875 3388  C:\WINDOWS\system32\rasctrs.dll - ok
20:49:03.0890 3388  [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
20:49:03.0890 3388  C:\WINDOWS\system32\rsvpperf.dll - ok
20:49:03.0890 3388  [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
20:49:03.0890 3388  C:\WINDOWS\system32\tapiperf.dll - ok
20:49:03.0906 3388  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
20:49:03.0906 3388  C:\WINDOWS\system32\perfdisk.dll - ok
20:49:03.0906 3388  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
20:49:03.0906 3388  C:\WINDOWS\system32\security.dll - ok
20:49:03.0921 3388  [ 8BFAE48174B91C3B4EAD45F8497693EF ] C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
20:49:03.0921 3388  C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll - ok
20:49:03.0921 3388  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
20:49:03.0921 3388  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
20:49:03.0937 3388  [ 03A059C00E53D2CEE57ED9F13E8F06BF ] C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
20:49:03.0937 3388  C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll - ok
20:49:03.0953 3388  [ B1609DCD4CFD1BC66DE4B1FA9FDA7FB4 ] C:\Program Files\HTC\HTC Sync 3.0\AutoplayControl.dll
20:49:03.0953 3388  C:\Program Files\HTC\HTC Sync 3.0\AutoplayControl.dll - ok
20:49:03.0953 3388  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
20:49:03.0953 3388  C:\WINDOWS\system32\drprov.dll - ok
20:49:03.0968 3388  ============================================================
20:49:03.0968 3388  Scan finished
20:49:03.0968 3388  ============================================================
20:49:03.0984 3380  Detected object count: 0
20:49:03.0984 3380  Actual detected object count: 0
09:14:52.0234 1084  Deinitialize success
 



#8 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 04 March 2013 - 05:21 AM

aswMBR:-

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-03 20:56:49
-----------------------------
20:56:49.156    OS Version: Windows 5.1.2600 Service Pack 3
20:56:49.156    Number of processors: 1 586 0x2F02
20:56:49.156    ComputerName: YOUR-C94F920E24  UserName: Compaq_Owner
20:56:51.000    Initialize success
21:12:30.703    AVAST engine defs: 13030301
21:19:18.859    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12
21:19:18.859    Disk 0 Vendor: HDS728080PLAT20 PF2OA28A Size: 76319MB BusType: 3
21:19:18.875    Disk 0 MBR read successfully
21:19:18.875    Disk 0 MBR scan
21:19:20.593    Disk 0 unknown MBR code
21:19:20.625    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        70747 MB offset 63
21:19:22.234    Disk 0 Partition 2 00     0C    FAT32 LBA RECOVERY     5561 MB offset 144906300
21:19:22.687    Disk 0 scanning sectors +156296385
21:19:23.468    Disk 0 scanning C:\WINDOWS\system32\drivers
21:19:58.984    Service scanning
21:20:58.078    Modules scanning
21:21:25.515    Disk 0 trace - called modules:
21:21:25.531    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:21:25.546    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83d89ab8]
21:21:25.562    3 CLASSPNP.SYS[f8666fd7] -> nt!IofCallDriver -> \Device\00000067[0x83de6978]
21:21:25.562    5 ACPI.sys[f84cf620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-12[0x83de7798]
21:21:26.937    AVAST engine scan C:\WINDOWS
21:21:36.218    AVAST engine scan C:\WINDOWS\system32
21:27:07.796    AVAST engine scan C:\WINDOWS\system32\drivers
21:27:28.218    AVAST engine scan C:\Documents and Settings\Compaq_Owner
21:37:20.593    AVAST engine scan C:\Documents and Settings\All Users
21:39:40.421    Scan finished successfully
06:03:08.187    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
06:03:08.203    The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.txt"


 


 



#9 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 04 March 2013 - 05:22 AM

ESET:-

 

C:\Documents and Settings\Compaq_Owner\My Documents\aint no pleasing you in c.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\My Documents\gimp-setup.exe multiple threats cleaned by deleting - quarantined
C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL Win32/Toolbar.AskSBar application cleaned by deleting (after the next restart) - quarantined
C:\TDSSKiller_Quarantine\02.03.2013_18.17.35\tdlfs0000\tsk0006.dta Win64/Olmarik.G trojan cleaned by deleting - quarantined

 

this ones shows quite a few issues :o 
 



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:04 AM

Posted 04 March 2013 - 09:18 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#11 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 05 March 2013 - 03:01 AM

Mbam Malwarebytes results:-

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org


 

Database version: v2013.03.05.06


 

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Compaq_Owner :: YOUR-C94F920E24 [administrator]


 

05/03/2013 07:19:31
mbam-log-2013-03-05 (07-19-31).txt


 

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246845
Time elapsed: 27 minute(s), 33 second(s)


 

Memory Processes Detected: 0
(No malicious items detected)


 

Memory Modules Detected: 0
(No malicious items detected)


 

Registry Keys Detected: 0
(No malicious items detected)


 

Registry Values Detected: 0
(No malicious items detected)


 

Registry Data Items Detected: 0
(No malicious items detected)


 

Folders Detected: 0
(No malicious items detected)


 

Files Detected: 0
(No malicious items detected)


 

(end)



FSS scanner results:-

 

Farbar Service Scanner Version: 03-03-2013
Ran by Compaq_Owner (administrator) on 05-03-2013 at 07:59:07
Running from "C:\Documents and Settings\Compaq_Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============


 

Windows Update:
============


 

Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2004-08-04 04:00] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 04:00] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


 


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.


 

**** End of log ****



#12 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 05 March 2013 - 03:03 AM

FSS scanner resuls:-

 

Farbar Service Scanner Version: 03-03-2013
Ran by Compaq_Owner (administrator) on 05-03-2013 at 07:59:07
Running from "C:\Documents and Settings\Compaq_Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************


 

Internet Services:
============


 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


 


Windows Firewall:
=============


 

Firewall Disabled Policy:
==================


 


System Restore:
============


 

System Restore Disabled Policy:
========================


 


Security Center:
============


 

Windows Update:
============


 

Windows Autoupdate Disabled Policy:
============================


 


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2004-08-04 04:00] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A


 

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 04:00] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


 


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.


 

**** End of log ****



#13 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 05 March 2013 - 03:32 AM

JRT scan results:-

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.8 (03.04.2013:1)
OS: Microsoft Windows XP x86
Ran by Compaq_Owner on 05/03/2013 at  8:16:35.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 

 


 


~~~ Services


 

 


 

~~~ Registry Values


 

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2383916446-1659111290-1208850112-1008\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL


 

 


 

~~~ Registry Keys


 

Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Failed to delete: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}


 

 


 

~~~ Files


 

 


 

~~~ Folders


 

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pc optimizer pro"


 

 


 

 


 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2013 at  8:25:23.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#14 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 05 March 2013 - 03:43 AM

mini tool box:-

 

MiniToolBox by Farbar  Version:01-03-2013
Ran by Compaq_Owner (administrator) on 05-03-2013 at 08:42:21
Running from "C:\Documents and Settings\Compaq_Owner\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows IP Configuration


 

 


 

Successfully flushed the DNS Resolver Cache.


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 


127.0.0.1       localhost


 

========================= IP Configuration: ================================


 

1394 Net Adapter = 1394 Connection (Connected)
Belkin High-Speed Mode Wireless G USB Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)


 


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


 


# Interface IP Configuration for "Local Area Connection"


 

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


 

# Interface IP Configuration for "Wireless Network Connection"


 

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


 


popd
# End of interface IP configuration


 

 


 


Windows IP Configuration


 

 


 

        Host Name . . . . . . . . . . . . : your-c94f920e24


 

        Primary Dns Suffix  . . . . . . . :


 

        Node Type . . . . . . . . . . . . : Broadcast


 

        IP Routing Enabled. . . . . . . . : No


 

        WINS Proxy Enabled. . . . . . . . : No


 

        DNS Suffix Search List. . . . . . : gateway.2wire.net


 

 


 

Ethernet adapter Local Area Connection:


 

 


 

        Media State . . . . . . . . . . . : Media disconnected


 

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC


 

        Physical Address. . . . . . . . . : 00-17-31-DA-6B-11


 

 


 

Ethernet adapter Wireless Network Connection:


 

 


 

        Connection-specific DNS Suffix  . : gateway.2wire.net


 

        Description . . . . . . . . . . . : Belkin High-Speed Mode Wireless G USB Network Adapter


 

        Physical Address. . . . . . . . . : 00-11-50-C6-07-ED


 

        Dhcp Enabled. . . . . . . . . . . : Yes


 

        Autoconfiguration Enabled . . . . : Yes


 

        IP Address. . . . . . . . . . . . : 192.168.1.65


 

        Subnet Mask . . . . . . . . . . . : 255.255.255.0


 

        Default Gateway . . . . . . . . . : 192.168.1.254


 

        DHCP Server . . . . . . . . . . . : 192.168.1.254


 

        DNS Servers . . . . . . . . . . . : 192.168.1.254


 

        Lease Obtained. . . . . . . . . . : 05 March 2013 08:07:52


 

        Lease Expires . . . . . . . . . . : 06 March 2013 08:07:52


 

Server:  homeportal
Address:  192.168.1.254


 

Name:    google.com
Addresses:  173.194.34.68, 173.194.34.65, 173.194.34.73, 173.194.34.69
   173.194.34.72, 173.194.34.66, 173.194.34.70, 173.194.34.71, 173.194.34.64
   173.194.34.67, 173.194.34.78


 

 


 

Pinging google.com [173.194.34.73] with 32 bytes of data:


 

 


 

Reply from 173.194.34.73: bytes=32 time=43ms TTL=43


 

Reply from 173.194.34.73: bytes=32 time=42ms TTL=44


 

 


 

Ping statistics for 173.194.34.73:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 42ms, Maximum = 43ms, Average = 42ms


 

Server:  homeportal
Address:  192.168.1.254


 

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24


 

 


 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:


 

 


 

Reply from 98.138.253.109: bytes=32 time=203ms TTL=43


 

Reply from 98.138.253.109: bytes=32 time=231ms TTL=44


 

 


 

Ping statistics for 98.138.253.109:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 203ms, Maximum = 231ms, Average = 217ms


 

 


 

Pinging 127.0.0.1 with 32 bytes of data:


 

 


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

 


 

Ping statistics for 127.0.0.1:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 17 31 da 6b 11 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x10004 ...00 11 50 c6 07 ed ...... Belkin High-Speed Mode Wireless G USB Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.65   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0     192.168.1.65    192.168.1.65   25
     192.168.1.65  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255     192.168.1.65    192.168.1.65   25
        224.0.0.0        240.0.0.0     192.168.1.65    192.168.1.65   25
  255.255.255.255  255.255.255.255     192.168.1.65               2   1
  255.255.255.255  255.255.255.255     192.168.1.65    192.168.1.65   1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (03/05/2013 08:13:34 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 

Error: (03/05/2013 06:56:28 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/05/2013 06:56:26 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/04/2013 09:13:43 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/03/2013 08:53:30 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 

Error: (03/03/2013 08:11:26 PM) (Source: MsiInstaller) (User: YOUR-C94F920E24)
Description: Product: Adobe Reader 9.5.2 -- Error 1704.An installation for Rapport is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?


 

Error: (03/03/2013 05:22:46 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/03/2013 05:22:45 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/03/2013 11:14:42 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (03/03/2013 08:42:50 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9203.0, P5 fixed, P6 1 _ 512, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


 


System errors:
=============
Error: (03/05/2013 08:08:03 AM) (Source: Service Control Manager) (User: )
Description: The Rapport Management Service service failed to start due to the following error:
%%14001


 

Error: (03/05/2013 08:07:42 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe.
Reference error message: The operation completed successfully.
.


 

Error: (03/05/2013 08:07:42 AM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Trusteer.FoundationLib.
Reference error message: The referenced assembly is not installed on your system.
.


 

Error: (03/05/2013 08:07:42 AM) (Source: SideBySide) (User: )
Description: Dependent Assembly Trusteer.FoundationLib could not be found and Last Error was The referenced assembly is not installed on your system.


 

Error: (03/05/2013 07:52:41 AM) (Source: Service Control Manager) (User: )
Description: The Rapport Management Service service failed to start due to the following error:
%%14001


 

Error: (03/05/2013 07:52:07 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe.
Reference error message: The operation completed successfully.
.


 

Error: (03/05/2013 07:52:07 AM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Trusteer.FoundationLib.
Reference error message: The referenced assembly is not installed on your system.
.


 

Error: (03/05/2013 07:52:07 AM) (Source: SideBySide) (User: )
Description: Dependent Assembly Trusteer.FoundationLib could not be found and Last Error was The referenced assembly is not installed on your system.


 

Error: (03/05/2013 07:48:44 AM) (Source: Service Control Manager) (User: )
Description: The SeaPort service terminated unexpectedly.  It has done this 1 time(s).


 

Error: (03/05/2013 07:48:44 AM) (Source: Service Control Manager) (User: )
Description: The RealNetworks Downloader Resolver Service service terminated unexpectedly.  It has done this 1 time(s).


 


Microsoft Office Sessions:
=========================
Error: (03/05/2013 08:13:34 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.2.223.0unspecifiedunspecifiedunspecifiedNILNILNIL


 

Error: (03/05/2013 06:56:28 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/05/2013 06:56:26 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/04/2013 09:13:43 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/03/2013 08:53:30 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.2.223.0unspecifiedunspecifiedunspecifiedNILNILNIL


 

Error: (03/03/2013 08:11:26 PM) (Source: MsiInstaller)(User: YOUR-C94F920E24)
Description: Product: Adobe Reader 9.5.2 -- Error 1704.An installation for Rapport is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)


 

Error: (03/03/2013 05:22:46 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/03/2013 05:22:45 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/03/2013 11:14:42 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


 

Error: (03/03/2013 08:42:50 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.2.223.0timeout1.1.9203.0fixed1 _ 5125 _ not bootNILNILNIL


 


=========================== Installed Programs ============================


 

175
32 Bit HP CIO Components Installer (Version: 1.0.0)
Acrobat.com (Version: 0.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
AIO_Scan (Version: 90.0.200.000)
Apple Software Update (Version: 2.1.1.116)
Belkin  High-Speed Mode Wireless G USB Network Adapter
BTBusinessHub
BufferChm (Version: 90.0.146.000)
Call of Duty® - World at War™ 1.1 Patch
CCleaner (Version: 3.07)
Copy (Version: 90.0.146.000)
CP_AtenaShokunin1Config (Version: 60.0.155.000)
CP_CalendarTemplates1 (Version: 60.0.155.000)
cp_LightScribeConfig (Version: 60.0.155.000)
cp_OnlineProjectsConfig (Version: 60.0.155.000)
CP_Package_Basic1 (Version: 60.0.155.000)
CP_Package_Variety1 (Version: 60.0.155.000)
CP_Package_Variety2 (Version: 60.0.155.000)
CP_Package_Variety3 (Version: 60.0.155.000)
CP_Panorama1Config (Version: 60.0.155.000)
cp_PosterPrintConfig (Version: 60.0.155.000)
cp_UpdateProjectsConfig (Version: 60.0.155.000)
Critical Update for Windows Media Player 11 (KB959772)
CueTour (Version: 60.0.155.000)
CustomerResearchQFolder (Version: 1.00.0000)
Defraggler (Version: 1.21)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 90.0.146.000)
DJ_AIO_ProductContext (Version: 90.0.201.000)
DJ_AIO_Software (Version: 90.0.200.000)
DJ_AIO_Software_min (Version: 90.0.200.000)
EPSON Printer Software
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
F4100 (Version: 90.0.200.000)
F4100_doccd (Version: 90.0.200.000)
F4100_Help (Version: 90.0.200.000)
FullDPAppQFolder (Version: 1.00.0000)
Google Earth (Version: 5.0.11729.1014)
Google Earth (Version: 5.0.11733.9347)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
GoToAssist Corporate (Version: 9.0.570)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Boot Optimizer (Version: 2.0.5.1)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Deskjet All-In-One Software 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Photosmart Premier Software 6.0 (Version: 6.0)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.006.002)
HPProductAssistant (Version: 90.0.146.000)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSSupply (Version: 2.2.0.0000)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HTC Sync (Version: 3.2.20)
InstantShareDevices (Version: 60.0.155.000)
Jane's Combat Simulations WWII Fighters Demo
Junk Mail filter update (Version: 14.0.8089.726)
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft ActiveSync 4.0 (Version: 4.2.4876.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003 (Version: 11.0.8173.0)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.04.0623)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NVIDIA Drivers
OptionalContentQFolder (Version: 1.00.0000)
PC Connectivity Solution (Version: 6.43.14.0)
PhotoGallery (Version: 60.0.155.000)
Pocket RAR documentation
PS2
PSSWCORE (Version: 2.01.0000)
RandMap (Version: 60.0.155.000)
Rapport (Version: 3.5.1205.15)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.44)
Scan (Version: 9.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Sibelius Scorch (ActiveX Only) (Version: 6.2.0)
SkinsHP1 (Version: 60.0.155.000)
SolutionCenter (Version: 90.0.146.000)
Sonic RecordNow Data (Version: 2.0.4)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 60.0.155.000)
Sony Picture Utility (Version: 2.0.05.13150)
Sony USB Driver (Version: 2.00)
Status (Version: 90.0.146.000)
TEFView 2.71
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
Unload (Version: 6.0.0)
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Service (Version: 2.9.9.17)
VideoToolkit01 (Version: 90.0.146.000)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 90.0.146.000)
Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1) (Version: 03/19/2007 6.83.31.1)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live OneCare safety scanner
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB894476
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinISD beta


 


========================= Devices: ================================


 

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


 

Name: TSSTcorp CD/DVDW TS-H552D
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows successfully loaded the device driver for this hardware but cannot find the hardware device. (Code 41)
Resolution: A driver was loaded but Windows cannot find the device. This happens when Windows does not detect a non-Plug and Play device.
If the device was removed, uninstall the driver, install the device, and then click "Scan for hardware changes" to reinstall the driver. If the hardware was not removed, obtain a new or updated driver for the device.
If the device is a non-Plug and Play device, a newer version of the driver might be needed. To install non-Plug and Play devices, use the Add Hardware wizard.
Click "Performance and Maintenance" on "Control Panel", click "System", and on the "Hardware" tab, click "Add Hardware Wizard".


 

Name: Nokia N95 8GB
Description: Nokia Windows Portable Device Driver
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


 

Name: Nokia N95 8GB
Description: Nokia N95 8GB
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


 


========================= Memory info: ===================================


 

Percentage of memory in use: 67%
Total physical RAM: 510.48 MB
Available physical RAM: 164.47 MB
Total Pagefile: 1148.68 MB
Available Pagefile: 551.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.09 MB


 

========================= Partitions: =====================================


 

1 Drive c: (PRESARIO) (Fixed) (Total:69.09 GB) (Free:33.53 GB) NTFS
2 Drive d: (PRESARIO_RP) (Fixed) (Total:5.42 GB) (Free:0.53 GB) FAT32


 

========================= Users: ========================================


 

User accounts for \\YOUR-C94F920E24


 

Administrator            Compaq_Owner             Guest                   
HelpAssistant            SUPPORT_388945a0         SUPPORT_fddfa904        


 


**** End of log ****



#15 fourelms

fourelms
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 05 March 2013 - 03:49 AM

rkill scan results:-

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


 

Program started at: 03/05/2013 08:47:36 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3


 

Checking for Windows services to stop:


 

 * No malware services found to stop.


 

Checking for processes to terminate:


 

 * c:\windows\system\hpsysdrv.exe (PID: 1868) [WD-HEUR]


 

1 proccess terminated!


 

Checking Registry for malware related settings:


 

 * No issues found in the Registry.


 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


 

Performing miscellaneous checks:


 

 * Windows Firewall Disabled


 

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000


 

Checking Windows Service Integrity:


 

 * MSDTC [Missing Service]


 

Searching for Missing Digital Signatures:


 

 * No issues found.


 

Checking HOSTS File:


 

 * HOSTS file entries found:


 

  127.0.0.1       localhost


 

Program finished at: 03/05/2013 08:49:12 AM
Execution time: 0 hours(s), 1 minute(s), and 35 seconds(s)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users