Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zeroaccess infection?


  • Please log in to reply
23 replies to this topic

#1 tuskerknee

tuskerknee

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 09:19 AM

Hi All,

 

my Windows XP computer is very slow to load. Sometimes it takes 35 minutes to become useable. I've deleted everything I can and used Regcure to get rid of stuff I don't need, but the computer is still very slow.

 

I'm running BT Netprotect (McAfee) firewall and antivirus.

 

If I run McAfee RootKit Remover it tells me that a ZeroAccess trojan has been detected, identifies and fixes two registry keys with InprocServer32, with a malicious file at C:\windows\system32\wbem\fastprox.dll which will be deleted at startup.

 

It instructs me to restart and run a full McAfee scan. I've done this several times, but the computer is still slow to start and the hard drive pulses.

 

The full McAfee scan completes with no malicious files found. I've run McAfee Stinger, Kaspersky TDSS rootkit removal tool, MalwareBytes, and MalwareBytes Rootkit Removal tool. None of these finds any infection. But still the McAfee Rootkit Remover reports the ZeroAccess infection.

 

I don't want to reinstall windows because I'll lose all my other programs. Can you help?

 

All Best,

 

Chris Nolan

 

 

 

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 03 March 2013 - 09:22 AM

    

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 09:47 AM

Thanks for the ultra-quick response.

 

This may take some time because of the rebooting - but here goes:

 

Here's the TDSS report:

 

14:42:31.0620 2052  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:42:32.0361 2052  ============================================================
14:42:32.0361 2052  Current date / time: 2013/03/03 14:42:32.0361
14:42:32.0361 2052  SystemInfo:
14:42:32.0361 2052  
14:42:32.0361 2052  OS Version: 5.1.2600 ServicePack: 3.0
14:42:32.0361 2052  Product type: Workstation
14:42:32.0361 2052  ComputerName: CHRISSIELAPTOP
14:42:32.0361 2052  UserName: Chris
14:42:32.0361 2052  Windows directory: C:\WINDOWS
14:42:32.0361 2052  System windows directory: C:\WINDOWS
14:42:32.0361 2052  Processor architecture: Intel x86
14:42:32.0361 2052  Number of processors: 1
14:42:32.0361 2052  Page size: 0x1000
14:42:32.0361 2052  Boot type: Normal boot
14:42:32.0361 2052  ============================================================
14:42:36.0357 2052  BG loaded
14:42:36.0968 2052  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:42:37.0058 2052  Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:42:37.0098 2052  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
14:42:43.0056 2052  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:42:43.0056 2052  ============================================================
14:42:43.0056 2052  \Device\Harddisk1\DR1:
14:42:43.0056 2052  MBR partitions:
14:42:43.0056 2052  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x65, BlocksNum 0x79F9B
14:42:43.0056 2052  \Device\Harddisk0\DR0:
14:42:44.0078 2052  MBR partitions:
14:42:44.0078 2052  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0x44DA00E
14:42:44.0078 2052  \Device\Harddisk1\DR1:
14:42:44.0088 2052  MBR partitions:
14:42:44.0088 2052  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x65, BlocksNum 0x79F9B
14:42:44.0088 2052  ============================================================
14:42:44.0478 2052  C: <-> \Device\Harddisk0\DR0\Partition1
14:42:44.0478 2052  ============================================================
14:42:44.0478 2052  Initialize success
14:42:44.0478 2052  ============================================================
14:44:03.0312 2552  Deinitialize success
 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 03 March 2013 - 09:56 AM

For TDSSkiller log,post the last few lines of log alone.



#5 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 10:11 AM

Here's the aswMBR log:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-03 14:49:53
-----------------------------
14:49:53.866    OS Version: Windows 5.1.2600 Service Pack 3
14:49:53.866    Number of processors: 1 586 0x209
14:49:53.866    ComputerName: CHRISSIELAPTOP  UserName: Chris
14:49:58.282    Initialize success
14:53:05.992    AVAST engine defs: 13030300
14:55:53.703    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
14:55:53.703    Disk 0 Vendor: TOSHIBA_MK4026GAX PA102D Size: 38154MB BusType: 3
14:55:53.723    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-19
14:55:53.723    Disk 1 Vendor: 4in1_Adapter verF2.13 Size: 244MB BusType: 3
14:55:53.783    Disk 0 MBR read successfully
14:55:53.783    Disk 0 MBR scan
14:55:53.843    Disk 0 Windows XP default MBR code
14:55:53.843    Disk 0 Partition 1 00     DE Dell Utility Dell 4.1       78 MB offset 63
14:55:53.874    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        35252 MB offset 160650
14:55:53.914    Disk 0 Partition 3 00     DB  CP/M / CTOS MSWIN4.1     2816 MB offset 72356760
14:55:53.924    Disk 0 scanning sectors +78124095
14:55:53.984    Disk 0 scanning C:\WINDOWS\system32\drivers
14:56:13.982    Service scanning
14:56:42.834    Modules scanning
14:56:50.595    Disk 0 trace - called modules:
14:56:50.615    ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
14:56:50.625    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aa38ab8]
14:56:50.625    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8aa39d98]
14:56:51.136    AVAST engine scan C:\WINDOWS
14:57:04.765    AVAST engine scan C:\WINDOWS\system32
15:01:22.927    AVAST engine scan C:\WINDOWS\system32\drivers
15:01:46.701    AVAST engine scan C:\Documents and Settings\Chris
15:04:15.285    AVAST engine scan C:\Documents and Settings\All Users
15:07:37.906    Scan finished successfully
15:08:58.752    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Chris\My Documents\Anti-malware\MBR.dat"
15:08:58.762    The log file has been saved successfully to "C:\Documents and Settings\Chris\My Documents\Anti-malware\aswMBR.txt"

 



#6 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 10:15 AM

Hi narenxp,

 

I've posted the whole of the TDSSKiller log. Should there be more?



Also, should I click on the Fix MBR button in aswMBR?



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 03 March 2013 - 10:17 AM

You didnot post the entire log.Copy and paste the last few lines of the log.

 

Do not click on FIXMBR


Edited by narenxp, 03 March 2013 - 10:17 AM.


#8 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 11:12 AM

sorry narenxp, here's a full TDSSKiller log -  I'm not sure how much to copy.

 

14:28:19.0765 2040  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:28:21.0067 2040  ============================================================
14:28:21.0067 2040  Current date / time: 2013/03/03 14:28:21.0067
14:28:21.0067 2040  SystemInfo:
14:28:21.0067 2040  
14:28:21.0067 2040  OS Version: 5.1.2600 ServicePack: 3.0
14:28:21.0067 2040  Product type: Workstation
14:28:21.0067 2040  ComputerName: CHRISSIELAPTOP
14:28:21.0067 2040  UserName: Chris
14:28:21.0087 2040  Windows directory: C:\WINDOWS
14:28:21.0087 2040  System windows directory: C:\WINDOWS
14:28:21.0087 2040  Processor architecture: Intel x86
14:28:21.0087 2040  Number of processors: 1
14:28:21.0087 2040  Page size: 0x1000
14:28:21.0087 2040  Boot type: Normal boot
14:28:21.0087 2040  ============================================================
14:28:29.0399 2040  BG loaded
14:28:31.0362 2040  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:28:31.0402 2040  Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:28:31.0442 2040  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
14:28:36.0850 2040  Drive \Device\Harddisk1\DR1 - Size: 0xF400000 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:28:36.0860 2040  ============================================================
14:28:36.0860 2040  \Device\Harddisk1\DR1:
14:28:36.0860 2040  MBR partitions:
14:28:36.0860 2040  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x65, BlocksNum 0x79F9B
14:28:36.0860 2040  \Device\Harddisk0\DR0:
14:28:37.0150 2040  MBR partitions:
14:28:37.0150 2040  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0x44DA00E
14:28:37.0150 2040  \Device\Harddisk1\DR1:
14:28:37.0150 2040  MBR partitions:
14:28:37.0150 2040  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x65, BlocksNum 0x79F9B
14:28:37.0150 2040  ============================================================
14:28:37.0410 2040  C: <-> \Device\Harddisk0\DR0\Partition1
14:28:37.0410 2040  ============================================================
14:28:37.0410 2040  Initialize success
14:28:37.0410 2040  ============================================================
14:30:01.0391 0376  ============================================================
14:30:01.0391 0376  Scan started
14:30:01.0391 0376  Mode: Manual; TDLFS;
14:30:01.0391 0376  ============================================================
14:30:10.0564 0376  ================ Scan system memory ========================
14:30:10.0564 0376  System memory - ok
14:30:10.0574 0376  ================ Scan services =============================
14:30:11.0255 0376  Abiosdsk - ok
14:30:11.0275 0376  abp480n5 - ok
14:30:11.0436 0376  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:30:11.0506 0376  ACPI - ok
14:30:11.0566 0376  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
14:30:11.0586 0376  ACPIEC - ok
14:30:11.0606 0376  adpu160m - ok
14:30:12.0067 0376  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:30:12.0097 0376  aec - ok
14:30:12.0157 0376  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:30:12.0167 0376  AFD - ok
14:30:12.0187 0376  Aha154x - ok
14:30:12.0207 0376  aic78u2 - ok
14:30:12.0247 0376  aic78xx - ok
14:30:12.0297 0376  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:30:12.0367 0376  Alerter - ok
14:30:12.0427 0376  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
14:30:12.0477 0376  ALG - ok
14:30:12.0507 0376  AliIde - ok
14:30:12.0517 0376  amsint - ok
14:30:12.0617 0376  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
14:30:12.0657 0376  APPDRV - ok
14:30:12.0677 0376  AppMgmt - ok
14:30:12.0697 0376  asc - ok
14:30:12.0717 0376  asc3350p - ok
14:30:12.0737 0376  asc3550 - ok
14:30:13.0539 0376  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:30:13.0929 0376  aspnet_state - ok
14:30:14.0400 0376  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:30:14.0450 0376  AsyncMac - ok
14:30:14.0600 0376  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:30:14.0600 0376  atapi - ok
14:30:14.0610 0376  Atdisk - ok
14:30:14.0710 0376  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:30:14.0750 0376  Atmarpc - ok
14:30:14.0961 0376  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:30:14.0971 0376  AudioSrv - ok
14:30:15.0101 0376  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:30:15.0121 0376  audstub - ok
14:30:15.0321 0376  [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:30:15.0331 0376  BCM43XX - ok
14:30:15.0511 0376  [ E727776A56A51B7E6B7C87C02EA8B405 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
14:30:15.0511 0376  bcm4sbxp - ok
14:30:15.0692 0376  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:30:15.0712 0376  Beep - ok
14:30:15.0912 0376  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:30:16.0062 0376  BITS - ok
14:30:16.0283 0376  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
14:30:16.0283 0376  Browser - ok
14:30:16.0313 0376  btkrnl - ok
14:30:17.0494 0376  catchme - ok
14:30:17.0655 0376  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:30:17.0705 0376  cbidf2k - ok
14:30:17.0755 0376  [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:30:17.0775 0376  CCDECODE - ok
14:30:17.0815 0376  cd20xrnt - ok
14:30:17.0985 0376  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:30:18.0015 0376  Cdaudio - ok
14:30:18.0095 0376  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:30:18.0125 0376  Cdfs - ok
14:30:18.0145 0376  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:30:18.0215 0376  Cdrom - ok
14:30:18.0295 0376  [ 57479E5BF0B7B97112354E5ECA8EEFB1 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
14:30:18.0346 0376  cfwids - ok
14:30:18.0356 0376  Changer - ok
14:30:18.0436 0376  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:30:18.0466 0376  CiSvc - ok
14:30:18.0706 0376  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:30:18.0746 0376  ClipSrv - ok
14:30:18.0996 0376  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:30:19.0577 0376  clr_optimization_v2.0.50727_32 - ok
14:30:19.0768 0376  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:30:19.0818 0376  CmBatt - ok
14:30:19.0868 0376  CmdIde - ok
14:30:20.0028 0376  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:30:20.0058 0376  Compbatt - ok
14:30:20.0078 0376  COMSysApp - ok
14:30:20.0128 0376  Cpqarray - ok
14:30:20.0268 0376  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:30:20.0288 0376  CryptSvc - ok
14:30:20.0308 0376  dac2w2k - ok
14:30:20.0328 0376  dac960nt - ok
14:30:20.0669 0376  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:30:20.0719 0376  DcomLaunch - ok
14:30:20.0949 0376  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:30:20.0969 0376  Dhcp - ok
14:30:21.0019 0376  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:30:21.0090 0376  Disk - ok
14:30:21.0120 0376  dmadmin - ok
14:30:21.0320 0376  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:30:21.0440 0376  dmboot - ok
14:30:21.0550 0376  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:30:21.0620 0376  dmio - ok
14:30:21.0700 0376  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:30:21.0760 0376  dmload - ok
14:30:22.0201 0376  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:30:22.0261 0376  dmserver - ok
14:30:22.0301 0376  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:30:22.0351 0376  DMusic - ok
14:30:22.0471 0376  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:30:22.0482 0376  Dnscache - ok
14:30:22.0572 0376  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:30:22.0652 0376  Dot3svc - ok
14:30:22.0662 0376  dpti2o - ok
14:30:22.0732 0376  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:30:22.0762 0376  drmkaud - ok
14:30:22.0822 0376  [ B15F9E526BA511A48B1B1B8537815740 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
14:30:22.0892 0376  drvmcdb - ok
14:30:22.0962 0376  [ FA4670CAE95AE2BB857C68E535661145 ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
14:30:22.0992 0376  drvnddm - ok
14:30:23.0032 0376  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:30:23.0102 0376  EapHost - ok
14:30:23.0373 0376  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:30:23.0383 0376  ERSvc - ok
14:30:23.0773 0376  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
14:30:23.0773 0376  Eventlog - ok
14:30:23.0954 0376  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
14:30:23.0964 0376  EventSystem - ok
14:30:24.0014 0376  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:30:24.0104 0376  Fastfat - ok
14:30:24.0244 0376  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:30:24.0254 0376  FastUserSwitchingCompatibility - ok
14:30:24.0294 0376  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
14:30:24.0314 0376  Fdc - ok
14:30:24.0414 0376  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:30:24.0484 0376  Fips - ok
14:30:24.0524 0376  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
14:30:24.0544 0376  Flpydisk - ok
14:30:26.0738 0376  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:30:26.0798 0376  FltMgr - ok
14:30:27.0108 0376  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:30:27.0178 0376  FontCache3.0.0.0 - ok
14:30:27.0228 0376  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:30:27.0258 0376  Fs_Rec - ok
14:30:27.0369 0376  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:30:27.0409 0376  Ftdisk - ok
14:30:27.0739 0376  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:30:27.0779 0376  Gpc - ok
14:30:27.0979 0376  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:30:27.0999 0376  helpsvc - ok
14:30:28.0019 0376  HidServ - ok
14:30:28.0190 0376  [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
14:30:28.0230 0376  HipShieldK - ok
14:30:28.0300 0376  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:30:28.0340 0376  hkmsvc - ok
14:30:28.0360 0376  hpdj3600 - ok
14:30:28.0390 0376  hpn - ok
14:30:28.0550 0376  [ A84BBBDD125D370593004F6429F8445C ] HSFHWICH        C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
14:30:28.0600 0376  HSFHWICH - ok
14:30:29.0642 0376  [ 9A0D0C461EF2B3D80CB7875B4B995E47 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
14:30:29.0722 0376  HSF_DP - ok
14:30:30.0082 0376  [ B678FA91CF4A1C19B462D8DB04CD02AB ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
14:30:30.0163 0376  HSF_DPV - ok
14:30:30.0403 0376  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:30:30.0413 0376  HTTP - ok
14:30:30.0603 0376  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:30:30.0653 0376  HTTPFilter - ok
14:30:30.0673 0376  i2omgmt - ok
14:30:30.0693 0376  i2omp - ok
14:30:30.0934 0376  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:30:30.0954 0376  i8042prt - ok
14:30:31.0555 0376  [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
14:30:31.0605 0376  ialm - ok
14:30:41.0309 0376  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:30:41.0429 0376  idsvc - ok
14:30:41.0509 0376  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:30:41.0569 0376  Imapi - ok
14:30:41.0699 0376  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
14:30:41.0859 0376  ImapiService - ok
14:30:41.0889 0376  ini910u - ok
14:30:41.0919 0376  IntelIde - ok
14:30:42.0130 0376  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:30:42.0170 0376  intelppm - ok
14:30:42.0340 0376  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:30:42.0420 0376  Ip6Fw - ok
14:30:42.0560 0376  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:30:42.0590 0376  IpFilterDriver - ok
14:30:42.0630 0376  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:30:42.0691 0376  IpInIp - ok
14:30:42.0811 0376  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:30:42.0841 0376  IpNat - ok
14:30:43.0011 0376  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:30:43.0061 0376  IPSec - ok
14:30:43.0131 0376  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:30:43.0181 0376  IRENUM - ok
14:30:43.0402 0376  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:30:43.0452 0376  isapnp - ok
14:30:43.0942 0376  [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:30:43.0982 0376  JavaQuickStarterService - ok
14:30:44.0053 0376  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:30:44.0083 0376  Kbdclass - ok
14:30:44.0363 0376  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:30:44.0423 0376  kmixer - ok
14:30:44.0673 0376  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:30:44.0683 0376  KSecDD - ok
14:30:45.0124 0376  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:30:45.0154 0376  lanmanserver - ok
14:30:45.0254 0376  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:30:45.0264 0376  lanmanworkstation - ok
14:30:45.0294 0376  lbrtfdc - ok
14:30:45.0404 0376  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:30:45.0455 0376  LmHosts - ok
14:30:45.0675 0376  [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc          C:\Program Files\Microsoft Fix it Center\Matsvc.exe
14:30:45.0935 0376  MatSvc - ok
14:30:46.0146 0376  [ D84FB8F14981F9DDC834DD143376E608 ] MaxImIO         C:\WINDOWS\system32\Drivers\maximio.sys
14:30:46.0166 0376  MaxImIO - ok
14:30:46.0246 0376  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:30:46.0306 0376  MBAMProtector - ok
14:30:46.0436 0376  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:30:46.0496 0376  MBAMScheduler - ok
14:30:46.0716 0376  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:30:46.0776 0376  MBAMService - ok
14:30:46.0947 0376  [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
14:30:47.0207 0376  McAfee SiteAdvisor Service - ok
14:30:47.0648 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:30:47.0758 0376  McMPFSvc - ok
14:30:47.0778 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:30:47.0778 0376  mcmscsvc - ok
14:30:47.0828 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:30:47.0828 0376  McNaiAnn - ok
14:30:47.0848 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:30:47.0858 0376  McNASvc - ok
14:30:48.0319 0376  [ C7DA06C9A9AEEFBE37AAC281EA6385D5 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
14:30:48.0369 0376  McODS - ok
14:30:48.0389 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:30:48.0389 0376  McProxy - ok
14:30:48.0569 0376  [ FDDE814145D01A986A10FE1EA5959B9F ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:30:48.0599 0376  McShield - ok
14:30:48.0659 0376  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:30:48.0689 0376  mdmxsdk - ok
14:30:48.0869 0376  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:30:48.0879 0376  Messenger - ok
14:30:49.0240 0376  [ 449C611308F52932C85468BA0E91B4A7 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
14:30:49.0240 0376  mfeapfk - ok
14:30:49.0310 0376  [ 080C59E365B358551B819836658FDE42 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
14:30:49.0340 0376  mfeavfk - ok
14:30:49.0360 0376  mfeavfk01 - ok
14:30:49.0400 0376  [ 0DBCB0C95196B3D12D550426DB683867 ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
14:30:49.0450 0376  mfebopk - ok
14:30:49.0580 0376  [ D3AA7664DE86FDB2125F48D393A486B3 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:30:49.0651 0376  mfefire - ok
14:30:49.0771 0376  [ 8776B9E3DC1F2B0F6BA7CDC66F51B201 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
14:30:49.0821 0376  mfefirek - ok
14:30:50.0111 0376  [ 5702E118D70A9EE95B6A5D9230076EFC ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
14:30:50.0291 0376  mfehidk - ok
14:30:50.0332 0376  [ D2F6535E5977DECF0EAED651CFAEC3F0 ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
14:30:50.0442 0376  mfendisk - ok
14:30:50.0532 0376  [ D2F6535E5977DECF0EAED651CFAEC3F0 ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
14:30:50.0532 0376  mfendiskmp - ok
14:30:50.0642 0376  [ FAD22AA17DA864C3B56E24603E0F067F ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
14:30:50.0692 0376  mferkdet - ok
14:30:50.0812 0376  [ A3062192D95688A1AA8FBEE2AA9986AC ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
14:30:50.0842 0376  mfetdi2k - ok
14:30:51.0053 0376  [ AB2D7F16A9745C41297752AB07C98F46 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
14:30:51.0093 0376  mfevtp - ok
14:30:51.0173 0376  MFE_RR - ok
14:30:51.0333 0376  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:30:51.0363 0376  mnmdd - ok
14:30:51.0473 0376  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
14:30:51.0503 0376  mnmsrvc - ok
14:30:51.0623 0376  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:30:51.0663 0376  Modem - ok
14:30:52.0204 0376  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:30:52.0224 0376  Mouclass - ok
14:30:52.0415 0376  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:30:52.0455 0376  MountMgr - ok
14:30:52.0695 0376  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:30:52.0825 0376  MozillaMaintenance - ok
14:30:52.0855 0376  mraid35x - ok
14:30:55.0569 0376  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:30:55.0639 0376  MRxDAV - ok
14:30:55.0920 0376  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:30:55.0930 0376  MRxSmb - ok
14:30:55.0980 0376  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
14:30:56.0080 0376  MSDTC - ok
14:30:56.0160 0376  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:30:56.0220 0376  Msfs - ok
14:30:56.0240 0376  MSIServer - ok
14:30:56.0320 0376  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:30:56.0370 0376  MSKSSRV - ok
14:30:56.0520 0376  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:30:56.0550 0376  MSPCLOCK - ok
14:30:56.0571 0376  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:30:56.0631 0376  MSPQM - ok
14:30:56.0671 0376  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:30:56.0701 0376  mssmbios - ok
14:30:56.0741 0376  [ D5059366B361F0E1124753447AF08AA2 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:30:56.0801 0376  MSTEE - ok
14:30:57.0011 0376  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:30:57.0021 0376  Mup - ok
14:30:57.0151 0376  [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:30:57.0252 0376  NABTSFEC - ok
14:30:57.0402 0376  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:30:57.0452 0376  napagent - ok
14:30:57.0502 0376  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:30:57.0652 0376  NDIS - ok
14:30:57.0692 0376  [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:30:57.0732 0376  NdisIP - ok
14:30:57.0882 0376  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:30:57.0882 0376  NdisTapi - ok
14:30:57.0983 0376  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:30:58.0003 0376  Ndisuio - ok
14:30:58.0053 0376  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:30:58.0083 0376  NdisWan - ok
14:30:58.0243 0376  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:30:58.0243 0376  NDProxy - ok
14:30:58.0343 0376  [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:30:58.0353 0376  Net Driver HPZ12 - ok
14:30:58.0413 0376  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:30:58.0443 0376  NetBIOS - ok
14:30:58.0473 0376  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:30:58.0503 0376  NetBT - ok
14:30:58.0623 0376  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:30:58.0684 0376  NetDDE - ok
14:30:58.0724 0376  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:30:58.0724 0376  NetDDEdsdm - ok
14:30:58.0894 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:30:58.0894 0376  Netlogon - ok
14:30:58.0954 0376  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
14:30:58.0974 0376  Netman - ok
14:30:59.0084 0376  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:30:59.0184 0376  NetTcpPortSharing - ok
14:30:59.0545 0376  [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
14:30:59.0605 0376  NICCONFIGSVC - ok
14:30:59.0735 0376  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:30:59.0785 0376  Nla - ok
14:30:59.0895 0376  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:30:59.0925 0376  Npfs - ok
14:31:00.0156 0376  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:31:00.0226 0376  Ntfs - ok
14:31:00.0296 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
14:31:00.0306 0376  NtLmSsp - ok
14:31:00.0596 0376  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:31:00.0646 0376  NtmsSvc - ok
14:31:00.0737 0376  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:31:00.0797 0376  Null - ok
14:31:00.0847 0376  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:31:00.0877 0376  NwlnkFlt - ok
14:31:01.0027 0376  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:31:01.0117 0376  NwlnkFwd - ok
14:31:01.0458 0376  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:31:01.0548 0376  odserv - ok
14:31:01.0768 0376  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:31:01.0888 0376  ose - ok
14:31:01.0958 0376  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
14:31:02.0038 0376  Parport - ok
14:31:02.0319 0376  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:31:02.0339 0376  PartMgr - ok
14:31:02.0419 0376  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:31:02.0449 0376  ParVdm - ok
14:31:02.0569 0376  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:31:02.0599 0376  PCI - ok
14:31:02.0619 0376  PCIDump - ok
14:31:02.0709 0376  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:31:02.0729 0376  PCIIde - ok
14:31:02.0990 0376  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:31:03.0030 0376  Pcmcia - ok
14:31:03.0040 0376  PDCOMP - ok
14:31:03.0100 0376  PDFRAME - ok
14:31:03.0160 0376  PDRELI - ok
14:31:03.0300 0376  PDRFRAME - ok
14:31:03.0380 0376  perc2 - ok
14:31:03.0420 0376  perc2hib - ok
14:31:03.0711 0376  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:31:03.0711 0376  PlugPlay - ok
14:31:03.0781 0376  [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:31:03.0801 0376  Pml Driver HPZ12 - ok
14:31:03.0891 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
14:31:03.0901 0376  PolicyAgent - ok
14:31:04.0021 0376  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:31:04.0051 0376  PptpMiniport - ok
14:31:04.0081 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:31:04.0081 0376  ProtectedStorage - ok
14:31:04.0121 0376  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:31:04.0151 0376  PSched - ok
14:31:04.0201 0376  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:31:04.0262 0376  Ptilink - ok
14:31:04.0392 0376  [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:31:04.0442 0376  PxHelp20 - ok
14:31:04.0462 0376  ql1080 - ok
14:31:04.0472 0376  Ql10wnt - ok
14:31:04.0492 0376  ql12160 - ok
14:31:04.0542 0376  ql1240 - ok
14:31:04.0602 0376  ql1280 - ok
14:31:04.0682 0376  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:31:04.0712 0376  RasAcd - ok
14:31:04.0913 0376  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:31:05.0083 0376  RasAuto - ok
14:31:05.0173 0376  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:31:05.0193 0376  Rasl2tp - ok
14:31:05.0433 0376  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:31:05.0443 0376  RasMan - ok
14:31:05.0483 0376  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:31:05.0523 0376  RasPppoe - ok
14:31:05.0553 0376  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:31:05.0593 0376  Raspti - ok
14:31:05.0634 0376  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:31:05.0724 0376  Rdbss - ok
14:31:06.0024 0376  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:31:06.0054 0376  RDPCDD - ok
14:31:06.0204 0376  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:31:06.0214 0376  RDPWD - ok
14:31:06.0305 0376  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:31:06.0345 0376  RDSessMgr - ok
14:31:06.0395 0376  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:31:06.0435 0376  redbook - ok
14:31:06.0555 0376  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:31:06.0585 0376  RemoteAccess - ok
14:31:06.0635 0376  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:31:06.0675 0376  RpcLocator - ok
14:31:06.0935 0376  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
14:31:06.0945 0376  RpcSs - ok
14:31:07.0236 0376  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
14:31:07.0286 0376  RSVP - ok
14:31:07.0336 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:31:07.0336 0376  SamSs - ok
14:31:07.0386 0376  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:31:07.0436 0376  SCardSvr - ok
14:31:07.0556 0376  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:31:07.0596 0376  Schedule - ok
14:31:07.0697 0376  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:31:07.0807 0376  Secdrv - ok
14:31:07.0867 0376  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:31:07.0887 0376  seclogon - ok
14:31:07.0947 0376  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
14:31:07.0947 0376  SENS - ok
14:31:07.0987 0376  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
14:31:08.0007 0376  Serial - ok
14:31:08.0137 0376  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
14:31:08.0177 0376  Sfloppy - ok
14:31:08.0297 0376  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:31:08.0307 0376  SharedAccess - ok
14:31:08.0428 0376  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:31:08.0428 0376  ShellHWDetection - ok
14:31:08.0518 0376  [ 4BD319BF5A4A273AE776AFB9F1107D25 ] silabenm        C:\WINDOWS\system32\DRIVERS\silabenm.sys
14:31:08.0548 0376  silabenm - ok
14:31:08.0808 0376  [ 12C48D71CFD011D59FBA28027341CC12 ] silabser        C:\WINDOWS\system32\DRIVERS\silabser.sys
14:31:08.0838 0376  silabser - ok
14:31:08.0848 0376  Simbad - ok
14:31:10.0140 0376  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:31:10.0220 0376  Skype C2C Service - ok
14:31:10.0591 0376  [ 0A0A0183711EFB04F9BCC32BB44471F2 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:31:15.0598 0376  SkypeUpdate - ok
14:31:15.0698 0376  [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:31:15.0768 0376  SLIP - ok
14:31:15.0948 0376  Sparrow - ok
14:31:16.0129 0376  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:31:16.0169 0376  splitter - ok
14:31:16.0219 0376  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:31:16.0219 0376  Spooler - ok
14:31:16.0429 0376  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:31:16.0499 0376  sr - ok
14:31:16.0639 0376  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
14:31:16.0659 0376  srservice - ok
14:31:16.0850 0376  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:31:16.0860 0376  Srv - ok
14:31:16.0910 0376  [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
14:31:16.0940 0376  sscdbhk5 - ok
14:31:17.0040 0376  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:31:17.0060 0376  SSDPSRV - ok
14:31:17.0190 0376  [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
14:31:17.0230 0376  ssrtln - ok
14:31:17.0390 0376  [ 5813D453EF8CE49D607C255CF128ACEB ] STAC97          C:\WINDOWS\system32\drivers\stac97.sys
14:31:17.0431 0376  STAC97 - ok
14:31:17.0541 0376  [ 306521935042FC0A6988D528643619B3 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
14:31:17.0601 0376  StarOpen - ok
14:31:17.0801 0376  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
14:31:17.0821 0376  StillCam - ok
14:31:17.0951 0376  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:31:17.0981 0376  stisvc - ok
14:31:18.0071 0376  [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:31:18.0132 0376  streamip - ok
14:31:18.0172 0376  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:31:18.0202 0376  swenum - ok
14:31:18.0322 0376  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:31:18.0352 0376  swmidi - ok
14:31:18.0372 0376  SwPrv - ok
14:31:18.0492 0376  symc810 - ok
14:31:18.0512 0376  symc8xx - ok
14:31:18.0542 0376  sym_hi - ok
14:31:18.0602 0376  sym_u3 - ok
14:31:18.0632 0376  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:31:18.0672 0376  sysaudio - ok
14:31:18.0772 0376  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:31:18.0823 0376  SysmonLog - ok
14:31:18.0943 0376  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:31:18.0973 0376  TapiSrv - ok
14:31:20.0004 0376  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:31:20.0014 0376  Tcpip - ok
14:31:20.0084 0376  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:31:20.0134 0376  TDPIPE - ok
14:31:20.0215 0376  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:31:20.0255 0376  TDTCP - ok
14:31:20.0365 0376  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:31:20.0405 0376  TermDD - ok
14:31:20.0505 0376  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
14:31:20.0535 0376  TermService - ok
14:31:20.0665 0376  [ 1D265CD2FB1673A0873BF8CEC19DDC7F ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
14:31:20.0705 0376  tfsnboio - ok
14:31:20.0755 0376  [ 62E4901295E0467CAC78E5B4B131AE5C ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
14:31:20.0805 0376  tfsncofs - ok
14:31:20.0825 0376  [ A2F380F9252AB3464C859ADF91EEAD9C ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
14:31:20.0855 0376  tfsndrct - ok
14:31:20.0916 0376  [ EEE79BBEFE9C6A2A3CE6C8753CFEA950 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
14:31:21.0056 0376  tfsndres - ok
14:31:21.0096 0376  [ 9D644EB11FEC9487450C4CFCD63A5DF4 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
14:31:21.0286 0376  tfsnifs - ok
14:31:21.0326 0376  [ E656AF05C67EDB7C0E9230A5DF71ED1B ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
14:31:21.0466 0376  tfsnopio - ok
14:31:21.0516 0376  [ 64FCCB9CCE703CA507DFFC3CEBF6B2CB ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
14:31:21.0647 0376  tfsnpool - ok
14:31:21.0717 0376  [ 48BC9D8AB4E4B9BFF70FB18E55CEC3D6 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
14:31:21.0747 0376  tfsnudf - ok
14:31:21.0797 0376  [ 79F60822224256B49BFC855DA8D651D5 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
14:31:21.0857 0376  tfsnudfa - ok
14:31:21.0907 0376  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:31:21.0947 0376  Themes - ok
14:31:21.0977 0376  TosIde - ok
14:31:22.0027 0376  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:31:22.0047 0376  TrkWks - ok
14:31:22.0267 0376  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:31:22.0348 0376  Udfs - ok
14:31:22.0388 0376  UIUSys - ok
14:31:22.0428 0376  ultra - ok
14:31:22.0508 0376  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:31:22.0558 0376  Update - ok
14:31:22.0628 0376  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:31:22.0678 0376  upnphost - ok
14:31:22.0728 0376  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
14:31:22.0778 0376  UPS - ok
14:31:22.0828 0376  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:31:22.0908 0376  usbaudio - ok
14:31:22.0978 0376  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:31:23.0009 0376  usbccgp - ok
14:31:23.0089 0376  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:31:23.0129 0376  usbehci - ok
14:31:23.0249 0376  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:31:23.0289 0376  usbhub - ok
14:31:23.0449 0376  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:31:23.0479 0376  usbprint - ok
14:31:23.0529 0376  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:31:23.0559 0376  usbscan - ok
14:31:23.0599 0376  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:31:23.0649 0376  USBSTOR - ok
14:31:23.0680 0376  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:31:23.0720 0376  usbuhci - ok
14:31:23.0780 0376  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
14:31:23.0830 0376  usbvideo - ok
14:31:23.0900 0376  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:31:23.0960 0376  VgaSave - ok
14:31:23.0980 0376  ViaIde - ok
14:31:24.0010 0376  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:31:24.0040 0376  VolSnap - ok
14:31:24.0130 0376  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
14:31:24.0230 0376  VSS - ok
14:31:24.0280 0376  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
14:31:24.0300 0376  W32Time - ok
14:31:24.0431 0376  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:31:24.0471 0376  Wanarp - ok
14:31:24.0581 0376  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
14:31:24.0671 0376  Wdf01000 - ok
14:31:24.0691 0376  WDICA - ok
14:31:24.0751 0376  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:31:24.0781 0376  wdmaud - ok
14:31:24.0881 0376  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:31:24.0911 0376  WebClient - ok
14:31:25.0021 0376  [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
14:31:25.0082 0376  winachsf - ok
14:31:25.0302 0376  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:31:25.0312 0376  winmgmt - ok
14:31:25.0452 0376  [ 18F347402DA544A780949B8FDF83351B ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:31:25.0502 0376  WinRM - ok
14:31:25.0562 0376  wltrysvc - ok
14:31:25.0652 0376  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
14:31:25.0672 0376  WmdmPmSN - ok
14:31:25.0813 0376  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:31:25.0863 0376  WmiApSrv - ok
14:31:26.0313 0376  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
14:31:26.0484 0376  WMPNetworkSvc - ok
14:31:26.0624 0376  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:31:26.0644 0376  WS2IFSL - ok
14:31:26.0744 0376  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
14:31:26.0834 0376  wscsvc - ok
14:31:26.0854 0376  WSearch - ok
14:31:26.0934 0376  [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:31:26.0974 0376  WSTCODEC - ok
14:31:27.0014 0376  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:31:27.0014 0376  wuauserv - ok
14:31:27.0104 0376  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:31:27.0155 0376  WudfPf - ok
14:31:27.0235 0376  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:31:27.0285 0376  WudfRd - ok
14:31:27.0325 0376  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
14:31:27.0345 0376  WudfSvc - ok
14:31:27.0435 0376  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:31:27.0475 0376  WZCSVC - ok
14:31:27.0525 0376  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:31:27.0545 0376  xmlprov - ok
14:31:27.0665 0376  ================ Scan global ===============================
14:31:27.0715 0376  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:31:27.0845 0376  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:31:27.0886 0376  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:31:27.0916 0376  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:31:27.0916 0376  [Global] - ok
14:31:27.0926 0376  ================ Scan MBR ==================================
14:31:27.0966 0376  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
14:31:28.0657 0376  \Device\Harddisk1\DR1 - ok
14:31:28.0697 0376  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:31:33.0604 0376  \Device\Harddisk0\DR0 - ok
14:31:33.0644 0376  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
14:31:34.0094 0376  \Device\Harddisk1\DR1 - ok
14:31:34.0094 0376  ================ Scan VBR ==================================
14:31:34.0125 0376  [ D46F1F51D0114277800D337A05FE247A ] \Device\Harddisk1\DR1\Partition1
14:31:34.0125 0376  \Device\Harddisk1\DR1\Partition1 - ok
14:31:34.0145 0376  [ 97FC9902E1DCF737C997B01985239AA3 ] \Device\Harddisk0\DR0\Partition1
14:31:34.0145 0376  \Device\Harddisk0\DR0\Partition1 - ok
14:31:34.0175 0376  [ D46F1F51D0114277800D337A05FE247A ] \Device\Harddisk1\DR1\Partition1
14:31:34.0175 0376  \Device\Harddisk1\DR1\Partition1 - ok
14:31:34.0185 0376  ================ Scan active images ========================
14:31:34.0195 0376  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
14:31:34.0195 0376  C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:31:34.0205 0376  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
14:31:34.0205 0376  C:\WINDOWS\system32\drivers\cmbatt.sys - ok
14:31:34.0225 0376  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
14:31:34.0225 0376  C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:31:34.0255 0376  [ 9A883C3C4D91292C0D09DE7C728E781C ] C:\WINDOWS\system32\drivers\ialmnt5.sys
14:31:34.0255 0376  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
14:31:34.0275 0376  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
14:31:34.0275 0376  C:\WINDOWS\system32\drivers\usbport.sys - ok
14:31:34.0285 0376  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:31:34.0285 0376  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:31:34.0305 0376  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:31:34.0325 0376  C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:31:34.0335 0376  [ E727776A56A51B7E6B7C87C02EA8B405 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
14:31:34.0335 0376  C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
14:31:34.0355 0376  [ B89BCF0A25AEB3B47030AC83287F894A ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
14:31:34.0355 0376  C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
14:31:34.0365 0376  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:31:34.0365 0376  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:31:34.0395 0376  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:31:34.0395 0376  C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:31:34.0415 0376  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:31:34.0415 0376  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:31:34.0425 0376  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
14:31:34.0425 0376  C:\WINDOWS\system32\drivers\imapi.sys - ok
14:31:34.0445 0376  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
14:31:34.0445 0376  C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:31:34.0475 0376  [ D7968049BE0ADBB6A57CEE3960320911 ] C:\WINDOWS\system32\drivers\sscdbhk5.sys
14:31:34.0475 0376  C:\WINDOWS\system32\drivers\sscdbhk5.sys - ok
14:31:34.0495 0376  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
14:31:34.0495 0376  C:\WINDOWS\system32\drivers\ks.sys - ok
14:31:34.0515 0376  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
14:31:34.0515 0376  C:\WINDOWS\system32\drivers\redbook.sys - ok
14:31:34.0545 0376  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
14:31:34.0545 0376  C:\WINDOWS\system32\drivers\drmk.sys - ok
14:31:34.0555 0376  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
14:31:34.0555 0376  C:\WINDOWS\system32\drivers\portcls.sys - ok
14:31:34.0585 0376  [ 5813D453EF8CE49D607C255CF128ACEB ] C:\WINDOWS\system32\drivers\stac97.sys
14:31:34.0585 0376  C:\WINDOWS\system32\drivers\stac97.sys - ok
14:31:34.0645 0376  [ A84BBBDD125D370593004F6429F8445C ] C:\WINDOWS\system32\drivers\HSFHWICH.sys
14:31:34.0645 0376  C:\WINDOWS\system32\drivers\HSFHWICH.sys - ok
14:31:34.0695 0376  [ B678FA91CF4A1C19B462D8DB04CD02AB ] C:\WINDOWS\system32\drivers\HSF_DPV.SYS
14:31:34.0695 0376  C:\WINDOWS\system32\drivers\HSF_DPV.SYS - ok
14:31:34.0775 0376  [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
14:31:34.0775 0376  C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
14:31:34.0836 0376  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
14:31:34.0836 0376  C:\WINDOWS\system32\drivers\modem.sys - ok
14:31:34.0866 0376  [ A9573045BAA16EAB9B1085205B82F1ED ] C:\WINDOWS\system32\drivers\serscan.sys
14:31:34.0866 0376  C:\WINDOWS\system32\drivers\serscan.sys - ok
14:31:34.0946 0376  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:31:34.0946 0376  C:\WINDOWS\system32\drivers\audstub.sys - ok
14:31:35.0006 0376  [ D2F6535E5977DECF0EAED651CFAEC3F0 ] C:\WINDOWS\system32\drivers\mfendisk.sys
14:31:35.0006 0376  C:\WINDOWS\system32\drivers\mfendisk.sys - ok
14:31:35.0076 0376  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:31:35.0076 0376  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:31:35.0136 0376  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:31:35.0136 0376  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:31:35.0156 0376  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:31:35.0156 0376  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:31:35.0206 0376  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:31:35.0206 0376  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:31:35.0266 0376  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
14:31:35.0266 0376  C:\WINDOWS\system32\drivers\tdi.sys - ok
14:31:35.0326 0376  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:31:35.0326 0376  C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:31:35.0466 0376  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
14:31:35.0466 0376  C:\WINDOWS\system32\drivers\psched.sys - ok
14:31:35.0507 0376  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:31:35.0507 0376  C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:31:35.0577 0376  [ 080C59E365B358551B819836658FDE42 ] C:\WINDOWS\system32\drivers\mfeavfk.sys
14:31:35.0577 0376  C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
14:31:35.0637 0376  [ 8776B9E3DC1F2B0F6BA7CDC66F51B201 ] C:\WINDOWS\system32\drivers\mfefirek.sys
14:31:35.0637 0376  C:\WINDOWS\system32\drivers\mfefirek.sys - ok
14:31:35.0697 0376  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:31:35.0697 0376  C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:31:35.0747 0376  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:31:35.0747 0376  C:\WINDOWS\system32\drivers\raspti.sys - ok
14:31:35.0777 0376  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
14:31:35.0777 0376  C:\WINDOWS\system32\drivers\termdd.sys - ok
14:31:35.0847 0376  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
14:31:35.0847 0376  C:\WINDOWS\system32\drivers\swenum.sys - ok
14:31:35.0907 0376  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
14:31:35.0907 0376  C:\WINDOWS\system32\drivers\update.sys - ok
14:31:35.0967 0376  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:31:35.0967 0376  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:31:36.0027 0376  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:31:36.0027 0376  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:31:36.0087 0376  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:31:36.0087 0376  C:\WINDOWS\system32\drivers\usbd.sys - ok
14:31:36.0157 0376  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
14:31:36.0157 0376  C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:31:36.0208 0376  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
14:31:36.0208 0376  C:\WINDOWS\system32\drivers\fdc.sys - ok
14:31:36.0278 0376  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
14:31:36.0278 0376  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
14:31:36.0338 0376  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:31:36.0338 0376  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:31:36.0418 0376  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:31:36.0418 0376  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:31:36.0478 0376  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:31:36.0478 0376  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:31:36.0518 0376  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:31:36.0518 0376  C:\WINDOWS\system32\drivers\null.sys - ok
14:31:36.0578 0376  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:31:36.0578 0376  C:\WINDOWS\system32\drivers\beep.sys - ok
14:31:36.0638 0376  [ C3FFD65ABFB6441E7606CF74F1155273 ] C:\WINDOWS\system32\drivers\ssrtln.sys
14:31:36.0638 0376  C:\WINDOWS\system32\drivers\ssrtln.sys - ok
14:31:36.0698 0376  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
14:31:36.0698 0376  C:\WINDOWS\system32\drivers\vga.sys - ok
14:31:36.0758 0376  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:31:36.0758 0376  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:31:36.0788 0376  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:31:36.0788 0376  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:31:36.0888 0376  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
14:31:36.0888 0376  C:\WINDOWS\system32\drivers\msfs.sys - ok
14:31:36.0959 0376  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
14:31:36.0959 0376  C:\WINDOWS\system32\drivers\npfs.sys - ok
14:31:37.0039 0376  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:31:37.0039 0376  C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:31:37.0129 0376  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:31:37.0129 0376  C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:31:37.0159 0376  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
14:31:37.0159 0376  C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:31:37.0219 0376  [ A3062192D95688A1AA8FBEE2AA9986AC ] C:\WINDOWS\system32\drivers\mfetdi2k.sys
14:31:37.0219 0376  C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
14:31:37.0269 0376  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
14:31:37.0269 0376  C:\WINDOWS\system32\drivers\ipnat.sys - ok
14:31:37.0339 0376  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
14:31:37.0339 0376  C:\WINDOWS\system32\drivers\netbt.sys - ok
14:31:37.0399 0376  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:31:37.0399 0376  C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:31:37.0489 0376  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:31:37.0489 0376  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
14:31:37.0519 0376  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
14:31:37.0519 0376  C:\WINDOWS\system32\drivers\afd.sys - ok
14:31:37.0610 0376  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
14:31:37.0610 0376  C:\WINDOWS\system32\drivers\netbios.sys - ok
14:31:37.0690 0376  [ 306521935042FC0A6988D528643619B3 ] C:\WINDOWS\system32\drivers\StarOpen.sys
14:31:37.0690 0376  C:\WINDOWS\system32\drivers\StarOpen.sys - ok
14:31:37.0750 0376  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
14:31:37.0750 0376  C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:31:37.0780 0376  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:31:37.0780 0376  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:31:37.0840 0376  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
14:31:37.0840 0376  C:\WINDOWS\system32\drivers\fips.sys - ok
14:31:37.0900 0376  [ EC94E05B76D033B74394E7B2175103CF ] C:\WINDOWS\system32\drivers\APPDRV.SYS
14:31:37.0900 0376  C:\WINDOWS\system32\drivers\APPDRV.SYS - ok
14:31:37.0980 0376  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
14:31:37.0980 0376  C:\WINDOWS\system32\smss.exe - ok
14:31:38.0040 0376  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
14:31:38.0040 0376  C:\WINDOWS\system32\ntdll.dll - ok
14:31:38.0070 0376  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
14:31:38.0070 0376  C:\WINDOWS\system32\autochk.exe - ok
14:31:38.0180 0376  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
14:31:38.0180 0376  C:\WINDOWS\system32\drivers\fastfat.sys - ok
14:31:38.0280 0376  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
14:31:38.0280 0376  C:\WINDOWS\system32\sfcfiles.dll - ok
14:31:38.0341 0376  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:31:38.0341 0376  C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:31:38.0411 0376  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
14:31:38.0411 0376  C:\WINDOWS\system32\drivers\atapi.sys - ok
14:31:38.0441 0376  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:31:38.0441 0376  C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:31:38.0501 0376  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
14:31:38.0501 0376  C:\WINDOWS\system32\watchdog.sys - ok
14:31:38.0541 0376  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
14:31:38.0541 0376  C:\WINDOWS\system32\win32k.sys - ok
14:31:38.0571 0376  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:31:38.0571 0376  C:\WINDOWS\system32\basesrv.dll - ok
14:31:38.0631 0376  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
14:31:38.0631 0376  C:\WINDOWS\system32\csrsrv.dll - ok
14:31:38.0701 0376  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
14:31:38.0701 0376  C:\WINDOWS\system32\csrss.exe - ok
14:31:38.0761 0376  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
14:31:38.0761 0376  C:\WINDOWS\system32\gdi32.dll - ok
14:31:38.0811 0376  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:31:38.0811 0376  C:\WINDOWS\system32\winsrv.dll - ok
14:31:38.0841 0376  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
14:31:38.0841 0376  C:\WINDOWS\system32\kernel32.dll - ok
14:31:38.0911 0376  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
14:31:38.0911 0376  C:\WINDOWS\system32\user32.dll - ok
14:31:38.0971 0376  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
14:31:38.0971 0376  C:\WINDOWS\system32\drivers\dxg.sys - ok
14:31:39.0032 0376  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:31:39.0032 0376  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:31:39.0102 0376  [ 0CC6C7600EC5AE4373779A79A610796C ] C:\WINDOWS\system32\ialmrnt5.dll
14:31:39.0102 0376  C:\WINDOWS\system32\ialmrnt5.dll - ok
14:31:39.0132 0376  [ E8244B7C635202E5A4326653168B595E ] C:\WINDOWS\system32\ialmdnt5.dll
14:31:39.0132 0376  C:\WINDOWS\system32\ialmdnt5.dll - ok
14:31:39.0202 0376  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:31:39.0202 0376  C:\WINDOWS\system32\vga.dll - ok
14:31:39.0262 0376  [ 888B8611F99649A61F0306056C204523 ] C:\WINDOWS\system32\ialmdev5.dll
14:31:39.0262 0376  C:\WINDOWS\system32\ialmdev5.dll - ok
14:31:39.0332 0376  [ A3E3FA1DF677FE52F2AACA38735F8E54 ] C:\WINDOWS\system32\ialmdd5.dll
14:31:39.0332 0376  C:\WINDOWS\system32\ialmdd5.dll - ok
14:31:39.0392 0376  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
14:31:39.0392 0376  C:\WINDOWS\system32\winlogon.exe - ok
14:31:39.0422 0376  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
14:31:39.0422 0376  C:\WINDOWS\system32\advapi32.dll - ok
14:31:39.0482 0376  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
14:31:39.0482 0376  C:\WINDOWS\system32\rpcrt4.dll - ok
14:31:39.0552 0376  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
14:31:39.0552 0376  C:\WINDOWS\system32\secur32.dll - ok
14:31:39.0622 0376  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
14:31:39.0622 0376  C:\WINDOWS\system32\authz.dll - ok
14:31:39.0652 0376  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
14:31:39.0673 0376  C:\WINDOWS\system32\msvcrt.dll - ok
14:31:39.0723 0376  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
14:31:39.0723 0376  C:\WINDOWS\system32\crypt32.dll - ok
14:31:39.0793 0376  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
14:31:39.0793 0376  C:\WINDOWS\system32\msasn1.dll - ok
14:31:39.0883 0376  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
14:31:39.0883 0376  C:\WINDOWS\system32\nddeapi.dll - ok
14:31:39.0923 0376  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
14:31:39.0923 0376  C:\WINDOWS\system32\profmap.dll - ok
14:31:39.0993 0376  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
14:31:39.0993 0376  C:\WINDOWS\system32\netapi32.dll - ok
14:31:40.0033 0376  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
14:31:40.0033 0376  C:\WINDOWS\system32\userenv.dll - ok
14:31:40.0083 0376  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
14:31:40.0083 0376  C:\WINDOWS\system32\psapi.dll - ok
14:31:40.0123 0376  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
14:31:40.0123 0376  C:\WINDOWS\system32\regapi.dll - ok
14:31:40.0213 0376  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
14:31:40.0213 0376  C:\WINDOWS\system32\setupapi.dll - ok
14:31:40.0273 0376  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
14:31:40.0273 0376  C:\WINDOWS\system32\version.dll - ok
14:31:40.0343 0376  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
14:31:40.0343 0376  C:\WINDOWS\system32\imagehlp.dll - ok
14:31:40.0434 0376  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
14:31:40.0434 0376  C:\WINDOWS\system32\winsta.dll - ok
14:31:40.0484 0376  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
14:31:40.0484 0376  C:\WINDOWS\system32\wintrust.dll - ok
14:31:40.0504 0376  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
14:31:40.0504 0376  C:\WINDOWS\system32\ws2help.dll - ok
14:31:40.0574 0376  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
14:31:40.0574 0376  C:\WINDOWS\system32\ws2_32.dll - ok
14:31:40.0634 0376  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
14:31:40.0634 0376  C:\WINDOWS\system32\imm32.dll - ok
14:31:40.0684 0376  [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
14:31:40.0684 0376  C:\WINDOWS\system32\kbduk.dll - ok
14:31:40.0794 0376  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
14:31:40.0794 0376  C:\WINDOWS\system32\kbdus.dll - ok
14:31:40.0844 0376  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
14:31:40.0844 0376  C:\WINDOWS\system32\msgina.dll - ok
14:31:40.0944 0376  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
14:31:40.0944 0376  C:\WINDOWS\system32\comctl32.dll - ok
14:31:41.0004 0376  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
14:31:41.0004 0376  C:\WINDOWS\system32\odbc32.dll - ok
14:31:41.0065 0376  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
14:31:41.0065 0376  C:\WINDOWS\system32\comdlg32.dll - ok
14:31:41.0115 0376  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
14:31:41.0115 0376  C:\WINDOWS\system32\shell32.dll - ok
14:31:41.0155 0376  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
14:31:41.0155 0376  C:\WINDOWS\system32\shlwapi.dll - ok
14:31:41.0185 0376  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
14:31:41.0185 0376  C:\WINDOWS\system32\sxs.dll - ok
14:31:41.0245 0376  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:31:41.0245 0376  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:31:41.0435 0376  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
14:31:41.0435 0376  C:\WINDOWS\system32\odbcint.dll - ok
14:31:41.0495 0376  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
14:31:41.0495 0376  C:\WINDOWS\system32\shsvcs.dll - ok
14:31:41.0525 0376  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
14:31:41.0525 0376  C:\WINDOWS\system32\sfc.dll - ok
14:31:41.0595 0376  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
14:31:41.0595 0376  C:\WINDOWS\system32\sfc_os.dll - ok
14:31:41.0645 0376  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
14:31:41.0645 0376  C:\WINDOWS\system32\ole32.dll - ok
14:31:41.0675 0376  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
14:31:41.0675 0376  C:\WINDOWS\system32\apphelp.dll - ok
14:31:41.0735 0376  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
14:31:41.0735 0376  C:\WINDOWS\system32\lsass.exe - ok
14:31:41.0786 0376  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:31:41.0786 0376  C:\WINDOWS\system32\services.exe - ok
14:31:41.0826 0376  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
14:31:41.0826 0376  C:\WINDOWS\system32\lsasrv.dll - ok
14:31:41.0856 0376  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
14:31:41.0856 0376  C:\WINDOWS\system32\mpr.dll - ok
14:31:41.0906 0376  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
14:31:41.0906 0376  C:\WINDOWS\system32\msvcp60.dll - ok
14:31:41.0966 0376  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
14:31:41.0966 0376  C:\WINDOWS\system32\ncobjapi.dll - ok
14:31:42.0026 0376  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
14:31:42.0026 0376  C:\WINDOWS\system32\dnsapi.dll - ok
14:31:42.0086 0376  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
14:31:42.0086 0376  C:\WINDOWS\system32\ntdsapi.dll - ok
14:31:42.0136 0376  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
14:31:42.0136 0376  C:\WINDOWS\system32\scesrv.dll - ok
14:31:42.0166 0376  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
14:31:42.0166 0376  C:\WINDOWS\system32\wldap32.dll - ok
14:31:42.0236 0376  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
14:31:42.0236 0376  C:\WINDOWS\system32\umpnpmgr.dll - ok
14:31:42.0276 0376  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
14:31:42.0276 0376  C:\WINDOWS\system32\samlib.dll - ok
14:31:42.0346 0376  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
14:31:42.0346 0376  C:\WINDOWS\system32\shimeng.dll - ok
14:31:42.0436 0376  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
14:31:42.0436 0376  C:\WINDOWS\AppPatch\acadproc.dll - ok
14:31:42.0497 0376  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
14:31:42.0497 0376  C:\WINDOWS\system32\samsrv.dll - ok
14:31:42.0557 0376  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
14:31:42.0557 0376  C:\WINDOWS\system32\cryptdll.dll - ok
14:31:42.0597 0376  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
14:31:42.0597 0376  C:\WINDOWS\AppPatch\acgenral.dll - ok
14:31:42.0617 0376  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
14:31:42.0617 0376  C:\WINDOWS\system32\winmm.dll - ok
14:31:42.0657 0376  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
14:31:42.0657 0376  C:\WINDOWS\system32\oleaut32.dll - ok
14:31:42.0697 0376  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
14:31:42.0697 0376  C:\WINDOWS\system32\msacm32.dll - ok
14:31:42.0717 0376  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
14:31:42.0717 0376  C:\WINDOWS\system32\uxtheme.dll - ok
14:31:42.0767 0376  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
14:31:42.0767 0376  C:\WINDOWS\system32\msapsspc.dll - ok
14:31:42.0807 0376  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
14:31:42.0807 0376  C:\WINDOWS\system32\msvcrt40.dll - ok
14:31:42.0847 0376  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
14:31:42.0847 0376  C:\WINDOWS\system32\schannel.dll - ok
14:31:42.0887 0376  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
14:31:42.0887 0376  C:\WINDOWS\system32\digest.dll - ok
14:31:42.0917 0376  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
14:31:42.0917 0376  C:\WINDOWS\system32\msnsspc.dll - ok
14:31:42.0967 0376  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
14:31:42.0967 0376  C:\WINDOWS\system32\msctfime.ime - ok
14:31:43.0037 0376  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
14:31:43.0037 0376  C:\WINDOWS\system32\msprivs.dll - ok
14:31:43.0107 0376  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
14:31:43.0107 0376  C:\WINDOWS\system32\kerberos.dll - ok
14:31:43.0158 0376  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
14:31:43.0158 0376  C:\WINDOWS\system32\atmfd.dll - ok
14:31:43.0208 0376  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
14:31:43.0208 0376  C:\WINDOWS\system32\msv1_0.dll - ok
14:31:43.0238 0376  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
14:31:43.0238 0376  C:\WINDOWS\system32\iphlpapi.dll - ok
14:31:43.0278 0376  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
14:31:43.0278 0376  C:\WINDOWS\system32\netlogon.dll - ok
14:31:43.0318 0376  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
14:31:43.0318 0376  C:\WINDOWS\system32\w32time.dll - ok
14:31:43.0358 0376  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
14:31:43.0358 0376  C:\WINDOWS\system32\rsaenh.dll - ok
14:31:43.0398 0376  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
14:31:43.0398 0376  C:\WINDOWS\system32\wdigest.dll - ok
14:31:43.0418 0376  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
14:31:43.0418 0376  C:\WINDOWS\system32\winscard.dll - ok
14:31:43.0458 0376  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
14:31:43.0458 0376  C:\WINDOWS\system32\wtsapi32.dll - ok
14:31:43.0508 0376  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
14:31:43.0508 0376  C:\WINDOWS\system32\scecli.dll - ok
14:31:43.0558 0376  [ 629CABB0421668C9D3D402A3C3D77E14 ] C:\WINDOWS\system32\drivers\mbam.sys
14:31:43.0558 0376  C:\WINDOWS\system32\drivers\mbam.sys - ok
14:31:43.0608 0376  [ FA4670CAE95AE2BB857C68E535661145 ] C:\WINDOWS\system32\drivers\drvnddm.sys
14:31:43.0608 0376  C:\WINDOWS\system32\drivers\drvnddm.sys - ok
14:31:43.0668 0376  [ EEE79BBEFE9C6A2A3CE6C8753CFEA950 ] C:\WINDOWS\system32\dla\tfsndres.sys
14:31:43.0668 0376  C:\WINDOWS\system32\dla\tfsndres.sys - ok
14:31:43.0688 0376  [ 9D644EB11FEC9487450C4CFCD63A5DF4 ] C:\WINDOWS\system32\dla\tfsnifs.sys
14:31:43.0688 0376  C:\WINDOWS\system32\dla\tfsnifs.sys - ok
14:31:43.0738 0376  [ E656AF05C67EDB7C0E9230A5DF71ED1B ] C:\WINDOWS\system32\dla\tfsnopio.sys
14:31:43.0738 0376  C:\WINDOWS\system32\dla\tfsnopio.sys - ok
14:31:43.0788 0376  [ 64FCCB9CCE703CA507DFFC3CEBF6B2CB ] C:\WINDOWS\system32\dla\tfsnpool.sys
14:31:43.0788 0376  C:\WINDOWS\system32\dla\tfsnpool.sys - ok
14:31:43.0828 0376  [ 1D265CD2FB1673A0873BF8CEC19DDC7F ] C:\WINDOWS\system32\dla\tfsnboio.sys
14:31:43.0828 0376  C:\WINDOWS\system32\dla\tfsnboio.sys - ok
14:31:43.0869 0376  [ 62E4901295E0467CAC78E5B4B131AE5C ] C:\WINDOWS\system32\dla\tfsncofs.sys
14:31:43.0869 0376  C:\WINDOWS\system32\dla\tfsncofs.sys - ok
14:31:43.0909 0376  [ A2F380F9252AB3464C859ADF91EEAD9C ] C:\WINDOWS\system32\dla\tfsndrct.sys
14:31:43.0909 0376  C:\WINDOWS\system32\dla\tfsndrct.sys - ok
14:31:43.0929 0376  [ 48BC9D8AB4E4B9BFF70FB18E55CEC3D6 ] C:\WINDOWS\system32\dla\tfsnudf.sys
14:31:43.0929 0376  C:\WINDOWS\system32\dla\tfsnudf.sys - ok
14:31:43.0969 0376  [ 79F60822224256B49BFC855DA8D651D5 ] C:\WINDOWS\system32\dla\tfsnudfa.sys
14:31:43.0969 0376  C:\WINDOWS\system32\dla\tfsnudfa.sys - ok
14:31:44.0009 0376  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
14:31:44.0009 0376  C:\WINDOWS\system32\svchost.exe - ok
14:31:44.0049 0376  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
14:31:44.0049 0376  C:\WINDOWS\system32\ntmarta.dll - ok
14:31:44.0099 0376  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
14:31:44.0099 0376  C:\WINDOWS\system32\rpcss.dll - ok
14:31:44.0129 0376  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
14:31:44.0129 0376  C:\WINDOWS\system32\xpsp2res.dll - ok
14:31:44.0229 0376  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
14:31:44.0229 0376  C:\WINDOWS\system32\eventlog.dll - ok
14:31:44.0279 0376  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
14:31:44.0279 0376  C:\WINDOWS\system32\logonui.exe - ok
14:31:44.0359 0376  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
14:31:44.0359 0376  C:\WINDOWS\system32\duser.dll - ok
14:31:44.0409 0376  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
14:31:44.0409 0376  C:\WINDOWS\system32\msimg32.dll - ok
14:31:44.0449 0376  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
14:31:44.0449 0376  C:\WINDOWS\system32\oleacc.dll - ok
14:31:44.0489 0376  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
14:31:44.0489 0376  C:\WINDOWS\system32\clbcatq.dll - ok
14:31:44.0519 0376  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
14:31:44.0519 0376  C:\WINDOWS\system32\comres.dll - ok
14:31:44.0560 0376  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
14:31:44.0560 0376  C:\WINDOWS\system32\shgina.dll - ok
14:31:44.0580 0376  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
14:31:44.0580 0376  C:\WINDOWS\system32\mswsock.dll - ok
14:31:44.0630 0376  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
14:31:44.0630 0376  C:\WINDOWS\system32\hnetcfg.dll - ok
14:31:44.0670 0376  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
14:31:44.0670 0376  C:\WINDOWS\system32\wshtcpip.dll - ok
14:31:44.0720 0376  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
14:31:44.0720 0376  C:\WINDOWS\system32\winrnr.dll - ok
14:31:44.0790 0376  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
14:31:44.0790 0376  C:\WINDOWS\system32\rasadhlp.dll - ok
14:31:44.0830 0376  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:31:44.0830 0376  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:31:44.0920 0376  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
14:31:44.0920 0376  C:\WINDOWS\system32\cscdll.dll - ok
14:31:44.0980 0376  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
14:31:44.0980 0376  C:\WINDOWS\system32\dimsntfy.dll - ok
14:31:45.0020 0376  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
14:31:45.0020 0376  C:\WINDOWS\system32\wlnotify.dll - ok
14:31:45.0060 0376  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
14:31:45.0060 0376  C:\WINDOWS\system32\winspool.drv - ok
14:31:45.0110 0376  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
14:31:45.0110 0376  C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:31:45.0140 0376  [ F49DABE4B824B9BF35E5F541A6CAAF26 ] C:\WINDOWS\system32\BCMLogon.dll
14:31:45.0140 0376  C:\WINDOWS\system32\BCMLogon.dll - ok
14:31:45.0180 0376  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\WINDOWS\system32\MFC71.DLL
14:31:45.0180 0376  C:\WINDOWS\system32\MFC71.DLL - ok
14:31:45.0220 0376  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\MSVCR71.DLL
14:31:45.0220 0376  C:\WINDOWS\system32\MSVCR71.DLL - ok
14:31:45.0261 0376  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
14:31:45.0261 0376  C:\WINDOWS\system32\dnsrslvr.dll - ok
14:31:45.0321 0376  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\MSVCP71.DLL
14:31:45.0321 0376  C:\WINDOWS\system32\MSVCP71.DLL - ok
14:31:45.0341 0376  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
14:31:45.0341 0376  C:\WINDOWS\system32\wzcsvc.dll - ok
14:31:45.0381 0376  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
14:31:45.0381 0376  C:\WINDOWS\system32\rtutils.dll - ok
14:31:45.0481 0376  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
14:31:45.0481 0376  C:\WINDOWS\system32\wmi.dll - ok
14:31:45.0541 0376  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
14:31:45.0541 0376  C:\WINDOWS\system32\eapolqec.dll - ok
14:31:45.0591 0376  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
14:31:45.0591 0376  C:\WINDOWS\system32\atl.dll - ok
14:31:45.0621 0376  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
14:31:45.0621 0376  C:\WINDOWS\system32\qutil.dll - ok
14:31:45.0681 0376  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
14:31:45.0681 0376  C:\WINDOWS\system32\dot3api.dll - ok
14:31:45.0741 0376  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
14:31:45.0741 0376  C:\WINDOWS\system32\esent.dll - ok
14:31:45.0801 0376  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
14:31:45.0801 0376  C:\WINDOWS\system32\rastls.dll - ok
14:31:45.0831 0376  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
14:31:45.0831 0376  C:\WINDOWS\system32\mpnotify.exe - ok
14:31:45.0901 0376  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
14:31:45.0901 0376  C:\WINDOWS\system32\cryptui.dll - ok
14:31:45.0952 0376  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
14:31:45.0952 0376  C:\WINDOWS\system32\wininet.dll - ok
14:31:45.0992 0376  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
14:31:45.0992 0376  C:\WINDOWS\system32\normaliz.dll - ok
14:31:46.0042 0376  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
14:31:46.0042 0376  C:\WINDOWS\system32\urlmon.dll - ok
14:31:46.0112 0376  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
14:31:46.0112 0376  C:\WINDOWS\system32\iertutil.dll - ok
14:31:46.0132 0376  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
14:31:46.0132 0376  C:\WINDOWS\system32\mprapi.dll - ok
14:31:46.0172 0376  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
14:31:46.0172 0376  C:\WINDOWS\system32\activeds.dll - ok
14:31:46.0212 0376  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
14:31:46.0212 0376  C:\WINDOWS\system32\adsldpc.dll - ok
14:31:46.0252 0376  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
14:31:46.0252 0376  C:\WINDOWS\system32\rasapi32.dll - ok
14:31:46.0292 0376  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
14:31:46.0292 0376  C:\WINDOWS\system32\rasman.dll - ok
14:31:46.0312 0376  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
14:31:46.0312 0376  C:\WINDOWS\system32\tapi32.dll - ok
14:31:46.0352 0376  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
14:31:46.0352 0376  C:\WINDOWS\system32\riched20.dll - ok
14:31:46.0402 0376  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
14:31:46.0402 0376  C:\WINDOWS\system32\raschap.dll - ok
14:31:46.0442 0376  [ 60714B1C15F815F55798C0B3D4819BEB ] C:\WINDOWS\system32\WLTRYSVC.EXE
14:31:46.0442 0376  C:\WINDOWS\system32\WLTRYSVC.EXE - ok
14:31:46.0472 0376  [ 7C19764A2EC7AC4AE8DB4BBF0B7F20C5 ] C:\WINDOWS\system32\BCMWLTRY.EXE
14:31:46.0472 0376  C:\WINDOWS\system32\BCMWLTRY.EXE - ok
14:31:46.0512 0376  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
14:31:46.0512 0376  C:\WINDOWS\system32\spoolsv.exe - ok
14:31:46.0552 0376  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
14:31:46.0552 0376  C:\WINDOWS\system32\audiosrv.dll - ok
14:31:46.0592 0376  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
14:31:46.0592 0376  C:\WINDOWS\system32\mlang.dll - ok
14:31:46.0633 0376  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
14:31:46.0633 0376  C:\WINDOWS\system32\cfgmgr32.dll - ok
14:31:46.0653 0376  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
14:31:46.0653 0376  C:\WINDOWS\system32\powrprof.dll - ok
14:31:46.0693 0376  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
14:31:46.0693 0376  C:\WINDOWS\system32\xmlprovi.dll - ok
14:31:46.0733 0376  [ 4E8964A5564D27BE3F336AAD47D5D6E8 ] C:\WINDOWS\system32\bcm1xsup.dll
14:31:46.0733 0376  C:\WINDOWS\system32\bcm1xsup.dll - ok
14:31:46.0773 0376  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
14:31:46.0773 0376  C:\WINDOWS\system32\wzcsapi.dll - ok
14:31:46.0813 0376  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
14:31:46.0813 0376  C:\WINDOWS\system32\wkssvc.dll - ok
14:31:46.0853 0376  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
14:31:46.0853 0376  C:\WINDOWS\system32\spoolss.dll - ok
14:31:46.0893 0376  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
14:31:46.0893 0376  C:\WINDOWS\system32\drivers\parport.sys - ok
14:31:46.0913 0376  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
14:31:46.0913 0376  C:\WINDOWS\system32\drivers\serial.sys - ok
14:31:46.0973 0376  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
14:31:46.0973 0376  C:\WINDOWS\system32\cryptsvc.dll - ok
14:31:47.0043 0376  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
14:31:47.0043 0376  C:\WINDOWS\system32\certcli.dll - ok
14:31:47.0123 0376  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
14:31:47.0123 0376  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
14:31:47.0163 0376  [ 1758AF653723679E3746FC7DDD93C69B ] C:\Program Files\Java\jre7\bin\jqs.exe
14:31:47.0163 0376  C:\Program Files\Java\jre7\bin\jqs.exe - ok
14:31:47.0203 0376  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
14:31:47.0203 0376  C:\WINDOWS\system32\ersvc.dll - ok
14:31:47.0233 0376  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
14:31:47.0233 0376  C:\WINDOWS\system32\es.dll - ok
14:31:47.0273 0376  [ 4DF537A09034434EA9481B88AB1D3C25 ] C:\WINDOWS\system32\bcmwlpkt.dll
14:31:47.0273 0376  C:\WINDOWS\system32\bcmwlpkt.dll - ok
14:31:47.0313 0376  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
14:31:47.0313 0376  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
14:31:47.0354 0376  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
14:31:47.0354 0376  C:\WINDOWS\system32\wsock32.dll - ok
14:31:47.0404 0376  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\ATL71.DLL
14:31:47.0404 0376  C:\WINDOWS\system32\ATL71.DLL - ok
14:31:47.0434 0376  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
14:31:47.0434 0376  C:\WINDOWS\system32\pdh.dll - ok
14:31:47.0474 0376  [ 5F755A48D09444CEE0A1A7E74AC54D85 ] C:\WINDOWS\system32\wltrynt.dll
14:31:47.0474 0376  C:\WINDOWS\system32\wltrynt.dll - ok
14:31:47.0524 0376  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
14:31:47.0524 0376  C:\WINDOWS\system32\odbcbcp.dll - ok
14:31:47.0584 0376  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
14:31:47.0584 0376  C:\WINDOWS\system32\cscui.dll - ok
14:31:47.0644 0376  [ D84FB8F14981F9DDC834DD143376E608 ] C:\WINDOWS\system32\drivers\maximio.sys
14:31:47.0644 0376  C:\WINDOWS\system32\drivers\maximio.sys - ok
14:31:47.0684 0376  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
14:31:47.0684 0376  C:\WINDOWS\system32\comsvcs.dll - ok
14:31:47.0744 0376  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
14:31:47.0744 0376  C:\WINDOWS\system32\dpcdll.dll - ok
14:31:47.0784 0376  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:31:47.0784 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
14:31:47.0824 0376  [ 058710B720282CA82B909912D3EF28DB ] C:\WINDOWS\regedit.exe
14:31:47.0824 0376  C:\WINDOWS\regedit.exe - ok
14:31:47.0864 0376  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
14:31:47.0864 0376  C:\WINDOWS\system32\colbact.dll - ok
14:31:47.0904 0376  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
14:31:47.0904 0376  C:\WINDOWS\system32\userinit.exe - ok
14:31:47.0934 0376  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
14:31:47.0934 0376  C:\WINDOWS\system32\mtxclu.dll - ok
14:31:47.0984 0376  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
14:31:47.0984 0376  C:\WINDOWS\system32\clusapi.dll - ok
14:31:48.0045 0376  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
14:31:48.0045 0376  C:\WINDOWS\system32\wdmaud.drv - ok
14:31:48.0105 0376  [ 96A0066AB9872D3575575A463C53FF6C ] C:\WINDOWS\system32\aclui.dll
14:31:48.0105 0376  C:\WINDOWS\system32\aclui.dll - ok
14:31:48.0175 0376  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
14:31:48.0175 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
14:31:48.0205 0376  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
14:31:48.0205 0376  C:\WINDOWS\system32\resutils.dll - ok
14:31:48.0285 0376  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
14:31:48.0285 0376  C:\WINDOWS\explorer.exe - ok
14:31:48.0375 0376  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:31:48.0375 0376  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:31:48.0455 0376  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:31:48.0455 0376  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:31:48.0575 0376  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
14:31:48.0575 0376  C:\WINDOWS\system32\drivers\splitter.sys - ok
14:31:48.0625 0376  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
14:31:48.0625 0376  C:\WINDOWS\system32\drivers\aec.sys - ok
14:31:48.0766 0376  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
14:31:48.0766 0376  C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:31:48.0826 0376  [ 751068D5D0ECD64A4810379729A1F0BC ] C:\WINDOWS\system32\ulib.dll
14:31:48.0826 0376  C:\WINDOWS\system32\ulib.dll - ok
14:31:48.0846 0376  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
14:31:48.0846 0376  C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:31:48.0906 0376  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
14:31:48.0906 0376  C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:31:49.0056 0376  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:31:49.0056 0376  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:31:49.0106 0376  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
14:31:49.0106 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:31:49.0166 0376  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:31:49.0166 0376  C:\WINDOWS\system32\msacm32.drv - ok
14:31:49.0306 0376  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
14:31:49.0306 0376  C:\WINDOWS\system32\midimap.dll - ok
14:31:49.0346 0376  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
14:31:49.0346 0376  C:\WINDOWS\system32\browseui.dll - ok
14:31:49.0447 0376  [ 37461F2C3F212CF508A20FDC729ABDE5 ] C:\WINDOWS\system32\clb.dll
14:31:49.0447 0376  C:\WINDOWS\system32\clb.dll - ok
14:31:49.0497 0376  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
14:31:49.0497 0376  C:\WINDOWS\system32\perfos.dll - ok
14:31:49.0557 0376  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
14:31:49.0557 0376  C:\WINDOWS\system32\perfdisk.dll - ok
14:31:49.0617 0376  [ FD5EAC0C148E96DF4E2160354C54360C ] C:\WINDOWS\system32\shdocvw.dll
14:31:49.0617 0376  C:\WINDOWS\system32\shdocvw.dll - ok
14:31:49.0647 0376  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
14:31:49.0647 0376  C:\WINDOWS\system32\msctf.dll - ok
14:31:49.0707 0376  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
14:31:49.0707 0376  C:\WINDOWS\system32\ctfmon.exe - ok
14:31:49.0867 0376  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
14:31:49.0867 0376  C:\WINDOWS\system32\msutb.dll - ok
14:31:49.0917 0376  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
14:31:49.0917 0376  C:\WINDOWS\ime\sptip.dll - ok
14:31:49.0967 0376  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
14:31:49.0967 0376  C:\WINDOWS\system32\desk.cpl - ok
14:31:50.0047 0376  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
14:31:50.0047 0376  C:\WINDOWS\system32\themeui.dll - ok
14:31:50.0158 0376  [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
14:31:50.0158 0376  C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
14:31:50.0188 0376  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:31:50.0188 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
14:31:50.0348 0376  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
14:31:50.0348 0376  C:\WINDOWS\system32\cmd.exe - ok
14:31:50.0408 0376  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
14:31:50.0408 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
14:31:50.0468 0376  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
14:31:50.0468 0376  C:\WINDOWS\system32\ieframe.dll - ok
14:31:50.0518 0376  [ AA44024C1796F40D43F2E6C08B47A564 ] C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
14:31:50.0518 0376  C:\Program Files\McAfee\SiteAdvisor\McSACore.exe - ok
14:31:50.0588 0376  [ C3A0C96602B3E35B98D4B9970DED0681 ] C:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll
14:31:50.0588 0376  C:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll - ok
14:31:50.0718 0376  [ ECAB006AC6136F1307E140B633CDB8C2 ] C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:31:50.0718 0376  C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe - ok
14:31:50.0748 0376  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
14:31:50.0748 0376  C:\WINDOWS\system32\msvcr100.dll - ok
14:31:50.0809 0376  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
14:31:50.0809 0376  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
14:31:50.0889 0376  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
14:31:50.0889 0376  C:\WINDOWS\system32\winhttp.dll - ok
14:31:50.0929 0376  [ B1E8AF364027029272758C8E34776144 ] C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll
14:31:50.0929 0376  C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll - ok
14:31:50.0979 0376  [ 3BFE01574CEB5A5708B2A89AF79E09F6 ] C:\PROGRA~1\McAfee\SITEAD~1\apengine.dll
14:31:50.0979 0376  C:\PROGRA~1\McAfee\SITEAD~1\apengine.dll - ok
14:31:51.0019 0376  [ C166EAC7662D7FB1A393B5F3B9BF3FE3 ] C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
14:31:51.0019 0376  C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
14:31:51.0079 0376  [ CAC6F6F206C978DEEA928B9302646A09 ] C:\PROGRA~1\McAfee\MSC\mcmscsub.dll
14:31:51.0079 0376  C:\PROGRA~1\McAfee\MSC\mcmscsub.dll - ok
14:31:51.0139 0376  [ 3C318B9CD391371BED62126581EE9961 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
14:31:51.0139 0376  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
14:31:51.0189 0376  [ AB2D7F16A9745C41297752AB07C98F46 ] C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
14:31:51.0189 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe - ok
14:31:51.0209 0376  [ A081CB6FB9A12668F233EB5414BE3A0E ] C:\WINDOWS\system32\HPZinw12.dll
14:31:51.0209 0376  C:\WINDOWS\system32\HPZinw12.dll - ok
14:31:51.0279 0376  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
14:31:51.0279 0376  C:\WINDOWS\system32\netman.dll - ok
14:31:51.0409 0376  [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
14:31:51.0409 0376  C:\Program Files\Dell\QuickSet\NicConfigSvc.exe - ok
14:31:51.0469 0376  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
14:31:51.0469 0376  C:\WINDOWS\system32\netshell.dll - ok
14:31:51.0530 0376  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
14:31:51.0530 0376  C:\WINDOWS\system32\credui.dll - ok
14:31:51.0610 0376  [ 12D6F3ED1AC256836E4401FDFF49B5C3 ] C:\PROGRA~1\McAfee\SITEAD~1\mcfrmwk.dll
14:31:51.0610 0376  C:\PROGRA~1\McAfee\SITEAD~1\mcfrmwk.dll - ok
14:31:51.0660 0376  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
14:31:51.0660 0376  C:\WINDOWS\system32\cryptnet.dll - ok
14:31:51.0720 0376  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
14:31:51.0720 0376  C:\WINDOWS\system32\dot3dlg.dll - ok
14:31:51.0860 0376  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
14:31:51.0860 0376  C:\WINDOWS\system32\sensapi.dll - ok
14:31:51.0970 0376  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
14:31:51.0970 0376  C:\WINDOWS\system32\msxml3.dll - ok
14:31:52.0000 0376  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
14:31:52.0000 0376  C:\WINDOWS\system32\onex.dll - ok
14:31:52.0050 0376  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
14:31:52.0050 0376  C:\WINDOWS\system32\oledlg.dll - ok
14:31:52.0110 0376  [ 248AC0CDE13E6724A3A7D9CEBEBC8B3C ] C:\PROGRA~1\McAfee\SITEAD~1\cntscan.dll
14:31:52.0110 0376  C:\PROGRA~1\McAfee\SITEAD~1\cntscan.dll - ok
14:31:52.0140 0376  [ C85670AB64068F8080998AEBA6C5019C ] C:\WINDOWS\system32\atl100.dll
14:31:52.0140 0376  C:\WINDOWS\system32\atl100.dll - ok
14:31:52.0191 0376  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
14:31:52.0191 0376  C:\WINDOWS\system32\eappcfg.dll - ok
14:31:52.0251 0376  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
14:31:52.0251 0376  C:\WINDOWS\system32\cabinet.dll - ok
14:31:52.0351 0376  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
14:31:52.0351 0376  C:\WINDOWS\system32\eappprxy.dll - ok
14:31:52.0441 0376  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
14:31:52.0441 0376  C:\WINDOWS\system32\msvcp100.dll - ok
14:31:52.0481 0376  [ 7CC9484FBC922F7DC0B1D767A256C1E5 ] C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnn.dll
14:31:52.0481 0376  C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnn.dll - ok
14:31:52.0541 0376  [ 65BC271F337637731D3C71455AE1F476 ] C:\WINDOWS\system32\HPZipm12.dll
14:31:52.0541 0376  C:\WINDOWS\system32\HPZipm12.dll - ok
14:31:52.0641 0376  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
14:31:52.0641 0376  C:\WINDOWS\system32\pstorsvc.dll - ok
14:31:52.0691 0376  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
14:31:52.0691 0376  C:\WINDOWS\system32\psbase.dll - ok
14:31:52.0741 0376  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
14:31:52.0741 0376  C:\WINDOWS\system32\seclogon.dll - ok
14:31:52.0791 0376  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
14:31:52.0791 0376  C:\WINDOWS\system32\sens.dll - ok
14:31:52.0851 0376  [ 2E50B9E0C0647475116247DCE4357161 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\11_6_2~1\mcutil.dll
14:31:52.0851 0376  C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\11_6_2~1\mcutil.dll - ok
14:31:52.0902 0376  [ 4217348720317D7B98E0646776124F31 ] C:\WINDOWS\system32\BMAPI.dll
14:31:52.0902 0376  C:\WINDOWS\system32\BMAPI.dll - ok
14:31:52.0992 0376  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:31:52.0992 0376  C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
14:31:53.0152 0376  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
14:31:53.0152 0376  C:\WINDOWS\system32\localspl.dll - ok
14:31:53.0192 0376  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
14:31:53.0192 0376  C:\WINDOWS\system32\cnbjmon.dll - ok
14:31:53.0252 0376  [ BD94927532D2DA7E7FD451B47232AD24 ] C:\WINDOWS\system32\hpzsnt09.dll
14:31:53.0252 0376  C:\WINDOWS\system32\hpzsnt09.dll - ok
14:31:53.0302 0376  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
14:31:53.0302 0376  C:\WINDOWS\system32\netcfgx.dll - ok
14:31:53.0402 0376  [ 6C14796D7D1A41345F0A24B55E485DB1 ] C:\WINDOWS\system32\hpz3l5mu.dll
14:31:53.0402 0376  C:\WINDOWS\system32\hpz3l5mu.dll - ok
14:31:53.0442 0376  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
14:31:53.0442 0376  C:\WINDOWS\system32\pjlmon.dll - ok
14:31:53.0462 0376  [ 28E60C4EC03340EE7C5D51D79C19498B ] C:\PROGRA~1\COMMON~1\McAfee\Core\mccoreps.dll
14:31:53.0462 0376  C:\PROGRA~1\COMMON~1\McAfee\Core\mccoreps.dll - ok
14:31:53.0502 0376  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
14:31:53.0502 0376  C:\WINDOWS\system32\msonpmon.dll - ok
14:31:53.0552 0376  [ B8B742537BFA1AC4F742B36BEB310BF6 ] C:\PROGRA~1\McAfee\VIRUSS~1\McVsPs.dll
14:31:53.0552 0376  C:\PROGRA~1\McAfee\VIRUSS~1\McVsPs.dll - ok
14:31:53.0603 0376  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
14:31:53.0603 0376  C:\WINDOWS\system32\msi.dll - ok
14:31:53.0703 0376  [ 1C4D0F52B4238B9388F2A28DD0903588 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
14:31:53.0703 0376  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll - ok
14:31:53.0723 0376  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
14:31:53.0723 0376  C:\WINDOWS\system32\tcpmon.dll - ok
14:31:53.0803 0376  [ 149DA63ED179DE9B46D5C38A867F3199 ] C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnnPs.dll
14:31:53.0803 0376  C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnnPs.dll - ok
14:31:53.0903 0376  [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll
14:31:53.0903 0376  C:\WINDOWS\system32\tcpmib.dll - ok
14:31:53.0973 0376  [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
14:31:53.0973 0376  C:\WINDOWS\system32\mgmtapi.dll - ok
14:31:54.0063 0376  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
14:31:54.0063 0376  C:\WINDOWS\system32\snmpapi.dll - ok
14:31:54.0133 0376  [ 4BE8D8FB641F43F4C4D6CF6AB5ADE968 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\McRTMui.dll
14:31:54.0133 0376  C:\PROGRA~1\COMMON~1\McAfee\MSC\McRTMui.dll - ok
14:31:54.0203 0376  [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
14:31:54.0203 0376  C:\WINDOWS\system32\wsnmp32.dll - ok
14:31:54.0263 0376  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
14:31:54.0263 0376  C:\WINDOWS\system32\usbmon.dll - ok
14:31:54.0314 0376  [ 0A0A0183711EFB04F9BCC32BB44471F2 ] C:\Program Files\Skype\Updater\Updater.exe
14:31:54.0314 0376  C:\Program Files\Skype\Updater\Updater.exe - ok
14:31:54.0384 0376  [ A55CD65BCE3A2BA6ACD94895F949262E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
14:31:54.0384 0376  C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll - ok
14:31:54.0454 0376  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:31:54.0454 0376  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:31:54.0504 0376  [ 2E645C11AAB7A7E5F607355F6CBDF068 ] C:\PROGRA~1\McAfee\VIRUSS~1\MVsCfg.dll
14:31:54.0504 0376  C:\PROGRA~1\McAfee\VIRUSS~1\MVsCfg.dll - ok
14:31:54.0594 0376  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
14:31:54.0594 0376  C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
14:31:54.0634 0376  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
14:31:54.0634 0376  C:\WINDOWS\system32\srsvc.dll - ok
14:31:54.0684 0376  [ AE02E6DAC99FA4DC642C71B10FEE9971 ] C:\Program Files\Common Files\McAfee\MSC\LangSel.dll
14:31:54.0684 0376  C:\Program Files\Common Files\McAfee\MSC\LangSel.dll - ok
14:31:54.0754 0376  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
14:31:54.0754 0376  C:\WINDOWS\system32\win32spl.dll - ok
14:31:54.0834 0376  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
14:31:54.0834 0376  C:\WINDOWS\system32\netrap.dll - ok
14:31:54.0864 0376  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
14:31:54.0864 0376  C:\WINDOWS\system32\inetpp.dll - ok
14:31:54.0914 0376  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
14:31:54.0914 0376  C:\WINDOWS\system32\wiaservc.dll - ok
14:31:55.0005 0376  [ C3333DD48A39C17689414275E09D7CC7 ] C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll
14:31:55.0005 0376  C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll - ok
14:31:55.0065 0376  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:31:55.0065 0376  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:31:55.0115 0376  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
14:31:55.0115 0376  C:\WINDOWS\system32\termsrv.dll - ok
14:31:55.0175 0376  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
14:31:55.0175 0376  C:\WINDOWS\system32\mscms.dll - ok
14:31:55.0255 0376  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
14:31:55.0255 0376  C:\WINDOWS\system32\vssapi.dll - ok
14:31:55.0305 0376  [ FDDE814145D01A986A10FE1EA5959B9F ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
14:31:55.0305 0376  C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe - ok
14:31:55.0385 0376  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
14:31:55.0385 0376  C:\WINDOWS\system32\wuauserv.dll - ok
14:31:55.0435 0376  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
14:31:55.0435 0376  C:\WINDOWS\system32\wuaueng.dll - ok
14:31:55.0495 0376  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
14:31:55.0495 0376  C:\WINDOWS\system32\lz32.dll - ok
14:31:55.0585 0376  [ 76FBBB2BDD93366474DA817FB0ECDF0A ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll
14:31:55.0585 0376  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll - ok
14:31:55.0655 0376  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
14:31:55.0655 0376  C:\WINDOWS\system32\icaapi.dll - ok
14:31:55.0706 0376  [ 8105C7F211FADE04311219F0F6F41563 ] C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll
14:31:55.0706 0376  C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll - ok
14:31:55.0766 0376  [ 383B922F7FF75CE7EAB511476FCFF84E ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll
14:31:55.0766 0376  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll - ok
14:31:55.0866 0376  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
14:31:55.0866 0376  C:\WINDOWS\system32\mspatcha.dll - ok
14:31:55.0936 0376  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
14:31:55.0936 0376  C:\WINDOWS\system32\shfolder.dll - ok
14:31:55.0966 0376  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
14:31:55.0966 0376  C:\WINDOWS\system32\mstlsapi.dll - ok
14:31:56.0026 0376  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
14:31:56.0026 0376  C:\WINDOWS\system32\wups.dll - ok
14:31:56.0076 0376  [ E493F1F89E323CF87CC7D1C204D6F93C ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll
14:31:56.0076 0376  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll - ok
14:31:56.0156 0376  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
14:31:56.0156 0376  C:\WINDOWS\system32\wups2.dll - ok
14:31:56.0186 0376  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
14:31:56.0186 0376  C:\WINDOWS\system32\wuauclt.exe - ok
14:31:56.0276 0376  [ A1C168B6E2BD515CFEFC17DB5D9A17AC ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll
14:31:56.0276 0376  C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll - ok
14:31:56.0336 0376  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
14:31:56.0336 0376  C:\WINDOWS\system32\msxml4.dll - ok
14:31:56.0447 0376  [ 2F25B52B0CF0F6F5BE2D789181D61735 ] C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll
14:31:56.0447 0376  C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll - ok
14:31:56.0487 0376  [ C67C8C254BE264159C45B78BA1838CA8 ] C:\Program Files\McAfee\MSC\mcoemres.dll
14:31:56.0487 0376  C:\Program Files\McAfee\MSC\mcoemres.dll - ok
14:31:56.0597 0376  [ 4971E9884FF911D681C54C3B9E59D6B0 ] C:\Program Files\McAfee\MSC\oemui.dll
14:31:56.0597 0376  C:\Program Files\McAfee\MSC\oemui.dll - ok
14:31:56.0647 0376  [ 45AF9B0A6C6A09D848CAC557DD036971 ] C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
14:31:56.0647 0376  C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
14:31:56.0697 0376  [ 720BBC29A495F39E688E5F8114854C4F ] C:\Program Files\McAfee\MSC\mcprlres.dll
14:31:56.0697 0376  C:\Program Files\McAfee\MSC\mcprlres.dll - ok
14:31:56.0767 0376  [ 32D2C44247C8F9CAC70DE1F3AE121964 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll
14:31:56.0767 0376  C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll - ok
14:31:56.0867 0376  [ 1CB4A2A94FB84EB094350889ED6E69F9 ] C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll
14:31:56.0867 0376  C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll - ok
14:31:56.0927 0376  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Chris\LOCALS~1\temp\858F2815-3861-400D-9DE3-3460095CBB6B.exe
14:31:56.0927 0376  C:\DOCUME~1\Chris\LOCALS~1\temp\858F2815-3861-400D-9DE3-3460095CBB6B.exe - ok
14:31:56.0987 0376  [ D3AA7664DE86FDB2125F48D393A486B3 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
14:31:56.0987 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
14:31:57.0037 0376  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
14:31:57.0037 0376  C:\WINDOWS\system32\rundll32.exe - ok
14:31:57.0098 0376  [ 7A31C214FB5F29EB4F17E4BDB7EFAB6A ] C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
14:31:57.0098 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll - ok
14:31:57.0158 0376  [ B8E7CCBA9D269630609FA736CCB6354B ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
14:31:57.0158 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
14:31:57.0218 0376  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
14:31:57.0218 0376  C:\WINDOWS\system32\ipnathlp.dll - ok
14:31:57.0278 0376  [ 43EF8CA8FA9DC5F998FBC4C12C9556E2 ] C:\Program Files\McAfee\SiteAdvisor\sahook.dll
14:31:57.0278 0376  C:\Program Files\McAfee\SiteAdvisor\sahook.dll - ok
14:31:57.0328 0376  [ 6B6C210459DB60C3C8A863855A5779EC ] C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll
14:31:57.0328 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll - ok
14:31:57.0388 0376  [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
14:31:57.0388 0376  C:\WINDOWS\system32\searchindexer.exe - ok
14:31:57.0448 0376  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
14:31:57.0448 0376  C:\WINDOWS\system32\wscsvc.dll - ok
14:31:57.0538 0376  [ 29F0FD02453EC44991856EBB1B37C3EF ] C:\PROGRA~1\McAfee\VIRUSS~1\mvsap.dll
14:31:57.0538 0376  C:\PROGRA~1\McAfee\VIRUSS~1\mvsap.dll - ok
14:31:57.0608 0376  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:31:57.0608 0376  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:31:57.0708 0376  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:31:57.0708 0376  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:31:57.0799 0376  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:31:57.0799 0376  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:31:57.0829 0376  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
14:31:57.0829 0376  C:\WINDOWS\system32\wbem\esscli.dll - ok
14:31:57.0889 0376  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
14:31:57.0889 0376  C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:31:57.0949 0376  [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
14:31:57.0949 0376  C:\WINDOWS\system32\tquery.dll - ok
14:31:58.0009 0376  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:31:58.0009 0376  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:31:58.0099 0376  [ 50467C1155489B46F063D6E033AC10AB ] C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
14:31:58.0099 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll - ok
14:31:58.0149 0376  [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
14:31:58.0149 0376  C:\WINDOWS\system32\propsys.dll - ok
14:31:58.0219 0376  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:31:58.0219 0376  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:31:58.0329 0376  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:31:58.0329 0376  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:31:58.0409 0376  [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
14:31:58.0409 0376  C:\WINDOWS\system32\mssrch.dll - ok
14:31:58.0470 0376  [ 80A617849B004D1C6C4BEAB7AA86F021 ] C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mcscan32.dll
14:31:58.0470 0376  C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mcscan32.dll - ok
14:31:58.0570 0376  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:31:58.0570 0376  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:31:58.0640 0376  [ FD83993DBFEC4EEE7C13BC8FA74DFACC ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
14:31:58.0640 0376  C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
14:31:58.0700 0376  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
14:31:58.0700 0376  C:\WINDOWS\system32\wuapi.dll - ok
14:31:58.0750 0376  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
14:31:58.0750 0376  C:\WINDOWS\system32\dbghelp.dll - ok
14:31:58.0810 0376  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\23710231.sys
14:31:58.0810 0376  C:\WINDOWS\system32\drivers\23710231.sys - ok
14:31:58.0890 0376  [ 8577D6F0173EF809FD6FEC93B495B194 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
14:31:58.0890 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
14:31:58.0990 0376  [ 449C611308F52932C85468BA0E91B4A7 ] C:\WINDOWS\system32\drivers\mfeapfk.sys
14:31:58.0990 0376  C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
14:31:59.0030 0376  [ 8CD7F18D1EF09160FD201446CA70A2FD ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
14:31:59.0030 0376  C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
14:31:59.0110 0376  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
14:31:59.0110 0376  C:\WINDOWS\system32\msidle.dll - ok
14:31:59.0171 0376  [ F721987C5A710EF2EDA2CBA9CFFAFAF7 ] C:\Program Files\Common Files\McAfee\MNA\McNASvc.dll
14:31:59.0171 0376  C:\Program Files\Common Files\McAfee\MNA\McNASvc.dll - ok
14:31:59.0221 0376  [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
14:31:59.0221 0376  C:\WINDOWS\system32\query.dll - ok
14:31:59.0251 0376  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
14:31:59.0251 0376  C:\WINDOWS\system32\xmllite.dll - ok
14:31:59.0321 0376  [ BE65496CAB4125D087AFAD5CAED85912 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
14:31:59.0321 0376  C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll - ok
14:31:59.0391 0376  [ 6C169A7B9CD228CD56BD95814EBC6194 ] C:\Program Files\Common Files\McAfee\NMC\McNmcSrv.dll
14:31:59.0391 0376  C:\Program Files\Common Files\McAfee\NMC\McNmcSrv.dll - ok
14:31:59.0501 0376  [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui
14:31:59.0501 0376  C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
14:31:59.0541 0376  [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
14:31:59.0541 0376  C:\WINDOWS\system32\msscb.dll - ok
14:31:59.0611 0376  [ B17440A103BC883B57974D63F43B7485 ] C:\Program Files\Common Files\McAfee\NMC\McDisc.dll
14:31:59.0611 0376  C:\Program Files\Common Files\McAfee\NMC\McDisc.dll - ok
14:31:59.0651 0376  [ A518D3C9FB121F0F37F86B3F1F5D1C32 ] C:\Program Files\Common Files\McAfee\NMC\McNDSv.dll
14:31:59.0651 0376  C:\Program Files\Common Files\McAfee\NMC\McNDSv.dll - ok
14:31:59.0701 0376  [ 355DB4F5E585CA04C08519CE98CD5CA2 ] C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
14:31:59.0701 0376  C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
14:31:59.0781 0376  [ B8491A0D064E79B633BA58BE13DB61F5 ] C:\PROGRA~1\McAfee\MSC\mcsubmgr\11_6_4~2\mcsubmgr.dll
14:31:59.0781 0376  C:\PROGRA~1\McAfee\MSC\mcsubmgr\11_6_4~2\mcsubmgr.dll - ok
14:31:59.0821 0376  [ B01860E256305C775C4678F66710AA60 ] C:\PROGRA~1\McAfee\MSC\McMscShm.dll
14:31:59.0821 0376  C:\PROGRA~1\McAfee\MSC\McMscShm.dll - ok
14:31:59.0852 0376  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
14:31:59.0852 0376  C:\WINDOWS\system32\msxml6.dll - ok
14:31:59.0902 0376  [ 43979C30662F322E720B50B3D95F5D95 ] C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
14:31:59.0902 0376  C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
14:31:59.0942 0376  [ 8105C7F211FADE04311219F0F6F41563 ] C:\Program Files\Common Files\McAfee\VSCore\lockdown.dll
14:31:59.0942 0376  C:\Program Files\Common Files\McAfee\VSCore\lockdown.dll - ok
14:32:00.0032 0376  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
14:32:00.0032 0376  C:\WINDOWS\system32\upnp.dll - ok
14:32:00.0082 0376  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
14:32:00.0082 0376  C:\WINDOWS\system32\ssdpapi.dll - ok
14:32:00.0162 0376  [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
14:32:00.0162 0376  C:\WINDOWS\system32\perfproc.dll - ok
14:32:00.0242 0376  [ 566B1A3DF999E8B0C5C4778F66119E91 ] C:\Program Files\McAfee\MPF\L10N.dll
14:32:00.0242 0376  C:\Program Files\McAfee\MPF\L10N.dll - ok
14:32:00.0272 0376  [ A75338FABF3C24EBC4058FAF8A7203D7 ] C:\PROGRA~1\McAfee\MPF\MpfShm.dll
14:32:00.0272 0376  C:\PROGRA~1\McAfee\MPF\MpfShm.dll - ok
14:32:00.0312 0376  [ 9BD0C29C5C78C74A8D177399F07BD194 ] C:\PROGRA~1\McAfee\VIRUSS~1\McOasShm.dll
14:32:00.0312 0376  C:\PROGRA~1\McAfee\VIRUSS~1\McOasShm.dll - ok
14:32:00.0392 0376  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
14:32:00.0392 0376  C:\WINDOWS\system32\rasmans.dll - ok
14:32:00.0442 0376  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
14:32:00.0442 0376  C:\WINDOWS\system32\winipsec.dll - ok
14:32:00.0522 0376  [ 57479E5BF0B7B97112354E5ECA8EEFB1 ] C:\WINDOWS\system32\drivers\cfwids.sys
14:32:00.0522 0376  C:\WINDOWS\system32\drivers\cfwids.sys - ok
14:32:00.0553 0376  [ 2B77EF36F06ED282814B38243E92E32B ] C:\PROGRA~1\McAfee\MPS\MpsShim.dll
14:32:00.0553 0376  C:\PROGRA~1\McAfee\MPS\MpsShim.dll - ok
14:32:00.0603 0376  [ F158180ACE853C7C698C4B905B3E6CB5 ] C:\PROGRA~1\McAfee\MPS\MPSMisp.dll
14:32:00.0603 0376  C:\PROGRA~1\McAfee\MPS\MPSMisp.dll - ok
14:32:00.0653 0376  [ D390CDA2D132C6D8CC27DB7E007970FA ] C:\PROGRA~1\McAfee\MSC\mcmispps.dll
14:32:00.0653 0376  C:\PROGRA~1\McAfee\MSC\mcmispps.dll - ok
14:32:00.0713 0376  [ 2B6CB9E78F40B3A7B857548495A6D99D ] C:\PROGRA~1\McAfee\MPS\mpscfg.dll
14:32:00.0713 0376  C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
14:32:00.0793 0376  [ C797FF930E512C0EF5EC5B4335534030 ] C:\Program Files\Java\jre7\bin\awt.dll
14:32:00.0793 0376  C:\Program Files\Java\jre7\bin\awt.dll - ok
14:32:00.0853 0376  [ DD44698A92280B41D2140B7C9B4DBAB7 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
14:32:00.0853 0376  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
14:32:00.0873 0376  [ 35ED0DBE578F30F68211BA22A8D16857 ] C:\Program Files\Java\jre7\bin\dcpr.dll
14:32:00.0873 0376  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
14:32:00.0953 0376  [ 04B0CFF85D5225ADE066C4AD233ACD89 ] C:\Program Files\Java\jre7\bin\deploy.dll
14:32:00.0953 0376  C:\Program Files\Java\jre7\bin\deploy.dll - ok
14:32:00.0993 0376  [ B0BB987E66461EADFB4333C87BB357E2 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
14:32:00.0993 0376  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
14:32:01.0033 0376  [ E760BA96E51505EFD60144B7AFEF3BDD ] C:\Program Files\Java\jre7\bin\java.dll
14:32:01.0033 0376  C:\Program Files\Java\jre7\bin\java.dll - ok
14:32:01.0103 0376  [ 959063AAAC7E288B1AF52F94D9C22188 ] C:\Program Files\Java\jre7\bin\javaw.exe
14:32:01.0103 0376  C:\Program Files\Java\jre7\bin\javaw.exe - ok
14:32:01.0123 0376  [ 03CF355CD7346F4A03FA253C64E07E70 ] C:\Program Files\Java\jre7\bin\jp2native.dll
14:32:01.0123 0376  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
14:32:01.0203 0376  [ 173D39D9DAF591BD735631DD2EADD2F1 ] C:\Program Files\Java\jre7\bin\jpeg.dll
14:32:01.0203 0376  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
14:32:01.0254 0376  [ E30A866E61A0947F947ED89D973D0EAE ] C:\Program Files\Java\jre7\bin\net.dll
14:32:01.0254 0376  C:\Program Files\Java\jre7\bin\net.dll - ok
14:32:01.0314 0376  [ 992A7A3B2B0E8552DF00C811ECF4E859 ] C:\Program Files\Java\jre7\bin\nio.dll
14:32:01.0314 0376  C:\Program Files\Java\jre7\bin\nio.dll - ok
14:32:01.0394 0376  [ A952235FF6F4AA10BFC0D78F7C1616A1 ] C:\Program Files\Java\jre7\bin\verify.dll
14:32:01.0394 0376  C:\Program Files\Java\jre7\bin\verify.dll - ok
14:32:01.0424 0376  [ 473F2FD44322C71C48BF67D593FCA07D ] C:\Program Files\Java\jre7\bin\zip.dll
14:32:01.0424 0376  C:\Program Files\Java\jre7\bin\zip.dll - ok
14:32:01.0474 0376  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
14:32:01.0474 0376  C:\WINDOWS\system32\advpack.dll - ok
14:32:01.0524 0376  [ 77B31F68988E3CE16D49313A3B67C49F ] C:\PROGRA~1\McAfee\SITEAD~1\MCSACO~1.DLL
14:32:01.0524 0376  C:\PROGRA~1\McAfee\SITEAD~1\MCSACO~1.DLL - ok
14:32:01.0584 0376  ============================================================
14:32:01.0584 0376  Scan finished
14:32:01.0584 0376  ============================================================
14:32:01.0674 0460  Detected object count: 0
14:32:01.0674 0460  Actual detected object count: 0
14:32:18.0649 1028  Deinitialize success
 



#9 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 12:46 PM

eset found one infected file:

 

a variant of win32\SoftonicDownloader.e

 

uninstalled and deleted.

 

All best.

 

Chris.



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 03 March 2013 - 01:47 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#11 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 03 March 2013 - 03:02 PM

Hi Narenxp,

 

I'll work my way through the list, and probably be able to post the logs tomorrow.

 

Many thanks for your help so far.

 

All best,

 

Chris.



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 03 March 2013 - 03:35 PM

:thumbup2:



#13 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 05 March 2013 - 07:31 AM

Hi again narenxp,

 

I've run the tools you suggested. Here are the logs:

 

MalwareBytes:

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.04.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
 :: CHRISSIELAPTOP [administrator]

Protection: Enabled

04/03/2013 19:42:41
mbam-log-2013-03-04 (19-42-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213705
Time elapsed: 19 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

Mini Toolbox:

 

MiniToolBox by Farbar  Version:01-03-2013
Ran by Chris (administrator) on 03-03-2013 at 23:29:16
Running from "C:\Documents and Settings\Chris\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [CHRISSIELAPTOP]. Some commands may not be available.
The specified module could not be found.



# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : chrissielaptop

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : home



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . : home

        Description . . . . . . . . . . . : Dell Wireless 1450 Dual Band WLAN Mini-PCI Card

        Physical Address. . . . . . . . . : 00-90-4B-8B-22-07

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.70

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.254

        DHCP Server . . . . . . . . . . . : 192.168.1.254

        DNS Servers . . . . . . . . . . . : 192.168.1.254

        Lease Obtained. . . . . . . . . . : 03 March 2013 18:25:50

        Lease Expires . . . . . . . . . . : 04 March 2013 18:25:50



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-11-43-6E-97-04

Server:  BThomehub.home
Address:  192.168.1.254

Name:    google.com
Addresses:  173.194.34.102, 173.194.34.101, 173.194.34.110, 173.194.34.97
      173.194.34.103, 173.194.34.104, 173.194.34.100, 173.194.34.98, 173.194.34.105
      173.194.34.96, 173.194.34.99



Pinging google.com [173.194.34.110] with 32 bytes of data:



Reply from 173.194.34.110: bytes=32 time=23ms TTL=52

Reply from 173.194.34.110: bytes=32 time=25ms TTL=52



Ping statistics for 173.194.34.110:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 23ms, Maximum = 25ms, Average = 24ms

Server:  BThomehub.home
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=527ms TTL=42

Reply from 206.190.36.45: bytes=32 time=444ms TTL=43



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 444ms, Maximum = 527ms, Average = 485ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 90 4b 8b 22 07 ...... Dell Wireless 1450 Dual Band WLAN Mini-PCI Card - McAfee Core NDIS Intermediate Filter Miniport
0x10004 ...00 11 43 6e 97 04 ...... Broadcom 440x 10/100 Integrated Controller - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.70      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0     192.168.1.70    192.168.1.70      25
     192.168.1.70  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.1.255  255.255.255.255     192.168.1.70    192.168.1.70      25
        224.0.0.0        240.0.0.0     192.168.1.70    192.168.1.70      25
  255.255.255.255  255.255.255.255     192.168.1.70           10004      1
  255.255.255.255  255.255.255.255     192.168.1.70    192.168.1.70      1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/03/2013 06:33:19 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\BT NETPROTECT PLUS.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/03/2013 06:33:19 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\BT NETPROTECT PLUS.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/03/2013 06:25:46 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (03/03/2013 06:25:45 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (03/03/2013 06:13:42 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\CHRIS\MY DOCUMENTS\ANTI-MALWARE\TDSSKILLER\TDSSKILLER.EXE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/03/2013 06:05:42 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (03/03/2013 06:05:42 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (03/03/2013 02:37:15 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3060 (0xbf4)

Thread address : 0x7C90E514

Thread message :

 Build VSCORE.15.1.0.519 / 5500.1093
 Object being scanned = \Device\HarddiskVolume2\Program Files\McAfee\SiteAdvisor\saUI.exe
 by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (03/03/2013 02:28:20 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (03/03/2013 02:28:20 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.


System errors:
=============
Error: (03/03/2013 06:34:14 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/03/2013 06:26:26 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/03/2013 06:25:13 PM) (Source: 0) (User: )
Description: 0xC000024321040595.sysHarddiskVolume2

Error: (03/03/2013 06:23:22 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/03/2013 06:10:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout.

Error: (03/03/2013 06:08:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (03/03/2013 05:47:51 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/03/2013 02:42:43 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (03/03/2013 02:38:45 PM) (Source: DCOM) (User: CHRISSIELAPTOP)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.

Error: (03/03/2013 02:35:49 PM) (Source: DCOM) (User: CHRISSIELAPTOP)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

115
32 Bit HP CIO Components Installer (Version: 7.1.8)
AccessDirect
Acrobat.com (Version: 1.7.186)
Adobe AIR (Version: 1.5.1.8210)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Broadcom 440x 10/100 Integrated Controller (Version: 5.04.02)
BT NetProtect Plus (Version: 11.6.477)
CodeBlocks (Version: 12.11)
Conexant D480 MDC V.92 Modem
Crash Analysis Tool (Version: 1.00.0001)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support Center (Version: 3.2.6032.125)
Dell System Detect (Version: 3.3.2.0)
Dell Wireless WLAN Card (Version: 4.100.15.8)
DocProc (Version: 10.0.0.0)
DocProcQFolder (Version: 1.00.0000)
HPSSupply (Version: 100.0.170.000)
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 4.9.0 (Full) (Version: 4.9.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MaxIm DL V5 (Version: 5.23)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
overland (Version: 2.1.5)
PowerDVD
QuickSet (Version: 7.1.10)
RegCure (Version: 3.0.3.0)
SeaTrak (Version: 8.0.6.1)
Shared C Run-time for x86 (Version: 10.0.0)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (Version: 5.40.29)
Skype Click to Call (Version: 6.6.11664)
Skype™ 6.2 (Version: 6.2.106)
Sonic DLA (Version: 4.95)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
Stellarium 0.11.4 (Version: 0.11.4)
Ubuntu (Version: 12.10-rev273)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Backup Utility (Version: 5.1)
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (Version: 02/23/2007 2.5.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
Windows Support Tools (Version: 5.1.2600.2180)
Windows XP Service Pack 3 (Version: 20080414.031525)


========================= Devices: ================================

Could not list devices.

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 2046.33 MB
Available physical RAM: 1469.91 MB
Total Pagefile: 3432.3 MB
Available Pagefile: 2829.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:34.43 GB) (Free:13.21 GB) NTFS
3 Drive e: (LEXAR_256MB) (Removable) (Total:0.24 GB) (Free:0.22 GB) FAT32

========================= Users: ========================================

User accounts for \\CHRISSIELAPTOP

Administrator            Chris                    Guest                    
HelpAssistant            SUPPORT_388945a0         


**** End of log ****
 

 

Service Scanner:

 

Farbar Service Scanner Version: 03-03-2013
Ran by Chris (administrator) on 05-03-2013 at 11:24:27
Running from "C:\Documents and Settings\Chris\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2009-04-25 22:01] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-12 08:05] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSec(5) mfetdi2k(9) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000009000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

 

 

Adware Cleaner:

 

# AdwCleaner v2.114 - Logfile created 03/05/2013 at 11:28:24
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Chris - CHRISSIELAPTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Chris\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Chris\Application Data\DataMgr

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Softonic

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\nr0xssvw.default-1361973954504\prefs.js

Deleted : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=sfuk206&q=[...]
Deleted : user_pref("keyword.URL", "hxxp://search.fbdownloader.com/search.php?channel=sfuk206&q=");

*************************

AdwCleaner[S1].txt - [1154 octets] - [05/03/2013 11:28:24]

########## EOF - C:\AdwCleaner[S1].txt - [1214 octets] ##########
 

 

JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.8 (03.04.2013:1)
OS: Microsoft Windows XP x86
Ran by Chris on 05/03/2013 at 11:47:16.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Chris\Application Data\mozilla\firefox\profiles\nr0xssvw.default-1361973954504\prefs.js

user_pref("browser.newtabpage.blocked", "{\"VuQnrwh4ve/1J7RJVFTB4w==\":1,\"/zhl+RENfN4sJMjuv9g06Q==\":1,\"Um5KEHRYRDkYb/XqWDO+JQ==\":1,\"ivuNlAHtugvLST23UrWEew==\":1,\"EKUVygR





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/03/2013 at 12:06:58.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

RKill log

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/05/2013 12:11:33 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\System32\WLTRYSVC.EXE (PID: 1680) [WD-HEUR]
 * C:\WINDOWS\System32\bcmwltry.exe (PID: 1728) [WD-HEUR]
 * C:\WINDOWS\system32\WLTRAY.exe (PID: 3232) [WD-HEUR]
 * C:\WINDOWS\system32\dla\tfswctrl.exe (PID: 1172) [WD-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/05/2013 12:13:55 PM
Execution time: 0 hours(s), 2 minute(s), and 22 seconds(s)
 

 

Autoruns log:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Broadcom Wireless Manager UI"    "Dell Wireless WLAN Card Wireless Network Tray Applet"    "Dell Inc."    "c:\windows\system32\wltray.exe"
+ "DadApp"    ""    ""    "c:\program files\dell\accessdirect\dadapp.exe"
+ "Dell QuickSet"    "QuickSet"    "Dell Inc"    "c:\program files\dell\quickset\quickset.exe"
+ "dla"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfswctrl.exe"
+ "igfxhkcmd"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "igfxpers"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "igfxtray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "mcui_exe"    "McAfee Security Center"    "McAfee, Inc."    "c:\program files\mcafee.com\agent\mcagent.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "application/x-mfe-ipt"    "McAfee MSC IE plugin DLL"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcsniepl.dll"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
+ "dssrequest"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "sacore"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "skype-ie-addon-data"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Windows Desktop Search Namespace Manager"    "Windows Search Namespace Manager"    "Microsoft Corporation"    "c:\program files\windows desktop search\msnlnamespacemgr.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\documents and settings\chris\desktop\manybuildingsaremetal\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\documents and settings\chris\desktop\manybuildingsaremetal\mbamext.dll"
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DriveLetterAccess"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfswshx.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
+ "scriptproxy"    "VSCore Script Scanner"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\scriptsn.20120713114603.dll"
+ "Skype Browser Helper"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""
+ "McAfee SiteAdvisor Toolbar"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "S&end to OneNote"    "Microsoft Office OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"    ""    ""    ""
X "ConfigExec.job"    "Microsoft Automated Troubleshooting Service Client"    "Microsoft Corporation"    "c:\program files\microsoft fix it center\matsapi.dll"
+ "PCDoctorBackgroundMonitorTask.job"    "PC-Doctor Module"    "PC-Doctor, Inc."    "c:\program files\dell support center\uaclauncher.exe"
+ "RegCure Pro.job"    "RegCure Pro"    "ParetoLogic, Inc."    "c:\program files\paretologic\regcure pro\regcurepro.exe"
+ "RegCure Program Check.job"    "RegCure Application"    ""    "c:\program files\regcure\regcure.exe"
+ "RegCure.job"    "RegCure Application"    ""    "c:\program files\regcure\regcure.exe"
+ "SystemToolsDailyTest.job"    "PC-Doctor Module"    "PC-Doctor, Inc."    "c:\program files\dell support center\uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "hpdj3600"    ""    ""    "File not found: C:\DOCUME~1\Chrissie\LOCALS~1\Temp\hpdj3600.exe -servicerunning=true -uninstall=hp deskjet 3600 series -product=3600"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"
+ "MatSvc"    "Microsoft Automated Troubleshooting Service"    "Microsoft Corporation"    "c:\program files\microsoft fix it center\matsvc.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\documents and settings\chris\desktop\manybuildingsaremetal\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\documents and settings\chris\desktop\manybuildingsaremetal\mbamservice.exe"
+ "McAfee SiteAdvisor Service"    "Provides low-level support for McAfee SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcsacore.exe"
+ "McMPFSvc"    "Helps protect your computer from intrusion and let's you manage your computer's trusted programs."    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc"    "McAfee Services"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn"    "McAfee VirusScan Announcer"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc"    "Allows McAfee applications to communicate securely on the local network."    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS"    "McAfee Scanner"    "McAfee, Inc."    "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy"    "McAfee Proxy Service"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield"    "McAfee OnAccess Scanner"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire"    "Provides firewall services to McAfee products"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp"    "Provides validation trust protection services"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12"    "Dot4Net Module"    "Hewlett-Packard"    "c:\windows\system32\hpzinw12.dll"
+ "NICCONFIGSVC"    "Configure your Internal Network Card power management settings."    "Dell Inc."    "c:\program files\dell\quickset\nicconfigsvc.exe"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12"    "PmlDrv Module"    "Hewlett-Packard"    "c:\windows\system32\hpzipm12.dll"
+ "Skype C2C Service"    "Skype Click to Call Update Service"    "Skype Technologies S.A."    "c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files\skype\updater\updater.exe"
+ "wltrysvc"    "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant."    ""    "c:\windows\system32\wltrysvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "APPDRV"    "App Support Driver"    "Dell Inc"    "c:\windows\system32\drivers\appdrv.sys"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl5.sys"
+ "bcm4sbxp"    "Broadcom Corporation NDIS 5.1 ethernet driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcm4sbxp.sys"
+ "btkrnl"    ""    ""    "File not found: system32\DRIVERS\btkrnl.sys"
+ "catchme"    ""    ""    "File not found: C:\DOCUME~1\Chris\LOCALS~1\Temp\catchme.sys"
+ "cfwids"    "McAfee Personal Firewall IDS Plugin"    "McAfee, Inc."    "c:\windows\system32\drivers\cfwids.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "drvmcdb"    "Device Driver"    "Sonic Solutions"    "c:\windows\system32\drivers\drvmcdb.sys"
+ "drvnddm"    "Device Driver Manager"    "Sonic Solutions"    "c:\windows\system32\drivers\drvnddm.sys"
+ "HipShieldK"    "McAfee HIP IPS Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\hipshieldk.sys"
+ "HSF_DP"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsf_dp.sys"
+ "HSF_DPV"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsf_dpv.sys"
+ "HSFHWICH"    "HSFHWICH WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsfhwich.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm"    "Intel Graphics Miniport Driver"    "Intel Corporation"    "c:\windows\system32\drivers\ialmnt5.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MaxImIO"    "MaxIm Port I/O"    "Diffraction Limited"    "c:\windows\system32\drivers\maximio.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MFE_RR"    ""    ""    "File not found: C:\DOCUME~1\Chris\LOCALS~1\Temp\mfe_rr.sys"
+ "mfeapfk"    "Access Protection Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk"    "Anti-Virus File System Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\mfeavfk01.sys"
+ "mfebopk"    "Buffer Overflow Protection Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfebopk.sys"
+ "mfefirek"    "McAfee Core Firewall Engine Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk"    "McAfee Link Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfehidk.sys"
+ "mfendisk"    "McAfee NDIS Intermediate Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfendisk.sys"
+ "mfendiskmp"    "McAfee NDIS Intermediate Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfendisk.sys"
+ "mferkdet"    "McAfee Code Analysis Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mferkdet.sys"
+ "mfetdi2k"    "Anti-Virus Mini-Firewall Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfetdi2k.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "silabenm"    "Silicon Labs VCP Serial Enumerator"    "Silicon Laboratories, Inc."    "c:\windows\system32\drivers\silabenm.sys"
+ "silabser"    "Silicon Labs CP210x USB to UART Bridge Driver"    "Silicon Laboratories"    "c:\windows\system32\drivers\silabser.sys"
+ "sscdbhk5"    "Shared Driver Component"    "Sonic Solutions"    "c:\windows\system32\drivers\sscdbhk5.sys"
+ "ssrtln"    "Shared Driver Component"    "Sonic Solutions"    "c:\windows\system32\drivers\ssrtln.sys"
+ "STAC97"    "SigmaTel Audio Driver (WDM)"    "SigmaTel, Inc."    "c:\windows\system32\drivers\stac97.sys"
+ "StarOpen"    ""    ""    "c:\windows\system32\drivers\staropen.sys"
+ "tfsnboio"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnboio.sys"
+ "tfsncofs"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsncofs.sys"
+ "tfsndrct"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsndrct.sys"
+ "tfsndres"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsndres.sys"
+ "tfsnifs"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnifs.sys"
+ "tfsnopio"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnopio.sys"
+ "tfsnpool"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnpool.sys"
+ "tfsnudf"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnudf.sys"
+ "tfsnudfa"    "Drive Letter Access Component"    "Sonic Solutions"    "c:\windows\system32\dla\tfsnudfa.sys"
+ "UIUSys"    ""    ""    "File not found: system32\drivers\UIUSys.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsf_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.ac3acm"    "AC-3 ACM Codec"    "fccHandler"    "c:\windows\system32\ac3acm.acm"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.lameacm"    "Lame MP3 codec engine"    "http://www.mp3dev.org/"    "c:\windows\system32\lameacm.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.DIVX"    "DivX"    "DivX, Inc."    "c:\windows\system32\divx.dll"
+ "VIDC.FFDS"    ""    ""    "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "VIDC.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"
+ "VIDC.YV12"    "Helix YV12 YUV Codec"    "www.helixcommunity.org"    "c:\windows\system32\yv12vfw.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "AC3File"    ""    ""    "c:\program files\k-lite codec pack\filters\ac3file.ax"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "AVIMaker Source Filter"    "VideoDS DLL"    ""    "c:\program files\diffraction limited\maxim dl v5\ccdplugvideods.dll"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "CoreVorbis Audio Decoder"    "CoreVorbis"    "-"    "c:\program files\k-lite codec pack\filters\corevorbis.ax"
+ "CyberLink Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD6)"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD6)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink AudioCD Filter (PDVD6)"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demux (PDVD6)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DVD Navigator (PDVD6)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PDVD6)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clline21.ax"
+ "Cyberlink SubTitle Importor (PDVD6)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD6)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "CyberLink Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder (PDVD9)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\k-lite codec pack\filters\clvsd.ax"
+ "DC-Bass Source"    "DirectShow™ Audio Decoder"    "http://www.dsp-worx.de"    "c:\program files\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)"    ""    ""    "c:\program files\k-lite codec pack\filters\monkeysource.ax"
+ "FLV Source"    "FLV Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV Splitter"    "FLV Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV4 Video Decoder"    "FLV Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer"    "Haali Media Splitter"    ""    "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)"    "Haali Media Splitter"    ""    "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer"    ""    ""    "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink"    "Haali Media Splitter"    ""    "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "madFlac Decoder"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source"    "DirectShow FLAC Decoder"    "www.madshi.net"    "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "MONOGRAM AMR Decoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter"    "AMR Filter Pack"    "MONOGRAM Multimedia, s.r.o."    "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder"    "mmmpcdec"    ""    "c:\program files\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter"    "mmmpcdmx"    ""    "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MP4 Source"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MP4 Splitter"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)"    "Mpeg Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)"    "Mpeg Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "MPEG4 Video Source"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPEG4 Video Splitter"    "MP4 Splitter"    "Gabest"    "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "T"    "VP7 Decompression Filter"    "On2.com Inc."    "c:\program files\k-lite codec pack\filters\vp7dec.ax"
+ "WavPack Audio Decoder"    "WavPack Audio DirectShow Decoder"    "-"    "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter"    "WavPack Audio DirectShow Splitter"    "-"    "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "hpzsnt09"    ""    "HP"    "c:\windows\system32\hpzsnt09.dll"
+ "PCL hpz3l5mu"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpz3l5mu.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""
+ "BCMLogon"    "Dell Wireless WLAN Card Logon Provider"    "Dell Inc."    "c:\windows\system32\bcmlogon.dll"
 

 

All best,

 

Chris.



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 05 March 2013 - 07:36 AM

Current issues?



#15 tuskerknee

tuskerknee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:58 AM

Posted 05 March 2013 - 07:45 AM

My computer now boots up in a reasonable time, but I'm still getting:

 

[TimeStamp: 20130305124250]


Rootkit Remover v0.8.9.160 [Dec  4 2012 - 17:44:01]

McAfee Labs.

Windows build 5.1.2600 x86 Service Pack 3

Checking for updates ...

Now Scanning...

    Malware Found --> ZeroAccess trojan detected!!!

    --> Registry key: HKEY_CLASSES_ROOT\CLSID\{f3130cdb-aa52-4c3a-ab32-85ffc23af9c1}\InprocServer32 ( fixed )

    --> Registry key: HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 ( fixed )

    --> Malicious file: C:\WINDOWS\system32\wbem\fastprox.dll ( will be deleted after restart )

    ZeroAccess trojan was cleaned successfully!


Scan Finished

PLEASE REBOOT IMMEDIATELY TO COMPLETE CLEANING.


Other recommendations:

   1. Perform full scan with McAfee VirusScan product after reboot.


Press any key to exit.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users