Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this malware?


  • Please log in to reply
26 replies to this topic

#1 Ktze Hut

Ktze Hut

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 10 March 2013 - 04:04 PM

Hi, a friend downloaded and installed a program by the name of FastAgain PC Booster with the intention of 'cleaning up' his computer. After several seemingly bogus alerts, I suggested he uninstall it, which he did, only to have the program reappear on his machine.

Is this program malware? How to continue from here?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 10 March 2013 - 04:36 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 06:38 AM

Hi, attached are the logs as you instructed. Thx!

 

 

14:57:39.0044 0292  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:57:41.0067 0292  ============================================================
14:57:41.0077 0292  Current date / time: 2013/03/10 14:57:41.0067
14:57:41.0077 0292  SystemInfo:
14:57:41.0077 0292  
14:57:41.0077 0292  OS Version: 5.1.2600 ServicePack: 3.0
14:57:41.0077 0292  Product type: Workstation
14:57:41.0077 0292  ComputerName: IBM-CC607A0F135
14:57:41.0077 0292  UserName: User
14:57:41.0077 0292  Windows directory: C:\WINDOWS
14:57:41.0077 0292  System windows directory: C:\WINDOWS
14:57:41.0077 0292  Processor architecture: Intel x86
14:57:41.0077 0292  Number of processors: 1
14:57:41.0077 0292  Page size: 0x1000
14:57:41.0077 0292  Boot type: Normal boot
14:57:41.0077 0292  ============================================================
14:57:45.0463 0292  BG loaded
14:57:47.0215 0292  Drive \Device\Harddisk0\DR0 - Size: 0x877A7E400 (33.87 Gb), SectorSize: 0x200, Cylinders: 0x1259, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
14:57:47.0566 0292  ============================================================
14:57:47.0566 0292  \Device\Harddisk0\DR0:
14:57:47.0666 0292  MBR partitions:
14:57:47.0666 0292  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x43BA851
14:57:47.0666 0292  ============================================================
14:57:48.0067 0292  C: <-> \Device\Harddisk0\DR0\Partition1
14:57:48.0507 0292  ============================================================
14:57:48.0507 0292  Initialize success
14:57:48.0507 0292  ============================================================
14:57:54.0115 2452  ============================================================
14:57:54.0115 2452  Scan started
14:57:54.0115 2452  Mode: Manual; 
14:57:54.0115 2452  ============================================================
14:58:01.0336 2452  ================ Scan system memory ========================
14:58:01.0336 2452  System memory - ok
14:58:01.0346 2452  ================ Scan services =============================
14:58:02.0457 2452  Abiosdsk - ok
14:58:02.0497 2452  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
14:58:02.0497 2452  abp480n5 - ok
14:58:02.0537 2452  [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys
14:58:02.0587 2452  ac97intc - ok
14:58:02.0688 2452  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:58:02.0758 2452  ACPI - ok
14:58:02.0818 2452  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:58:02.0818 2452  ACPIEC - ok
14:58:02.0898 2452  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\System32\DRIVERS\adpu160m.sys
14:58:02.0968 2452  adpu160m - ok
14:58:03.0038 2452  [ 2C5B1F8142A96233C07C93328B5EA635 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys
14:58:03.0379 2452  aeaudio - ok
14:58:03.0439 2452  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:58:03.0439 2452  aec - ok
14:58:03.0659 2452  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:58:03.0669 2452  AFD - ok
14:58:03.0919 2452  [ AFF071B6290776E1FA162837C35EAC78 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
14:58:04.0180 2452  AgereSoftModem - ok
14:58:04.0250 2452  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
14:58:04.0250 2452  agp440 - ok
14:58:04.0290 2452  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
14:58:04.0310 2452  agpCPQ - ok
14:58:04.0380 2452  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\System32\DRIVERS\aha154x.sys
14:58:04.0380 2452  Aha154x - ok
14:58:04.0430 2452  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\System32\DRIVERS\aic78u2.sys
14:58:04.0430 2452  aic78u2 - ok
14:58:04.0490 2452  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\System32\DRIVERS\aic78xx.sys
14:58:04.0580 2452  aic78xx - ok
14:58:04.0690 2452  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:58:04.0751 2452  Alerter - ok
14:58:04.0821 2452  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
14:58:04.0871 2452  ALG - ok
14:58:05.0071 2452  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\System32\DRIVERS\aliide.sys
14:58:05.0141 2452  AliIde - ok
14:58:05.0211 2452  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\System32\DRIVERS\alim1541.sys
14:58:05.0241 2452  alim1541 - ok
14:58:05.0281 2452  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\System32\DRIVERS\amdagp.sys
14:58:05.0281 2452  amdagp - ok
14:58:05.0331 2452  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\System32\DRIVERS\amsint.sys
14:58:05.0392 2452  amsint - ok
14:58:05.0482 2452  [ 3FD961EEBBDDD4EC1705D11D6FCD8353 ] ANC             C:\WINDOWS\system32\drivers\ANC.SYS
14:58:05.0502 2452  ANC - ok
14:58:05.0632 2452  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:58:05.0692 2452  AppMgmt - ok
14:58:05.0732 2452  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\System32\DRIVERS\asc.sys
14:58:05.0732 2452  asc - ok
14:58:05.0792 2452  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\System32\DRIVERS\asc3350p.sys
14:58:05.0792 2452  asc3350p - ok
14:58:05.0822 2452  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\System32\DRIVERS\asc3550.sys
14:58:05.0822 2452  asc3550 - ok
14:58:06.0103 2452  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:58:08.0316 2452  aspnet_state - ok
14:58:08.0426 2452  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:58:08.0456 2452  AsyncMac - ok
14:58:08.0496 2452  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:58:08.0516 2452  atapi - ok
14:58:08.0536 2452  Atdisk - ok
14:58:08.0656 2452  [ F9DA4053E23DA83C4810A7A9DE934861 ] Ati HotKey Poller C:\WINDOWS\System32\Ati2evxx.exe
14:58:08.0676 2452  Ati HotKey Poller - ok
14:58:08.0867 2452  [ 22DB33B677912455C5A21133D1C07D0E ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:58:08.0947 2452  ati2mtag - ok
14:58:09.0027 2452  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:58:09.0057 2452  Atmarpc - ok
14:58:09.0167 2452  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:58:09.0167 2452  AudioSrv - ok
14:58:09.0237 2452  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:58:09.0237 2452  audstub - ok
14:58:09.0307 2452  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:58:09.0327 2452  Beep - ok
14:58:09.0457 2452  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:58:09.0487 2452  BITS - ok
14:58:09.0678 2452  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
14:58:09.0678 2452  Browser - ok
14:58:09.0738 2452  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
14:58:09.0788 2452  cbidf - ok
14:58:09.0818 2452  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:58:09.0818 2452  cbidf2k - ok
14:58:09.0908 2452  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:58:09.0918 2452  CCDECODE - ok
14:58:09.0968 2452  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
14:58:09.0978 2452  cd20xrnt - ok
14:58:10.0028 2452  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:58:10.0028 2452  Cdaudio - ok
14:58:10.0058 2452  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:58:10.0058 2452  Cdfs - ok
14:58:10.0088 2452  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:58:10.0088 2452  Cdrom - ok
14:58:10.0108 2452  Changer - ok
14:58:10.0198 2452  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:58:10.0208 2452  CiSvc - ok
14:58:10.0269 2452  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:58:10.0289 2452  ClipSrv - ok
14:58:10.0359 2452  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:58:10.0549 2452  clr_optimization_v2.0.50727_32 - ok
14:58:10.0619 2452  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:58:10.0629 2452  CmBatt - ok
14:58:10.0699 2452  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\System32\DRIVERS\cmdide.sys
14:58:10.0729 2452  CmdIde - ok
14:58:10.0759 2452  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:58:10.0779 2452  Compbatt - ok
14:58:10.0809 2452  COMSysApp - ok
14:58:10.0869 2452  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\System32\DRIVERS\cpqarray.sys
14:58:10.0879 2452  Cpqarray - ok
14:58:10.0919 2452  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:58:10.0919 2452  CryptSvc - ok
14:58:11.0000 2452  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
14:58:11.0030 2452  dac2w2k - ok
14:58:11.0070 2452  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\System32\DRIVERS\dac960nt.sys
14:58:11.0070 2452  dac960nt - ok
14:58:11.0160 2452  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:58:11.0160 2452  DcomLaunch - ok
14:58:11.0190 2452  DgiVecp - ok
14:58:11.0220 2452  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:58:11.0220 2452  Dhcp - ok
14:58:11.0300 2452  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:58:11.0310 2452  Disk - ok
14:58:11.0330 2452  dmadmin - ok
14:58:11.0570 2452  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:58:11.0691 2452  dmboot - ok
14:58:11.0791 2452  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:58:11.0851 2452  dmio - ok
14:58:11.0961 2452  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:58:11.0991 2452  dmload - ok
14:58:12.0061 2452  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:58:12.0091 2452  dmserver - ok
14:58:12.0181 2452  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:58:12.0181 2452  DMusic - ok
14:58:12.0241 2452  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:58:12.0241 2452  Dnscache - ok
14:58:12.0372 2452  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:58:12.0382 2452  Dot3svc - ok
14:58:12.0422 2452  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\System32\DRIVERS\dpti2o.sys
14:58:12.0422 2452  dpti2o - ok
14:58:12.0462 2452  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:58:12.0462 2452  drmkaud - ok
14:58:12.0542 2452  [ DFDD4E4DFAFC6B41DBA4BD7B1F9EF7A6 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
14:58:12.0562 2452  drvmcdb - ok
14:58:12.0622 2452  [ D3C1E501ED42E77574B3095309DD4075 ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
14:58:12.0632 2452  drvnddm - ok
14:58:12.0722 2452  [ 73E78D9B45870A3D14B4D5A12BE68530 ] E1000           C:\WINDOWS\system32\DRIVERS\e1000325.sys
14:58:12.0722 2452  E1000 - ok
14:58:12.0892 2452  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:58:12.0932 2452  E100B - ok
14:58:12.0992 2452  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:58:13.0012 2452  EapHost - ok
14:58:13.0073 2452  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:58:13.0073 2452  ERSvc - ok
14:58:13.0123 2452  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
14:58:13.0143 2452  Eventlog - ok
14:58:13.0213 2452  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
14:58:13.0213 2452  EventSystem - ok
14:58:13.0283 2452  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:58:13.0303 2452  Fastfat - ok
14:58:13.0383 2452  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:58:13.0383 2452  FastUserSwitchingCompatibility - ok
14:58:13.0443 2452  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
14:58:13.0443 2452  Fdc - ok
14:58:13.0473 2452  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:58:13.0473 2452  Fips - ok
14:58:13.0503 2452  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
14:58:13.0503 2452  Flpydisk - ok
14:58:13.0593 2452  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:58:13.0593 2452  FltMgr - ok
14:58:13.0744 2452  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:58:13.0784 2452  FontCache3.0.0.0 - ok
14:58:13.0824 2452  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:58:13.0834 2452  Fs_Rec - ok
14:58:13.0864 2452  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:58:13.0874 2452  Ftdisk - ok
14:58:13.0924 2452  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:58:13.0924 2452  Gpc - ok
14:58:13.0974 2452  [ 01CDB5B4649FAE249E787A83BE22916A ] gv3             C:\WINDOWS\system32\DRIVERS\gv3.sys
14:58:13.0974 2452  gv3 - ok
14:58:14.0104 2452  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:58:14.0114 2452  helpsvc - ok
14:58:14.0204 2452  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
14:58:14.0204 2452  HidServ - ok
14:58:14.0244 2452  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:58:14.0254 2452  HidUsb - ok
14:58:14.0324 2452  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:58:14.0384 2452  hkmsvc - ok
14:58:14.0435 2452  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\System32\DRIVERS\hpn.sys
14:58:14.0435 2452  hpn - ok
14:58:14.0525 2452  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:58:14.0525 2452  HTTP - ok
14:58:14.0595 2452  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:58:14.0615 2452  HTTPFilter - ok
14:58:14.0645 2452  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
14:58:14.0645 2452  i2omgmt - ok
14:58:14.0705 2452  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\System32\DRIVERS\i2omp.sys
14:58:14.0725 2452  i2omp - ok
14:58:14.0755 2452  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:58:14.0755 2452  i8042prt - ok
14:58:14.0815 2452  [ 293131C1DA5F53CB05F75D637739D79C ] IBMPMDRV        C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
14:58:14.0815 2452  IBMPMDRV - ok
14:58:14.0835 2452  [ 91FA023C5203503776BCCC9CF96A0C59 ] IBMPMSVC        C:\WINDOWS\System32\ibmpmsvc.exe
14:58:14.0855 2452  IBMPMSVC - ok
14:58:14.0895 2452  [ 28DEEBA2E29CB0E91B641CA95F7740FD ] IBMTPCHK        C:\WINDOWS\system32\drivers\IBMBLDID.SYS
14:58:14.0895 2452  IBMTPCHK - ok
14:58:15.0015 2452  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:58:15.0166 2452  idsvc - ok
14:58:15.0206 2452  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:58:15.0206 2452  Imapi - ok
14:58:15.0266 2452  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\System32\imapi.exe
14:58:15.0266 2452  ImapiService - ok
14:58:15.0336 2452  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\System32\DRIVERS\ini910u.sys
14:58:15.0336 2452  ini910u - ok
14:58:15.0376 2452  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\System32\DRIVERS\intelide.sys
14:58:15.0376 2452  IntelIde - ok
14:58:15.0436 2452  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:58:15.0446 2452  intelppm - ok
14:58:15.0496 2452  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:58:15.0496 2452  ip6fw - ok
14:58:15.0566 2452  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:58:15.0566 2452  IpFilterDriver - ok
14:58:15.0636 2452  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:58:15.0636 2452  IpInIp - ok
14:58:15.0686 2452  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:58:15.0686 2452  IpNat - ok
14:58:15.0716 2452  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:58:15.0726 2452  IPSec - ok
14:58:15.0756 2452  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
14:58:15.0756 2452  irda - ok
14:58:15.0786 2452  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:58:15.0806 2452  IRENUM - ok
14:58:15.0847 2452  [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon           C:\WINDOWS\System32\irmon.dll
14:58:15.0847 2452  Irmon - ok
14:58:15.0897 2452  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:58:15.0907 2452  isapnp - ok
14:58:15.0917 2452  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:58:15.0917 2452  Kbdclass - ok
14:58:16.0007 2452  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:58:16.0017 2452  kmixer - ok
14:58:16.0087 2452  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:58:16.0087 2452  KSecDD - ok
14:58:16.0157 2452  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:58:16.0167 2452  lanmanserver - ok
14:58:16.0197 2452  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:58:16.0207 2452  lanmanworkstation - ok
14:58:16.0227 2452  lbrtfdc - ok
14:58:16.0327 2452  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:58:16.0327 2452  LmHosts - ok
14:58:16.0397 2452  [ 9EE18A5A45552673A67532EA37370377 ] ltmodem5        C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
14:58:16.0437 2452  ltmodem5 - ok
14:58:16.0477 2452  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:58:16.0497 2452  MBAMProtector - ok
14:58:16.0588 2452  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:58:16.0588 2452  MBAMScheduler - ok
14:58:20.0623 2452  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:58:20.0623 2452  MBAMService - ok
14:58:20.0683 2452  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:58:20.0694 2452  Messenger - ok
14:58:20.0764 2452  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:58:20.0764 2452  mnmdd - ok
14:58:20.0814 2452  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
14:58:20.0874 2452  mnmsrvc - ok
14:58:20.0904 2452  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:58:20.0904 2452  Modem - ok
14:58:20.0944 2452  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:58:20.0944 2452  Mouclass - ok
14:58:21.0004 2452  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:58:21.0024 2452  mouhid - ok
14:58:21.0054 2452  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:58:21.0054 2452  MountMgr - ok
14:58:21.0104 2452  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\System32\DRIVERS\mraid35x.sys
14:58:21.0124 2452  mraid35x - ok
14:58:21.0144 2452  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:58:21.0154 2452  MRxDAV - ok
14:58:21.0244 2452  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:58:21.0264 2452  MRxSmb - ok
14:58:21.0314 2452  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:58:21.0344 2452  MSDTC - ok
14:58:21.0395 2452  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:58:21.0405 2452  Msfs - ok
14:58:21.0425 2452  MSIServer - ok
14:58:21.0465 2452  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:58:21.0495 2452  MSKSSRV - ok
14:58:21.0535 2452  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:58:21.0555 2452  MSPCLOCK - ok
14:58:21.0605 2452  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:58:21.0695 2452  MSPQM - ok
14:58:21.0735 2452  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:58:21.0755 2452  mssmbios - ok
14:58:21.0785 2452  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:58:21.0785 2452  MSTEE - ok
14:58:21.0835 2452  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:58:21.0845 2452  Mup - ok
14:58:21.0885 2452  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:58:21.0885 2452  NABTSFEC - ok
14:58:21.0975 2452  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:58:21.0985 2452  napagent - ok
14:58:22.0146 2452  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:58:22.0366 2452  NDIS - ok
14:58:22.0406 2452  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:58:22.0406 2452  NdisIP - ok
14:58:22.0456 2452  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:58:22.0456 2452  NdisTapi - ok
14:58:22.0536 2452  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:58:22.0536 2452  Ndisuio - ok
14:58:22.0596 2452  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:58:22.0616 2452  NdisWan - ok
14:58:22.0666 2452  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:58:22.0666 2452  NDProxy - ok
14:58:22.0736 2452  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:58:22.0746 2452  NetBIOS - ok
14:58:22.0827 2452  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:58:22.0837 2452  NetBT - ok
14:58:22.0887 2452  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:58:22.0897 2452  NetDDE - ok
14:58:22.0947 2452  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:58:22.0947 2452  NetDDEdsdm - ok
14:58:23.0027 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\System32\lsass.exe
14:58:23.0027 2452  Netlogon - ok
14:58:23.0067 2452  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
14:58:23.0087 2452  Netman - ok
14:58:23.0137 2452  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:58:23.0147 2452  NetTcpPortSharing - ok
14:58:23.0207 2452  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:58:23.0267 2452  Nla - ok
14:58:23.0317 2452  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:58:23.0317 2452  Npfs - ok
14:58:23.0357 2452  [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA         C:\WINDOWS\system32\DRIVERS\nscirda.sys
14:58:23.0357 2452  NSCIRDA - ok
14:58:23.0478 2452  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:58:23.0508 2452  Ntfs - ok
14:58:23.0538 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
14:58:23.0538 2452  NtLmSsp - ok
14:58:23.0588 2452  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:58:23.0628 2452  NtmsSvc - ok
14:58:23.0728 2452  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
14:58:23.0748 2452  NuidFltr - ok
14:58:23.0778 2452  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:58:23.0778 2452  Null - ok
14:58:23.0838 2452  [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation  C:\WINDOWS\System32\nwwks.dll
14:58:23.0838 2452  NWCWorkstation - ok
14:58:23.0938 2452  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:58:23.0988 2452  NwlnkFlt - ok
14:58:24.0028 2452  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:58:24.0068 2452  NwlnkFwd - ok
14:58:24.0118 2452  [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx        C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
14:58:24.0118 2452  NwlnkIpx - ok
14:58:24.0209 2452  [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb         C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
14:58:24.0209 2452  NwlnkNb - ok
14:58:24.0309 2452  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
14:58:24.0309 2452  NwlnkSpx - ok
14:58:24.0329 2452  [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR           C:\WINDOWS\system32\DRIVERS\nwrdr.sys
14:58:24.0339 2452  NWRDR - ok
14:58:24.0479 2452  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:58:24.0569 2452  ose - ok
14:58:24.0629 2452  [ C90018BAFDC7098619A4A95B046B30F3 ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys
14:58:24.0629 2452  P3 - ok
14:58:24.0679 2452  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
14:58:24.0689 2452  Parport - ok
14:58:24.0719 2452  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:58:24.0719 2452  PartMgr - ok
14:58:24.0819 2452  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:58:24.0819 2452  ParVdm - ok
14:58:24.0890 2452  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:58:24.0890 2452  PCI - ok
14:58:25.0000 2452  PCIDump - ok
14:58:25.0160 2452  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:58:25.0160 2452  PCIIde - ok
14:58:25.0270 2452  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:58:25.0300 2452  Pcmcia - ok
14:58:25.0410 2452  [ 8A89A9AA0A6B9C3B3AD6D98FE211B560 ] PCX504          C:\WINDOWS\system32\DRIVERS\PCX504.sys
14:58:25.0420 2452  PCX504 - ok
14:58:25.0480 2452  PDCOMP - ok
14:58:25.0561 2452  PDFRAME - ok
14:58:25.0661 2452  PDRELI - ok
14:58:25.0761 2452  PDRFRAME - ok
14:58:25.0881 2452  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\System32\DRIVERS\perc2.sys
14:58:25.0881 2452  perc2 - ok
14:58:26.0011 2452  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\System32\DRIVERS\perc2hib.sys
14:58:26.0011 2452  perc2hib - ok
14:58:26.0282 2452  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:58:26.0282 2452  PlugPlay - ok
14:58:26.0372 2452  [ FA292805788528C083F416E151B60AB6 ] PMEM            C:\WINDOWS\system32\drivers\PMEMNT.SYS
14:58:26.0372 2452  PMEM - ok
14:58:26.0482 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe
14:58:26.0482 2452  PolicyAgent - ok
14:58:26.0592 2452  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:58:26.0592 2452  PptpMiniport - ok
14:58:26.0672 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:58:26.0682 2452  ProtectedStorage - ok
14:58:26.0762 2452  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:58:26.0762 2452  PSched - ok
14:58:26.0902 2452  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:58:26.0942 2452  Ptilink - ok
14:58:26.0973 2452  [ 352CF968DF88760FEF225C3FBE7184A7 ] PxHelp20        C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
14:58:26.0973 2452  PxHelp20 - ok
14:58:27.0033 2452  [ 90C5463F584371B81585467CA56005E7 ] QCNDISIF        C:\WINDOWS\system32\drivers\qcndisif.SYS
14:58:27.0043 2452  QCNDISIF - ok
14:58:27.0083 2452  [ 7D8490530AB518EB77F689F0DD1EA532 ] QCONSVC         C:\WINDOWS\system32\QCONSVC.EXE
14:58:27.0093 2452  QCONSVC - ok
14:58:27.0203 2452  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\System32\DRIVERS\ql1080.sys
14:58:27.0203 2452  ql1080 - ok
14:58:27.0293 2452  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
14:58:27.0313 2452  Ql10wnt - ok
14:58:27.0403 2452  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\System32\DRIVERS\ql12160.sys
14:58:27.0413 2452  ql12160 - ok
14:58:27.0533 2452  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\System32\DRIVERS\ql1240.sys
14:58:27.0533 2452  ql1240 - ok
14:58:27.0583 2452  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\System32\DRIVERS\ql1280.sys
14:58:27.0623 2452  ql1280 - ok
14:58:27.0664 2452  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:58:27.0664 2452  RasAcd - ok
14:58:27.0724 2452  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:58:27.0734 2452  RasAuto - ok
14:58:27.0774 2452  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:58:27.0814 2452  Rasirda - ok
14:58:27.0844 2452  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:58:27.0854 2452  Rasl2tp - ok
14:58:27.0904 2452  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:58:27.0904 2452  RasMan - ok
14:58:27.0944 2452  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:58:27.0944 2452  RasPppoe - ok
14:58:28.0004 2452  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:58:28.0004 2452  Raspti - ok
14:58:28.0054 2452  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:58:28.0074 2452  Rdbss - ok
14:58:28.0134 2452  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:58:28.0134 2452  RDPCDD - ok
14:58:28.0214 2452  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:58:28.0274 2452  rdpdr - ok
14:58:28.0375 2452  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:58:28.0385 2452  RDPWD - ok
14:58:28.0445 2452  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:58:28.0455 2452  RDSessMgr - ok
14:58:28.0515 2452  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:58:28.0515 2452  redbook - ok
14:58:28.0565 2452  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:58:28.0565 2452  RemoteAccess - ok
14:58:28.0615 2452  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:58:28.0615 2452  RemoteRegistry - ok
14:58:28.0665 2452  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
14:58:28.0675 2452  RpcLocator - ok
14:58:28.0725 2452  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:58:28.0725 2452  RpcSs - ok
14:58:28.0785 2452  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
14:58:28.0795 2452  RSVP - ok
14:58:28.0875 2452  [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus        C:\WINDOWS\system32\DRIVERS\s1018bus.sys
14:58:28.0885 2452  s1018bus - ok
14:58:28.0945 2452  [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl       C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
14:58:28.0965 2452  s1018mdfl - ok
14:58:29.0005 2452  [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm        C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
14:58:29.0046 2452  s1018mdm - ok
14:58:29.0096 2452  [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt       C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
14:58:29.0106 2452  s1018mgmt - ok
14:58:29.0156 2452  [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5        C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
14:58:29.0156 2452  s1018nd5 - ok
14:58:29.0206 2452  [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex       C:\WINDOWS\system32\DRIVERS\s1018obex.sys
14:58:29.0216 2452  s1018obex - ok
14:58:29.0246 2452  [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic       C:\WINDOWS\system32\DRIVERS\s1018unic.sys
14:58:29.0246 2452  s1018unic - ok
14:58:29.0306 2452  [ A94AA8161DD4711BC6F732F21D6407D6 ] S3SSavage       C:\WINDOWS\system32\DRIVERS\s3ssavm.sys
14:58:29.0316 2452  S3SSavage - ok
14:58:29.0376 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:58:29.0376 2452  SamSs - ok
14:58:29.0436 2452  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:58:29.0466 2452  SCardSvr - ok
14:58:29.0526 2452  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:58:29.0536 2452  Schedule - ok
14:58:29.0656 2452  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:58:29.0656 2452  Secdrv - ok
14:58:29.0706 2452  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:58:29.0726 2452  seclogon - ok
14:58:29.0787 2452  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
14:58:29.0787 2452  SENS - ok
14:58:29.0827 2452  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
14:58:29.0847 2452  serenum - ok
14:58:29.0877 2452  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
14:58:29.0887 2452  Serial - ok
14:58:29.0987 2452  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
14:58:30.0007 2452  Sfloppy - ok
14:58:30.0077 2452  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:58:30.0087 2452  SharedAccess - ok
14:58:30.0127 2452  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:58:30.0127 2452  ShellHWDetection - ok
14:58:30.0207 2452  [ 1D51D48DFA986A49CB7BD0F87CB0CF53 ] ShockMgr        C:\WINDOWS\system32\drivers\ShockMgr.sys
14:58:30.0217 2452  ShockMgr - ok
14:58:30.0237 2452  [ 08C5D02C1DE30343619C5E23DB6A91AB ] Shockprf        C:\WINDOWS\system32\drivers\Shockprf.sys
14:58:30.0247 2452  Shockprf - ok
14:58:30.0257 2452  Simbad - ok
14:58:30.0337 2452  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\System32\DRIVERS\sisagp.sys
14:58:30.0347 2452  sisagp - ok
14:58:30.0387 2452  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:58:30.0397 2452  SLIP - ok
14:58:30.0438 2452  [ 26341D0DD225D19FD50E0EE3C3C77502 ] Smapint         C:\WINDOWS\system32\drivers\Smapint.sys
14:58:30.0438 2452  Smapint - ok
14:58:30.0558 2452  [ FA3368A7039F5ABAA4B933703AC34763 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
14:58:30.0608 2452  smwdm - ok
14:58:30.0648 2452  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\System32\DRIVERS\sparrow.sys
14:58:30.0648 2452  Sparrow - ok
14:58:30.0738 2452  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:58:30.0738 2452  splitter - ok
14:58:30.0788 2452  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:58:30.0798 2452  Spooler - ok
14:58:30.0818 2452  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:58:30.0818 2452  sr - ok
14:58:30.0908 2452  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\System32\srsvc.dll
14:58:30.0908 2452  srservice - ok
14:58:30.0978 2452  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:58:30.0988 2452  Srv - ok
14:58:31.0038 2452  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus         C:\WINDOWS\system32\DRIVERS\ssadbus.sys
14:58:31.0038 2452  ssadbus - ok
14:58:31.0078 2452  [ 328E8BB94EC58480F60458FB4B8437A7 ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
14:58:31.0088 2452  sscdbhk5 - ok
14:58:31.0129 2452  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:58:31.0129 2452  SSDPSRV - ok
14:58:31.0139 2452  [ 7EC8B427CEE5C0CDAC066320B93F1355 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
14:58:31.0139 2452  ssrtln - ok
14:58:31.0249 2452  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:58:31.0259 2452  stisvc - ok
14:58:31.0309 2452  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:58:31.0319 2452  streamip - ok
14:58:31.0359 2452  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:58:31.0359 2452  swenum - ok
14:58:31.0419 2452  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:58:31.0419 2452  swmidi - ok
14:58:31.0439 2452  SwPrv - ok
14:58:31.0519 2452  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\System32\DRIVERS\symc810.sys
14:58:31.0519 2452  symc810 - ok
14:58:31.0569 2452  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\System32\DRIVERS\symc8xx.sys
14:58:31.0589 2452  symc8xx - ok
14:58:31.0619 2452  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\System32\DRIVERS\sym_hi.sys
14:58:31.0619 2452  sym_hi - ok
14:58:31.0689 2452  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\System32\DRIVERS\sym_u3.sys
14:58:31.0689 2452  sym_u3 - ok
14:58:31.0769 2452  [ E2688964065365B41B232C5BBDF1C7E0 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:58:31.0779 2452  SynTP - ok
14:58:31.0809 2452  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:58:31.0820 2452  sysaudio - ok
14:58:31.0880 2452  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:58:31.0890 2452  SysmonLog - ok
14:58:31.0950 2452  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:58:31.0950 2452  TapiSrv - ok
14:58:32.0020 2452  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:58:32.0040 2452  Tcpip - ok
14:58:32.0080 2452  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:58:32.0080 2452  TDPIPE - ok
14:58:32.0120 2452  [ E64DA7318ACADDF0A4400BAA921E8AC1 ] TDSMAPI         C:\WINDOWS\system32\drivers\TDSMAPI.SYS
14:58:32.0120 2452  TDSMAPI - ok
14:58:32.0150 2452  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:58:32.0160 2452  TDTCP - ok
14:58:32.0220 2452  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:58:32.0220 2452  TermDD - ok
14:58:32.0300 2452  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
14:58:32.0330 2452  TermService - ok
14:58:32.0380 2452  [ A03E3C621F8CC5751C46A4F671F7B7F4 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
14:58:32.0390 2452  tfsnboio - ok
14:58:32.0420 2452  [ 04D9D5DB0E8339D75606C86B9CEF5F4E ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
14:58:32.0420 2452  tfsncofs - ok
14:58:32.0470 2452  [ BD09C104E02EB6A4AFE3DD0AF9B1CB17 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
14:58:32.0480 2452  tfsndrct - ok
14:58:32.0500 2452  [ 5C984670FEA565A9EC3855FF9C29F7CC ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
14:58:32.0500 2452  tfsndres - ok
14:58:32.0561 2452  [ 965C1AF88C6528172CEBE7674A37D8CD ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
14:58:32.0571 2452  tfsnifs - ok
14:58:32.0631 2452  [ 90AED91115EEF3BAB265E5F145A31DEF ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
14:58:32.0631 2452  tfsnopio - ok
14:58:32.0681 2452  [ 32A53CB321B8628D41E882223B2D0E4F ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
14:58:32.0691 2452  tfsnpool - ok
14:58:33.0622 2452  [ F275B4C714300B6E018A57D6C555FB2C ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
14:58:33.0642 2452  tfsnudf - ok
14:58:33.0692 2452  [ 5D85572F26DB3CA565B9EABABAAF074C ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
14:58:33.0702 2452  tfsnudfa - ok
14:58:33.0762 2452  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:58:33.0762 2452  Themes - ok
14:58:33.0842 2452  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
14:58:33.0852 2452  TlntSvr - ok
14:58:33.0882 2452  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\System32\DRIVERS\toside.sys
14:58:33.0882 2452  TosIde - ok
14:58:33.0923 2452  [ 29756A30DD8D8F0E73DA1F6137339A99 ] TPHKDRV         C:\WINDOWS\system32\drivers\TPHKDRV.sys
14:58:33.0923 2452  TPHKDRV - ok
14:58:34.0003 2452  [ DFB268FF0A6DCB9280015FF527F892FF ] TpKmpSVC        C:\WINDOWS\system32\TpKmpSVC.exe
14:58:34.0003 2452  TpKmpSVC - ok
14:58:34.0023 2452  [ 970AB1AEF38DB6F5E1AAE277A6843D54 ] TPPWR           C:\WINDOWS\system32\drivers\Tppwr.sys
14:58:34.0023 2452  TPPWR - ok
14:58:34.0103 2452  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:58:34.0113 2452  TrkWks - ok
14:58:34.0183 2452  [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] TSMAPIP         C:\WINDOWS\system32\drivers\TSMAPIP.SYS
14:58:34.0183 2452  TSMAPIP - ok
14:58:34.0233 2452  [ 17687545F77A648AF7F9F1064EB61191 ] TwoTrack        C:\WINDOWS\system32\DRIVERS\TwoTrack.sys
14:58:34.0233 2452  TwoTrack - ok
14:58:34.0293 2452  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:58:34.0293 2452  Udfs - ok
14:58:34.0343 2452  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\System32\DRIVERS\ultra.sys
14:58:34.0343 2452  ultra - ok
14:58:34.0423 2452  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:58:34.0453 2452  Update - ok
14:58:34.0493 2452  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:58:34.0503 2452  upnphost - ok
14:58:34.0543 2452  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
14:58:34.0553 2452  UPS - ok
14:58:34.0644 2452  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:58:34.0644 2452  usbaudio - ok
14:58:34.0694 2452  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:58:34.0694 2452  usbccgp - ok
14:58:34.0724 2452  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:58:34.0734 2452  usbehci - ok
14:58:34.0754 2452  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:58:34.0754 2452  usbhub - ok
14:58:34.0784 2452  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:58:34.0794 2452  usbprint - ok
14:58:34.0884 2452  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:58:34.0884 2452  usbscan - ok
14:58:34.0944 2452  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:58:34.0944 2452  USBSTOR - ok
14:58:34.0984 2452  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:58:34.0984 2452  usbuhci - ok
14:58:35.0064 2452  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
14:58:35.0064 2452  usbvideo - ok
14:58:35.0134 2452  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:58:35.0134 2452  VgaSave - ok
14:58:35.0194 2452  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\System32\DRIVERS\viaagp.sys
14:58:35.0194 2452  viaagp - ok
14:58:35.0254 2452  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\System32\DRIVERS\viaide.sys
14:58:35.0264 2452  ViaIde - ok
14:58:35.0295 2452  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:58:35.0295 2452  VolSnap - ok
14:58:35.0355 2452  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
14:58:35.0395 2452  VSS - ok
14:58:35.0445 2452  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\System32\w32time.dll
14:58:35.0475 2452  W32Time - ok
14:58:35.0535 2452  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:58:35.0555 2452  Wanarp - ok
14:58:35.0585 2452  WDC_SAM - ok
14:58:35.0685 2452  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:58:35.0765 2452  Wdf01000 - ok
14:58:35.0775 2452  WDICA - ok
14:58:35.0835 2452  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:58:35.0845 2452  wdmaud - ok
14:58:35.0925 2452  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:58:35.0925 2452  WebClient - ok
14:58:36.0056 2452  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:58:36.0056 2452  winmgmt - ok
14:58:36.0146 2452  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
14:58:36.0146 2452  WmdmPmSN - ok
14:58:36.0216 2452  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
14:58:36.0226 2452  Wmi - ok
14:58:36.0286 2452  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
14:58:36.0296 2452  WmiApSrv - ok
14:58:36.0346 2452  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:58:36.0376 2452  WpdUsb - ok
14:58:36.0446 2452  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
14:58:36.0446 2452  wscsvc - ok
14:58:36.0496 2452  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:58:36.0516 2452  WSTCODEC - ok
14:58:36.0556 2452  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:58:36.0586 2452  wuauserv - ok
14:58:36.0656 2452  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:58:36.0656 2452  WudfPf - ok
14:58:36.0727 2452  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:58:36.0727 2452  WudfRd - ok
14:58:36.0767 2452  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
14:58:36.0787 2452  WudfSvc - ok
14:58:36.0867 2452  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:58:36.0907 2452  WZCSVC - ok
14:58:36.0977 2452  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:58:36.0977 2452  xmlprov - ok
14:58:37.0077 2452  ================ Scan global ===============================
14:58:37.0137 2452  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:58:37.0237 2452  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:58:37.0277 2452  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:58:37.0317 2452  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:58:37.0317 2452  [Global] - ok
14:58:37.0327 2452  ================ Scan MBR ==================================
14:58:37.0388 2452  [ AB67D479E4EE1CCAD757294B60DDB98F ] \Device\Harddisk0\DR0
14:58:38.0880 2452  \Device\Harddisk0\DR0 - ok
14:58:38.0900 2452  ================ Scan VBR ==================================
14:58:38.0910 2452  [ B8910A4143127418D2BA3467A23C0E53 ] \Device\Harddisk0\DR0\Partition1
14:58:38.0930 2452  \Device\Harddisk0\DR0\Partition1 - ok
14:58:38.0940 2452  ================ Scan active images ========================
14:58:38.0950 2452  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
14:58:38.0950 2452  C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:58:38.0970 2452  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
14:58:38.0970 2452  C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:58:39.0010 2452  [ 22DB33B677912455C5A21133D1C07D0E ] C:\WINDOWS\system32\drivers\ati2mtag.sys
14:58:39.0010 2452  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
14:58:39.0030 2452  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
14:58:39.0030 2452  C:\WINDOWS\system32\drivers\usbport.sys - ok
14:58:39.0050 2452  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:58:39.0050 2452  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:58:39.0070 2452  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:58:39.0070 2452  C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:58:39.0110 2452  [ 73E78D9B45870A3D14B4D5A12BE68530 ] C:\WINDOWS\system32\drivers\e1000325.sys
14:58:39.0110 2452  C:\WINDOWS\system32\drivers\e1000325.sys - ok
14:58:39.0130 2452  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:58:39.0130 2452  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:58:39.0170 2452  [ 8A89A9AA0A6B9C3B3AD6D98FE211B560 ] C:\WINDOWS\system32\drivers\PCX504.sys
14:58:39.0170 2452  C:\WINDOWS\system32\drivers\PCX504.sys - ok
14:58:39.0240 2452  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:58:39.0240 2452  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:58:39.0300 2452  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:58:39.0300 2452  C:\WINDOWS\system32\drivers\usbd.sys - ok
14:58:39.0360 2452  [ E2688964065365B41B232C5BBDF1C7E0 ] C:\WINDOWS\system32\drivers\SynTP.sys
14:58:39.0360 2452  C:\WINDOWS\system32\drivers\SynTP.sys - ok
14:58:39.0420 2452  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
14:58:39.0420 2452  C:\WINDOWS\system32\drivers\fdc.sys - ok
14:58:39.0471 2452  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:58:39.0471 2452  C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:58:39.0531 2452  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
14:58:39.0531 2452  C:\WINDOWS\system32\drivers\serial.sys - ok
14:58:39.0591 2452  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
14:58:39.0591 2452  C:\WINDOWS\system32\drivers\serenum.sys - ok
14:58:39.0651 2452  [ C93C9FF7B04D772627A3646D89F7BF89 ] C:\WINDOWS\system32\drivers\irenum.sys
14:58:39.0651 2452  C:\WINDOWS\system32\drivers\irenum.sys - ok
14:58:39.0721 2452  [ 2ADC0CA9945C65284B3D19BC18765974 ] C:\WINDOWS\system32\drivers\nscirda.sys
14:58:39.0721 2452  C:\WINDOWS\system32\drivers\nscirda.sys - ok
14:58:39.0791 2452  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
14:58:39.0791 2452  C:\WINDOWS\system32\drivers\parport.sys - ok
14:58:39.0851 2452  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys
14:58:39.0851 2452  C:\WINDOWS\system32\drivers\cmbatt.sys - ok
14:58:39.0911 2452  [ 293131C1DA5F53CB05F75D637739D79C ] C:\WINDOWS\system32\drivers\ibmpmdrv.sys
14:58:39.0911 2452  C:\WINDOWS\system32\drivers\ibmpmdrv.sys - ok
14:58:39.0981 2452  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
14:58:39.0981 2452  C:\WINDOWS\system32\drivers\imapi.sys - ok
14:58:40.0031 2452  [ 328E8BB94EC58480F60458FB4B8437A7 ] C:\WINDOWS\system32\drivers\sscdbhk5.sys
14:58:40.0031 2452  C:\WINDOWS\system32\drivers\sscdbhk5.sys - ok
14:58:40.0091 2452  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
14:58:40.0091 2452  C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:58:40.0151 2452  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
14:58:40.0151 2452  C:\WINDOWS\system32\drivers\ks.sys - ok
14:58:40.0222 2452  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
14:58:40.0222 2452  C:\WINDOWS\system32\drivers\redbook.sys - ok
14:58:40.0282 2452  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
14:58:40.0282 2452  C:\WINDOWS\system32\drivers\drmk.sys - ok
14:58:40.0302 2452  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
14:58:40.0302 2452  C:\WINDOWS\system32\drivers\portcls.sys - ok
14:58:40.0362 2452  [ FA3368A7039F5ABAA4B933703AC34763 ] C:\WINDOWS\system32\drivers\smwdm.sys
14:58:40.0362 2452  C:\WINDOWS\system32\drivers\smwdm.sys - ok
14:58:40.0452 2452  [ 2C5B1F8142A96233C07C93328B5EA635 ] C:\WINDOWS\system32\drivers\aeaudio.sys
14:58:40.0452 2452  C:\WINDOWS\system32\drivers\aeaudio.sys - ok
14:58:40.0482 2452  [ AFF071B6290776E1FA162837C35EAC78 ] C:\WINDOWS\system32\drivers\AGRSM.sys
14:58:40.0482 2452  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
14:58:40.0542 2452  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:58:40.0542 2452  C:\WINDOWS\system32\drivers\audstub.sys - ok
14:58:40.0582 2452  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
14:58:40.0582 2452  C:\WINDOWS\system32\drivers\modem.sys - ok
14:58:40.0642 2452  [ 0207D26DDF796A193CCD9F83047BB5FC ] C:\WINDOWS\system32\drivers\rasirda.sys
14:58:40.0642 2452  C:\WINDOWS\system32\drivers\rasirda.sys - ok
14:58:40.0702 2452  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
14:58:40.0702 2452  C:\WINDOWS\system32\drivers\tdi.sys - ok
14:58:40.0762 2452  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:58:40.0762 2452  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:58:40.0822 2452  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:58:40.0822 2452  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:58:40.0883 2452  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:58:40.0883 2452  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:58:40.0943 2452  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:58:40.0943 2452  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:58:41.0003 2452  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:58:41.0003 2452  C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:58:41.0063 2452  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:58:41.0063 2452  C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:58:41.0093 2452  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
14:58:41.0093 2452  C:\WINDOWS\system32\drivers\psched.sys - ok
14:58:41.0143 2452  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:58:41.0143 2452  C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:58:41.0203 2452  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:58:41.0203 2452  C:\WINDOWS\system32\drivers\raspti.sys - ok
14:58:41.0293 2452  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
14:58:41.0293 2452  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
14:58:41.0353 2452  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
14:58:41.0353 2452  C:\WINDOWS\system32\drivers\swenum.sys - ok
14:58:41.0383 2452  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
14:58:41.0383 2452  C:\WINDOWS\system32\drivers\termdd.sys - ok
14:58:41.0433 2452  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
14:58:41.0433 2452  C:\WINDOWS\system32\drivers\update.sys - ok
14:58:41.0493 2452  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:58:41.0493 2452  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:58:41.0584 2452  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:58:41.0584 2452  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:58:41.0644 2452  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
14:58:41.0644 2452  C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:58:41.0664 2452  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
14:58:41.0664 2452  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
14:58:41.0724 2452  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:58:41.0724 2452  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:58:41.0784 2452  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:58:41.0784 2452  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:58:41.0844 2452  [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
14:58:41.0844 2452  C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
14:58:41.0904 2452  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:58:41.0904 2452  C:\WINDOWS\system32\drivers\beep.sys - ok
14:58:41.0954 2452  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:58:41.0954 2452  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:58:42.0014 2452  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:58:42.0014 2452  C:\WINDOWS\system32\drivers\null.sys - ok
14:58:42.0084 2452  [ 7EC8B427CEE5C0CDAC066320B93F1355 ] C:\WINDOWS\system32\drivers\ssrtln.sys
14:58:42.0084 2452  C:\WINDOWS\system32\drivers\ssrtln.sys - ok
14:58:42.0144 2452  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
14:58:42.0144 2452  C:\WINDOWS\system32\drivers\vga.sys - ok
14:58:42.0234 2452  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:58:42.0234 2452  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:58:42.0255 2452  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:58:42.0255 2452  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:58:42.0315 2452  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
14:58:42.0315 2452  C:\WINDOWS\system32\drivers\msfs.sys - ok
14:58:42.0405 2452  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
14:58:42.0405 2452  C:\WINDOWS\system32\drivers\npfs.sys - ok
14:58:42.0465 2452  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:58:42.0465 2452  C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:58:42.0495 2452  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:58:42.0495 2452  C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:58:42.0585 2452  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
14:58:42.0585 2452  C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:58:42.0645 2452  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
14:58:42.0645 2452  C:\WINDOWS\system32\drivers\netbt.sys - ok
14:58:42.0705 2452  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
14:58:42.0705 2452  C:\WINDOWS\system32\drivers\ipnat.sys - ok
14:58:42.0765 2452  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:58:42.0765 2452  C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:58:42.0805 2452  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
14:58:42.0805 2452  C:\WINDOWS\system32\drivers\afd.sys - ok
14:58:42.0885 2452  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
14:58:42.0885 2452  C:\WINDOWS\system32\drivers\netbios.sys - ok
14:58:42.0946 2452  [ C90018BAFDC7098619A4A95B046B30F3 ] C:\WINDOWS\system32\drivers\p3.sys
14:58:42.0946 2452  C:\WINDOWS\system32\drivers\p3.sys - ok
14:58:43.0016 2452  [ 26341D0DD225D19FD50E0EE3C3C77502 ] C:\WINDOWS\system32\drivers\SMAPINT.SYS
14:58:43.0016 2452  C:\WINDOWS\system32\drivers\SMAPINT.SYS - ok
14:58:43.0046 2452  [ E64DA7318ACADDF0A4400BAA921E8AC1 ] C:\WINDOWS\system32\drivers\TDSMAPI.SYS
14:58:43.0046 2452  C:\WINDOWS\system32\drivers\TDSMAPI.SYS - ok
14:58:43.0106 2452  [ 29756A30DD8D8F0E73DA1F6137339A99 ] C:\WINDOWS\system32\drivers\TPHKDRV.sys
14:58:43.0106 2452  C:\WINDOWS\system32\drivers\TPHKDRV.sys - ok
14:58:43.0166 2452  [ 970AB1AEF38DB6F5E1AAE277A6843D54 ] C:\WINDOWS\system32\drivers\TPPWR.SYS
14:58:43.0166 2452  C:\WINDOWS\system32\drivers\TPPWR.SYS - ok
14:58:43.0226 2452  [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] C:\WINDOWS\system32\drivers\TSMAPIP.SYS
14:58:43.0226 2452  C:\WINDOWS\system32\drivers\TSMAPIP.SYS - ok
14:58:43.0286 2452  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
14:58:43.0286 2452  C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:58:43.0346 2452  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:58:43.0346 2452  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:58:43.0406 2452  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
14:58:43.0406 2452  C:\WINDOWS\system32\drivers\fips.sys - ok
14:58:43.0466 2452  [ 28DEEBA2E29CB0E91B641CA95F7740FD ] C:\WINDOWS\system32\drivers\IBMBLDID.SYS
14:58:43.0466 2452  C:\WINDOWS\system32\drivers\IBMBLDID.SYS - ok
14:58:43.0526 2452  [ 3FD961EEBBDDD4EC1705D11D6FCD8353 ] C:\WINDOWS\system32\drivers\ANC.sys
14:58:43.0526 2452  C:\WINDOWS\system32\drivers\ANC.sys - ok
14:58:43.0586 2452  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
14:58:43.0586 2452  C:\WINDOWS\system32\smss.exe - ok
14:58:43.0606 2452  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
14:58:43.0606 2452  C:\WINDOWS\system32\ntdll.dll - ok
14:58:43.0657 2452  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
14:58:43.0657 2452  C:\WINDOWS\system32\autochk.exe - ok
14:58:43.0727 2452  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
14:58:43.0727 2452  C:\WINDOWS\system32\sfcfiles.dll - ok
14:58:43.0787 2452  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
14:58:43.0787 2452  C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:58:43.0837 2452  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:58:43.0837 2452  C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:58:43.0887 2452  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
14:58:43.0887 2452  C:\WINDOWS\system32\drivers\atapi.sys - ok
14:58:43.0947 2452  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:58:43.0947 2452  C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:58:44.0007 2452  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
14:58:44.0007 2452  C:\WINDOWS\system32\watchdog.sys - ok
14:58:44.0067 2452  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
14:58:44.0067 2452  C:\WINDOWS\system32\win32k.sys - ok
14:58:44.0127 2452  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:58:44.0127 2452  C:\WINDOWS\system32\basesrv.dll - ok
14:58:44.0147 2452  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
14:58:44.0147 2452  C:\WINDOWS\system32\csrsrv.dll - ok
14:58:44.0197 2452  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
14:58:44.0197 2452  C:\WINDOWS\system32\csrss.exe - ok
14:58:44.0257 2452  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
14:58:44.0257 2452  C:\WINDOWS\system32\winsrv.dll - ok
14:58:44.0317 2452  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
14:58:44.0317 2452  C:\WINDOWS\system32\gdi32.dll - ok
14:58:44.0378 2452  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
14:58:44.0378 2452  C:\WINDOWS\system32\kernel32.dll - ok
14:58:44.0408 2452  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
14:58:44.0408 2452  C:\WINDOWS\system32\user32.dll - ok
14:58:44.0478 2452  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
14:58:44.0478 2452  C:\WINDOWS\system32\advapi32.dll - ok
14:58:44.0568 2452  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
14:58:44.0568 2452  C:\WINDOWS\system32\lpk.dll - ok
14:58:44.0598 2452  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
14:58:44.0598 2452  C:\WINDOWS\system32\usp10.dll - ok
14:58:44.0658 2452  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
14:58:44.0658 2452  C:\WINDOWS\system32\rpcrt4.dll - ok
14:58:44.0708 2452  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
14:58:44.0708 2452  C:\WINDOWS\system32\secur32.dll - ok
14:58:44.0768 2452  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
14:58:44.0768 2452  C:\WINDOWS\system32\drivers\dxg.sys - ok
14:58:44.0828 2452  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:58:44.0828 2452  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:58:44.0888 2452  [ 2CED2748FE96FA15E067BEE4BD0177F8 ] C:\WINDOWS\system32\ati2dvag.dll
14:58:44.0888 2452  C:\WINDOWS\system32\ati2dvag.dll - ok
14:58:44.0938 2452  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:58:44.0938 2452  C:\WINDOWS\system32\vga.dll - ok
14:58:44.0988 2452  [ 7D0CAAE514A2EF608CC5F05C4BDFDC3D ] C:\WINDOWS\system32\ati3d1ag.dll
14:58:44.0988 2452  C:\WINDOWS\system32\ati3d1ag.dll - ok
14:58:45.0049 2452  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
14:58:45.0049 2452  C:\WINDOWS\system32\authz.dll - ok
14:58:45.0109 2452  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
14:58:45.0109 2452  C:\WINDOWS\system32\winlogon.exe - ok
14:58:45.0159 2452  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
14:58:45.0159 2452  C:\WINDOWS\system32\msvcrt.dll - ok
14:58:45.0189 2452  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
14:58:45.0189 2452  C:\WINDOWS\system32\crypt32.dll - ok
14:58:45.0249 2452  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
14:58:45.0249 2452  C:\WINDOWS\system32\msasn1.dll - ok
14:58:45.0309 2452  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
14:58:45.0309 2452  C:\WINDOWS\system32\nddeapi.dll - ok
14:58:45.0369 2452  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
14:58:45.0369 2452  C:\WINDOWS\system32\profmap.dll - ok
14:58:45.0429 2452  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
14:58:45.0429 2452  C:\WINDOWS\system32\netapi32.dll - ok
14:58:45.0489 2452  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
14:58:45.0489 2452  C:\WINDOWS\system32\userenv.dll - ok
14:58:45.0539 2452  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
14:58:45.0539 2452  C:\WINDOWS\system32\psapi.dll - ok
14:58:45.0599 2452  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
14:58:45.0599 2452  C:\WINDOWS\system32\regapi.dll - ok
14:58:45.0659 2452  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
14:58:45.0659 2452  C:\WINDOWS\system32\setupapi.dll - ok
14:58:45.0719 2452  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
14:58:45.0719 2452  C:\WINDOWS\system32\version.dll - ok
14:58:45.0780 2452  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
14:58:45.0780 2452  C:\WINDOWS\system32\imagehlp.dll - ok
14:58:45.0800 2452  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
14:58:45.0800 2452  C:\WINDOWS\system32\winsta.dll - ok
14:58:45.0870 2452  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
14:58:45.0870 2452  C:\WINDOWS\system32\wintrust.dll - ok
14:58:45.0950 2452  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
14:58:45.0950 2452  C:\WINDOWS\system32\ws2help.dll - ok
14:58:46.0010 2452  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
14:58:46.0010 2452  C:\WINDOWS\system32\ws2_32.dll - ok
14:58:46.0060 2452  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
14:58:46.0060 2452  C:\WINDOWS\system32\imm32.dll - ok
14:58:46.0120 2452  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
14:58:46.0120 2452  C:\WINDOWS\system32\kbdus.dll - ok
14:58:46.0150 2452  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
14:58:46.0150 2452  C:\WINDOWS\system32\msgina.dll - ok
14:58:46.0210 2452  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
14:58:46.0210 2452  C:\WINDOWS\system32\comctl32.dll - ok
14:58:46.0270 2452  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
14:58:46.0270 2452  C:\WINDOWS\system32\odbc32.dll - ok
14:58:46.0320 2452  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
14:58:46.0320 2452  C:\WINDOWS\system32\comdlg32.dll - ok
14:58:46.0370 2452  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
14:58:46.0370 2452  C:\WINDOWS\system32\shell32.dll - ok
14:58:46.0441 2452  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
14:58:46.0441 2452  C:\WINDOWS\system32\shlwapi.dll - ok
14:58:46.0501 2452  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
14:58:46.0501 2452  C:\WINDOWS\system32\sxs.dll - ok
14:58:46.0561 2452  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:58:46.0561 2452  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:58:46.0611 2452  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
14:58:46.0611 2452  C:\WINDOWS\system32\odbcint.dll - ok
14:58:46.0681 2452  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
14:58:46.0681 2452  C:\WINDOWS\system32\shsvcs.dll - ok
14:58:46.0741 2452  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
14:58:46.0741 2452  C:\WINDOWS\system32\sfc.dll - ok
14:58:46.0801 2452  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
14:58:46.0801 2452  C:\WINDOWS\system32\ole32.dll - ok
14:58:46.0861 2452  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
14:58:46.0861 2452  C:\WINDOWS\system32\sfc_os.dll - ok
14:58:46.0891 2452  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
14:58:46.0891 2452  C:\WINDOWS\system32\apphelp.dll - ok
14:58:46.0951 2452  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
14:58:46.0951 2452  C:\WINDOWS\system32\lsass.exe - ok
14:58:47.0031 2452  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:58:47.0031 2452  C:\WINDOWS\system32\services.exe - ok
14:58:47.0122 2452  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
14:58:47.0122 2452  C:\WINDOWS\system32\lsasrv.dll - ok
14:58:47.0162 2452  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
14:58:47.0162 2452  C:\WINDOWS\system32\ncobjapi.dll - ok
14:58:47.0222 2452  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
14:58:47.0222 2452  C:\WINDOWS\system32\msvcp60.dll - ok
14:58:47.0282 2452  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
14:58:47.0282 2452  C:\WINDOWS\system32\scesrv.dll - ok
14:58:47.0342 2452  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
14:58:47.0342 2452  C:\WINDOWS\system32\umpnpmgr.dll - ok
14:58:47.0402 2452  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
14:58:47.0402 2452  C:\WINDOWS\AppPatch\acadproc.dll - ok
14:58:47.0452 2452  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
14:58:47.0452 2452  C:\WINDOWS\system32\mpr.dll - ok
14:58:47.0512 2452  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
14:58:47.0512 2452  C:\WINDOWS\system32\shimeng.dll - ok
14:58:47.0572 2452  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
14:58:47.0572 2452  C:\WINDOWS\system32\dnsapi.dll - ok
14:58:47.0632 2452  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
14:58:47.0632 2452  C:\WINDOWS\system32\ntdsapi.dll - ok
14:58:47.0692 2452  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
14:58:47.0692 2452  C:\WINDOWS\system32\wldap32.dll - ok
14:58:47.0712 2452  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
14:58:47.0712 2452  C:\WINDOWS\system32\samlib.dll - ok
14:58:47.0772 2452  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
14:58:47.0772 2452  C:\WINDOWS\system32\samsrv.dll - ok
14:58:47.0833 2452  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
14:58:47.0833 2452  C:\WINDOWS\system32\cryptdll.dll - ok
14:58:47.0893 2452  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
14:58:47.0893 2452  C:\WINDOWS\AppPatch\acgenral.dll - ok
14:58:47.0953 2452  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
14:58:47.0953 2452  C:\WINDOWS\system32\oleaut32.dll - ok
14:58:47.0993 2452  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
14:58:47.0993 2452  C:\WINDOWS\system32\winmm.dll - ok
14:58:48.0053 2452  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
14:58:48.0053 2452  C:\WINDOWS\system32\msacm32.dll - ok
14:58:48.0113 2452  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
14:58:48.0113 2452  C:\WINDOWS\system32\uxtheme.dll - ok
14:58:48.0173 2452  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
14:58:48.0173 2452  C:\WINDOWS\system32\msapsspc.dll - ok
14:58:48.0233 2452  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
14:58:48.0233 2452  C:\WINDOWS\system32\msvcrt40.dll - ok
14:58:48.0283 2452  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
14:58:48.0283 2452  C:\WINDOWS\system32\schannel.dll - ok
14:58:48.0343 2452  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
14:58:48.0343 2452  C:\WINDOWS\system32\digest.dll - ok
14:58:48.0403 2452  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
14:58:48.0403 2452  C:\WINDOWS\system32\msnsspc.dll - ok
14:58:48.0463 2452  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
14:58:48.0463 2452  C:\WINDOWS\system32\msctfime.ime - ok
14:58:48.0493 2452  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
14:58:48.0493 2452  C:\WINDOWS\system32\atmfd.dll - ok
14:58:48.0544 2452  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
14:58:48.0544 2452  C:\WINDOWS\system32\msprivs.dll - ok
14:58:48.0594 2452  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
14:58:48.0594 2452  C:\WINDOWS\system32\kerberos.dll - ok
14:58:48.0654 2452  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
14:58:48.0654 2452  C:\WINDOWS\system32\msv1_0.dll - ok
14:58:48.0714 2452  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
14:58:48.0714 2452  C:\WINDOWS\system32\iphlpapi.dll - ok
14:58:48.0774 2452  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
14:58:48.0774 2452  C:\WINDOWS\system32\netlogon.dll - ok
14:58:48.0824 2452  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
14:58:48.0824 2452  C:\WINDOWS\system32\w32time.dll - ok
14:58:48.0884 2452  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
14:58:48.0884 2452  C:\WINDOWS\system32\wdigest.dll - ok
14:58:48.0944 2452  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
14:58:48.0944 2452  C:\WINDOWS\system32\rsaenh.dll - ok
14:58:49.0004 2452  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
14:58:49.0004 2452  C:\WINDOWS\system32\winscard.dll - ok
14:58:49.0064 2452  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
14:58:49.0064 2452  C:\WINDOWS\system32\wtsapi32.dll - ok
14:58:49.0084 2452  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
14:58:49.0084 2452  C:\WINDOWS\system32\scecli.dll - ok
14:58:49.0144 2452  [ D3C1E501ED42E77574B3095309DD4075 ] C:\WINDOWS\system32\drivers\drvnddm.sys
14:58:49.0144 2452  C:\WINDOWS\system32\drivers\drvnddm.sys - ok
14:58:49.0205 2452  [ 629CABB0421668C9D3D402A3C3D77E14 ] C:\WINDOWS\system32\drivers\mbam.sys
14:58:49.0205 2452  C:\WINDOWS\system32\drivers\mbam.sys - ok
14:58:49.0265 2452  [ 5C984670FEA565A9EC3855FF9C29F7CC ] C:\WINDOWS\system32\dla\tfsndres.sys
14:58:49.0265 2452  C:\WINDOWS\system32\dla\tfsndres.sys - ok
14:58:49.0315 2452  [ 965C1AF88C6528172CEBE7674A37D8CD ] C:\WINDOWS\system32\dla\tfsnifs.sys
14:58:49.0315 2452  C:\WINDOWS\system32\dla\tfsnifs.sys - ok
14:58:49.0375 2452  [ 90AED91115EEF3BAB265E5F145A31DEF ] C:\WINDOWS\system32\dla\tfsnopio.sys
14:58:49.0375 2452  C:\WINDOWS\system32\dla\tfsnopio.sys - ok
14:58:49.0435 2452  [ 32A53CB321B8628D41E882223B2D0E4F ] C:\WINDOWS\system32\dla\tfsnpool.sys
14:58:49.0435 2452  C:\WINDOWS\system32\dla\tfsnpool.sys - ok
14:58:49.0495 2452  [ 91FA023C5203503776BCCC9CF96A0C59 ] C:\WINDOWS\system32\ibmpmsvc.exe
14:58:49.0495 2452  C:\WINDOWS\system32\ibmpmsvc.exe - ok
14:58:49.0555 2452  [ A03E3C621F8CC5751C46A4F671F7B7F4 ] C:\WINDOWS\system32\dla\tfsnboio.sys
14:58:49.0555 2452  C:\WINDOWS\system32\dla\tfsnboio.sys - ok
14:58:49.0615 2452  [ 04D9D5DB0E8339D75606C86B9CEF5F4E ] C:\WINDOWS\system32\dla\tfsncofs.sys
14:58:49.0615 2452  C:\WINDOWS\system32\dla\tfsncofs.sys - ok
14:58:49.0645 2452  [ BD09C104E02EB6A4AFE3DD0AF9B1CB17 ] C:\WINDOWS\system32\dla\tfsndrct.sys
14:58:49.0645 2452  C:\WINDOWS\system32\dla\tfsndrct.sys - ok
14:58:49.0695 2452  [ F275B4C714300B6E018A57D6C555FB2C ] C:\WINDOWS\system32\dla\tfsnudf.sys
14:58:49.0695 2452  C:\WINDOWS\system32\dla\tfsnudf.sys - ok
14:58:49.0755 2452  [ 5D85572F26DB3CA565B9EABABAAF074C ] C:\WINDOWS\system32\dla\tfsnudfa.sys
14:58:49.0755 2452  C:\WINDOWS\system32\dla\tfsnudfa.sys - ok
14:58:49.0845 2452  [ F9DA4053E23DA83C4810A7A9DE934861 ] C:\WINDOWS\system32\ati2evxx.exe
14:58:49.0845 2452  C:\WINDOWS\system32\ati2evxx.exe - ok
14:58:49.0906 2452  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
14:58:49.0906 2452  C:\WINDOWS\system32\svchost.exe - ok
14:58:49.0926 2452  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
14:58:49.0926 2452  C:\WINDOWS\system32\ntmarta.dll - ok
14:58:49.0986 2452  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
14:58:49.0986 2452  C:\WINDOWS\system32\rpcss.dll - ok
14:58:50.0046 2452  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
14:58:50.0046 2452  C:\WINDOWS\system32\xpsp2res.dll - ok
14:58:50.0106 2452  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
14:58:50.0106 2452  C:\WINDOWS\system32\eventlog.dll - ok
14:58:50.0166 2452  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
14:58:50.0166 2452  C:\WINDOWS\system32\mswsock.dll - ok
14:58:50.0236 2452  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
14:58:50.0236 2452  C:\WINDOWS\system32\hnetcfg.dll - ok
14:58:50.0336 2452  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
14:58:50.0336 2452  C:\WINDOWS\system32\wshtcpip.dll - ok
14:58:50.0436 2452  [ 811BB60991FC03A63F2F844A3F9C6488 ] C:\WINDOWS\system32\wshisn.dll
14:58:50.0436 2452  C:\WINDOWS\system32\wshisn.dll - ok
14:58:50.0486 2452  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
14:58:50.0486 2452  C:\WINDOWS\system32\wsock32.dll - ok
14:58:50.0576 2452  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
14:58:50.0576 2452  C:\WINDOWS\system32\rasadhlp.dll - ok
14:58:50.0677 2452  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
14:58:50.0677 2452  C:\WINDOWS\system32\winrnr.dll - ok
14:58:50.0777 2452  [ D286ACF26089444359794DFFADA32AB0 ] C:\WINDOWS\system32\ati2evxx.dll
14:58:50.0777 2452  C:\WINDOWS\system32\ati2evxx.dll - ok
14:58:50.0877 2452  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
14:58:50.0877 2452  C:\WINDOWS\system32\cscdll.dll - ok
14:58:50.0977 2452  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
14:58:50.0977 2452  C:\WINDOWS\system32\dimsntfy.dll - ok
14:58:51.0037 2452  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
14:58:51.0037 2452  C:\WINDOWS\system32\wlnotify.dll - ok
14:58:51.0057 2452  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
14:58:51.0057 2452  C:\WINDOWS\system32\winspool.drv - ok
14:58:51.0117 2452  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
14:58:51.0117 2452  C:\WINDOWS\system32\WgaLogon.dll - ok
14:58:51.0177 2452  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
14:58:51.0177 2452  C:\WINDOWS\system32\clbcatq.dll - ok
14:58:51.0267 2452  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
14:58:51.0267 2452  C:\WINDOWS\system32\comres.dll - ok
14:58:51.0298 2452  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
14:58:51.0298 2452  C:\WINDOWS\system32\msxml3.dll - ok
14:58:51.0348 2452  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
14:58:51.0348 2452  C:\WINDOWS\system32\WudfSvc.dll - ok
14:58:51.0408 2452  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
14:58:51.0408 2452  C:\WINDOWS\system32\WudfPlatform.dll - ok
14:58:51.0498 2452  [ ACA5E7B54409F9CB5EED97ED0C81120E ] C:\WINDOWS\system32\drivers\irda.sys
14:58:51.0498 2452  C:\WINDOWS\system32\drivers\irda.sys - ok
14:58:51.0558 2452  [ 8B8B1BE2DBA4025DA6786C645F77F123 ] C:\WINDOWS\system32\drivers\nwlnkipx.sys
14:58:51.0558 2452  C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok
14:58:51.0578 2452  [ 56D34A67C05E94E16377C60609741FF8 ] C:\WINDOWS\system32\drivers\nwlnknb.sys
14:58:51.0578 2452  C:\WINDOWS\system32\drivers\nwlnknb.sys - ok
14:58:51.0638 2452  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:58:51.0638 2452  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:58:51.0728 2452  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
14:58:51.0728 2452  C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:58:51.0788 2452  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
14:58:51.0788 2452  C:\WINDOWS\system32\dnsrslvr.dll - ok
14:58:51.0818 2452  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
14:58:51.0818 2452  C:\WINDOWS\system32\lmhsvc.dll - ok
14:58:51.0878 2452  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
14:58:51.0878 2452  C:\WINDOWS\system32\termsrv.dll - ok
14:58:51.0968 2452  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
14:58:51.0968 2452  C:\WINDOWS\system32\wzcsvc.dll - ok
14:58:52.0029 2452  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
14:58:52.0029 2452  C:\WINDOWS\system32\icaapi.dll - ok
14:58:52.0089 2452  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
14:58:52.0089 2452  C:\WINDOWS\system32\mstlsapi.dll - ok
14:58:52.0109 2452  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
14:58:52.0109 2452  C:\WINDOWS\system32\rtutils.dll - ok
14:58:52.0169 2452  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
14:58:52.0169 2452  C:\WINDOWS\system32\activeds.dll - ok
14:58:52.0229 2452  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
14:58:52.0229 2452  C:\WINDOWS\system32\wmi.dll - ok
14:58:52.0309 2452  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
14:58:52.0309 2452  C:\WINDOWS\system32\eapolqec.dll - ok
14:58:52.0369 2452  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
14:58:52.0369 2452  C:\WINDOWS\system32\atl.dll - ok
14:58:52.0389 2452  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
14:58:52.0389 2452  C:\WINDOWS\system32\qutil.dll - ok
14:58:52.0449 2452  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
14:58:52.0449 2452  C:\WINDOWS\system32\dot3api.dll - ok
14:58:52.0509 2452  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
14:58:52.0509 2452  C:\WINDOWS\system32\adsldpc.dll - ok
14:58:52.0569 2452  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
14:58:52.0569 2452  C:\WINDOWS\system32\esent.dll - ok
14:58:52.0629 2452  [ 49CC4533CE897CB2E93C1E84A818FDE5 ] C:\WINDOWS\system32\irmon.dll
14:58:52.0629 2452  C:\WINDOWS\system32\irmon.dll - ok
14:58:52.0669 2452  [ 52778FCE46E510B60F513B8882A65CD6 ] C:\WINDOWS\system32\wshirda.dll
14:58:52.0669 2452  C:\WINDOWS\system32\wshirda.dll - ok
14:58:52.0730 2452  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
14:58:52.0730 2452  C:\WINDOWS\system32\rastls.dll - ok
14:58:52.0790 2452  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
14:58:52.0790 2452  C:\WINDOWS\system32\cryptui.dll - ok
14:58:52.0850 2452  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
14:58:52.0850 2452  C:\WINDOWS\system32\wininet.dll - ok
14:58:52.0920 2452  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
14:58:52.0920 2452  C:\WINDOWS\system32\normaliz.dll - ok
14:58:52.0960 2452  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
14:58:52.0960 2452  C:\WINDOWS\system32\urlmon.dll - ok
14:58:53.0020 2452  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
14:58:53.0020 2452  C:\WINDOWS\system32\iertutil.dll - ok
14:58:53.0080 2452  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
14:58:53.0080 2452  C:\WINDOWS\system32\mpnotify.exe - ok
14:58:53.0140 2452  [ 06E587F41466569F32BEAAC7260E8AEC ] C:\WINDOWS\system32\nwprovau.dll
14:58:53.0140 2452  C:\WINDOWS\system32\nwprovau.dll - ok
14:58:53.0200 2452  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
14:58:53.0200 2452  C:\WINDOWS\system32\mprapi.dll - ok
14:58:53.0250 2452  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
14:58:53.0250 2452  C:\WINDOWS\system32\rasapi32.dll - ok
14:58:53.0310 2452  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
14:58:53.0310 2452  C:\WINDOWS\system32\rasman.dll - ok
14:58:53.0370 2452  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
14:58:53.0370 2452  C:\WINDOWS\system32\tapi32.dll - ok
14:58:53.0431 2452  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
14:58:53.0431 2452  C:\WINDOWS\system32\riched20.dll - ok
14:58:53.0461 2452  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
14:58:53.0461 2452  C:\WINDOWS\system32\raschap.dll - ok
14:58:53.0511 2452  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
14:58:53.0511 2452  C:\WINDOWS\system32\netman.dll - ok
14:58:53.0571 2452  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
14:58:53.0571 2452  C:\WINDOWS\system32\netshell.dll - ok
14:58:53.0631 2452  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
14:58:53.0631 2452  C:\WINDOWS\system32\credui.dll - ok
14:58:53.0721 2452  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
14:58:53.0721 2452  C:\WINDOWS\system32\dot3dlg.dll - ok
14:58:53.0751 2452  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
14:58:53.0751 2452  C:\WINDOWS\system32\onex.dll - ok
14:58:53.0801 2452  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
14:58:53.0801 2452  C:\WINDOWS\system32\eappcfg.dll - ok
14:58:53.0861 2452  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
14:58:53.0861 2452  C:\WINDOWS\system32\eappprxy.dll - ok
14:58:53.0921 2452  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
14:58:53.0921 2452  C:\WINDOWS\system32\wzcsapi.dll - ok
14:58:53.0981 2452  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
14:58:53.0981 2452  C:\WINDOWS\system32\schedsvc.dll - ok
14:58:54.0041 2452  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
14:58:54.0041 2452  C:\WINDOWS\system32\msidle.dll - ok
14:58:54.0092 2452  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
14:58:54.0092 2452  C:\WINDOWS\system32\spoolsv.exe - ok
14:58:54.0152 2452  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
14:58:54.0152 2452  C:\WINDOWS\system32\audiosrv.dll - ok
14:58:54.0222 2452  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
14:58:54.0222 2452  C:\WINDOWS\system32\wkssvc.dll - ok
14:58:54.0272 2452  [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] C:\WINDOWS\system32\nwwks.dll
14:58:54.0272 2452  C:\WINDOWS\system32\nwwks.dll - ok
14:58:54.0332 2452  [ E77A74BF45361E04C1AB0E9E50C5F855 ] C:\WINDOWS\system32\nwapi32.dll
14:58:54.0332 2452  C:\WINDOWS\system32\nwapi32.dll - ok
14:58:54.0382 2452  [ 36B9B950E3D2E100970A48D8BAD86740 ] C:\WINDOWS\system32\drivers\nwrdr.sys
14:58:54.0382 2452  C:\WINDOWS\system32\drivers\nwrdr.sys - ok
14:58:54.0442 2452  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
14:58:54.0442 2452  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
14:58:54.0502 2452  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
14:58:54.0502 2452  C:\WINDOWS\system32\webclnt.dll - ok
14:58:54.0562 2452  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
14:58:54.0562 2452  C:\WINDOWS\system32\mlang.dll - ok
14:58:54.0622 2452  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
14:58:54.0622 2452  C:\WINDOWS\system32\xmlprovi.dll - ok
14:58:54.0682 2452  [ CD5DDA84167F24446183126083EE6C19 ] C:\WINDOWS\system32\kbdheb.dll
14:58:54.0682 2452  C:\WINDOWS\system32\kbdheb.dll - ok
14:58:54.0742 2452  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
14:58:54.0742 2452  C:\WINDOWS\system32\cscui.dll - ok
14:58:54.0803 2452  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
14:58:54.0803 2452  C:\WINDOWS\system32\powrprof.dll - ok
14:58:54.0863 2452  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
14:58:54.0863 2452  C:\WINDOWS\system32\dpcdll.dll - ok
14:58:54.0893 2452  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
14:58:54.0893 2452  C:\WINDOWS\system32\wdmaud.drv - ok
14:58:54.0953 2452  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:58:54.0953 2452  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:58:55.0013 2452  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:58:55.0013 2452  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:58:55.0073 2452  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
14:58:55.0073 2452  C:\WINDOWS\system32\spoolss.dll - ok
14:58:55.0163 2452  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
14:58:55.0163 2452  C:\WINDOWS\system32\localspl.dll - ok
14:58:55.0183 2452  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
14:58:55.0183 2452  C:\WINDOWS\system32\cnbjmon.dll - ok
14:58:55.0243 2452  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
14:58:55.0243 2452  C:\WINDOWS\system32\drivers\splitter.sys - ok
14:58:55.0333 2452  [ CF0376023360AADD55C89BA50564AFDC ] C:\WINDOWS\system32\mdimon.dll
14:58:55.0333 2452  C:\WINDOWS\system32\mdimon.dll - ok
14:58:55.0393 2452  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
14:58:55.0393 2452  C:\WINDOWS\system32\msi.dll - ok
14:58:55.0423 2452  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
14:58:55.0423 2452  C:\WINDOWS\system32\drivers\aec.sys - ok
14:58:55.0474 2452  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
14:58:55.0474 2452  C:\WINDOWS\system32\pjlmon.dll - ok
14:58:55.0534 2452  [ 6DED3515CAA2AB4EF0331BC73D91859B ] C:\WINDOWS\system32\sss2ml3.dll
14:58:55.0534 2452  C:\WINDOWS\system32\sss2ml3.dll - ok
14:58:55.0594 2452  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
14:58:55.0594 2452  C:\WINDOWS\system32\tcpmon.dll - ok
14:58:55.0654 2452  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
14:58:55.0654 2452  C:\WINDOWS\system32\usbmon.dll - ok
14:58:55.0684 2452  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
14:58:55.0684 2452  C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:58:55.0774 2452  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
14:58:55.0774 2452  C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:58:55.0844 2452  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
14:58:55.0844 2452  C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:58:55.0904 2452  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:58:55.0904 2452  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:58:55.0934 2452  [ 58E13A2292839321D3CDC918D5A4F5AE ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
14:58:55.0934 2452  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
14:58:55.0994 2452  [ DD0DA53D125F6BBFCEABBAFEBD70DAD1 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\sss2mpc.dll
14:58:55.0994 2452  C:\WINDOWS\system32\spool\prtprocs\w32x86\sss2mpc.dll - ok
14:58:56.0084 2452  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
14:58:56.0084 2452  C:\WINDOWS\system32\netrap.dll - ok
14:58:56.0144 2452  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
14:58:56.0144 2452  C:\WINDOWS\system32\win32spl.dll - ok
14:58:56.0205 2452  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:58:56.0205 2452  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:58:56.0225 2452  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
14:58:56.0225 2452  C:\WINDOWS\system32\inetpp.dll - ok
14:58:56.0285 2452  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:58:56.0285 2452  C:\WINDOWS\system32\msacm32.drv - ok
14:58:56.0345 2452  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
14:58:56.0345 2452  C:\WINDOWS\system32\midimap.dll - ok
14:58:56.0435 2452  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
14:58:56.0435 2452  C:\WINDOWS\system32\userinit.exe - ok
14:58:56.0495 2452  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
14:58:56.0495 2452  C:\WINDOWS\system32\WgaTray.exe - ok
14:58:56.0515 2452  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
14:58:56.0515 2452  C:\WINDOWS\explorer.exe - ok
14:58:56.0575 2452  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
14:58:56.0585 2452  C:\WINDOWS\system32\browseui.dll - ok
14:58:56.0635 2452  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
14:58:56.0635 2452  C:\WINDOWS\system32\shdocvw.dll - ok
14:58:56.0695 2452  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
14:58:56.0695 2452  C:\WINDOWS\system32\desk.cpl - ok
14:58:56.0795 2452  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
14:58:56.0795 2452  C:\WINDOWS\system32\msimg32.dll - ok
14:58:56.0835 2452  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
14:58:56.0835 2452  C:\WINDOWS\system32\themeui.dll - ok
14:58:56.0896 2452  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
14:58:56.0896 2452  C:\WINDOWS\system32\actxprxy.dll - ok
14:58:56.0976 2452  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
14:58:56.0976 2452  C:\WINDOWS\system32\ieframe.dll - ok
14:58:57.0036 2452  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
14:58:57.0036 2452  C:\WINDOWS\system32\cmd.exe - ok
14:58:57.0066 2452  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
14:58:57.0066 2452  C:\WINDOWS\system32\cryptnet.dll - ok
14:58:57.0116 2452  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
14:58:57.0116 2452  C:\WINDOWS\system32\sensapi.dll - ok
14:58:57.0176 2452  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
14:58:57.0176 2452  C:\WINDOWS\system32\winhttp.dll - ok
14:58:57.0236 2452  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
14:58:57.0236 2452  C:\WINDOWS\system32\LegitCheckControl.dll - ok
14:58:57.0306 2452  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:58:57.0306 2452  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:58:57.0366 2452  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:58:57.0366 2452  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:58:57.0416 2452  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
14:58:57.0416 2452  C:\WINDOWS\system32\cabinet.dll - ok
14:58:57.0476 2452  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
14:58:57.0476 2452  C:\WINDOWS\system32\drivers\parvdm.sys - ok
14:58:57.0536 2452  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
14:58:57.0536 2452  C:\WINDOWS\system32\cryptsvc.dll - ok
14:58:57.0597 2452  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
14:58:57.0597 2452  C:\WINDOWS\system32\certcli.dll - ok
14:58:57.0667 2452  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
14:58:57.0667 2452  C:\WINDOWS\system32\ersvc.dll - ok
14:58:57.0717 2452  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
14:58:57.0717 2452  C:\WINDOWS\system32\es.dll - ok
14:58:57.0777 2452  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:58:57.0777 2452  C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
14:58:57.0837 2452  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:58:57.0837 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
14:58:57.0897 2452  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
14:58:57.0897 2452  C:\WINDOWS\system32\hidserv.dll - ok
14:58:57.0957 2452  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
14:58:57.0957 2452  C:\WINDOWS\system32\hid.dll - ok
14:58:58.0007 2452  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
14:58:58.0007 2452  C:\WINDOWS\system32\srvsvc.dll - ok
14:58:58.0067 2452  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
14:58:58.0067 2452  C:\WINDOWS\system32\netmsg.dll - ok
14:58:58.0147 2452  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
14:58:58.0147 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
14:58:58.0197 2452  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
14:58:58.0197 2452  C:\WINDOWS\system32\drivers\srv.sys - ok
14:58:58.0258 2452  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
14:58:58.0258 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:58:58.0308 2452  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\User\LOCALS~1\Temp\24E5940E-491C-4B8B-9EE2-0B4D95B0FFFA.exe
14:58:58.0308 2452  C:\DOCUME~1\User\LOCALS~1\Temp\24E5940E-491C-4B8B-9EE2-0B4D95B0FFFA.exe - ok
14:58:58.0368 2452  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
14:58:58.0368 2452  C:\WINDOWS\system32\msutb.dll - ok
14:58:58.0428 2452  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
14:58:58.0428 2452  C:\WINDOWS\system32\msctf.dll - ok
14:58:58.0488 2452  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
14:58:58.0488 2452  C:\WINDOWS\system32\ntshrui.dll - ok
14:58:58.0548 2452  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
14:58:58.0548 2452  C:\WINDOWS\system32\linkinfo.dll - ok
14:58:58.0608 2452  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
14:58:58.0608 2452  C:\WINDOWS\system32\verclsid.exe - ok
14:58:58.0668 2452  [ C11D79B0421D833CBC2A182E708A170A ] C:\WINDOWS\system32\S3Tray2.exe
14:58:58.0668 2452  C:\WINDOWS\system32\S3Tray2.exe - ok
14:58:58.0738 2452  [ B625F83DB72D4606962EE18674AD9D26 ] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
14:58:58.0738 2452  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe - ok
14:58:58.0788 2452  [ CB43A4F2B516EEBC992AEE67578C154A ] C:\WINDOWS\system32\SynTPFcs.dll
14:58:58.0788 2452  C:\WINDOWS\system32\SynTPFcs.dll - ok
14:58:58.0848 2452  [ E961897A1D80F391FE8DED0F9C7F27DE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:58:58.0848 2452  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
14:58:58.0908 2452  [ 769EB972457E944D038FA68D6FB69F66 ] C:\WINDOWS\system32\TpShocks.exe
14:58:58.0908 2452  C:\WINDOWS\system32\TpShocks.exe - ok
14:58:58.0969 2452  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:58:58.0969 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
14:58:58.0999 2452  [ C13A777ABFA15183EE7B443AD573127F ] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
14:58:58.0999 2452  C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe - ok
14:58:59.0049 2452  [ F251191EB18F61D193340F969E78D97F ] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
14:58:59.0049 2452  C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE - ok
14:58:59.0119 2452  [ 9C65F8034CDFEAD97BD2C17215FD17E3 ] C:\WINDOWS\system32\Sensor.dll
14:58:59.0119 2452  C:\WINDOWS\system32\Sensor.dll - ok
14:58:59.0179 2452  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
14:58:59.0179 2452  C:\WINDOWS\system32\mfc42.dll - ok
14:58:59.0269 2452  [ 134C5E031CB0DE6F29B5766224D921CD ] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe
14:58:59.0269 2452  C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe - ok
14:58:59.0299 2452  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
14:58:59.0299 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
14:58:59.0359 2452  [ CD2BBF8885D0B90FE1138C85AFC762AA ] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
14:58:59.0359 2452  C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe - ok
14:58:59.0419 2452  [ E9AAA89D74058EC802F93CD83DD72CAC ] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
14:58:59.0419 2452  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe - ok
14:58:59.0479 2452  [ 477CA3CB4A5EF5D182BC05B1474B41EB ] C:\WINDOWS\system32\SynCOM.dll
14:58:59.0479 2452  C:\WINDOWS\system32\SynCOM.dll - ok
14:58:59.0539 2452  [ FAE95D6D7651B5629C4E19ADBC9A3863 ] C:\WINDOWS\system32\Ati2mdxx.exe
14:58:59.0549 2452  C:\WINDOWS\system32\Ati2mdxx.exe - ok
14:58:59.0599 2452  [ 0A57E477758F345E9FFB5EE1F43B2A9C ] C:\WINDOWS\system32\SynTPAPI.dll
14:58:59.0599 2452  C:\WINDOWS\system32\SynTPAPI.dll - ok
14:58:59.0660 2452  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
14:58:59.0660 2452  C:\WINDOWS\system32\oledlg.dll - ok
14:58:59.0720 2452  [ 49450704E9FDDA7779E7D2BA3E20E4A5 ] C:\IBMTOOLS\Updater\ucstartup.exe
14:58:59.0720 2452  C:\IBMTOOLS\Updater\ucstartup.exe - ok
14:58:59.0780 2452  [ 7193F623100A0828228F2680E426F80D ] C:\IBMTOOLS\Updater\jre\bin\javaw.exe
14:58:59.0780 2452  C:\IBMTOOLS\Updater\jre\bin\javaw.exe - ok
14:58:59.0840 2452  [ 0EE6FF10F9B61FB977A76F3CBB2D7B14 ] C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
14:58:59.0840 2452  C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe - ok
14:58:59.0890 2452  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
14:58:59.0890 2452  C:\WINDOWS\system32\olepro32.dll - ok
14:58:59.0950 2452  [ DEB8D1BBBB819174A4BAB11485817099 ] C:\WINDOWS\system32\dla\tfswctrl.exe
14:58:59.0950 2452  C:\WINDOWS\system32\dla\tfswctrl.exe - ok
14:59:00.0010 2452  [ 16BFB24721A3B38598E7CACC56F453C5 ] C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
14:59:00.0010 2452  C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe - ok
14:59:00.0070 2452  [ 776312A195DF09964E209522D95BAFFB ] C:\IBMTOOLS\Updater\jre\bin\classic\jvm.dll
14:59:00.0070 2452  C:\IBMTOOLS\Updater\jre\bin\classic\jvm.dll - ok
14:59:00.0160 2452  [ 6404AC8BECA7C924A171FEF2E1A0FFEC ] C:\WINDOWS\system32\tfswapi.dll
14:59:00.0160 2452  C:\WINDOWS\system32\tfswapi.dll - ok
14:59:00.0180 2452  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
14:59:00.0180 2452  C:\WINDOWS\system32\rundll32.exe - ok
14:59:00.0240 2452  [ 69240C72E371FFE7B6EC428DD8FEA354 ] C:\WINDOWS\system32\dla\tfswcres.dll
14:59:00.0240 2452  C:\WINDOWS\system32\dla\tfswcres.dll - ok
14:59:00.0300 2452  [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
14:59:00.0300 2452  C:\WINDOWS\system32\ddraw.dll - ok
14:59:00.0361 2452  [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
14:59:00.0371 2452  C:\WINDOWS\system32\dumprep.exe - ok
14:59:00.0421 2452  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
14:59:00.0421 2452  C:\WINDOWS\system32\cfgmgr32.dll - ok
14:59:00.0471 2452  [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
14:59:00.0471 2452  C:\WINDOWS\system32\dciman32.dll - ok
14:59:00.0531 2452  [ 648CDA27CE91001A37349A9EFEBB9279 ] C:\IBMTOOLS\Updater\jre\bin\jsig.dll
14:59:00.0531 2452  C:\IBMTOOLS\Updater\jre\bin\jsig.dll - ok
14:59:00.0581 2452  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
14:59:00.0581 2452  C:\WINDOWS\system32\ctfmon.exe - ok
14:59:00.0641 2452  [ 329D20BE3F2A0BD29585088117A18097 ] C:\PROGRA~1\ThinkPad\UTILIT~1\TPPWRW32.DLL
14:59:00.0641 2452  C:\PROGRA~1\ThinkPad\UTILIT~1\TPPWRW32.DLL - ok
14:59:00.0701 2452  [ 118FF85EAB87B76B26A7DAEB4D586663 ] C:\IBMTOOLS\Updater\jre\bin\xhpi.dll
14:59:00.0701 2452  C:\IBMTOOLS\Updater\jre\bin\xhpi.dll - ok
14:59:00.0751 2452  [ 4DE4654002E0C49272B8AAD34D792388 ] C:\IBMTOOLS\Updater\jre\bin\hpi.dll
14:59:00.0751 2452  C:\IBMTOOLS\Updater\jre\bin\hpi.dll - ok
14:59:00.0811 2452  [ 97907D0248B41084ED50E00DEF3D50C4 ] C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL
14:59:00.0811 2452  C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL - ok
14:59:00.0871 2452  [ E5BB027687A487EEA199CB75BAA3E909 ] C:\WINDOWS\system32\Oemdspif.dll
14:59:00.0871 2452  C:\WINDOWS\system32\Oemdspif.dll - ok
14:59:00.0931 2452  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] C:\WINDOWS\system32\drivers\nwlnkspx.sys
14:59:00.0931 2452  C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok
14:59:00.0991 2452  [ 2B6E925221CF3A4DBFF597CD3F918913 ] C:\IBMTOOLS\Updater\jre\bin\java.dll
14:59:00.0991 2452  C:\IBMTOOLS\Updater\jre\bin\java.dll - ok
14:59:01.0032 2452  [ B21E70F36573BF7D750A90C52B7B6909 ] C:\IBMTOOLS\Updater\jre\bin\classic\core.dll
14:59:01.0052 2452  C:\IBMTOOLS\Updater\jre\bin\classic\core.dll - ok
14:59:01.0082 2452  [ 0A043D3525A73F162D62F7EA7F73FA85 ] C:\IBMTOOLS\Updater\jre\bin\zip.dll
14:59:01.0082 2452  C:\IBMTOOLS\Updater\jre\bin\zip.dll - ok
14:59:01.0142 2452  [ FA292805788528C083F416E151B60AB6 ] C:\WINDOWS\system32\drivers\PMEMNT.SYS
14:59:01.0142 2452  C:\WINDOWS\system32\drivers\PMEMNT.SYS - ok
14:59:01.0202 2452  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
14:59:01.0202 2452  C:\WINDOWS\system32\ipsecsvc.dll - ok
14:59:01.0262 2452  [ 8F6DF00173098CB48823B48DFA77CEF8 ] C:\Program Files\FastAgain PC Booster\PCBooster.exe
14:59:01.0262 2452  C:\Program Files\FastAgain PC Booster\PCBooster.exe - ok
14:59:01.0302 2452  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
14:59:01.0302 2452  C:\WINDOWS\system32\oakley.dll - ok
14:59:01.0362 2452  [ 7D8490530AB518EB77F689F0DD1EA532 ] C:\WINDOWS\system32\QCONSVC.EXE
14:59:01.0362 2452  C:\WINDOWS\system32\QCONSVC.EXE - ok
14:59:01.0422 2452  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
14:59:01.0422 2452  C:\WINDOWS\system32\winipsec.dll - ok
14:59:01.0462 2452  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
14:59:01.0462 2452  C:\WINDOWS\system32\pstorsvc.dll - ok
14:59:01.0522 2452  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
14:59:01.0522 2452  C:\WINDOWS\system32\psbase.dll - ok
14:59:01.0552 2452  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
14:59:01.0552 2452  C:\WINDOWS\ime\sptip.dll - ok
14:59:01.0612 2452  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
14:59:01.0612 2452  C:\WINDOWS\system32\faultrep.dll - ok
14:59:01.0662 2452  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
14:59:01.0662 2452  C:\WINDOWS\system32\dssenh.dll - ok
14:59:01.0723 2452  [ 82687649CADEE9B59CC77937DD587A0A ] C:\IBMTOOLS\Updater\jre\bin\jitc.dll
14:59:01.0723 2452  C:\IBMTOOLS\Updater\jre\bin\jitc.dll - ok
14:59:01.0783 2452  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
14:59:01.0783 2452  C:\WINDOWS\system32\oleacc.dll - ok
14:59:01.0843 2452  [ 694C047666FB750DCDE225E9A67B4662 ] C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe
14:59:01.0843 2452  C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe - ok
14:59:01.0903 2452  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
14:59:01.0903 2452  C:\WINDOWS\system32\regsvc.dll - ok
14:59:01.0963 2452  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
14:59:01.0963 2452  C:\WINDOWS\system32\seclogon.dll - ok
14:59:02.0023 2452  [ 1D51D48DFA986A49CB7BD0F87CB0CF53 ] C:\WINDOWS\system32\drivers\ShockMgr.sys
14:59:02.0023 2452  C:\WINDOWS\system32\drivers\ShockMgr.sys - ok
14:59:02.0083 2452  [ 9E3DFE8610FE6C51F3BDF6A9864E4425 ] C:\PROGRA~1\ThinkPad\CONNEC~1\QCTRAY.EXE
14:59:02.0083 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\QCTRAY.EXE - ok
14:59:02.0143 2452  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
14:59:02.0143 2452  C:\WINDOWS\system32\sens.dll - ok
14:59:02.0173 2452  [ CB8AE5A0148EE93D71D1653BF17CA005 ] C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll
14:59:02.0173 2452  C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll - ok
14:59:02.0223 2452  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
14:59:02.0223 2452  C:\WINDOWS\system32\srsvc.dll - ok
14:59:02.0283 2452  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
14:59:02.0283 2452  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
14:59:02.0373 2452  [ 5305D17078300384E7A983A91142CBB5 ] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll
14:59:02.0373 2452  C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll - ok
14:59:02.0403 2452  [ DFB268FF0A6DCB9280015FF527F892FF ] C:\WINDOWS\system32\TpKmpSvc.exe
14:59:02.0403 2452  C:\WINDOWS\system32\TpKmpSvc.exe - ok
14:59:02.0454 2452  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
14:59:02.0454 2452  C:\WINDOWS\system32\wiaservc.dll - ok
14:59:02.0544 2452  [ 5B5B40197B63EA7268444CB99CBD62C5 ] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7ex.dll
14:59:02.0544 2452  C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7ex.dll - ok
14:59:02.0604 2452  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
14:59:02.0604 2452  C:\WINDOWS\system32\trkwks.dll - ok
14:59:02.0664 2452  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
14:59:02.0664 2452  C:\WINDOWS\system32\mscms.dll - ok
14:59:02.0684 2452  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
14:59:02.0684 2452  C:\WINDOWS\system32\browser.dll - ok
14:59:02.0734 2452  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
14:59:02.0734 2452  C:\WINDOWS\system32\webcheck.dll - ok
14:59:02.0784 2452  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
14:59:02.0784 2452  C:\WINDOWS\system32\wuauserv.dll - ok
14:59:02.0844 2452  [ 18DDF0CCC1B36C4CF095BE6C85EAB60F ] C:\PROGRA~1\ThinkPad\CONNEC~1\QCON.DLL
14:59:02.0844 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\QCON.DLL - ok
14:59:02.0904 2452  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
14:59:02.0904 2452  C:\WINDOWS\system32\rasdlg.dll - ok
14:59:02.0954 2452  [ 4448FEEBD9B30E0BEAF5226F6F23FB41 ] C:\PROGRA~1\ThinkPad\CONNEC~1\MerlinC201.dll
14:59:02.0954 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\MerlinC201.dll - ok
14:59:03.0014 2452  [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
14:59:03.0014 2452  C:\WINDOWS\system32\msvcirt.dll - ok
14:59:03.0074 2452  [ 37F9685A12287C6E62DC6E9B4A01D479 ] C:\PROGRA~1\ThinkPad\CONNEC~1\ANCA.dll
14:59:03.0074 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\ANCA.dll - ok
14:59:03.0135 2452  [ 38B1121F17AB3A3D1F984A44A4D00FE4 ] C:\PROGRA~1\ThinkPad\CONNEC~1\ANC.dll
14:59:03.0135 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\ANC.dll - ok
14:59:03.0195 2452  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
14:59:03.0195 2452  C:\WINDOWS\system32\wuaueng.dll - ok
14:59:03.0255 2452  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
14:59:03.0255 2452  C:\WINDOWS\system32\mspatcha.dll - ok
14:59:03.0285 2452  [ 6F2D79A83191A7C573DED393FCD057CA ] C:\IBMTOOLS\Updater\UCTools.dll
14:59:03.0285 2452  C:\IBMTOOLS\Updater\UCTools.dll - ok
14:59:03.0345 2452  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:59:03.0345 2452  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:59:03.0405 2452  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
14:59:03.0405 2452  C:\WINDOWS\system32\stobject.dll - ok
14:59:03.0465 2452  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
14:59:03.0465 2452  C:\WINDOWS\system32\batmeter.dll - ok
14:59:03.0525 2452  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
14:59:03.0525 2452  C:\WINDOWS\system32\vssapi.dll - ok
14:59:03.0565 2452  [ D347812FED41FC289AD481304F1D5829 ] C:\IBMTOOLS\Updater\uctoolsex.dll
14:59:03.0565 2452  C:\IBMTOOLS\Updater\uctoolsex.dll - ok
14:59:03.0625 2452  [ 71A2DCA8F626FCEF8BFF7E2C17C67A7F ] C:\Program Files\FastAgain PC Booster\xmllite.dll
14:59:03.0625 2452  C:\Program Files\FastAgain PC Booster\xmllite.dll - ok
14:59:03.0695 2452  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
14:59:03.0695 2452  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
14:59:03.0755 2452  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\71893245.sys
14:59:03.0755 2452  C:\WINDOWS\system32\drivers\71893245.sys - ok
14:59:03.0805 2452  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
14:59:03.0805 2452  C:\WINDOWS\system32\ipnathlp.dll - ok
14:59:03.0856 2452  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
14:59:03.0856 2452  C:\WINDOWS\system32\mydocs.dll - ok
14:59:03.0916 2452  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
14:59:03.0916 2452  C:\WINDOWS\system32\wscsvc.dll - ok
14:59:03.0986 2452  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
14:59:03.0986 2452  C:\WINDOWS\system32\comsvcs.dll - ok
14:59:04.0036 2452  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
14:59:04.0036 2452  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
14:59:04.0096 2452  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
14:59:04.0096 2452  C:\WINDOWS\system32\colbact.dll - ok
14:59:04.0156 2452  [ AE43667264475495A7A1EDA018DBFCC5 ] C:\IBMTOOLS\Updater\jre\bin\net.dll
14:59:04.0156 2452  C:\IBMTOOLS\Updater\jre\bin\net.dll - ok
14:59:04.0206 2452  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
14:59:04.0206 2452  C:\WINDOWS\system32\mtxclu.dll - ok
14:59:04.0266 2452  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
14:59:04.0266 2452  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
14:59:04.0356 2452  [ 282BB948BCFB9F0652F4F954228F595D ] C:\IBMTOOLS\Updater\jre\bin\nio.dll
14:59:04.0356 2452  C:\IBMTOOLS\Updater\jre\bin\nio.dll - ok
14:59:04.0376 2452  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
14:59:04.0376 2452  C:\WINDOWS\system32\clusapi.dll - ok
14:59:04.0436 2452  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
14:59:04.0446 2452  C:\WINDOWS\system32\resutils.dll - ok
14:59:04.0496 2452  [ 727C9E97CB26879C17A30484C2C76E98 ] C:\WINDOWS\system32\mshtml.dll
14:59:04.0496 2452  C:\WINDOWS\system32\mshtml.dll - ok
14:59:04.0557 2452  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:59:04.0557 2452  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:59:04.0647 2452  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
14:59:04.0647 2452  C:\WINDOWS\system32\wbem\esscli.dll - ok
14:59:04.0677 2452  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
14:59:04.0677 2452  C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:59:04.0737 2452  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
14:59:04.0737 2452  C:\WINDOWS\system32\msls31.dll - ok
14:59:04.0787 2452  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
14:59:04.0787 2452  C:\WINDOWS\system32\wups.dll - ok
14:59:04.0877 2452  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
14:59:04.0877 2452  C:\WINDOWS\system32\wups2.dll - ok
14:59:04.0937 2452  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:59:04.0937 2452  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:59:04.0967 2452  [ 908E136421778E41476A325395FB3753 ] C:\PROGRA~1\ThinkPad\CONNEC~1\Res\US\TrayRes.dll
14:59:04.0967 2452  C:\PROGRA~1\ThinkPad\CONNEC~1\Res\US\TrayRes.dll - ok
14:59:05.0017 2452  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:59:05.0017 2452  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:59:05.0107 2452  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:59:05.0107 2452  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:59:05.0167 2452  [ C490EACD9C6E4F5797E7EA32897F1868 ] C:\Program Files\FastAgain PC Booster\RegCleanPro.dll
14:59:05.0167 2452  C:\Program Files\FastAgain PC Booster\RegCleanPro.dll - ok
14:59:05.0198 2452  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:59:05.0198 2452  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:59:05.0248 2452  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
14:59:05.0248 2452  C:\WINDOWS\system32\wuauclt.exe - ok
14:59:05.0338 2452  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:59:05.0338 2452  C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:59:05.0398 2452  [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
14:59:05.0398 2452  C:\WINDOWS\system32\inetmib1.dll - ok
14:59:05.0458 2452  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
14:59:05.0458 2452  C:\WINDOWS\system32\snmpapi.dll - ok
14:59:05.0478 2452  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
14:59:05.0478 2452  C:\WINDOWS\system32\wuapi.dll - ok
14:59:05.0538 2452  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
14:59:05.0538 2452  C:\WINDOWS\system32\wbem\ncprov.dll - ok
14:59:05.0568 2452  ============================================================
14:59:05.0568 2452  Scan finished
14:59:05.0568 2452  ============================================================
14:59:05.0688 2440  Detected object count: 0
14:59:05.0688 2440  Actual detected object count: 0
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-10 15:13:42
-----------------------------
15:13:42.289    OS Version: Windows 5.1.2600 Service Pack 3
15:13:42.289    Number of processors: 1 586 0x905
15:13:42.289    ComputerName: IBM-CC607A0F135  UserName: User
15:13:44.071    Initialize success
15:21:30.682    AVAST engine defs: 13031001
15:22:23.408    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:22:23.408    Disk 0 Vendor: FUJITSU_MHT2040AH 006C Size: 34682MB BusType: 3
15:22:23.448    Disk 0 MBR read successfully
15:22:23.448    Disk 0 MBR scan
15:22:23.578    Disk 0 unknown MBR code
15:22:23.588    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        34677 MB offset 63
15:22:23.598    Disk 0 scanning sectors +71018640
15:22:23.759    Disk 0 scanning C:\WINDOWS\system32\drivers
15:22:42.716    Service scanning
15:23:08.643    Modules scanning
15:23:23.254    Disk 0 trace - called modules:
15:23:23.294    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
15:23:23.294    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82f0bab8]
15:23:23.655    3 CLASSPNP.SYS[f8645fd7] -> nt!IofCallDriver -> \Device\00000082[0x82f229e8]
15:23:23.665    5 ACPI.sys[f857e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x82f25d98]
15:23:24.256    AVAST engine scan C:\WINDOWS
15:23:46.938    AVAST engine scan C:\WINDOWS\system32
15:29:10.634    AVAST engine scan C:\WINDOWS\system32\drivers
15:29:39.225    AVAST engine scan C:\Documents and Settings\User
15:36:16.756    AVAST engine scan C:\Documents and Settings\All Users
15:36:37.326    Scan finished successfully
15:39:48.601    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"
15:39:48.611    The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\aswMBR.txt"
 
 

 

C:\System Volume Information\_restore{DAAD8284-5896-4B40-A753-8454BDC2E5A5}\RP459\A0151384.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 08:23 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log



#5 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 08:38 AM

Thanks narenxp, will follow your instructions.

 

Do you have any indication what FastAgain PC Booster is and what it does? 



#6 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 01:20 PM

narenxp, attached are the logs, thx!

 

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.11.07
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: IBM-CC607A0F135 [administrator]
 
Protection: Enabled
 
3/11/2013 7:53:55 AM
mbam-log-2013-03-11 (07-53-55).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221692
Time elapsed: 12 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by User (administrator) on 11-03-2013 at 08:33:02
Running from "C:\Documents and Settings\User\Desktop\Treatment"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Cisco Systems PCI Wireless LAN Adapter = Wireless Network Connection (Media disconnected)
Intel® PRO/1000 MT Mobile Connection = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : IBM-CC607A0F135
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Cisco Systems PCI Wireless LAN Adapter
 
        Physical Address. . . . . . . . . : 00-0E-9B-48-92-9A
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Intel® PRO/1000 MT Mobile Connection
 
        Physical Address. . . . . . . . . : 00-0D-60-7A-F2-C6
 
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
 
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0e 9b 48 92 9a ...... Cisco Systems PCI Wireless LAN Adapter - Packet Scheduler Miniport
0x3 ...00 0d 60 7a f2 c6 ...... Intel® PRO/1000 MT Mobile Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
  255.255.255.255  255.255.255.255  255.255.255.255               2  1
  255.255.255.255  255.255.255.255  255.255.255.255               3  1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/11/2013 04:15:23 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2742596, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.
 
Error: (03/11/2013 04:15:22 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB2742596' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2742596_20130311_111005129-Msi0.txt.
 
Error: (03/11/2013 04:15:16 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.
 
Error: (03/11/2013 04:13:21 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.
 
Error: (03/11/2013 04:09:20 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2756918, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.
 
Error: (03/11/2013 04:07:37 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB976765' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130311_110148485-Msi1.txt.
 
Error: (03/11/2013 04:07:37 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB980773' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130311_110148485-Msi1.txt.
 
Error: (03/11/2013 04:07:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.
 
Error: (03/11/2013 04:06:00 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.
 
Error: (03/11/2013 04:01:22 AM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2604111, P2 1033, P3 1620, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.
 
 
System errors:
=============
Error: (03/11/2013 04:16:14 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2742596).
 
Error: (03/11/2013 04:09:57 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2756918).
 
Error: (03/11/2013 04:01:30 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2604111).
 
Error: (03/11/2013 04:01:08 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2604092).
 
Error: (03/11/2013 03:54:46 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).
 
Error: (03/11/2013 03:54:38 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2736416).
 
Error: (03/11/2013 03:54:30 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656352).
 
Error: (03/11/2013 03:48:53 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2729450).
 
Error: (03/11/2013 03:42:38 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2789643).
 
Error: (03/11/2013 03:32:51 AM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (03/11/2013 04:15:23 AM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 2.0-kb274259610331603msif9.0.40215.0installx86xp0
 
Error: (03/11/2013 04:15:22 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 2.0 Service Pack 2KB27425961603C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2742596_20130311_111005129-Msi0.txt(NULL)
 
Error: (03/11/2013 04:15:16 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.(NULL)(NULL)(NULL)(NULL)
 
Error: (03/11/2013 04:13:21 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.(NULL)(NULL)(NULL)(NULL)
 
Error: (03/11/2013 04:09:20 AM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 3.0-kb275691810331603msif9.0.40215.0installx86xp0
 
Error: (03/11/2013 04:07:37 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 2.0 Service Pack 2KB9767651603C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130311_110148485-Msi1.txt(NULL)
 
Error: (03/11/2013 04:07:37 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 2.0 Service Pack 2KB9807731603C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130311_110148485-Msi1.txt(NULL)
 
Error: (03/11/2013 04:07:31 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.(NULL)(NULL)(NULL)(NULL)
 
Error: (03/11/2013 04:06:00 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a problem with this Windows Installer package. Please refer to the setup log for more information.(NULL)(NULL)(NULL)(NULL)
 
Error: (03/11/2013 04:01:22 AM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 3.5-kb260411110331620msif9.0.40215.0installx86xp0
 
 
=========================== Installed Programs ============================
 
Access IBM (Version: 4.0)
Access IBM Cleanup Utility (Version: 1.00.0000)
Access IBM Message Center (Version: 1.054)
Access IBM Tools (Version: 4.0)
Agere Systems AC'97 Modem (Version: 2.1.31)
ATI Control Panel (Version: 6.14.10.5043)
ATI Display Driver (Version: 7.933-030911m-011161E-IBM)
ATI HYDRAVISION (Version: 3.25.0006)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
ESET Online Scanner v3
FastAgain PC Booster (Version: 1.0)
IBM 32-bit SDK for Java 2, v1.4.1 (Version: 1.4.1)
IBM Access Connections (Version: 3.10)
IBM DLA (Version: 4.60)
IBM Hard Drive Active Protection System (Version: 1.01b)
IBM RecordNow! (Version: 6.7.0)
IBM Themes (Version: 1.00.0000)
IBM ThinkPad Battery MaxiMiser and Power Management Features (Version: 1.34)
IBM ThinkPad Configuration (Version: 1.34)
IBM ThinkPad EasyEject Utility  (Version: 2.02)
IBM ThinkPad Keyboard Customizer Utility (Version: 1.2.72.0)
IBM ThinkPad Power Management Driver (Version: 1.25.01)
IBM ThinkPad Presentation Director (Version: 2.21)
IBM ThinkPad UltraNav Driver (Version: 7.5.17.6)
IBM ThinkPad UltraNav Wizard (Version: 2.01.00)
IBM TrackPoint Accessibility Features (Version: 1.06.0.0)
IBM Update Connector (Version: 5.32)
Intel® PRO Network Adapters and Drivers
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
ThinkPad FullScreen Magnifier (Version: 1.10)
ThinkPad Software Installer (Version: 2.00.0375)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Wallpapers (Version: 2.0)
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 67%
Total physical RAM: 510.92 MB
Available physical RAM: 164.37 MB
Total Pagefile: 1248.76 MB
Available Pagefile: 945.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.63 MB
 
========================= Partitions: =====================================
 
1 Drive c: (IBM_PRELOAD) (Fixed) (Total:33.86 GB) (Free:4.23 GB) NTFS
3 Drive e: () (Removable) (Total:59.45 GB) (Free:49.2 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\IBM-CC607A0F135
 
Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         User                     
 
 
**** End of log ****
 
Farbar Service Scanner Version: 03-03-2013
Ran by User (administrator) on 11-03-2013 at 09:04:27
Running from "E:\ActivReserch\CleanUp Tools\Connectivity Hijack Tools"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-02-05 08:45] - [2008-04-13 17:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A
 
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2011-02-05 08:43] - [2009-02-06 04:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315
 
 
Extra List:
=======
Gpc(7) IPSec(5) irda(9) NetBT(6) NwlnkIpx(11) NwlnkNb(12) PSched(8) Tcpip(4) 
0x0B0000000500000001000000020000000300000004000000060000000700000008000000090000000B0000000C000000
IpSec Tag value is correct.
 
**** End of log ****
 
# AdwCleaner v2.114 - Logfile created 03/11/2013 at 09:08:58
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : User - IBM-CC607A0F135
# Boot Mode : Normal
# Running from : E:\ActivReserch\CleanUp Tools\Adware Cleaner\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
*************************
 
AdwCleaner[R1].txt - [728 octets] - [11/03/2013 09:05:47]
AdwCleaner[R2].txt - [846 octets] - [11/03/2013 09:08:10]
AdwCleaner[S1].txt - [1548 octets] - [02/03/2013 12:41:55]
AdwCleaner[S2].txt - [344 octets] - [11/03/2013 09:07:49]
AdwCleaner[S3].txt - [778 octets] - [11/03/2013 09:08:58]
 
########## EOF - C:\AdwCleaner[S3].txt - [837 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Microsoft Windows XP x86
Ran by User on Mon 03/11/2013 at 10:55:41.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/11/2013 at 11:04:51.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/11/2013 11:09:07 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\WINDOWS\system32\TpShocks.exe (PID: 1844) [WD-HEUR]
 * C:\WINDOWS\system32\dla\tfswctrl.exe (PID: 1996) [WD-HEUR]
 * C:\WINDOWS\System32\QCONSVC.EXE (PID: 728) [WD-HEUR]
 * C:\WINDOWS\system32\TpKmpSVC.exe (PID: 1184) [WD-HEUR]
 
4 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
 +-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91,776 : 06/22/2009 00:30 AM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
 +-> C:\WINDOWS\$NtServicePackUninstall$\mqac.sys : 72,960 : 08/03/2004 10:58 PM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
 +-> C:\WINDOWS\$NtUninstallKB892944$\mqac.sys : 67,200 : 08/29/2002 10:45 AM : 395b13bec1ef76b01ac4be8487ac65b2 [Pos Repl]
 +-> C:\WINDOWS\$NtUninstallKB971032$\mqac.sys : 72,960 : 08/03/2004 10:58 PM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
 +-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92,544 : 04/13/2008 00:39 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
 +-> C:\WINDOWS\system32\dllcache\mqac.sys : 91,776 : 06/22/2009 00:48 AM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 03/11/2013 11:10:49 AM
Execution time: 0 hours(s), 1 minute(s), and 42 seconds(s)
 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AGRSMMSG" "" "" "File not found: :AGRSMMSG.exe"
+ "ATIModeChange" "ATI 2D Mode component" "ATI Technologies, Inc." "c:\windows\system32\ati2mdxx.exe"
+ "ATIPTA" "ATI Desktop Control Panel" "ATI Technologies, Inc." "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
+ "avast5" "" "" "File not found: :"C:\Program"
+ "BMMGAG" "IBM ThinkPad Battery MaxiMiser Gauge" "IBM Corp." "c:\program files\thinkpad\utilities\pwrmonit.dll"
+ "BMMLREF" "" "" "c:\program files\thinkpad\utilities\bmmlref.exe"
+ "dla" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfswctrl.exe"
+ "EZEJMNAP" "IBM ThinkPad EasyEject Support Application" "IBM Corp." "c:\program files\thinkpad\utilities\ezejmnap.exe"
+ "ibmmessages" "" "" "File not found: :C:\Program"
+ "QCWLICON" "" "" "File not found: :C:\Program"
+ "S3TRAY2" "s3contrl" "S3 Graphics, Inc." "c:\windows\system32\s3tray2.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics, Inc." "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SynTPLpr" "TouchPad Driver Helper Application" "Synaptics, Inc." "c:\program files\synaptics\syntp\syntplpr.exe"
+ "TP4EX" "" "" "File not found: :tp4ex.exe"
+ "TPHOTKEY" "" "" "c:\program files\thinkpad\pkgmgr\hotkey\tphkmgr.exe"
+ "TPKMAPHELPER" "Keyboard Customizer" "IBM Corp." "c:\program files\thinkpad\utilities\tpkmapap.exe"
+ "TpShocks" "IBM Hard Drive Active Protection System" "IBM Corp." "c:\windows\system32\tpshocks.exe"
+ "UC_Start" "" "" "c:\ibmtools\updater\ucstartup.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "IBM RecordNow!" "" "" "File not found: :"
+ "ibmmessages" "" "" "File not found: :C:\Program"
+ "PCBReminder" "FASTAGAIN PC BOOSTER" "Activeris" "c:\program files\fastagain pc booster\pcbooster.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "mso-offdap" "Microsoft Office XP Web Components" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "DriveLetterAccess" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfswshx.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
X "BMMTask.job" "" "" "c:\program files\thinkpad\utilities\bmmtask.exe"
+ "FastAgain PC Booster_DEFAULT.job" "FASTAGAIN PC BOOSTER" "Activeris" "c:\program files\fastagain pc booster\pcbooster.exe"
+ "FastAgain PC Booster_UPDATES.job" "FASTAGAIN PC BOOSTER" "Activeris" "c:\program files\fastagain pc booster\pcbooster.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Ati HotKey Poller" "" "" "c:\windows\system32\ati2evxx.exe"
+ "IBMPMSVC" "" "" "c:\windows\system32\ibmpmsvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "QCONSVC" "IBM Access Connections - Service Component." "IBM Corp." "c:\windows\system32\qconsvc.exe"
+ "TpKmpSVC" "" "" "c:\windows\system32\tpkmpsvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ac97intc" "Intel® Integrated Controller Hub Audio Driver" "Intel Corporation" "c:\windows\system32\drivers\ac97intc.sys"
+ "aeaudio" "Andrea Audio Noise Cancellation Driver" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aeaudio.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm.sys"
+ "ANC" "" "" "c:\windows\system32\drivers\anc.sys"
+ "ati2mtag" "ATI Radeon Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CmdIde" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "DgiVecp" "" "" "File not found: C:\WINDOWS\system32\Drivers\DgiVecp.sys"
+ "drvmcdb" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "drvnddm" "Device Driver Manager" "Sonic Solutions" "c:\windows\system32\drivers\drvnddm.sys"
+ "E1000" "Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1000325.sys"
+ "E100B" "NDIS 5 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "IBMPMDRV" "IBM ThinkPad Power Management Driver" "IBM Corp." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "IBMTPCHK" "" "" "c:\windows\system32\drivers\ibmbldid.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "ltmodem5" "LT Windows Modem" "LT" "c:\windows\system32\drivers\ltmdmnt.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "NSCIRDA" "NSC Fast Infrared Driver." "National Semiconductor Corporation" "c:\windows\system32\drivers\nscirda.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PCX504" "NDIS 5.1 Miniport Driver for 32 bit Windows" "Cisco Systems" "c:\windows\system32\drivers\pcx504.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "QCNDISIF" "IBM Access Connections - Intermediate Protocol Driver." "IBM Corporation." "c:\windows\system32\drivers\qcndisif.sys"
+ "s1018bus" "Sony Ericsson Device 1018 Driver" "MCCI Corporation" "c:\windows\system32\drivers\s1018bus.sys"
+ "s1018mdfl" "Sony Ericsson Device 1018 USB WMC Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\s1018mdfl.sys"
+ "s1018mdm" "Sony Ericsson Device 1018 USB WMC Modem Driver" "MCCI Corporation" "c:\windows\system32\drivers\s1018mdm.sys"
+ "s1018mgmt" "Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\s1018mgmt.sys"
+ "s1018nd5" "Ericsson Mobile Platform S1018 USB WMC Extended Ethernet (NDIS 5 Miniport)" "MCCI Corporation" "c:\windows\system32\drivers\s1018nd5.sys"
+ "s1018obex" "Sony Ericsson Device 1018 USB WMC OBEX Interface" "MCCI Corporation" "c:\windows\system32\drivers\s1018obex.sys"
+ "s1018unic" "Sony Ericsson Device 1018 USB Ethernet Emulation" "MCCI Corporation" "c:\windows\system32\drivers\s1018unic.sys"
+ "S3SSavage" "S3 Graphics SuperSavage Miniport" "S3 Graphics, Inc." "c:\windows\system32\drivers\s3ssavm.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "ShockMgr" "ShockMgr Device Driver" "IBM Corporation" "c:\windows\system32\drivers\shockmgr.sys"
+ "Shockprf" "Shockproof Disk Driver" "IBM Corporation" "c:\windows\system32\drivers\shockprf.sys"
+ "smwdm" "SoundMAX Integrated Digital Audio " "Analog Devices, Inc." "c:\windows\system32\drivers\smwdm.sys"
+ "ssadbus" "SAMSUNG Android USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\ssadbus.sys"
+ "sscdbhk5" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\sscdbhk5.sys"
+ "ssrtln" "Shared Driver Component" "Sonic Solutions" "c:\windows\system32\drivers\ssrtln.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys"
+ "TDSMAPI" "" "" "c:\windows\system32\drivers\tdsmapi.sys"
+ "tfsnboio" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnboio.sys"
+ "tfsncofs" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsncofs.sys"
+ "tfsndrct" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsndrct.sys"
+ "tfsndres" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsndres.sys"
+ "tfsnifs" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnifs.sys"
+ "tfsnopio" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnopio.sys"
+ "tfsnpool" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnpool.sys"
+ "tfsnudf" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnudf.sys"
+ "tfsnudfa" "Drive Letter Access Component" "Sonic Solutions" "c:\windows\system32\dla\tfsnudfa.sys"
+ "TPHKDRV" "ThinkPad Hotkey Driver" "IBM Corporation" "c:\windows\system32\drivers\tphkdrv.sys"
+ "TPPWR" "IBM ThinkPad Power Management Device Driver" "IBM Corp." "c:\windows\system32\drivers\tppwr.sys"
+ "TSMAPIP" "" "" "c:\windows\system32\drivers\tsmapip.sys"
+ "TwoTrack" "IBM PS/2 TrackPoint Mouse Filter Driver" "IBM Corporation" "c:\windows\system32\drivers\twotrack.sys"
+ "WDC_SAM" "Manages WD external storage products." "" "File not found: system32\DRIVERS\wdcsam.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "" "" "c:\windows\system32\ati2evxx.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "sss2m Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\sss2ml3.dll"
 
 


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 01:26 PM

Go to this PC folder

 

c:\program files\fastagain pc booster

 

Do you find something called Uninstall.exe?



#8 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 01:48 PM

There is no file called Uninstall.exe.

 

There are 2 similarly named files:

PCBUninstall.exe

unins000.exe



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 02:10 PM

Double click on PCBUninstall.exe and let me know if you can uninstall it



#10 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 04:50 PM

I double-clicked PCBUninstall.exe - a popup appeared offering the full version of FastAgain PC Booster for a free trial. At the bottom of the popup were two buttons - 'uninstall it now' and 'get it free'. I clicked on uninstall and nothing happened.

 

I repeated the above process and nothing happened.

 

I restarted the laptop and tried again, this time the FastAgain console opened and began running a scan of the computer.

 

I closed the console, and tried PCBUninstall.exe again, nothing happened.



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 04:53 PM

Remove the folder.Restart the PC.Any changes?



#12 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 05:02 PM

I deleted the FastAgain folder from Program Files and restarted, no noticeable change.

 

The FastAgain application icon is still on the desktop, and the application still appears in Add or Remove Programs.



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 05:28 PM

Install revo uninstaller and uninstall it from add or remove programs

 

http://www.revouninstaller.com/revo_uninstaller_free_download.html

 

You need to manually remove the desktop icon.



#14 Ktze Hut

Ktze Hut
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 11 March 2013 - 05:38 PM

Installed and ran Revo Uninstaller. It uninstalled FastAgain, and asks to perform a scan and remove leftovers. Which scanning mode do I use - Safe, Moderate, Advanced? Do I select all and delete?



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:57 AM

Posted 11 March 2013 - 05:41 PM

yes






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users