Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-ups from ad.yieldmanager.com and ad.xtendmedia.com


  • Please log in to reply
9 replies to this topic

#1 pamir

pamir

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 15 March 2013 - 03:16 AM

Hello experts,

 

Pop-ups from ad.yieldmanager.com and ad.xtendmedia.com appear on all browsers on bottom left corner. I have tried dozens of antivirus programs with zero result.


The OS is Windows XP. I have McAfee installed which unfortunately can not remove (it is a company policy).

 

Please advise me what to do.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 15 March 2013 - 04:03 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 bblawrence331#

bblawrence331#

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 15 March 2013 - 09:11 PM

deleted post - wrong entry


Edited by bblawrence331#, 16 March 2013 - 10:10 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 16 March 2013 - 03:35 AM

blawrence331#

 

Please post the logs in your topic.This topic has been created by someone else.

 

Thanks


Edited by narenxp, 16 March 2013 - 03:37 AM.


#5 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 18 March 2013 - 03:13 AM

Hello narenxp,


Thanks for the instructions!

 

I have run the three tools. And just to note that the problem disappeared, but I am still not sure whether it is completely gone.

 

The result from ESET is:

 

C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\12\3cf5e84c-65b3efb3 a variant of Java/Exploit.Agent.NFN trojan cleaned by deleting - quarantined
C:\Program Files\ICQ7.6\install_dll\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined

 

The result from aswMBR was blue screen, crash of the system (restarted itself) and after that - a message:

The system has recovered from a serious error.

(It is possible that it interferes with McAfee).

 

The result from TDSSKiller was the following:

11:33:41.0009 0968  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:33:41.0242 0968  ============================================================
11:33:41.0242 0968  Current date / time: 2013/03/15 11:33:41.0242
11:33:41.0242 0968  SystemInfo:
11:33:41.0242 0968 
11:33:41.0242 0968  OS Version: 5.1.2600 ServicePack: 3.0
11:33:41.0242 0968  Product type: Workstation
11:33:41.0242 0968  ComputerName: WXBGSF-IT-0484L
11:33:41.0242 0968  UserName: Admin
11:33:41.0242 0968  Windows directory: C:\WINDOWS
11:33:41.0242 0968  System windows directory: C:\WINDOWS
11:33:41.0242 0968  Processor architecture: Intel x86
11:33:41.0242 0968  Number of processors: 4
11:33:41.0242 0968  Page size: 0x1000
11:33:41.0242 0968  Boot type: Normal boot
11:33:41.0242 0968  ============================================================
11:33:43.0138 0968  BG loaded
11:33:43.0744 0968  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:33:44.0288 0968  ============================================================
11:33:44.0288 0968  \Device\Harddisk0\DR0:
11:33:44.0412 0968  MBR partitions:
11:33:44.0412 0968  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7801F1A
11:33:44.0428 0968  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7801F98, BlocksNum 0x32B7EDE8
11:33:44.0428 0968  ============================================================
11:33:44.0910 0968  C: <-> \Device\Harddisk0\DR0\Partition1
11:33:45.0578 0968  D: <-> \Device\Harddisk0\DR0\Partition2
11:33:45.0578 0968  ============================================================
11:33:45.0578 0968  Initialize success
11:33:45.0578 0968  ============================================================
11:35:20.0347 3848  ============================================================
11:35:20.0347 3848  Scan started
11:35:20.0347 3848  Mode: Manual; TDLFS;
11:35:20.0347 3848  ============================================================
11:35:20.0984 3848  ================ Scan system memory ========================
11:35:22.0569 3848  System memory - ok
11:35:22.0569 3848  ================ Scan services =============================
11:35:22.0631 3848  5023 - ok
11:35:22.0709 3848  Abiosdsk - ok
11:35:22.0709 3848  abp480n5 - ok
11:35:22.0724 3848  [ EA38C961260F29295C6D03070FA9D0B5 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:35:22.0724 3848  Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: EA38C961260F29295C6D03070FA9D0B5, Fake md5: 8FD99680A539792A30E97944FDAECF17
11:35:22.0724 3848  ACPI ( Virus.Win32.Rloader.a ) - infected
11:35:22.0724 3848  ACPI - detected Virus.Win32.Rloader.a (0)
11:35:22.0724 3848  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:35:22.0724 3848  ACPIEC - ok
11:35:22.0787 3848  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:35:22.0833 3848  AdobeFlashPlayerUpdateSvc - ok
11:35:22.0849 3848  adpu160m - ok
11:35:22.0880 3848  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:35:22.0880 3848  aec - ok
11:35:22.0880 3848  [ 822D53766D57C90C437536232ECE9023 ] AESTAud         C:\WINDOWS\system32\drivers\AESTAud.sys
11:35:22.0942 3848  AESTAud - ok
11:35:22.0973 3848  [ 322D0E36693D6E24A2398BEE62A268CD ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:35:22.0973 3848  AFD - ok
11:35:22.0973 3848  Aha154x - ok
11:35:22.0973 3848  aic78u2 - ok
11:35:22.0989 3848  aic78xx - ok
11:35:23.0004 3848  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:35:23.0004 3848  Alerter - ok
11:35:23.0020 3848  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
11:35:23.0020 3848  ALG - ok
11:35:23.0020 3848  AliIde - ok
11:35:23.0020 3848  amsint - ok
11:35:23.0082 3848  [ EB4E26AD3A0E681C2FAABBACB0691A34 ] Apache2.2       C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
11:35:23.0082 3848  Apache2.2 - ok
11:35:23.0097 3848  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
11:35:23.0097 3848  AppMgmt - ok
11:35:23.0113 3848  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:35:23.0128 3848  Arp1394 - ok
11:35:23.0128 3848  asc - ok
11:35:23.0128 3848  asc3350p - ok
11:35:23.0128 3848  asc3550 - ok
11:35:23.0175 3848  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:35:23.0237 3848  aspnet_state - ok
11:35:23.0253 3848  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:35:23.0253 3848  AsyncMac - ok
11:35:23.0284 3848  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:35:23.0284 3848  atapi - ok
11:35:23.0284 3848  Atdisk - ok
11:35:23.0315 3848  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:35:23.0315 3848  Atmarpc - ok
11:35:23.0330 3848  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:35:23.0330 3848  AudioSrv - ok
11:35:23.0361 3848  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:35:23.0361 3848  audstub - ok
11:35:23.0439 3848  [ 94116A414EC5DEEF3FF243D2E09D32A0 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:35:23.0517 3848  BCM43XX - ok
11:35:23.0548 3848  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:35:23.0548 3848  Beep - ok
11:35:23.0579 3848  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
11:35:23.0610 3848  BITS - ok
11:35:23.0641 3848  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
11:35:23.0672 3848  Browser - ok
11:35:23.0672 3848  BTWUSB - ok
11:35:23.0688 3848  catchme - ok
11:35:23.0703 3848  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:35:23.0719 3848  cbidf2k - ok
11:35:23.0781 3848  [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec         C:\WINDOWS\system32\CCM\CcmExec.exe
11:35:23.0797 3848  CcmExec - ok
11:35:23.0797 3848  cd20xrnt - ok
11:35:23.0828 3848  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:35:23.0828 3848  Cdaudio - ok
11:35:23.0859 3848  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:35:23.0859 3848  Cdfs - ok
11:35:23.0905 3848  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:35:23.0905 3848  Cdrom - ok
11:35:23.0905 3848  Changer - ok
11:35:23.0921 3848  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
11:35:23.0921 3848  CiSvc - ok
11:35:23.0952 3848  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:35:23.0952 3848  ClipSrv - ok
11:35:23.0967 3848  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:24.0076 3848  clr_optimization_v2.0.50727_32 - ok
11:35:24.0076 3848  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:35:24.0076 3848  CmBatt - ok
11:35:24.0092 3848  CmdIde - ok
11:35:24.0092 3848  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:35:24.0092 3848  Compbatt - ok
11:35:24.0092 3848  COMSysApp - ok
11:35:24.0092 3848  Cpqarray - ok
11:35:24.0107 3848  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:35:24.0123 3848  CryptSvc - ok
11:35:24.0154 3848  [ 58831E55969C28F3377157300B7C4000 ] cxbu0wdm        C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys
11:35:24.0325 3848  cxbu0wdm - ok
11:35:24.0325 3848  dac2w2k - ok
11:35:24.0325 3848  dac960nt - ok
11:35:24.0340 3848  [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:35:24.0356 3848  DcomLaunch - ok
11:35:24.0387 3848  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:35:24.0403 3848  Dhcp - ok
11:35:24.0449 3848  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:35:24.0449 3848  Disk - ok
11:35:24.0449 3848  dmadmin - ok
11:35:24.0480 3848  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:35:24.0496 3848  dmboot - ok
11:35:24.0511 3848  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:35:24.0511 3848  dmio - ok
11:35:24.0527 3848  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:35:24.0542 3848  dmload - ok
11:35:24.0558 3848  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:35:24.0558 3848  dmserver - ok
11:35:24.0589 3848  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:35:24.0605 3848  DMusic - ok
11:35:24.0620 3848  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:35:24.0620 3848  Dnscache - ok
11:35:24.0651 3848  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:35:24.0667 3848  Dot3svc - ok
11:35:24.0667 3848  dpti2o - ok
11:35:24.0667 3848  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:35:24.0682 3848  drmkaud - ok
11:35:24.0698 3848  [ 3421330649D6F423EEEC98BF3765D4B7 ] e1cexpress      C:\WINDOWS\system32\DRIVERS\e1c5132.sys
11:35:24.0807 3848  e1cexpress - ok
11:35:24.0838 3848  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:35:24.0838 3848  EapHost - ok
11:35:24.0915 3848  [ 1A0DCC79C28B9D44BCBEC5E039A91F80 ] enterceptAgent  C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
11:35:24.0915 3848  enterceptAgent - ok
11:35:24.0931 3848  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:35:24.0931 3848  ERSvc - ok
11:35:24.0962 3848  [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog        C:\WINDOWS\system32\services.exe
11:35:24.0977 3848  Eventlog - ok
11:35:24.0993 3848  [ 19A799805B24990867B00C120D300C3A ] EventSystem     C:\WINDOWS\system32\es.dll
11:35:25.0009 3848  EventSystem - ok
11:35:25.0040 3848  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:35:25.0040 3848  Fastfat - ok
11:35:25.0071 3848  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:35:25.0117 3848  FastUserSwitchingCompatibility - ok
11:35:25.0117 3848  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
11:35:25.0117 3848  Fdc - ok
11:35:25.0133 3848  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:35:25.0133 3848  Fips - ok
11:35:25.0164 3848  [ 4972322CBB2DD6FF8D48A24C3E2F7F85 ] FireNfcp        C:\WINDOWS\system32\drivers\FireNfcp.sys
11:35:25.0226 3848  FireNfcp - ok
11:35:25.0242 3848  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
11:35:25.0242 3848  Flpydisk - ok
11:35:25.0273 3848  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:35:25.0288 3848  FltMgr - ok
11:35:25.0319 3848  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:35:25.0335 3848  FontCache3.0.0.0 - ok
11:35:25.0335 3848  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:35:25.0335 3848  Fs_Rec - ok
11:35:25.0350 3848  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:35:25.0350 3848  Ftdisk - ok
11:35:25.0366 3848  [ 483924F92E55A5F9423201EC635E2CED ] gfibto          C:\WINDOWS\system32\drivers\gfibto.sys
11:35:25.0552 3848  gfibto - ok
11:35:25.0583 3848  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:35:25.0583 3848  Gpc - ok
11:35:25.0615 3848  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:35:25.0615 3848  gupdate - ok
11:35:25.0615 3848  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:35:25.0615 3848  gupdatem - ok
11:35:25.0661 3848  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:35:25.0723 3848  gusvc - ok
11:35:25.0754 3848  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:35:25.0754 3848  HDAudBus - ok
11:35:25.0770 3848  [ 8E4AB746563DE92B0EFEC67C503ED5BB ] hdlpctrl        C:\WINDOWS\system32\drivers\hdlpctrl.sys
11:35:25.0879 3848  hdlpctrl - ok
11:35:25.0879 3848  [ 523CFBC87647E489E60D0FF8D6B74EF7 ] hdlpdbk         C:\WINDOWS\system32\drivers\hdlpdbk.sys
11:35:25.0972 3848  hdlpdbk - ok
11:35:25.0972 3848  [ 8BF8CF8FA80231162EBF2D6B152632B4 ] hdlpevnt        C:\WINDOWS\system32\drivers\hdlpevnt.sys
11:35:26.0065 3848  hdlpevnt - ok
11:35:26.0081 3848  [ A757C56F80ADA032A3A8D229235F3F46 ] hdlpflt         C:\WINDOWS\system32\DRIVERS\hdlpflt.sys
11:35:26.0174 3848  hdlpflt - ok
11:35:26.0189 3848  [ E318324C4092F461A18A846F8B6A44A5 ] hdlpnetf        C:\WINDOWS\system32\drivers\hdlpnetf.sys
11:35:26.0267 3848  hdlpnetf - ok
11:35:26.0329 3848  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:35:26.0329 3848  helpsvc - ok
11:35:26.0329 3848  HidServ - ok
11:35:26.0360 3848  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:35:26.0360 3848  HidUsb - ok
11:35:26.0391 3848  [ A0340F72F77A6D34FA06FCE5F69BBB45 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
11:35:26.0454 3848  HipShieldK - ok
11:35:26.0485 3848  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
11:35:26.0485 3848  hkmsvc - ok
11:35:26.0485 3848  hpn - ok
11:35:26.0500 3848  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:35:26.0516 3848  HTTP - ok
11:35:26.0531 3848  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:35:26.0531 3848  HTTPFilter - ok
11:35:26.0547 3848  i2omgmt - ok
11:35:26.0547 3848  i2omp - ok
11:35:26.0562 3848  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:35:26.0562 3848  i8042prt - ok
11:35:26.0625 3848  [ 1FF4488B12A3917A217874BE573C8F2A ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:35:26.0702 3848  ialm - ok
11:35:26.0702 3848  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:35:26.0718 3848  Imapi - ok
11:35:26.0733 3848  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:35:26.0733 3848  ImapiService - ok
11:35:26.0749 3848  ini910u - ok
11:35:26.0780 3848  [ 34EE48D11C584EEDB59FD0D537AC2296 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:35:26.0858 3848  IntcDAud - ok
11:35:26.0873 3848  IntelIde - ok
11:35:26.0873 3848  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:35:26.0873 3848  intelppm - ok
11:35:26.0889 3848  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:35:26.0904 3848  Ip6Fw - ok
11:35:26.0920 3848  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:35:26.0935 3848  IpFilterDriver - ok
11:35:26.0951 3848  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:35:26.0951 3848  IpInIp - ok
11:35:26.0966 3848  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:35:26.0966 3848  IpNat - ok
11:35:26.0997 3848  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:35:26.0997 3848  IPSec - ok
11:35:27.0013 3848  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:35:27.0013 3848  IRENUM - ok
11:35:27.0044 3848  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:35:27.0060 3848  isapnp - ok
11:35:27.0106 3848  [ 92E16F5D034E7864DA308BA6309A98B7 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:35:27.0106 3848  JavaQuickStarterService - ok
11:35:27.0137 3848  [ 831F342877333859291D4171B5EDD3CA ] JMCR            C:\WINDOWS\system32\DRIVERS\jmcr.sys
11:35:27.0246 3848  JMCR - ok
11:35:27.0246 3848  [ 07712CEF42A89B76ADB2FC8124FCCD14 ] johci           C:\WINDOWS\system32\DRIVERS\johci.sys
11:35:27.0355 3848  johci - ok
11:35:27.0370 3848  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:35:27.0386 3848  Kbdclass - ok
11:35:27.0417 3848  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:35:27.0417 3848  kbdhid - ok
11:35:27.0433 3848  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:35:27.0433 3848  kmixer - ok
11:35:27.0433 3848  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:35:27.0433 3848  KSecDD - ok
11:35:27.0479 3848  [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
11:35:27.0479 3848  LanmanServer - ok
11:35:27.0479 3848  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:35:27.0479 3848  lanmanworkstation - ok
11:35:27.0495 3848  lbrtfdc - ok
11:35:27.0526 3848  [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:35:27.0526 3848  LightScribeService - ok
11:35:27.0541 3848  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:35:27.0541 3848  LmHosts - ok
11:35:27.0588 3848  [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:35:27.0588 3848  LMS - ok
11:35:27.0790 3848  [ 2098AF12149789FA6608422C8796F77C ] LNSUSvc         D:\lotus\notes\SUService.exe
11:35:27.0805 3848  LNSUSvc - ok
11:35:27.0805 3848  Lotus Notes Diagnostics - ok
11:35:27.0837 3848  [ F51F8E81655AA6D5F0F3914C480C88F1 ] Lotus Notes Single Logon D:\lotus\notes\nslsvice.exe
11:35:27.0837 3848  Lotus Notes Single Logon - ok
11:35:27.0899 3848  [ 23CDE37EE00C95F0098D12CCE11B3507 ] McAfee SiteAdvisor Enterprise Service C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
11:35:27.0899 3848  McAfee SiteAdvisor Enterprise Service - ok
11:35:27.0992 3848  [ B0559F2CC5D3DD83E79370BC24202C36 ] McAfeeDLPAgentService C:\Program Files\McAfee\DLP\Agent\fcags.exe
11:35:28.0023 3848  McAfeeDLPAgentService - ok
11:35:28.0054 3848  [ 3EF9511390F9106DD8CF0747BAEB335C ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
11:35:28.0054 3848  McAfeeFramework - ok
11:35:28.0132 3848  [ 09442ECFCED9C83722509C3269CADECD ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:35:28.0132 3848  McShield - ok
11:35:28.0163 3848  [ 462EB5733C52471DB574727B5D1F77E4 ] McTaskManager   C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
11:35:28.0163 3848  McTaskManager - ok
11:35:28.0209 3848  [ 39BBC296DEE075EC1D20B4CE4DE4119C ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:35:28.0209 3848  MDM - ok
11:35:28.0241 3848  [ D86AC00883B9C98B570E7643AAF8E554 ] MEI             C:\WINDOWS\system32\DRIVERS\HECI.sys
11:35:28.0334 3848  MEI - ok
11:35:28.0349 3848  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:35:28.0365 3848  Messenger - ok
11:35:28.0380 3848  [ 80D337A6104F6F69C89F42602C50E5D8 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
11:35:28.0380 3848  mfeapfk - ok
11:35:28.0396 3848  [ 54EE8EEC41C2F9F03CAD1874B6AF54B0 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
11:35:28.0443 3848  mfeavfk - ok
11:35:28.0458 3848  mfeavfk01 - ok
11:35:28.0474 3848  [ 61B36C8A0992B813CB2445E29296C654 ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
11:35:28.0520 3848  mfebopk - ok
11:35:28.0551 3848  [ EB0372754FD985F3EF5AA03BCAFB835B ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:35:28.0551 3848  mfefire - ok
11:35:28.0582 3848  [ C2C0741CB1F94DB961DD283B1201D4FF ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
11:35:28.0629 3848  mfefirek - ok
11:35:28.0645 3848  [ 39CDC380E235541A420F65E9EAA75394 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
11:35:28.0753 3848  mfehidk - ok
11:35:28.0769 3848  [ 34A53196222FB2C5CD428CED83815F07 ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:35:28.0831 3848  mfendisk - ok
11:35:28.0831 3848  [ 34A53196222FB2C5CD428CED83815F07 ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:35:28.0831 3848  mfendiskmp - ok
11:35:28.0847 3848  [ 60A05B48C781C0A69FF2E2E4FE3CF27C ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
11:35:28.0909 3848  mferkdet - ok
11:35:28.0924 3848  [ 367838063053A0BBD7624907A5BEB2A4 ] mfesmfk         C:\WINDOWS\system32\drivers\mfesmfk.sys
11:35:28.0986 3848  mfesmfk - ok
11:35:29.0017 3848  [ CF56F8EF1CE7DE0F4B43B85D474C7DB6 ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:35:29.0080 3848  mfetdi2k - ok
11:35:29.0095 3848  [ A720020089EE0545E54D1A338DAB36C7 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
11:35:29.0095 3848  mfevtp - ok
11:35:29.0111 3848  [ D96EA49AB9A9174331BC023FD0CADC18 ] mirrorv3        C:\WINDOWS\system32\DRIVERS\rminiv3.sys
11:35:29.0219 3848  mirrorv3 - ok
11:35:29.0251 3848  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:35:29.0251 3848  mnmdd - ok
11:35:29.0282 3848  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:35:29.0297 3848  mnmsrvc - ok
11:35:29.0297 3848  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:35:29.0297 3848  Modem - ok
11:35:29.0313 3848  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:35:29.0313 3848  Mouclass - ok
11:35:29.0328 3848  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:35:29.0328 3848  mouhid - ok
11:35:29.0406 3848  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:35:29.0453 3848  MountMgr - ok
11:35:29.0530 3848  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:35:29.0655 3848  MozillaMaintenance - ok
11:35:29.0655 3848  mraid35x - ok
11:35:29.0655 3848  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:35:29.0670 3848  MRxDAV - ok
11:35:29.0717 3848  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:35:29.0825 3848  MRxSmb - ok
11:35:29.0841 3848  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:35:29.0857 3848  MSDTC - ok
11:35:29.0872 3848  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:35:29.0872 3848  Msfs - ok
11:35:29.0872 3848  MSIServer - ok
11:35:29.0888 3848  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:35:29.0888 3848  MSKSSRV - ok
11:35:29.0903 3848  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:35:29.0903 3848  MSPCLOCK - ok
11:35:29.0919 3848  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:35:29.0919 3848  MSPQM - ok
11:35:29.0950 3848  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:35:29.0950 3848  mssmbios - ok
11:35:29.0981 3848  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:35:30.0012 3848  Mup - ok
11:35:30.0043 3848  MySQL - ok
11:35:30.0074 3848  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
11:35:30.0074 3848  napagent - ok
11:35:30.0090 3848  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:35:30.0105 3848  NDIS - ok
11:35:30.0105 3848  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:35:30.0105 3848  NdisTapi - ok
11:35:30.0121 3848  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:35:30.0121 3848  Ndisuio - ok
11:35:30.0136 3848  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:35:30.0136 3848  NdisWan - ok
11:35:30.0136 3848  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:35:30.0136 3848  NDProxy - ok
11:35:30.0152 3848  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:35:30.0167 3848  NetBIOS - ok
11:35:30.0167 3848  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:35:30.0183 3848  NetBT - ok
11:35:30.0183 3848  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:35:30.0198 3848  NetDDE - ok
11:35:30.0198 3848  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:35:30.0198 3848  NetDDEdsdm - ok
11:35:30.0214 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:35:30.0214 3848  Netlogon - ok
11:35:30.0214 3848  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
11:35:30.0214 3848  Netman - ok
11:35:30.0245 3848  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:35:30.0245 3848  NIC1394 - ok
11:35:30.0261 3848  [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla             C:\WINDOWS\System32\mswsock.dll
11:35:30.0261 3848  Nla - ok
11:35:30.0276 3848  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:35:30.0292 3848  Npfs - ok
11:35:30.0307 3848  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:35:30.0323 3848  Ntfs - ok
11:35:30.0323 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:35:30.0323 3848  NtLmSsp - ok
11:35:30.0338 3848  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:35:30.0338 3848  NtmsSvc - ok
11:35:30.0369 3848  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:35:30.0369 3848  Null - ok
11:35:30.0400 3848  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:35:30.0400 3848  NwlnkFlt - ok
11:35:30.0416 3848  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:35:30.0416 3848  NwlnkFwd - ok
11:35:30.0509 3848  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:35:30.0587 3848  odserv - ok
11:35:30.0602 3848  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:35:30.0602 3848  ohci1394 - ok
11:35:30.0633 3848  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:30.0696 3848  ose - ok
11:35:30.0711 3848  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
11:35:30.0711 3848  Parport - ok
11:35:30.0742 3848  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:35:30.0742 3848  PartMgr - ok
11:35:30.0773 3848  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:35:30.0773 3848  ParVdm - ok
11:35:30.0789 3848  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:35:30.0789 3848  PCI - ok
11:35:30.0789 3848  PCIDump - ok
11:35:30.0804 3848  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:35:30.0804 3848  PCIIde - ok
11:35:30.0820 3848  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
11:35:30.0835 3848  Pcmcia - ok
11:35:30.0835 3848  PDCOMP - ok
11:35:30.0835 3848  PDFRAME - ok
11:35:30.0835 3848  PDRELI - ok
11:35:30.0835 3848  PDRFRAME - ok
11:35:30.0835 3848  perc2 - ok
11:35:30.0851 3848  perc2hib - ok
11:35:30.0867 3848  [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:35:30.0867 3848  PlugPlay - ok
11:35:30.0882 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:35:30.0882 3848  PolicyAgent - ok
11:35:30.0929 3848  postgresql-9.1 - ok
11:35:30.0944 3848  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:35:30.0944 3848  PptpMiniport - ok
11:35:30.0975 3848  [ 2A4514A9233D35A355F569FF8B8F6240 ] prepdrvr        C:\WINDOWS\system32\CCM\prepdrv.sys
11:35:30.0975 3848  prepdrvr - ok
11:35:30.0975 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:35:30.0975 3848  ProtectedStorage - ok
11:35:30.0991 3848  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
11:35:30.0991 3848  PSched - ok
11:35:31.0006 3848  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:35:31.0006 3848  Ptilink - ok
11:35:31.0006 3848  ql1080 - ok
11:35:31.0006 3848  Ql10wnt - ok
11:35:31.0006 3848  ql12160 - ok
11:35:31.0006 3848  ql1240 - ok
11:35:31.0022 3848  ql1280 - ok
11:35:31.0069 3848  [ 411A389DC1F503FF07B609CCE3BBE113 ] raddrvv3        C:\WINDOWS\system32\rserver30\raddrvv3.sys
11:35:31.0177 3848  raddrvv3 - ok
11:35:31.0177 3848  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:35:31.0177 3848  RasAcd - ok
11:35:31.0208 3848  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:35:31.0208 3848  RasAuto - ok
11:35:31.0224 3848  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:35:31.0224 3848  Rasl2tp - ok
11:35:31.0239 3848  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:35:31.0239 3848  RasMan - ok
11:35:31.0255 3848  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:35:31.0271 3848  RasPppoe - ok
11:35:31.0271 3848  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:35:31.0271 3848  Raspti - ok
11:35:31.0286 3848  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:35:31.0286 3848  Rdbss - ok
11:35:31.0302 3848  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:35:31.0302 3848  RDPCDD - ok
11:35:31.0317 3848  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:35:31.0333 3848  rdpdr - ok
11:35:31.0348 3848  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:35:31.0519 3848  RDPWD - ok
11:35:31.0535 3848  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:35:31.0550 3848  RDSessMgr - ok
11:35:31.0566 3848  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:35:31.0566 3848  redbook - ok
11:35:31.0581 3848  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:35:31.0597 3848  RemoteAccess - ok
11:35:31.0612 3848  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:35:31.0628 3848  RemoteRegistry - ok
11:35:31.0643 3848  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:35:31.0659 3848  RpcLocator - ok
11:35:31.0675 3848  [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
11:35:31.0690 3848  RpcSs - ok
11:35:31.0799 3848  [ 86A37BDB25A86461C80C3197244E152E ] RServer3        C:\WINDOWS\system32\rserver30\RServer3.exe
11:35:31.0908 3848  RServer3 - ok
11:35:31.0954 3848  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:35:32.0032 3848  RSVP - ok
11:35:32.0079 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:35:32.0079 3848  SamSs - ok
11:35:32.0125 3848  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:35:32.0125 3848  SCardSvr - ok
11:35:32.0156 3848  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:35:32.0172 3848  Schedule - ok
11:35:32.0187 3848  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:35:32.0187 3848  sdbus - ok
11:35:32.0203 3848  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:35:32.0203 3848  Secdrv - ok
11:35:32.0218 3848  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:35:32.0234 3848  seclogon - ok
11:35:32.0249 3848  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
11:35:32.0249 3848  SENS - ok
11:35:32.0265 3848  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
11:35:32.0265 3848  Serial - ok
11:35:32.0281 3848  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
11:35:32.0296 3848  Sfloppy - ok
11:35:32.0296 3848  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:35:32.0312 3848  SharedAccess - ok
11:35:32.0327 3848  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:35:32.0343 3848  ShellHWDetection - ok
11:35:32.0343 3848  Simbad - ok
11:35:32.0374 3848  [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:35:37.0113 3848  SkypeUpdate - ok
11:35:37.0175 3848  [ 4B4AB78E866BBECF93F6EABC3270178A ] smsmdd          C:\WINDOWS\system32\DRIVERS\smsmdm.sys
11:35:37.0237 3848  smsmdd - ok
11:35:37.0237 3848  smstsmgr - ok
11:35:37.0237 3848  Sparrow - ok
11:35:37.0268 3848  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:35:37.0268 3848  splitter - ok
11:35:37.0299 3848  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:35:37.0299 3848  Spooler - ok
11:35:37.0331 3848  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:35:37.0331 3848  sr - ok
11:35:37.0393 3848  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
11:35:37.0393 3848  srservice - ok
11:35:37.0424 3848  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:35:37.0470 3848  Srv - ok
11:35:37.0501 3848  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:35:37.0501 3848  SSDPSRV - ok
11:35:37.0533 3848  [ 55E759E64F3CE49719C4365EE9265FC9 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
11:35:37.0533 3848  STacSV - ok
11:35:37.0595 3848  [ 48E9C1F9DA1B9E060E80DF0BDAD1C2B9 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
11:35:37.0703 3848  STHDA - ok
11:35:37.0719 3848  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
11:35:37.0735 3848  stisvc - ok
11:35:37.0750 3848  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
11:35:37.0750 3848  swenum - ok
11:35:37.0766 3848  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
11:35:37.0766 3848  swmidi - ok
11:35:37.0766 3848  SwPrv - ok
11:35:37.0781 3848  symc810 - ok
11:35:37.0781 3848  symc8xx - ok
11:35:37.0797 3848  sym_hi - ok
11:35:37.0797 3848  sym_u3 - ok
11:35:37.0843 3848  [ CC3061CE537CB46AD71711F0DF843383 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:35:37.0999 3848  SynTP - ok
11:35:38.0014 3848  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
11:35:38.0014 3848  sysaudio - ok
11:35:38.0061 3848  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
11:35:38.0061 3848  SysmonLog - ok
11:35:38.0092 3848  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:35:38.0092 3848  TapiSrv - ok
11:35:38.0107 3848  [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:35:38.0123 3848  Tcpip - ok
11:35:38.0154 3848  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
11:35:38.0154 3848  TDPIPE - ok
11:35:38.0185 3848  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
11:35:38.0201 3848  TDTCP - ok
11:35:38.0309 3848  [ 01CC3B9349B244C752CDD99EFDA080BB ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
11:35:38.0372 3848  TeamViewer8 - ok
11:35:38.0372 3848  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
11:35:38.0372 3848  TermDD - ok
11:35:38.0403 3848  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
11:35:38.0418 3848  TermService - ok
11:35:38.0418 3848  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
11:35:38.0434 3848  Themes - ok
11:35:38.0449 3848  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
11:35:38.0465 3848  TlntSvr - ok
11:35:38.0465 3848  TosIde - ok
11:35:38.0496 3848  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
11:35:38.0511 3848  TrkWks - ok
11:35:38.0527 3848  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
11:35:38.0527 3848  Udfs - ok
11:35:38.0543 3848  ultra - ok
11:35:38.0620 3848  [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:35:38.0636 3848  UNS - ok
11:35:38.0682 3848  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
11:35:38.0682 3848  Update - ok
11:35:38.0729 3848  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:35:38.0745 3848  upnphost - ok
11:35:38.0760 3848  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
11:35:38.0760 3848  UPS - ok
11:35:38.0791 3848  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:35:38.0807 3848  usbehci - ok
11:35:38.0822 3848  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:35:38.0822 3848  usbhub - ok
11:35:38.0853 3848  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:35:38.0869 3848  USBSTOR - ok
11:35:38.0869 3848  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
11:35:38.0869 3848  VgaSave - ok
11:35:38.0884 3848  ViaIde - ok
11:35:38.0900 3848  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
11:35:38.0900 3848  VolSnap - ok
11:35:38.0915 3848  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
11:35:38.0931 3848  VSS - ok
11:35:38.0962 3848  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
11:35:38.0962 3848  W32Time - ok
11:35:38.0978 3848  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:35:38.0993 3848  Wanarp - ok
11:35:39.0024 3848  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
11:35:39.0211 3848  Wdf01000 - ok
11:35:39.0211 3848  WDICA - ok
11:35:39.0242 3848  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
11:35:39.0257 3848  wdmaud - ok
11:35:39.0257 3848  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:35:39.0257 3848  WebClient - ok
11:35:39.0428 3848  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:35:39.0444 3848  winmgmt - ok
11:35:39.0475 3848  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
11:35:39.0506 3848  WmdmPmSN - ok
11:35:39.0584 3848  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi             C:\WINDOWS\System32\advapi32.dll
11:35:39.0584 3848  Wmi - ok
11:35:39.0599 3848  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:35:39.0599 3848  WmiAcpi - ok
11:35:39.0615 3848  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:35:39.0630 3848  WmiApSrv - ok
11:35:39.0646 3848  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:35:39.0646 3848  WS2IFSL - ok
11:35:39.0677 3848  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
11:35:39.0677 3848  wscsvc - ok
11:35:39.0708 3848  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
11:35:39.0739 3848  wuauserv - ok
11:35:39.0755 3848  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
11:35:39.0755 3848  WZCSVC - ok
11:35:39.0786 3848  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
11:35:39.0786 3848  xmlprov - ok
11:35:39.0817 3848  ================ Scan global ===============================
11:35:39.0832 3848  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:35:39.0863 3848  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
11:35:39.0879 3848  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
11:35:39.0879 3848  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
11:35:39.0879 3848  [Global] - ok
11:35:39.0894 3848  ================ Scan MBR ==================================
11:35:39.0910 3848  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:35:40.0329 3848  \Device\Harddisk0\DR0 - ok
11:35:40.0329 3848  ================ Scan VBR ==================================
11:35:40.0329 3848  [ 31F67DB81BFA045173ECEC7111770857 ] \Device\Harddisk0\DR0\Partition1
11:35:40.0329 3848  \Device\Harddisk0\DR0\Partition1 - ok
11:35:40.0329 3848  [ 5D25B978A72DF88A3D89D40CC21B6928 ] \Device\Harddisk0\DR0\Partition2
11:35:40.0329 3848  \Device\Harddisk0\DR0\Partition2 - ok
11:35:40.0329 3848  ================ Scan active images ========================
11:35:40.0329 3848  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
11:35:40.0329 3848  C:\WINDOWS\system32\drivers\videoprt.sys - ok
11:35:40.0345 3848  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\intelppm.sys - ok
11:35:40.0345 3848  [ 4B4AB78E866BBECF93F6EABC3270178A ] C:\WINDOWS\system32\drivers\smsmdm.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\smsmdm.sys - ok
11:35:40.0345 3848  [ 1FF4488B12A3917A217874BE573C8F2A ] C:\WINDOWS\system32\drivers\igxpmp32.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
11:35:40.0345 3848  [ D86AC00883B9C98B570E7643AAF8E554 ] C:\WINDOWS\system32\drivers\HECI.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\HECI.sys - ok
11:35:40.0345 3848  [ 3421330649D6F423EEEC98BF3765D4B7 ] C:\WINDOWS\system32\drivers\e1c5132.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\e1c5132.sys - ok
11:35:40.0345 3848  [ 8E4AB746563DE92B0EFEC67C503ED5BB ] C:\WINDOWS\system32\drivers\hdlpctrl.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\hdlpctrl.sys - ok
11:35:40.0345 3848  [ 523CFBC87647E489E60D0FF8D6B74EF7 ] C:\WINDOWS\system32\drivers\hdlpdbk.sys
11:35:40.0345 3848  C:\WINDOWS\system32\drivers\hdlpdbk.sys - ok
11:35:40.0361 3848  [ 8BF8CF8FA80231162EBF2D6B152632B4 ] C:\WINDOWS\system32\drivers\hdlpevnt.sys
11:35:40.0361 3848  C:\WINDOWS\system32\drivers\hdlpevnt.sys - ok
11:35:40.0361 3848  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
11:35:40.0361 3848  C:\WINDOWS\system32\drivers\usbehci.sys - ok
11:35:40.0361 3848  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
11:35:40.0361 3848  C:\WINDOWS\system32\drivers\usbport.sys - ok
11:35:40.0361 3848  [ 54EE8EEC41C2F9F03CAD1874B6AF54B0 ] C:\WINDOWS\system32\drivers\mfeavfk.sys
11:35:40.0361 3848  C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
11:35:40.0361 3848  [ C1536905AD2067812A238BCE998F4BFF ] C:\WINDOWS\system32\drivers\1394bus.sys
11:35:40.0361 3848  C:\WINDOWS\system32\drivers\1394bus.sys - ok
11:35:40.0376 3848  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
11:35:40.0376 3848  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
11:35:40.0376 3848  [ C2C0741CB1F94DB961DD283B1201D4FF ] C:\WINDOWS\system32\drivers\mfefirek.sys
11:35:40.0376 3848  C:\WINDOWS\system32\drivers\mfefirek.sys - ok
11:35:40.0376 3848  [ 831F342877333859291D4171B5EDD3CA ] C:\WINDOWS\system32\drivers\jmcr.sys
11:35:40.0376 3848  C:\WINDOWS\system32\drivers\jmcr.sys - ok
11:35:40.0376 3848  [ 07712CEF42A89B76ADB2FC8124FCCD14 ] C:\WINDOWS\system32\drivers\johci.sys
11:35:40.0376 3848  C:\WINDOWS\system32\drivers\johci.sys - ok
11:35:40.0392 3848  [ CA33832DF41AFB202EE7AEB05145922F ] C:\WINDOWS\system32\drivers\ohci1394.sys
11:35:40.0392 3848  C:\WINDOWS\system32\drivers\ohci1394.sys - ok
11:35:40.0392 3848  [ 76C465F570E90C28942D52CCB2580A10 ] C:\WINDOWS\system32\drivers\scsiport.sys
11:35:40.0392 3848  C:\WINDOWS\system32\drivers\scsiport.sys - ok
11:35:40.0392 3848  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
11:35:40.0392 3848  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
11:35:40.0392 3848  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
11:35:40.0392 3848  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
11:35:40.0392 3848  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
11:35:40.0392 3848  C:\WINDOWS\system32\drivers\parport.sys - ok
11:35:40.0407 3848  [ CC3061CE537CB46AD71711F0DF843383 ] C:\WINDOWS\system32\drivers\SynTP.sys
11:35:40.0407 3848  C:\WINDOWS\system32\drivers\SynTP.sys - ok
11:35:40.0407 3848  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
11:35:40.0407 3848  C:\WINDOWS\system32\drivers\usbd.sys - ok
11:35:40.0407 3848  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
11:35:40.0407 3848  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
11:35:40.0407 3848  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
11:35:40.0407 3848  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
11:35:40.0407 3848  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
11:35:40.0407 3848  C:\WINDOWS\system32\drivers\cdrom.sys - ok
11:35:40.0423 3848  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\imapi.sys - ok
11:35:40.0423 3848  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\ks.sys - ok
11:35:40.0423 3848  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\mouclass.sys - ok
11:35:40.0423 3848  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\CmBatt.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\CmBatt.sys - ok
11:35:40.0423 3848  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\redbook.sys - ok
11:35:40.0423 3848  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
11:35:40.0423 3848  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\audstub.sys - ok
11:35:40.0423 3848  [ D96EA49AB9A9174331BC023FD0CADC18 ] C:\WINDOWS\system32\drivers\rminiv3.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\rminiv3.sys - ok
11:35:40.0423 3848  [ 34A53196222FB2C5CD428CED83815F07 ] C:\WINDOWS\system32\drivers\mfendisk.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\mfendisk.sys - ok
11:35:40.0423 3848  [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
11:35:40.0423 3848  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
11:35:40.0423 3848  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
11:35:40.0423 3848  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
11:35:40.0438 3848  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
11:35:40.0438 3848  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\tdi.sys - ok
11:35:40.0438 3848  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\psched.sys - ok
11:35:40.0438 3848  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\raspptp.sys - ok
11:35:40.0438 3848  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\msgpc.sys - ok
11:35:40.0438 3848  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\ptilink.sys - ok
11:35:40.0438 3848  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\raspti.sys - ok
11:35:40.0438 3848  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
11:35:40.0438 3848  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\swenum.sys - ok
11:35:40.0438 3848  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\termdd.sys - ok
11:35:40.0438 3848  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
11:35:40.0438 3848  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\update.sys - ok
11:35:40.0438 3848  [ 6215023940CFD3702B46ABC304E1D45A ] C:\WINDOWS\system32\drivers\ndproxy.sys
11:35:40.0438 3848  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
11:35:40.0454 3848  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
11:35:40.0454 3848  C:\WINDOWS\system32\drivers\usbhub.sys - ok
11:35:40.0454 3848  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
11:35:40.0454 3848  C:\WINDOWS\system32\drivers\drmk.sys - ok
11:35:40.0454 3848  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
11:35:40.0454 3848  C:\WINDOWS\system32\drivers\portcls.sys - ok
11:35:40.0454 3848  [ 48E9C1F9DA1B9E060E80DF0BDAD1C2B9 ] C:\WINDOWS\system32\drivers\sthda.sys
11:35:40.0454 3848  C:\WINDOWS\system32\drivers\sthda.sys - ok
11:35:40.0454 3848  [ 822D53766D57C90C437536232ECE9023 ] C:\WINDOWS\system32\drivers\AESTAud.sys
11:35:40.0454 3848  C:\WINDOWS\system32\drivers\AESTAud.sys - ok
11:35:40.0469 3848  [ 34EE48D11C584EEDB59FD0D537AC2296 ] C:\WINDOWS\system32\drivers\IntcDAud.sys
11:35:40.0469 3848  C:\WINDOWS\system32\drivers\IntcDAud.sys - ok
11:35:40.0469 3848  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
11:35:40.0469 3848  C:\WINDOWS\system32\drivers\nic1394.sys - ok
11:35:40.0469 3848  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
11:35:40.0469 3848  C:\WINDOWS\system32\drivers\fdc.sys - ok
11:35:40.0469 3848  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
11:35:40.0469 3848  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
11:35:40.0469 3848  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
11:35:40.0485 3848  [ A757C56F80ADA032A3A8D229235F3F46 ] C:\WINDOWS\system32\drivers\hdlpflt.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\hdlpflt.sys - ok
11:35:40.0485 3848  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
11:35:40.0485 3848  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
11:35:40.0485 3848  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\beep.sys - ok
11:35:40.0485 3848  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\null.sys - ok
11:35:40.0485 3848  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\hidparse.sys - ok
11:35:40.0485 3848  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
11:35:40.0485 3848  [ 411A389DC1F503FF07B609CCE3BBE113 ] C:\WINDOWS\system32\rserver30\raddrvv3.sys
11:35:40.0485 3848  C:\WINDOWS\system32\rserver30\raddrvv3.sys - ok
11:35:40.0485 3848  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\vga.sys - ok
11:35:40.0485 3848  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
11:35:40.0485 3848  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
11:35:40.0485 3848  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
11:35:40.0485 3848  C:\WINDOWS\system32\drivers\msfs.sys - ok
11:35:40.0500 3848  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\ipsec.sys - ok
11:35:40.0500 3848  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\npfs.sys - ok
11:35:40.0500 3848  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\rasacd.sys - ok
11:35:40.0500 3848  [ 93EA8D04EC73A85DB02EB8805988F733 ] C:\WINDOWS\system32\drivers\tcpip.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\tcpip.sys - ok
11:35:40.0500 3848  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\ipnat.sys - ok
11:35:40.0500 3848  [ CF56F8EF1CE7DE0F4B43B85D474C7DB6 ] C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
11:35:40.0500 3848  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\arp1394.sys - ok
11:35:40.0500 3848  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\netbt.sys - ok
11:35:40.0500 3848  [ 322D0E36693D6E24A2398BEE62A268CD ] C:\WINDOWS\system32\drivers\afd.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\afd.sys - ok
11:35:40.0500 3848  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
11:35:40.0500 3848  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\netbios.sys - ok
11:35:40.0500 3848  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\wanarp.sys - ok
11:35:40.0500 3848  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
11:35:40.0500 3848  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\rdbss.sys - ok
11:35:40.0500 3848  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
11:35:40.0500 3848  C:\WINDOWS\system32\drivers\fips.sys - ok
11:35:40.0516 3848  [ 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F ] C:\WINDOWS\system32\ntdll.dll
11:35:40.0516 3848  C:\WINDOWS\system32\ntdll.dll - ok
11:35:40.0516 3848  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
11:35:40.0516 3848  C:\WINDOWS\system32\smss.exe - ok
11:35:40.0516 3848  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
11:35:40.0516 3848  C:\WINDOWS\system32\sfcfiles.dll - ok
11:35:40.0516 3848  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\hidclass.sys - ok
11:35:40.0516 3848  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\hidusb.sys - ok
11:35:40.0516 3848  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\mouhid.sys - ok
11:35:40.0516 3848  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\cdfs.sys - ok
11:35:40.0516 3848  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\atapi.sys - ok
11:35:40.0516 3848  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\wmilib.sys - ok
11:35:40.0516 3848  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
11:35:40.0516 3848  C:\WINDOWS\system32\drivers\dxapi.sys - ok
11:35:40.0516 3848  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
11:35:40.0516 3848  C:\WINDOWS\system32\watchdog.sys - ok
11:35:40.0516 3848  [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys
11:35:40.0516 3848  C:\WINDOWS\system32\win32k.sys - ok
11:35:40.0516 3848  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:35:40.0516 3848  C:\WINDOWS\system32\basesrv.dll - ok
11:35:40.0516 3848  [ 05B100F8DD7073BFD7B3E46D0E36AD0C ] C:\WINDOWS\system32\csrsrv.dll
11:35:40.0516 3848  C:\WINDOWS\system32\csrsrv.dll - ok
11:35:40.0531 3848  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
11:35:40.0531 3848  C:\WINDOWS\system32\csrss.exe - ok
11:35:40.0531 3848  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
11:35:40.0531 3848  C:\WINDOWS\system32\winsrv.dll - ok
11:35:40.0531 3848  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\gdi32.dll - ok
11:35:40.0531 3848  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\kernel32.dll - ok
11:35:40.0531 3848  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\user32.dll - ok
11:35:40.0531 3848  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
11:35:40.0531 3848  C:\WINDOWS\system32\drivers\dxg.sys - ok
11:35:40.0531 3848  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
11:35:40.0531 3848  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
11:35:40.0531 3848  [ C03C86B0CBF03B27875AE1AD474D6300 ] C:\WINDOWS\system32\igxpgd32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\igxpgd32.dll - ok
11:35:40.0531 3848  [ E54A344999FD9766932E25CEC216DAB2 ] C:\WINDOWS\system32\igxprd32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\igxprd32.dll - ok
11:35:40.0531 3848  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
11:35:40.0531 3848  C:\WINDOWS\system32\vga.dll - ok
11:35:40.0531 3848  [ 32B19D35A6B5078AA6BA40EBB51A0DC2 ] C:\WINDOWS\system32\igxpdv32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\igxpdv32.dll - ok
11:35:40.0531 3848  [ F54F4663824B327479B738EBF28F4805 ] C:\WINDOWS\system32\igxpdx32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\igxpdx32.dll - ok
11:35:40.0531 3848  [ F159A81B85E2207A4C73417951DA0AFE ] C:\WINDOWS\system32\smsmdd.dll
11:35:40.0531 3848  C:\WINDOWS\system32\smsmdd.dll - ok
11:35:40.0531 3848  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
11:35:40.0531 3848  C:\WINDOWS\system32\winlogon.exe - ok
11:35:40.0531 3848  [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] C:\WINDOWS\system32\advapi32.dll
11:35:40.0531 3848  C:\WINDOWS\system32\advapi32.dll - ok
11:35:40.0547 3848  [ B979D9D1C8073DA21A7F80345F306A1D ] C:\WINDOWS\system32\rpcrt4.dll
11:35:40.0547 3848  C:\WINDOWS\system32\rpcrt4.dll - ok
11:35:40.0547 3848  [ 7459C16CC3EF4651CAB7C9260E43FC58 ] C:\WINDOWS\system32\secur32.dll
11:35:40.0547 3848  C:\WINDOWS\system32\secur32.dll - ok
11:35:40.0547 3848  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
11:35:40.0547 3848  C:\WINDOWS\system32\authz.dll - ok
11:35:40.0547 3848  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
11:35:40.0547 3848  C:\WINDOWS\system32\msvcrt.dll - ok
11:35:40.0547 3848  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
11:35:40.0547 3848  C:\WINDOWS\system32\crypt32.dll - ok
11:35:40.0547 3848  [ A11F1EA5346165347BF54C1F959C3FBC ] C:\WINDOWS\system32\msasn1.dll
11:35:40.0547 3848  C:\WINDOWS\system32\msasn1.dll - ok
11:35:40.0547 3848  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
11:35:40.0547 3848  C:\WINDOWS\system32\nddeapi.dll - ok
11:35:40.0547 3848  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
11:35:40.0547 3848  C:\WINDOWS\system32\profmap.dll - ok
11:35:40.0547 3848  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
11:35:40.0547 3848  C:\WINDOWS\system32\netapi32.dll - ok
11:35:40.0547 3848  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
11:35:40.0547 3848  C:\WINDOWS\system32\userenv.dll - ok
11:35:40.0547 3848  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
11:35:40.0547 3848  C:\WINDOWS\system32\psapi.dll - ok
11:35:40.0547 3848  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
11:35:40.0547 3848  C:\WINDOWS\system32\regapi.dll - ok
11:35:40.0547 3848  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
11:35:40.0547 3848  C:\WINDOWS\system32\setupapi.dll - ok
11:35:40.0547 3848  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
11:35:40.0547 3848  C:\WINDOWS\system32\version.dll - ok
11:35:40.0547 3848  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
11:35:40.0563 3848  C:\WINDOWS\system32\winsta.dll - ok
11:35:40.0563 3848  [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
11:35:40.0563 3848  C:\WINDOWS\system32\wintrust.dll - ok
11:35:40.0563 3848  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
11:35:40.0563 3848  C:\WINDOWS\system32\imagehlp.dll - ok
11:35:40.0563 3848  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
11:35:40.0563 3848  C:\WINDOWS\system32\ws2_32.dll - ok
11:35:40.0563 3848  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
11:35:40.0563 3848  C:\WINDOWS\system32\ws2help.dll - ok
11:35:40.0578 3848  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
11:35:40.0578 3848  C:\WINDOWS\system32\imm32.dll - ok
11:35:40.0578 3848  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
11:35:40.0578 3848  C:\WINDOWS\system32\kbdus.dll - ok
11:35:40.0578 3848  [ 1DF6E4758611E1328567BFE4D1B28E27 ] C:\WINDOWS\system32\kbdbu.dll
11:35:40.0578 3848  C:\WINDOWS\system32\kbdbu.dll - ok
11:35:40.0578 3848  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
11:35:40.0578 3848  C:\WINDOWS\system32\msgina.dll - ok
11:35:40.0578 3848  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
11:35:40.0578 3848  C:\WINDOWS\system32\comctl32.dll - ok
11:35:40.0594 3848  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
11:35:40.0594 3848  C:\WINDOWS\system32\odbc32.dll - ok
11:35:40.0594 3848  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
11:35:40.0594 3848  C:\WINDOWS\system32\comdlg32.dll - ok
11:35:40.0594 3848  [ E86423AA9AA8C382AF02B94A058DC2AA ] C:\WINDOWS\system32\shell32.dll
11:35:40.0594 3848  C:\WINDOWS\system32\shell32.dll - ok
11:35:40.0594 3848  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
11:35:40.0594 3848  C:\WINDOWS\system32\shlwapi.dll - ok
11:35:40.0609 3848  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
11:35:40.0609 3848  C:\WINDOWS\system32\sxs.dll - ok
11:35:40.0609 3848  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:35:40.0609 3848  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:35:40.0609 3848  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
11:35:40.0609 3848  C:\WINDOWS\system32\odbcint.dll - ok
11:35:40.0609 3848  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
11:35:40.0609 3848  C:\WINDOWS\system32\shsvcs.dll - ok
11:35:40.0609 3848  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
11:35:40.0609 3848  C:\WINDOWS\system32\sfc.dll - ok
11:35:40.0625 3848  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
11:35:40.0625 3848  C:\WINDOWS\system32\sfc_os.dll - ok
11:35:40.0625 3848  [ 7A6A7900B5E322763430BA6FD9A31224 ] C:\WINDOWS\system32\ole32.dll
11:35:40.0625 3848  C:\WINDOWS\system32\ole32.dll - ok
11:35:40.0625 3848  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
11:35:40.0625 3848  C:\WINDOWS\system32\apphelp.dll - ok
11:35:40.0625 3848  [ EA9AAA0B9BBF9B24FD3CAECC7FD69A1E ] C:\WINDOWS\system32\lsasrv.dll
11:35:40.0625 3848  C:\WINDOWS\system32\lsasrv.dll - ok
11:35:40.0640 3848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
11:35:40.0640 3848  C:\WINDOWS\system32\lsass.exe - ok
11:35:40.0640 3848  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
11:35:40.0640 3848  C:\WINDOWS\system32\ncobjapi.dll - ok
11:35:40.0640 3848  [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
11:35:40.0640 3848  C:\WINDOWS\system32\services.exe - ok
11:35:40.0640 3848  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
11:35:40.0640 3848  C:\WINDOWS\system32\msvcp60.dll - ok
11:35:40.0640 3848  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
11:35:40.0640 3848  C:\WINDOWS\system32\scesrv.dll - ok
11:35:40.0656 3848  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
11:35:40.0656 3848  C:\WINDOWS\system32\mpr.dll - ok
11:35:40.0656 3848  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
11:35:40.0656 3848  C:\WINDOWS\system32\ntdsapi.dll - ok
11:35:40.0656 3848  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
11:35:40.0656 3848  C:\WINDOWS\system32\umpnpmgr.dll - ok
11:35:40.0656 3848  [ 0A3325D38DB90792BBBE01334F273974 ] C:\WINDOWS\system32\dnsapi.dll
11:35:40.0656 3848  C:\WINDOWS\system32\dnsapi.dll - ok
11:35:40.0656 3848  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
11:35:40.0656 3848  C:\WINDOWS\system32\shimeng.dll - ok
11:35:40.0671 3848  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
11:35:40.0671 3848  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
11:35:40.0671 3848  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
11:35:40.0671 3848  C:\WINDOWS\system32\samlib.dll - ok
11:35:40.0671 3848  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
11:35:40.0671 3848  C:\WINDOWS\system32\wldap32.dll - ok
11:35:40.0671 3848  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
11:35:40.0671 3848  C:\WINDOWS\system32\samsrv.dll - ok
11:35:40.0671 3848  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
11:35:40.0671 3848  C:\WINDOWS\system32\cryptdll.dll - ok
11:35:40.0687 3848  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
11:35:40.0687 3848  C:\WINDOWS\AppPatch\AcGenral.dll - ok
11:35:40.0687 3848  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
11:35:40.0687 3848  C:\WINDOWS\system32\winmm.dll - ok
11:35:40.0687 3848  [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
11:35:40.0687 3848  C:\WINDOWS\system32\oleaut32.dll - ok
11:35:40.0687 3848  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
11:35:40.0687 3848  C:\WINDOWS\system32\msacm32.dll - ok
11:35:40.0687 3848  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
11:35:40.0687 3848  C:\WINDOWS\system32\uxtheme.dll - ok
11:35:40.0702 3848  [ 30ACE70B3C0242F0D1AC3B4FA708710F ] C:\WINDOWS\system32\schannel.dll
11:35:40.0702 3848  C:\WINDOWS\system32\schannel.dll - ok
11:35:40.0702 3848  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME
11:35:40.0702 3848  C:\WINDOWS\system32\MSCTFIME.IME - ok
11:35:40.0702 3848  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
11:35:40.0702 3848  C:\WINDOWS\system32\msprivs.dll - ok
11:35:40.0702 3848  [ B17DEFD576AE373E7A1A2C75665E4549 ] C:\WINDOWS\system32\kerberos.dll
11:35:40.0702 3848  C:\WINDOWS\system32\kerberos.dll - ok
11:35:40.0702 3848  [ 34EF4739A4D9D09A96069198F42B8D99 ] C:\WINDOWS\system32\atmfd.dll
11:35:40.0702 3848  C:\WINDOWS\system32\atmfd.dll - ok
11:35:40.0702 3848  [ 0F152F4E57FDF9E8E8BDFEA583A4926B ] C:\WINDOWS\system32\msv1_0.dll
11:35:40.0702 3848  C:\WINDOWS\system32\msv1_0.dll - ok
11:35:40.0702 3848  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
11:35:40.0702 3848  C:\WINDOWS\system32\iphlpapi.dll - ok
11:35:40.0702 3848  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
11:35:40.0702 3848  C:\WINDOWS\system32\netlogon.dll - ok
11:35:40.0702 3848  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
11:35:40.0702 3848  C:\WINDOWS\system32\w32time.dll - ok
11:35:40.0702 3848  [ CEFCC6A64983EB8119F3A07A0C1EDE30 ] C:\WINDOWS\system32\wdigest.dll
11:35:40.0702 3848  C:\WINDOWS\system32\wdigest.dll - ok
11:35:40.0702 3848  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
11:35:40.0702 3848  C:\WINDOWS\system32\rsaenh.dll - ok
11:35:40.0702 3848  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
11:35:40.0702 3848  C:\WINDOWS\system32\winscard.dll - ok
11:35:40.0702 3848  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
11:35:40.0702 3848  C:\WINDOWS\system32\wtsapi32.dll - ok
11:35:40.0702 3848  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
11:35:40.0702 3848  C:\WINDOWS\system32\scecli.dll - ok
11:35:40.0702 3848  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
11:35:40.0702 3848  C:\WINDOWS\system32\svchost.exe - ok
11:35:40.0718 3848  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
11:35:40.0718 3848  C:\WINDOWS\system32\ntmarta.dll - ok
11:35:40.0718 3848  [ 2589FE6015A316C0F5D5112B4DA7B509 ] C:\WINDOWS\system32\rpcss.dll
11:35:40.0718 3848  C:\WINDOWS\system32\rpcss.dll - ok
11:35:40.0718 3848  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
11:35:40.0718 3848  C:\WINDOWS\system32\xpsp2res.dll - ok
11:35:40.0718 3848  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
11:35:40.0718 3848  C:\WINDOWS\system32\eventlog.dll - ok
11:35:40.0718 3848  [ B4138E99236F0F57D4CF49BAE98A0746 ] C:\WINDOWS\system32\mswsock.dll
11:35:40.0718 3848  C:\WINDOWS\system32\mswsock.dll - ok
11:35:40.0718 3848  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
11:35:40.0718 3848  C:\WINDOWS\system32\hnetcfg.dll - ok
11:35:40.0718 3848  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
11:35:40.0718 3848  C:\WINDOWS\system32\wshtcpip.dll - ok
11:35:40.0718 3848  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
11:35:40.0718 3848  C:\WINDOWS\system32\winrnr.dll - ok
11:35:40.0718 3848  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
11:35:40.0718 3848  C:\WINDOWS\system32\rasadhlp.dll - ok
11:35:40.0718 3848  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
11:35:40.0718 3848  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
11:35:40.0718 3848  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
11:35:40.0718 3848  C:\WINDOWS\system32\dhcpcsvc.dll - ok
11:35:40.0718 3848  [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
11:35:40.0718 3848  C:\WINDOWS\system32\dnsrslvr.dll - ok
11:35:40.0718 3848  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
11:35:40.0718 3848  C:\WINDOWS\system32\lmhsvc.dll - ok
11:35:40.0718 3848  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
11:35:40.0718 3848  C:\WINDOWS\system32\wzcsvc.dll - ok
11:35:40.0718 3848  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
11:35:40.0718 3848  C:\WINDOWS\system32\rtutils.dll - ok
11:35:40.0733 3848  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
11:35:40.0733 3848  C:\WINDOWS\system32\atl.dll - ok
11:35:40.0733 3848  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
11:35:40.0733 3848  C:\WINDOWS\system32\eapolqec.dll - ok
11:35:40.0733 3848  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
11:35:40.0733 3848  C:\WINDOWS\system32\qutil.dll - ok
11:35:40.0733 3848  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
11:35:40.0733 3848  C:\WINDOWS\system32\wmi.dll - ok
11:35:40.0733 3848  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
11:35:40.0733 3848  C:\WINDOWS\system32\dot3api.dll - ok
11:35:40.0733 3848  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
11:35:40.0733 3848  C:\WINDOWS\system32\esent.dll - ok
11:35:40.0733 3848  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
11:35:40.0733 3848  C:\WINDOWS\system32\clbcatq.dll - ok
11:35:40.0733 3848  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
11:35:40.0733 3848  C:\WINDOWS\system32\comres.dll - ok
11:35:40.0733 3848  [ 036D3962F2086BF2A98E2873CE153828 ] C:\WINDOWS\system32\rastls.dll
11:35:40.0733 3848  C:\WINDOWS\system32\rastls.dll - ok
11:35:40.0733 3848  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
11:35:40.0733 3848  C:\WINDOWS\system32\cryptui.dll - ok
11:35:40.0733 3848  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
11:35:40.0733 3848  C:\WINDOWS\system32\cscdll.dll - ok
11:35:40.0733 3848  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
11:35:40.0733 3848  C:\WINDOWS\system32\dimsntfy.dll - ok
11:35:40.0733 3848  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
11:35:40.0733 3848  C:\WINDOWS\system32\wlnotify.dll - ok
11:35:40.0733 3848  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
11:35:40.0733 3848  C:\WINDOWS\system32\winspool.drv - ok
11:35:40.0733 3848  [ 6CE32F7778061CCC5814D5E0F282D369 ] C:\WINDOWS\system32\wininet.dll
11:35:40.0733 3848  C:\WINDOWS\system32\wininet.dll - ok
11:35:40.0749 3848  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
11:35:40.0749 3848  C:\WINDOWS\system32\normaliz.dll - ok
11:35:40.0749 3848  [ 05642AE6A7BDAA7541A7451F5A4C6512 ] C:\WINDOWS\system32\urlmon.dll
11:35:40.0749 3848  C:\WINDOWS\system32\urlmon.dll - ok
11:35:40.0749 3848  [ 58BD4689E1DCD40A903721D7EF45F2EC ] C:\WINDOWS\system32\iertutil.dll
11:35:40.0749 3848  C:\WINDOWS\system32\iertutil.dll - ok
11:35:40.0749 3848  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
11:35:40.0749 3848  C:\WINDOWS\system32\mprapi.dll - ok
11:35:40.0749 3848  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
11:35:40.0749 3848  C:\WINDOWS\system32\activeds.dll - ok
11:35:40.0749 3848  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
11:35:40.0749 3848  C:\WINDOWS\system32\adsldpc.dll - ok
11:35:40.0749 3848  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
11:35:40.0749 3848  C:\WINDOWS\system32\rasapi32.dll - ok
11:35:40.0749 3848  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
11:35:40.0749 3848  C:\WINDOWS\system32\rasman.dll - ok
11:35:40.0749 3848  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
11:35:40.0749 3848  C:\WINDOWS\system32\tapi32.dll - ok
11:35:40.0749 3848  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
11:35:40.0749 3848  C:\WINDOWS\system32\riched20.dll - ok
11:35:40.0749 3848  [ ED43F00CD77E72483A8625AC4F32D8D8 ] C:\WINDOWS\system32\raschap.dll
11:35:40.0749 3848  C:\WINDOWS\system32\raschap.dll - ok
11:35:40.0749 3848  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
11:35:40.0749 3848  C:\WINDOWS\system32\schedsvc.dll - ok
11:35:40.0749 3848  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
11:35:40.0749 3848  C:\WINDOWS\system32\msidle.dll - ok
11:35:40.0749 3848  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
11:35:40.0749 3848  C:\WINDOWS\system32\spoolsv.exe - ok
11:35:40.0749 3848  [ 55E759E64F3CE49719C4365EE9265FC9 ] C:\Program Files\IDT\WDM\stacsv.exe
11:35:40.0749 3848  C:\Program Files\IDT\WDM\stacsv.exe - ok
11:35:40.0765 3848  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
11:35:40.0765 3848  C:\WINDOWS\system32\audiosrv.dll - ok
11:35:40.0765 3848  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
11:35:40.0765 3848  C:\WINDOWS\system32\dsound.dll - ok
11:35:40.0765 3848  [ 045996FC1D651CF8FE95EC17EA0A01A0 ] C:\WINDOWS\system32\stacapi.dll
11:35:40.0765 3848  C:\WINDOWS\system32\stacapi.dll - ok
11:35:40.0765 3848  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
11:35:40.0765 3848  C:\WINDOWS\system32\wdmaud.drv - ok
11:35:40.0765 3848  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
11:35:40.0765 3848  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
11:35:40.0765 3848  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\splitter.sys - ok
11:35:40.0765 3848  [ 86D007E7A654B9A71D1D7D856B104353 ] C:\WINDOWS\system32\scardsvr.exe
11:35:40.0765 3848  C:\WINDOWS\system32\scardsvr.exe - ok
11:35:40.0765 3848  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\aec.sys - ok
11:35:40.0765 3848  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\swmidi.sys - ok
11:35:40.0765 3848  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\DMusic.sys - ok
11:35:40.0765 3848  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] C:\WINDOWS\system32\wkssvc.dll
11:35:40.0765 3848  C:\WINDOWS\system32\wkssvc.dll - ok
11:35:40.0765 3848  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\kmixer.sys - ok
11:35:40.0765 3848  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
11:35:40.0765 3848  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
11:35:40.0765 3848  [ F51F8E81655AA6D5F0F3914C480C88F1 ] D:\Lotus\notes\nslsvice.exe
11:35:40.0765 3848  D:\Lotus\notes\nslsvice.exe - ok
11:35:40.0780 3848  [ 86F1895AE8C5E8B17D99ECE768A70732 ] D:\Lotus\notes\msvcr71.dll
11:35:40.0780 3848  D:\Lotus\notes\msvcr71.dll - ok
11:35:40.0780 3848  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
11:35:40.0780 3848  C:\WINDOWS\system32\msacm32.drv - ok
11:35:40.0780 3848  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
11:35:40.0780 3848  C:\WINDOWS\system32\midimap.dll - ok
11:35:40.0780 3848  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
11:35:40.0780 3848  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
11:35:40.0780 3848  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
11:35:40.0780 3848  C:\WINDOWS\system32\webclnt.dll - ok
11:35:40.0780 3848  [ B857BA82860D7FF85AE29B095645563B ] C:\WINDOWS\system32\netdde.exe
11:35:40.0780 3848  C:\WINDOWS\system32\netdde.exe - ok
11:35:40.0780 3848  [ 0709321C452771521DBD21523E455CA3 ] C:\WINDOWS\system32\nddenb32.dll
11:35:40.0780 3848  C:\WINDOWS\system32\nddenb32.dll - ok
11:35:40.0780 3848  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
11:35:40.0780 3848  C:\WINDOWS\system32\wsock32.dll - ok
11:35:40.0780 3848  [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
11:35:40.0780 3848  C:\WINDOWS\system32\icmp.dll - ok
11:35:40.0780 3848  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
11:35:40.0780 3848  C:\WINDOWS\system32\drivers\parvdm.sys - ok
11:35:40.0780 3848  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
11:35:40.0780 3848  C:\WINDOWS\system32\drivers\serial.sys - ok
11:35:40.0780 3848  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] C:\WINDOWS\system32\msdtc.exe
11:35:40.0780 3848  C:\WINDOWS\system32\msdtc.exe - ok
11:35:40.0780 3848  [ FB48946E4DC87309A05F3694970703BA ] C:\WINDOWS\system32\msdtctm.dll
11:35:40.0780 3848  C:\WINDOWS\system32\msdtctm.dll - ok
11:35:40.0780 3848  [ 3D0F0D886AC5BDD9ECB1A6FB15729C93 ] C:\WINDOWS\system32\msdtclog.dll
11:35:40.0780 3848  C:\WINDOWS\system32\msdtclog.dll - ok
11:35:40.0780 3848  [ 3FE4E646DBF75864EA5ECC73402F3EBE ] C:\WINDOWS\system32\msdtcprx.dll
11:35:40.0780 3848  C:\WINDOWS\system32\msdtcprx.dll - ok
11:35:40.0796 3848  [ 72CD04A8789BEFAB99F06658A41D10C9 ] C:\WINDOWS\system32\mtxclu.dll
11:35:40.0796 3848  C:\WINDOWS\system32\mtxclu.dll - ok
11:35:40.0796 3848  [ AE3470D2BF8F16FD93FA54167B87172D ] C:\WINDOWS\system32\xolehlp.dll
11:35:40.0796 3848  C:\WINDOWS\system32\xolehlp.dll - ok
11:35:40.0796 3848  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
11:35:40.0796 3848  C:\WINDOWS\system32\clusapi.dll - ok
11:35:40.0796 3848  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
11:35:40.0796 3848  C:\WINDOWS\system32\resutils.dll - ok
11:35:40.0796 3848  [ 98A70D16C400CF422962247B238283DC ] C:\WINDOWS\system32\mtxoci.dll
11:35:40.0796 3848  C:\WINDOWS\system32\mtxoci.dll - ok
11:35:40.0796 3848  [ 43CDBE5D6918262BE29E14AF61CF4C17 ] C:\Oracle10\BIN\oci.dll
11:35:40.0796 3848  C:\Oracle10\BIN\oci.dll - ok
11:35:40.0796 3848  [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\WINDOWS\system32\MSVCR71.DLL
11:35:40.0796 3848  C:\WINDOWS\system32\MSVCR71.DLL - ok
11:35:40.0796 3848  [ EB4E26AD3A0E681C2FAABBACB0691A34 ] C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe - ok
11:35:40.0796 3848  [ 1F2438D15D4434DA44DD7D8DE4159685 ] C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapr-1.dll
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapr-1.dll - ok
11:35:40.0796 3848  [ 509EDF80BBD3F6E6AF60CEAF17026666 ] C:\Program Files\Apache Software Foundation\Apache2.2\bin\libaprutil-1.dll
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\bin\libaprutil-1.dll - ok
11:35:40.0796 3848  [ 19F4219C97EF015D0078432C2597CFC0 ] C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapriconv-1.dll
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapriconv-1.dll - ok
11:35:40.0796 3848  [ 20AC622A9D5070C6DA7FCD4B89ED4BE7 ] C:\Program Files\Apache Software Foundation\Apache2.2\bin\libhttpd.dll
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\bin\libhttpd.dll - ok
11:35:40.0796 3848  [ F6E46F07638518CE8D94E80E3344846A ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_actions.so
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_actions.so - ok
11:35:40.0796 3848  [ 41728BAD7AC7938AD59B1D32660D01CE ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_alias.so
11:35:40.0796 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_alias.so - ok
11:35:40.0811 3848  [ B98B0D2086ABDA31C28D40FBA4C31F25 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_asis.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_asis.so - ok
11:35:40.0811 3848  [ 3C245B80A03913A4876E1AA9C0F6AA7B ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_default.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_default.so - ok
11:35:40.0811 3848  [ 499675E1FB89D7CC0D9BC06904B56875 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_auth_basic.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_auth_basic.so - ok
11:35:40.0811 3848  [ 15D3E9C852759F2639127114C7474CEE ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_file.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_file.so - ok
11:35:40.0811 3848  [ 154B938B3D777A6AD1486DCDDDB9475A ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_default.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_default.so - ok
11:35:40.0811 3848  [ 190CBA90E9087AE6267698FC1E5E4A0C ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_groupfile.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_groupfile.so - ok
11:35:40.0811 3848  [ 7CF7744CEC4C9A2377EA442D8B04A4B6 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_host.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_host.so - ok
11:35:40.0811 3848  [ CF65862359C601867AC7D4AB10100E6B ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_user.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_user.so - ok
11:35:40.0811 3848  [ 6D0A402BEA57A82A3A40485F392917C4 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_autoindex.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_autoindex.so - ok
11:35:40.0811 3848  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
11:35:40.0811 3848  C:\WINDOWS\system32\cryptsvc.dll - ok
11:35:40.0811 3848  [ 9318EB3884B7BEC672C3ED3224667E3F ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_cgi.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_cgi.so - ok
11:35:40.0811 3848  [ 700DA46A1EFFFA317D491E74890F7D3D ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_dir.so
11:35:40.0811 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_dir.so - ok
11:35:40.0811 3848  [ 1A0DCC79C28B9D44BCBEC5E039A91F80 ] C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
11:35:40.0811 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe - ok
11:35:40.0811 3848  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
11:35:40.0811 3848  C:\WINDOWS\system32\certcli.dll - ok
11:35:40.0811 3848  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
11:35:40.0811 3848  C:\WINDOWS\system32\qmgr.dll - ok
11:35:40.0827 3848  [ C79E3DFA6ECC23848413B8D3E59D8F02 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_env.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_env.so - ok
11:35:40.0827 3848  [ 94B262EF649FEF20A44347C73EF14F22 ] C:\Program Files\McAfee\Host Intrusion Prevention\HpmRegistry.dll
11:35:40.0827 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HpmRegistry.dll - ok
11:35:40.0827 3848  [ EB015749EC82765DB45853E4DBB92FF4 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_include.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_include.so - ok
11:35:40.0827 3848  [ 072B1288A722CA25E899BA7501700707 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_isapi.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_isapi.so - ok
11:35:40.0827 3848  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
11:35:40.0827 3848  C:\WINDOWS\system32\dmserver.dll - ok
11:35:40.0827 3848  [ 3FD5A421BD413555AD1D4B8699AEA28D ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_log_config.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_log_config.so - ok
11:35:40.0827 3848  [ 441E7F50EEE1ABD10CB99AA59654CAB8 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_mime.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_mime.so - ok
11:35:40.0827 3848  [ A846B7C21C35562E933CECDECB5D1C21 ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_negotiation.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_negotiation.so - ok
11:35:40.0827 3848  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
11:35:40.0827 3848  C:\WINDOWS\system32\shfolder.dll - ok
11:35:40.0827 3848  [ 9C3DB8A961211CA3112694997ECEA9B5 ] C:\Program Files\McAfee\Host Intrusion Prevention\DebugLog.dll
11:35:40.0827 3848  C:\Program Files\McAfee\Host Intrusion Prevention\DebugLog.dll - ok
11:35:40.0827 3848  [ F2BA72BA07CA78F4AA4AFDDD9C3AB792 ] C:\WINDOWS\system32\winhttp.dll
11:35:40.0827 3848  C:\WINDOWS\system32\winhttp.dll - ok
11:35:40.0827 3848  [ C82D6747D75302C2E0164431B7CEE8ED ] C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_setenvif.so
11:35:40.0827 3848  C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_setenvif.so - ok
11:35:40.0827 3848  [ 0B685C6114C138EC6D02D0946029C761 ] C:\Program Files\McAfee\Host Intrusion Prevention\FireCore.dll
11:35:40.0827 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireCore.dll - ok
11:35:40.0827 3848  [ ADA33EDA74475260A54214BE3F2E5103 ] C:\Program Files\PHP\php5apache2_2.dll
11:35:40.0827 3848  C:\Program Files\PHP\php5apache2_2.dll - ok
11:35:40.0842 3848  [ 8AD4E86CD83B6AE555DF99F65B6B2FE4 ] C:\Program Files\PHP\php5ts.dll
11:35:40.0842 3848  C:\Program Files\PHP\php5ts.dll - ok
11:35:40.0842 3848  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
11:35:40.0842 3848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
11:35:40.0842 3848  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
11:35:40.0842 3848  C:\WINDOWS\system32\netman.dll - ok
11:35:40.0842 3848  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
11:35:40.0842 3848  C:\WINDOWS\system32\netshell.dll - ok
11:35:40.0842 3848  [ 984444149948284B5D1B04B6BE53201F ] C:\Program Files\McAfee\Host Intrusion Prevention\FireCL.dll
11:35:40.0842 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireCL.dll - ok
11:35:40.0842 3848  [ 0D472467FF5FB9B0AC90A017DEA2EBAC ] C:\Program Files\McAfee\Host Intrusion Prevention\FireCNL.dll
11:35:40.0842 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireCNL.dll - ok
11:35:40.0842 3848  [ 5D800665EE32FD661BCB52A6A7CCC526 ] C:\Program Files\McAfee\Host Intrusion Prevention\FireComm.dll
11:35:40.0842 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireComm.dll - ok
11:35:40.0842 3848  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
11:35:40.0842 3848  C:\WINDOWS\system32\credui.dll - ok
11:35:40.0842 3848  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
11:35:40.0842 3848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
11:35:40.0842 3848  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
11:35:40.0842 3848  C:\WINDOWS\system32\dot3dlg.dll - ok
11:35:40.0842 3848  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
11:35:40.0842 3848  C:\WINDOWS\system32\onex.dll - ok
11:35:40.0842 3848  [ 02BCCD9E311A43FF42B8CFE5FD75ACB8 ] C:\Program Files\McAfee\Host Intrusion Prevention\MngFirecore.dll
11:35:40.0842 3848  C:\Program Files\McAfee\Host Intrusion Prevention\MngFirecore.dll - ok
11:35:40.0842 3848  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
11:35:40.0842 3848  C:\WINDOWS\system32\eappcfg.dll - ok
11:35:40.0842 3848  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
11:35:40.0842 3848  C:\WINDOWS\system32\eappprxy.dll - ok
11:35:40.0858 3848  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
11:35:40.0858 3848  C:\WINDOWS\system32\wzcsapi.dll - ok
11:35:40.0858 3848  [ 590D6BD53EA42631525A56C0A3E96015 ] C:\Program Files\McAfee\Host Intrusion Prevention\ts.dll
11:35:40.0858 3848  C:\Program Files\McAfee\Host Intrusion Prevention\ts.dll - ok
11:35:40.0858 3848  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
11:35:40.0858 3848  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
11:35:40.0858 3848  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
11:35:40.0858 3848  C:\WINDOWS\system32\ersvc.dll - ok
11:35:40.0858 3848  [ 19A799805B24990867B00C120D300C3A ] C:\WINDOWS\system32\es.dll
11:35:40.0858 3848  C:\WINDOWS\system32\es.dll - ok
11:35:40.0858 3848  [ 92E16F5D034E7864DA308BA6309A98B7 ] C:\Program Files\Java\jre7\bin\jqs.exe
11:35:40.0858 3848  C:\Program Files\Java\jre7\bin\jqs.exe - ok
11:35:40.0858 3848  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
11:35:40.0858 3848  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
11:35:40.0858 3848  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
11:35:40.0858 3848  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
11:35:40.0858 3848  [ 64069399322E314DE1D008FC6A7FF529 ] C:\Program Files\PHP\ext\php_curl.dll
11:35:40.0858 3848  C:\Program Files\PHP\ext\php_curl.dll - ok
11:35:40.0858 3848  [ 5454607F90878D7CD0BCDB6E0D3F235F ] C:\WINDOWS\system32\pdh.dll
11:35:40.0858 3848  C:\WINDOWS\system32\pdh.dll - ok
11:35:40.0858 3848  [ 6B1246A5ACB66B077B3E9C8EE2E6A3DF ] C:\WINDOWS\system32\libeay32.dll
11:35:40.0858 3848  C:\WINDOWS\system32\libeay32.dll - ok
11:35:40.0858 3848  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
11:35:40.0858 3848  C:\WINDOWS\system32\odbcbcp.dll - ok
11:35:40.0858 3848  [ 064785841A7CA5B9222942CAD01585EE ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
11:35:40.0858 3848  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
11:35:40.0858 3848  [ C34411A244029F1C08687F7C752C4563 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:35:40.0858 3848  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
11:35:40.0858 3848  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
11:35:40.0858 3848  C:\WINDOWS\system32\netmsg.dll - ok
11:35:40.0873 3848  [ F385F4B02C535BFFE1D70CAB80838123 ] C:\WINDOWS\system32\srvsvc.dll
11:35:40.0873 3848  C:\WINDOWS\system32\srvsvc.dll - ok
11:35:40.0873 3848  [ E1F3B02F7670B6F92CF05AC7628297AA ] C:\WINDOWS\system32\ssleay32.dll
11:35:40.0873 3848  C:\WINDOWS\system32\ssleay32.dll - ok
11:35:40.0873 3848  [ D88D1F0CD20E73BDC6A6866FA37DBBB8 ] C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\CLibRL.dll
11:35:40.0873 3848  C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\CLibRL.dll - ok
11:35:40.0873 3848  [ 06921CBEAC7F80FA08FFB2315198E4FE ] C:\Program Files\PHP\ext\php_gd2.dll
11:35:40.0873 3848  C:\Program Files\PHP\ext\php_gd2.dll - ok
11:35:40.0873 3848  [ 9FDE3D58DB5508F167846522F8951449 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
11:35:40.0873 3848  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
11:35:40.0873 3848  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
11:35:40.0873 3848  C:\WINDOWS\system32\drivers\srv.sys - ok
11:35:40.0873 3848  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
11:35:40.0873 3848  C:\WINDOWS\system32\perfos.dll - ok
11:35:40.0873 3848  [ 134A1875C3D1273291EACC8B8D969769 ] C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll
11:35:40.0873 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll - ok
11:35:40.0873 3848  [ 9FC641FA1518FB4F65A2119AB905EAB8 ] C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
11:35:40.0873 3848  C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe - ok
11:35:40.0873 3848  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
11:35:40.0873 3848  C:\WINDOWS\system32\perfdisk.dll - ok
11:35:40.0873 3848  [ 97F9EAAC985A663394CD8F54DCD3E73A ] C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:35:40.0873 3848  C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
11:35:40.0873 3848  [ 8151CC001EED48E35B9F52D417FFB742 ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
11:35:40.0873 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
11:35:40.0873 3848  [ 2098AF12149789FA6608422C8796F77C ] D:\Lotus\notes\SUService.exe
11:35:40.0873 3848  D:\Lotus\notes\SUService.exe - ok
11:35:40.0873 3848  [ 7CC4447372C8BBFD08095AA12CC46687 ] C:\Program Files\PHP\ext\php_mbstring.dll
11:35:40.0873 3848  C:\Program Files\PHP\ext\php_mbstring.dll - ok
11:35:40.0873 3848  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
11:35:40.0873 3848  C:\WINDOWS\system32\msi.dll - ok
11:35:40.0889 3848  [ 64056710FBE789EF3F3879C821CB1750 ] D:\Lotus\notes\nsd.exe
11:35:40.0889 3848  D:\Lotus\notes\nsd.exe - ok
11:35:40.0889 3848  [ 375E1533B5FB996F40C44625B1C02DE9 ] C:\Program Files\PHP\ext\php_mysql.dll
11:35:40.0889 3848  C:\Program Files\PHP\ext\php_mysql.dll - ok
11:35:40.0889 3848  [ 794B33E7FC90A0B045F8F28DF7ED2169 ] C:\Program Files\PHP\ext\php_oci8.dll
11:35:40.0889 3848  C:\Program Files\PHP\ext\php_oci8.dll - ok
11:35:40.0889 3848  [ 3D5152BE0AFE82109B0D0CC46930B18C ] C:\Program Files\PHP\ext\php_sockets.dll
11:35:40.0889 3848  C:\Program Files\PHP\ext\php_sockets.dll - ok
11:35:40.0889 3848  [ A1BFB5A93C2E920BCDFF22253B3A5C77 ] C:\Program Files\PHP\ext\php_saprfc.dll
11:35:40.0889 3848  C:\Program Files\PHP\ext\php_saprfc.dll - ok
11:35:40.0889 3848  [ 0628BB96B3B8134AC1F590D11596A648 ] C:\WINDOWS\system32\librfc32.dll
11:35:40.0889 3848  C:\WINDOWS\system32\librfc32.dll - ok
11:35:40.0889 3848  [ A17D6CEE69AC11B4EFB80E8169456097 ] C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll
11:35:40.0889 3848  C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll - ok
11:35:40.0889 3848  [ 74EDBB03DE3291FCF2094AF1FB363F1D ] D:\Lotus\notes\dbghelp_x86_v6.8.40.dll
11:35:40.0889 3848  D:\Lotus\notes\dbghelp_x86_v6.8.40.dll - ok
11:35:40.0889 3848  [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\WINDOWS\system32\MSVCP71.DLL
11:35:40.0889 3848  C:\WINDOWS\system32\MSVCP71.DLL - ok
11:35:40.0889 3848  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
11:35:40.0889 3848  C:\WINDOWS\system32\dbghelp.dll - ok
11:35:40.0889 3848  [ BB9BA4BD3E05E087BAE05A47EBB1E047 ] D:\Lotus\notes\nstrings.dll
11:35:40.0889 3848  D:\Lotus\notes\nstrings.dll - ok
11:35:40.0889 3848  [ 23CDE37EE00C95F0098D12CCE11B3507 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
11:35:40.0889 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe - ok
11:35:40.0889 3848  [ D3D547CFBD0C08EC0C603EC1EC8FBF03 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\SaSSHMod.dll
11:35:40.0889 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\SaSSHMod.dll - ok
11:35:40.0889 3848  [ B0559F2CC5D3DD83E79370BC24202C36 ] C:\Program Files\McAfee\DLP\Agent\fcags.exe
11:35:40.0889 3848  C:\Program Files\McAfee\DLP\Agent\fcags.exe - ok
11:35:40.0889 3848  [ 65D37E490163378639386FDB63F1F38A ] C:\Program Files\McAfee\SiteAdvisor Enterprise\ts.dll
11:35:40.0889 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\ts.dll - ok
11:35:40.0904 3848  [ B47210EDBE06E694C6E5F404E030B2A9 ] C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll
11:35:40.0904 3848  C:\Program Files\McAfee\DLP\Agent\fcdrvins.dll - ok
11:35:40.0904 3848  [ 734FD617C3ECB7ED51DD8A245085D183 ] C:\Program Files\McAfee\DLP\Agent\fcagsec.dll
11:35:40.0904 3848  C:\Program Files\McAfee\DLP\Agent\fcagsec.dll - ok
11:35:40.0904 3848  [ 62D10994D9FB7B04B01077320EE64D8A ] C:\Program Files\McAfee\SiteAdvisor Enterprise\McSAELpc.dll
11:35:40.0904 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\McSAELpc.dll - ok
11:35:40.0904 3848  [ CF73C3A03582408D422D4F7A01190D00 ] C:\Program Files\McAfee\DLP\Agent\DIFxAPI.dll
11:35:40.0904 3848  C:\Program Files\McAfee\DLP\Agent\DIFxAPI.dll - ok
11:35:40.0904 3848  [ EAE4280E82C866A9C71F654085DEC9B6 ] C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll
11:35:40.0904 3848  C:\Program Files\McAfee\DLP\Agent\cryptocme2.dll - ok
11:35:40.0904 3848  [ 113AF43673936E4F8C9D226E40E8F994 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\SASet.dll
11:35:40.0904 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\SASet.dll - ok
11:35:40.0904 3848  [ 7CE8053C3306F407F2454A62F7BB123B ] C:\Program Files\McAfee\DLP\Agent\ccme_base.dll
11:35:40.0904 3848  C:\Program Files\McAfee\DLP\Agent\ccme_base.dll - ok
11:35:40.0904 3848  [ 3EF9511390F9106DD8CF0747BAEB335C ] C:\Program Files\McAfee\Common Framework\FrameworkService.exe
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\FrameworkService.exe - ok
11:35:40.0904 3848  [ 5636BE2A22CF640D4F4D352B84FE4C8E ] C:\Program Files\McAfee\Common Framework\nailog3.dll
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\nailog3.dll - ok
11:35:40.0904 3848  [ 28776815734472797A5E3DA956DDC96D ] C:\Program Files\McAfee\Common Framework\cryptshim.dll
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\cryptshim.dll - ok
11:35:40.0904 3848  [ 4102BB99C109F8BD08AE960AE642F90B ] C:\Program Files\McAfee\Common Framework\mfecryptc.dll
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\mfecryptc.dll - ok
11:35:40.0904 3848  [ 65CC35E4B4B8B1A61A0442B618DA7D34 ] C:\Program Files\McAfee\Common Framework\naxml3_71.dll
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\naxml3_71.dll - ok
11:35:40.0904 3848  [ 423F311973E971183C62A7C1D1D7C27D ] C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACorePS.dll
11:35:40.0904 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACorePS.dll - ok
11:35:40.0904 3848  [ 58B80954FE56BB6DDC3B02CE9046C090 ] C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll
11:35:40.0904 3848  C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll - ok
11:35:40.0920 3848  [ 1EDB1DD3C5DE6A6F72B261D1507DF94D ] C:\Program Files\McAfee\Common Framework\AppLib.dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\AppLib.dll - ok
11:35:40.0920 3848  [ 86CF1CB4891D045D42A6DD55829C4FF5 ] C:\Program Files\McAfee\Common Framework\LpcRT_4IGTPW1F\mfelpc.dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\LpcRT_4IGTPW1F\mfelpc.dll - ok
11:35:40.0920 3848  [ E462B2BF2F620D3B55472B154E6EB1C8 ] C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\0409\AgentRes.Dll - ok
11:35:40.0920 3848  [ 1A36470A51CB61A5A3610968ACA81899 ] C:\Program Files\McAfee\VirusScan Enterprise\condl.dll
11:35:40.0920 3848  C:\Program Files\McAfee\VirusScan Enterprise\condl.dll - ok
11:35:40.0920 3848  [ 462EB5733C52471DB574727B5D1F77E4 ] C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
11:35:40.0920 3848  C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe - ok
11:35:40.0920 3848  [ C8246FE64DA28FDE1016C25D2FBC07A3 ] C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll
11:35:40.0920 3848  C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll - ok
11:35:40.0920 3848  [ 8AED85CA16A24CE477A2194C3EA34794 ] C:\Program Files\McAfee\Common Framework\Logging.dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\Logging.dll - ok
11:35:40.0920 3848  [ F7BA88C4CAC9AF3AF7B7AC073000E6B4 ] C:\Program Files\McAfee\Common Framework\UserSpace.Dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\UserSpace.Dll - ok
11:35:40.0920 3848  [ 14B7D9AC95AD3026682A500E1A4AB8CC ] C:\Program Files\McAfee\VirusScan Enterprise\wscav.dll
11:35:40.0920 3848  C:\Program Files\McAfee\VirusScan Enterprise\wscav.dll - ok
11:35:40.0920 3848  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
11:35:40.0920 3848  C:\WINDOWS\system32\lz32.dll - ok
11:35:40.0920 3848  [ 227E6861F1F9392BA51228FEDAAE1D68 ] C:\Program Files\McAfee\VirusScan Enterprise\traceapp.dll
11:35:40.0920 3848  C:\Program Files\McAfee\VirusScan Enterprise\traceapp.dll - ok
11:35:40.0920 3848  [ 1AB5B8ABEF792A7A95EC05439F9C9E1F ] C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll
11:35:40.0920 3848  C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll - ok
11:35:40.0920 3848  [ 15BB54415A3B2558AC0032F6154E9DFE ] C:\Program Files\McAfee\Common Framework\Management.dll
11:35:40.0920 3848  C:\Program Files\McAfee\Common Framework\Management.dll - ok
11:35:40.0920 3848  [ 8790DDD894DAB9FD9CF0F5F80A1F6C7B ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll
11:35:40.0920 3848  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll - ok
11:35:40.0935 3848  [ 600FFC529D95802D91ECB38B3641D2A8 ] C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll
11:35:40.0935 3848  C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll - ok
11:35:40.0935 3848  [ 32FF9258DC83D8B75AA60CB4E52B7525 ] C:\Program Files\McAfee\VirusScan Enterprise\Res0900\mcshield.dll
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\Res0900\mcshield.dll - ok
11:35:40.0935 3848  [ 7BA4399DD1B5326C4D463AD395796C90 ] C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\nailite.dll - ok
11:35:40.0935 3848  [ 39BBC296DEE075EC1D20B4CE4DE4119C ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
11:35:40.0935 3848  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
11:35:40.0935 3848  [ C83AD6959FAB6EB1003619FDC50B822D ] C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
11:35:40.0935 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll - ok
11:35:40.0935 3848  [ D5B98F824B43322E28C9EDAEA5C7184A ] C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe - ok
11:35:40.0935 3848  [ 1AB5B8ABEF792A7A95EC05439F9C9E1F ] C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\lockdown.dll - ok
11:35:40.0935 3848  [ 86CF1CB4891D045D42A6DD55829C4FF5 ] C:\Program Files\McAfee\Common Framework\mfelpc.dll
11:35:40.0935 3848  C:\Program Files\McAfee\Common Framework\mfelpc.dll - ok
11:35:40.0935 3848  [ 875FD4C9848C343E648D31F762F31F0D ] C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll - ok
11:35:40.0935 3848  [ 985C674C351CC1AFED56D04575824B41 ] C:\Program Files\McAfee\VirusScan Enterprise\vsevntui.dll
11:35:40.0935 3848  C:\Program Files\McAfee\VirusScan Enterprise\vsevntui.dll - ok
11:35:40.0935 3848  [ A720020089EE0545E54D1A338DAB36C7 ] C:\WINDOWS\system32\mfevtps.exe
11:35:40.0935 3848  C:\WINDOWS\system32\mfevtps.exe - ok
11:35:40.0935 3848  [ E75E05B939A8F350E063F2E11992850C ] C:\Program Files\McAfee\Common Framework\cryptocme2.dll
11:35:40.0935 3848  C:\Program Files\McAfee\Common Framework\cryptocme2.dll - ok
11:35:40.0935 3848  [ 7A5EFB5EED6D5F6C1D832EA6C71E4ED7 ] C:\Program Files\Common Files\McAfee\SystemCore\naevent.dll
11:35:40.0935 3848  C:\Program Files\Common Files\McAfee\SystemCore\naevent.dll - ok
11:35:40.0935 3848  [ 4ECEEFA8274896D242E0F9665D77F754 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\csm.dll
11:35:40.0935 3848  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\csm.dll - ok
11:35:40.0951 3848  [ B59226741551434E8B8A89A97FF339C4 ] C:\Program Files\McAfee\Common Framework\ccme_base.dll
11:35:40.0951 3848  C:\Program Files\McAfee\Common Framework\ccme_base.dll - ok
11:35:40.0951 3848  [ D4965780A9C669EC8532FE142D176C50 ] C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
11:35:40.0951 3848  C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe - ok
11:35:40.0951 3848  [ 3D06874CC29388DC236BF736AC881ECF ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll
11:35:40.0951 3848  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll - ok
11:35:40.0951 3848  [ 3D811BF538D6F359735D757C94F484B6 ] C:\WINDOWS\system32\msdbg2.dll
11:35:40.0951 3848  C:\WINDOWS\system32\msdbg2.dll - ok
11:35:40.0951 3848  [ 52696AF6078402B533517F240BEC8B69 ] C:\Program Files\McAfee\Common Framework\Genevtinf3.dll
11:35:40.0951 3848  C:\Program Files\McAfee\Common Framework\Genevtinf3.dll - ok
11:35:40.0951 3848  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
11:35:40.0951 3848  C:\WINDOWS\system32\ipsecsvc.dll - ok
11:35:40.0951 3848  [ 33CEB89B62589E8B12AEE9E2D523DADE ] C:\WINDOWS\system32\oakley.dll
11:35:40.0951 3848  C:\WINDOWS\system32\oakley.dll - ok
11:35:40.0951 3848  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
11:35:40.0951 3848  C:\WINDOWS\system32\regsvc.dll - ok
11:35:40.0951 3848  [ 01CC3B9349B244C752CDD99EFDA080BB ] C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
11:35:40.0951 3848  C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe - ok
11:35:40.0951 3848  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
11:35:40.0951 3848  C:\WINDOWS\system32\seclogon.dll - ok
11:35:40.0951 3848  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
11:35:40.0951 3848  C:\WINDOWS\system32\sensapi.dll - ok
11:35:40.0951 3848  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
11:35:40.0951 3848  C:\WINDOWS\system32\sens.dll - ok
11:35:40.0951 3848  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
11:35:40.0951 3848  C:\WINDOWS\system32\srsvc.dll - ok
11:35:40.0951 3848  [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
11:35:40.0951 3848  C:\WINDOWS\system32\ddraw.dll - ok
11:35:40.0951 3848  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
11:35:40.0951 3848  C:\WINDOWS\system32\pstorsvc.dll - ok
11:35:40.0967 3848  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
11:35:40.0967 3848  C:\WINDOWS\system32\winipsec.dll - ok
11:35:40.0967 3848  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
11:35:40.0967 3848  C:\WINDOWS\system32\powrprof.dll - ok
11:35:40.0967 3848  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
11:35:40.0967 3848  C:\WINDOWS\system32\psbase.dll - ok
11:35:40.0967 3848  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
11:35:40.0967 3848  C:\WINDOWS\system32\termsrv.dll - ok
11:35:40.0967 3848  [ A69CD6BDB82872999D2E46F9324ADA83 ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:35:40.0967 3848  C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
11:35:40.0967 3848  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
11:35:40.0967 3848  C:\WINDOWS\system32\trkwks.dll - ok
11:35:40.0967 3848  [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
11:35:40.0967 3848  C:\Program Files\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
11:35:40.0967 3848  [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
11:35:40.0967 3848  C:\WINDOWS\system32\dciman32.dll - ok
11:35:40.0967 3848  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
11:35:40.0967 3848  C:\WINDOWS\system32\dssenh.dll - ok
11:35:40.0967 3848  [ 33D9B7BB7BA323BAFE489DF033DAC824 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
11:35:40.0967 3848  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll - ok
11:35:40.0967 3848  [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
11:35:40.0967 3848  C:\Program Files\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
11:35:40.0967 3848  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
11:35:40.0967 3848  C:\WINDOWS\system32\icaapi.dll - ok
11:35:40.0967 3848  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
11:35:40.0967 3848  C:\WINDOWS\system32\mstlsapi.dll - ok
11:35:40.0967 3848  [ 787F0EF4799DC1168E4B1C9DFBC1829E ] C:\Program Files\McAfee\Common Framework\naPolicyManager.dll
11:35:40.0967 3848  C:\Program Files\McAfee\Common Framework\naPolicyManager.dll - ok
11:35:40.0982 3848  [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll
11:35:40.0982 3848  C:\WINDOWS\system32\rdpwsx.dll - ok
11:35:40.0982 3848  [ 829C122B942F3B5445A0BA31E302EFCD ] C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\naPrdMgr.exe - ok
11:35:40.0982 3848  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
11:35:40.0982 3848  C:\WINDOWS\system32\comsvcs.dll - ok
11:35:40.0982 3848  [ CE287105B87C10A956C0B18506452672 ] C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll - ok
11:35:40.0982 3848  [ 468D8CF59987F015693BFA048E4A8183 ] C:\Program Files\McAfee\Common Framework\updater.Dll
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\updater.Dll - ok
11:35:40.0982 3848  [ EE6AB3B1EC8C64EEAF946524DBE4A53C ] C:\Program Files\McAfee\Common Framework\ipcchannel.dll
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\ipcchannel.dll - ok
11:35:40.0982 3848  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
11:35:40.0982 3848  C:\WINDOWS\system32\colbact.dll - ok
11:35:40.0982 3848  [ 73BF0720AC57C11E93F09CFAA4E40EA1 ] C:\Program Files\McAfee\Common Framework\Nainet.dll
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\Nainet.dll - ok
11:35:40.0982 3848  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
11:35:40.0982 3848  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
11:35:40.0982 3848  [ 09442ECFCED9C83722509C3269CADECD ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
11:35:40.0982 3848  C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe - ok
11:35:40.0982 3848  [ ED482D76BC8AEE2E599145A4C4780A35 ] C:\Program Files\McAfee\Common Framework\mfecurl.dll
11:35:40.0982 3848  C:\Program Files\McAfee\Common Framework\mfecurl.dll - ok
11:35:40.0982 3848  [ 66760DA1D497AAB02FDF89508D3F42F3 ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll
11:35:40.0982 3848  C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll - ok
11:35:40.0982 3848  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
11:35:40.0982 3848  C:\WINDOWS\system32\vssapi.dll - ok
11:35:40.0982 3848  [ DA3D10A44E822D083023C9B96FFCEBC8 ] C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll
11:35:40.0982 3848  C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll - ok
11:35:40.0998 3848  [ EB0372754FD985F3EF5AA03BCAFB835B ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
11:35:40.0998 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
11:35:40.0998 3848  [ 45F16A21E82C5E0D416186A40BB43B97 ] C:\Program Files\McAfee\Common Framework\mfezlib.dll
11:35:40.0998 3848  C:\Program Files\McAfee\Common Framework\mfezlib.dll - ok
11:35:40.0998 3848  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
11:35:40.0998 3848  C:\WINDOWS\system32\wuauserv.dll - ok
11:35:40.0998 3848  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
11:35:40.0998 3848  C:\WINDOWS\system32\wuaueng.dll - ok
11:35:40.0998 3848  [ 83821507D26DEAEC5C50C11AED2FF1E4 ] C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll
11:35:40.0998 3848  C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll - ok
11:35:40.0998 3848  [ 4571BAE1E6AC123DF34670E9C8F95923 ] C:\Program Files\McAfee\Common Framework\Scheduler.dll
11:35:40.0998 3848  C:\Program Files\McAfee\Common Framework\Scheduler.dll - ok
11:35:40.0998 3848  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
11:35:40.0998 3848  C:\WINDOWS\system32\netcfgx.dll - ok
11:35:40.0998 3848  [ 576F4443BFE77C2FAD795A5461300577 ] C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll
11:35:40.0998 3848  C:\Program Files\McAfee\VirusScan Enterprise\vsplugin.dll - ok
11:35:40.0998 3848  [ B746CFC2A1DA338BEB98C7A3246A2941 ] C:\Program Files\McAfee\Common Framework\AgentPlugin.dll
11:35:40.0998 3848  C:\Program Files\McAfee\Common Framework\AgentPlugin.dll - ok
11:35:40.0998 3848  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
11:35:40.0998 3848  C:\WINDOWS\system32\cabinet.dll - ok
11:35:40.0998 3848  [ A454A9BAA25B8C8E76735DD86BD4B017 ] C:\WINDOWS\system32\CCM\CcmExec.exe
11:35:40.0998 3848  C:\WINDOWS\system32\CCM\CcmExec.exe - ok
11:35:40.0998 3848  [ 4B807127C4C627CF6F681688497054DC ] C:\WINDOWS\system32\ccmcore.dll
11:35:40.0998 3848  C:\WINDOWS\system32\ccmcore.dll - ok
11:35:40.0998 3848  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
11:35:40.0998 3848  C:\WINDOWS\system32\mspatcha.dll - ok
11:35:40.0998 3848  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
11:35:40.0998 3848  C:\WINDOWS\system32\browser.dll - ok
11:35:40.0998 3848  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
11:35:40.0998 3848  C:\WINDOWS\system32\ipnathlp.dll - ok
11:35:41.0013 3848  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
11:35:41.0013 3848  C:\WINDOWS\system32\wscsvc.dll - ok
11:35:41.0013 3848  [ 645259875C31090345E41E57934BD442 ] C:\WINDOWS\system32\xprslib.dll
11:35:41.0013 3848  C:\WINDOWS\system32\xprslib.dll - ok
11:35:41.0013 3848  [ E697CD9824B583865E673A599B426E0B ] C:\WINDOWS\system32\CCM\ccmperf.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\ccmperf.dll - ok
11:35:41.0013 3848  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
11:35:41.0013 3848  C:\WINDOWS\system32\wups.dll - ok
11:35:41.0013 3848  [ A9E3D5B26877F2C74A4F21FDA1647EAF ] C:\WINDOWS\system32\CCM\ccmgencert.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\ccmgencert.dll - ok
11:35:41.0013 3848  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
11:35:41.0013 3848  C:\WINDOWS\system32\wups2.dll - ok
11:35:41.0013 3848  [ CA8F0B71B0A8C36F96739AE947DF5E41 ] C:\WINDOWS\system32\CCM\smscore.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\smscore.dll - ok
11:35:41.0013 3848  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
11:35:41.0013 3848  C:\WINDOWS\system32\wuauclt.exe - ok
11:35:41.0013 3848  [ 0D17C10F46798828F0D627A34839B554 ] C:\WINDOWS\system32\CCM\ccmutillib.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\ccmutillib.dll - ok
11:35:41.0013 3848  [ 4E51CF7F1F1214A887BF0C3CD1859C91 ] C:\WINDOWS\system32\CCM\CcmTask.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\CcmTask.dll - ok
11:35:41.0013 3848  [ 28382DD4D21FFBF149989A7D97FF6FB3 ] C:\Program Files\McAfee\Common Framework\Agent.dll
11:35:41.0013 3848  C:\Program Files\McAfee\Common Framework\Agent.dll - ok
11:35:41.0013 3848  [ 122E10430A84328AD48C53429FADC937 ] C:\WINDOWS\system32\CCM\ccmid.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\ccmid.dll - ok
11:35:41.0013 3848  [ 4E6AC2B79788B0D0D7EE581CC39763F4 ] C:\WINDOWS\system32\CCM\LSUtilities.dll
11:35:41.0013 3848  C:\WINDOWS\system32\CCM\LSUtilities.dll - ok
11:35:41.0013 3848  [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
11:35:41.0013 3848  C:\WINDOWS\system32\drivers\tdtcp.sys - ok
11:35:41.0013 3848  [ EF0C4B7855A9ACC206556EFE55D5B4F6 ] C:\Program Files\McAfee\Common Framework\CMALib.dll
11:35:41.0013 3848  C:\Program Files\McAfee\Common Framework\CMALib.dll - ok
11:35:41.0029 3848  [ 336355A43307FE07D1EEC5795CBF5E75 ] C:\Program Files\McAfee\Common Framework\inetmgr.dll
11:35:41.0029 3848  C:\Program Files\McAfee\Common Framework\inetmgr.dll - ok
11:35:41.0029 3848  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
11:35:41.0029 3848  C:\WINDOWS\system32\drivers\rdpwd.sys - ok
11:35:41.0029 3848  [ E13B08415CD2ED9F74295170D1A0FC78 ] C:\WINDOWS\system32\CCM\fsputillib.dll
11:35:41.0029 3848  C:\WINDOWS\system32\CCM\fsputillib.dll - ok
11:35:41.0029 3848  [ 8BAF1E65434F51AB05FA6323206BD6EC ] C:\Program Files\Common Files\McAfee\SystemCore\mfesmfa.dll
11:35:41.0029 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfesmfa.dll - ok
11:35:41.0029 3848  [ 59DDFC9D4016D6DA7907AA082DC5ACFA ] C:\Program Files\McAfee\Common Framework\naSPIPE.dll
11:35:41.0029 3848  C:\Program Files\McAfee\Common Framework\naSPIPE.dll - ok
11:35:41.0029 3848  [ 367838063053A0BBD7624907A5BEB2A4 ] C:\WINDOWS\system32\drivers\mfesmfk.sys
11:35:41.0029 3848  C:\WINDOWS\system32\drivers\mfesmfk.sys - ok
11:35:41.0029 3848  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\framedyn.dll - ok
11:35:41.0029 3848  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
11:35:41.0029 3848  [ D19A36048BABF7F17BCBB7122AA27EFD ] C:\Program Files\McAfee\DLP\Agent\fcagswd.exe
11:35:41.0029 3848  C:\Program Files\McAfee\DLP\Agent\fcagswd.exe - ok
11:35:41.0029 3848  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
11:35:41.0029 3848  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
11:35:41.0029 3848  [ 783C3A76D7A207578CDB0B56BD8407EC ] C:\Program Files\McAfee\Common Framework\ListenServer.dll
11:35:41.0029 3848  C:\Program Files\McAfee\Common Framework\ListenServer.dll - ok
11:35:41.0029 3848  [ 3B0136554765D8974B9CCCA10626D179 ] C:\Program Files\McAfee\Common Framework\LazyCache.dll
11:35:41.0029 3848  C:\Program Files\McAfee\Common Framework\LazyCache.dll - ok
11:35:41.0029 3848  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\esscli.dll - ok
11:35:41.0029 3848  [ 60027BEA3E76D7DD8D96C02432BFDE82 ] C:\WINDOWS\system32\wbem\fastprox.dll
11:35:41.0029 3848  C:\WINDOWS\system32\wbem\fastprox.dll - ok
11:35:41.0044 3848  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
11:35:41.0044 3848  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
11:35:41.0044 3848  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
11:35:41.0044 3848  [ 58788A130394D7FAF032F95EA4A67725 ] C:\Program Files\McAfee\Host Intrusion Prevention\Helper.exe
11:35:41.0044 3848  C:\Program Files\McAfee\Host Intrusion Prevention\Helper.exe - ok
11:35:41.0044 3848  [ C2A4FDBD76953411000A01EB047DDC12 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
11:35:41.0044 3848  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\wbemess.dll - ok
11:35:41.0044 3848  [ 213DEF97C44B4778E6094BD53526A4F3 ] C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\AppRL.dll
11:35:41.0044 3848  C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\AppRL.dll - ok
11:35:41.0044 3848  [ 0B9FF2DD83A7C57BD1B4C90AED99DA4A ] C:\Program Files\McAfee\Host Intrusion Prevention\HipShield.dll
11:35:41.0044 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HipShield.dll - ok
11:35:41.0044 3848  [ 40B0C5A3E1E8FFF9E64DFE49BD4172B2 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
11:35:41.0044 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll - ok
11:35:41.0044 3848  [ 0FFAE66E6D5B1C87CBD22D1F3B6079FD ] C:\WINDOWS\system32\wbem\wmiprvse.exe
11:35:41.0044 3848  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
11:35:41.0044 3848  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
11:35:41.0044 3848  C:\WINDOWS\system32\alg.exe - ok
11:35:41.0044 3848  [ 263470B275412108DFEEA7A04E400B48 ] C:\Program Files\McAfee\Host Intrusion Prevention\HipRc.dll
11:35:41.0044 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HipRc.dll - ok
11:35:41.0044 3848  [ 329640E1FB9F6FE98F6DACFDCE9ABD6B ] C:\Program Files\McAfee\Host Intrusion Prevention\nailite.dll
11:35:41.0044 3848  C:\Program Files\McAfee\Host Intrusion Prevention\nailite.dll - ok
11:35:41.0044 3848  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
11:35:41.0044 3848  C:\WINDOWS\system32\msisip.dll - ok
11:35:41.0060 3848  [ BBEF24630F702413D54AE0D8F0039760 ] C:\WINDOWS\system32\wbem\policman.dll
11:35:41.0060 3848  C:\WINDOWS\system32\wbem\policman.dll - ok
11:35:41.0060 3848  [ A0340F72F77A6D34FA06FCE5F69BBB45 ] C:\WINDOWS\system32\drivers\HipShieldK.sys
11:35:41.0060 3848  C:\WINDOWS\system32\drivers\HipShieldK.sys - ok
11:35:41.0060 3848  [ E68A93A0134F48D534DC5C71C19D1C17 ] C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\NetShrRL.dll
11:35:41.0060 3848  C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\NetShrRL.dll - ok
11:35:41.0060 3848  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
11:35:41.0060 3848  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
11:35:41.0060 3848  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
11:35:41.0060 3848  C:\WINDOWS\system32\cryptnet.dll - ok
11:35:41.0060 3848  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
11:35:41.0060 3848  C:\WINDOWS\system32\security.dll - ok
11:35:41.0060 3848  [ A7F361875622AA5829AA39BA248F68E9 ] C:\WINDOWS\system32\adsldp.dll
11:35:41.0060 3848  C:\WINDOWS\system32\adsldp.dll - ok
11:35:41.0060 3848  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
11:35:41.0060 3848  C:\WINDOWS\system32\spoolss.dll - ok
11:35:41.0060 3848  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
11:35:41.0060 3848  C:\WINDOWS\system32\localspl.dll - ok
11:35:41.0060 3848  [ 0689622E6484934EB6E5F4D3A96311F9 ] C:\WINDOWS\system32\jscript.dll
11:35:41.0060 3848  C:\WINDOWS\system32\jscript.dll - ok
11:35:41.0060 3848  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
11:35:41.0060 3848  C:\WINDOWS\system32\cnbjmon.dll - ok
11:35:41.0060 3848  [ 95647F820CBC025676D7B407E2BCFBE6 ] C:\WINDOWS\system32\mdimon.dll
11:35:41.0060 3848  C:\WINDOWS\system32\mdimon.dll - ok
11:35:41.0060 3848  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
11:35:41.0060 3848  C:\WINDOWS\system32\pjlmon.dll - ok
11:35:41.0060 3848  [ 2C6786656869093C521337D6AC813BC6 ] C:\WINDOWS\system32\Primomonnt.dll
11:35:41.0060 3848  C:\WINDOWS\system32\Primomonnt.dll - ok
11:35:41.0060 3848  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
11:35:41.0060 3848  C:\WINDOWS\system32\tcpmon.dll - ok
11:35:41.0075 3848  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
11:35:41.0075 3848  C:\WINDOWS\system32\usbmon.dll - ok
11:35:41.0075 3848  [ 4424AE65F7AF8181AC99FE46BC2700C9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
11:35:41.0075 3848  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
11:35:41.0075 3848  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
11:35:41.0075 3848  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
11:35:41.0075 3848  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
11:35:41.0075 3848  C:\WINDOWS\system32\netrap.dll - ok
11:35:41.0075 3848  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
11:35:41.0075 3848  C:\WINDOWS\system32\win32spl.dll - ok
11:35:41.0075 3848  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
11:35:41.0075 3848  C:\WINDOWS\system32\inetpp.dll - ok
11:35:41.0075 3848  [ 5879D691E842574A20FE63817CB76DF9 ] C:\WINDOWS\system32\msiexec.exe
11:35:41.0075 3848  C:\WINDOWS\system32\msiexec.exe - ok
11:35:41.0075 3848  [ C99248B969A799B771F484CD68BCB96E ] C:\WINDOWS\system32\mscoree.dll
11:35:41.0075 3848  C:\WINDOWS\system32\mscoree.dll - ok
11:35:41.0075 3848  [ 27DEDF3049FC8D78013D6EAF7957EE06 ] C:\WINDOWS\system32\gpprefcl.dll
11:35:41.0075 3848  C:\WINDOWS\system32\gpprefcl.dll - ok
11:35:41.0075 3848  [ 4972322CBB2DD6FF8D48A24C3E2F7F85 ] C:\WINDOWS\system32\drivers\FireNfcp.sys
11:35:41.0075 3848  C:\WINDOWS\system32\drivers\FireNfcp.sys - ok
11:35:41.0075 3848  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
11:35:41.0075 3848  C:\WINDOWS\system32\xmllite.dll - ok
11:35:41.0075 3848  [ ECC85B5A217216962CC1BAE7EC852300 ] C:\Program Files\McAfee\Host Intrusion Prevention\HcApi.dll
11:35:41.0075 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HcApi.dll - ok
11:35:41.0075 3848  [ 9651AAD035F320A45332DF89AAAE0063 ] C:\Program Files\McAfee\Host Intrusion Prevention\HcThe.dll
11:35:41.0075 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HcThe.dll - ok
11:35:41.0075 3848  [ 384AA407CA07C0528F1CE3BC4922F920 ] C:\Program Files\McAfee\Host Intrusion Prevention\HcSvc.dll
11:35:41.0075 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HcSvc.dll - ok
11:35:41.0091 3848  [ D426A57A7A90076BB1FB4BBDBBE89E65 ] C:\Program Files\McAfee\Host Intrusion Prevention\HIPHandlers.dll
11:35:41.0091 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HIPHandlers.dll - ok
11:35:41.0091 3848  [ AE84ED6A560CBC4942D0A38C51FC8B8F ] C:\WINDOWS\system32\CCM\PolicyAgent.dll
11:35:41.0091 3848  C:\WINDOWS\system32\CCM\PolicyAgent.dll - ok
11:35:41.0091 3848  [ 471CFD948321711B5420817250D61CB6 ] C:\WINDOWS\system32\CCM\PolicyAgentProvider.dll
11:35:41.0091 3848  C:\WINDOWS\system32\CCM\PolicyAgentProvider.dll - ok
11:35:41.0091 3848  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
11:35:41.0091 3848  C:\WINDOWS\system32\wbem\ncprov.dll - ok
11:35:41.0091 3848  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
11:35:41.0091 3848  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
11:35:41.0091 3848  [ 358EE4CAB87728651FA40F76A32A13DD ] C:\WINDOWS\system32\wbem\wbemperf.dll
11:35:41.0091 3848  C:\WINDOWS\system32\wbem\wbemperf.dll - ok
11:35:41.0091 3848  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
11:35:41.0091 3848  C:\WINDOWS\system32\userinit.exe - ok
11:35:41.0091 3848  [ 1CAD39337202BA05BA929A44CA585A6A ] C:\WINDOWS\system32\pautoenr.dll
11:35:41.0091 3848  C:\WINDOWS\system32\pautoenr.dll - ok
11:35:41.0091 3848  [ 775F94554AF6756A8C1330E31210E29D ] C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll
11:35:41.0091 3848  C:\Program Files\McAfee\VirusScan Enterprise\midutil.dll - ok
11:35:41.0091 3848  [ C4CC2931531ABFB63B0C4C17D3A3B411 ] C:\Program Files\Common Files\McAfee\SystemCore\scriptsn.dll
11:35:41.0091 3848  C:\Program Files\Common Files\McAfee\SystemCore\scriptsn.dll - ok
11:35:41.0091 3848  [ 71BF2ADA0146B54A88A3CAA06400BE2E ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
11:35:41.0091 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
11:35:41.0091 3848  [ 80D337A6104F6F69C89F42602C50E5D8 ] C:\WINDOWS\system32\drivers\mfeapfk.sys
11:35:41.0091 3848  C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
11:35:41.0091 3848  [ 874434C8921429B33E11175993B2698E ] C:\Program Files\Java\jre7\bin\awt.dll
11:35:41.0091 3848  C:\Program Files\Java\jre7\bin\awt.dll - ok
11:35:41.0091 3848  [ 58EC4F84047AE8D129ABFE383B84F25C ] C:\Program Files\Java\jre7\bin\client\jvm.dll
11:35:41.0091 3848  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
11:35:41.0091 3848  [ C9F703E358EB2B7AFC96F017A36BE62E ] C:\Program Files\Java\jre7\bin\dcpr.dll
11:35:41.0091 3848  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
11:35:41.0106 3848  [ 399E816446512299618D96A04F709C16 ] C:\Program Files\Java\jre7\bin\deploy.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\deploy.dll - ok
11:35:41.0106 3848  [ F1E31448218DCD70831D6F0B89563D20 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
11:35:41.0106 3848  [ 57207A20DB40B54B132FD08DC58C9D8D ] C:\Program Files\Java\jre7\bin\java.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\java.dll - ok
11:35:41.0106 3848  [ 7F5FE240DBF4B9132AC492E94DC65CCF ] C:\Program Files\Java\jre7\bin\javaw.exe
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\javaw.exe - ok
11:35:41.0106 3848  [ BC34BF174280A03FD940D66843D66A69 ] C:\Program Files\Java\jre7\bin\jp2native.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
11:35:41.0106 3848  [ 0F5C8C0466D1B83D052569EBFC55FF95 ] C:\Program Files\Java\jre7\bin\jpeg.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
11:35:41.0106 3848  [ 448A586D99E07E958C044BCB090E0B1F ] C:\Program Files\Java\jre7\bin\net.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\net.dll - ok
11:35:41.0106 3848  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
11:35:41.0106 3848  C:\WINDOWS\system32\mpnotify.exe - ok
11:35:41.0106 3848  [ C281377BD859673808DDB713B5715021 ] C:\Program Files\Java\jre7\bin\nio.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\nio.dll - ok
11:35:41.0106 3848  [ FB5667CE6F41129FEF4A185E2C02CB1B ] C:\Program Files\Java\jre7\bin\verify.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\verify.dll - ok
11:35:41.0106 3848  [ 9928802F9B7A3151695A68B3B97DD30A ] C:\Program Files\Java\jre7\bin\zip.dll
11:35:41.0106 3848  C:\Program Files\Java\jre7\bin\zip.dll - ok
11:35:41.0106 3848  [ EA8D445719782E2FEB033B9C0C5CC42F ] D:\Lotus\notes\npnotes.dll
11:35:41.0106 3848  D:\Lotus\notes\npnotes.dll - ok
11:35:41.0106 3848  [ EB70FF14FD699879B66803171D55C9E6 ] C:\WINDOWS\system32\fcagwl.dll
11:35:41.0106 3848  C:\WINDOWS\system32\fcagwl.dll - ok
11:35:41.0106 3848  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
11:35:41.0106 3848  C:\WINDOWS\system32\cscui.dll - ok
11:35:41.0106 3848  [ 3954E070B94CBD04D5E775D5611F8066 ] C:\WINDOWS\system32\CCM\Sched.dll
11:35:41.0106 3848  C:\WINDOWS\system32\CCM\Sched.dll - ok
11:35:41.0122 3848  [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll
11:35:41.0122 3848  C:\WINDOWS\system32\dpcdll.dll - ok
11:35:41.0122 3848  [ 96C450ECE93C0C84BFA83555EBEA157F ] C:\WINDOWS\system32\CCM\SrcUpdateMgr.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\SrcUpdateMgr.dll - ok
11:35:41.0122 3848  [ FA962A229F7E129F853CFE0712790A64 ] C:\WINDOWS\system32\CCM\ContentAccess.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\ContentAccess.dll - ok
11:35:41.0122 3848  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
11:35:41.0122 3848  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
11:35:41.0122 3848  [ 5C5962E66AE60D387533D32223925BC1 ] C:\WINDOWS\system32\CCM\SrvWinMgr.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\SrvWinMgr.dll - ok
11:35:41.0122 3848  [ 9AA842F64141BA16947706B5C7CBC925 ] C:\WINDOWS\system32\CCM\VAppLaunchMgr.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\VAppLaunchMgr.dll - ok
11:35:41.0122 3848  [ FF4047C964F5E2019513AEEE54782D70 ] C:\WINDOWS\system32\CCM\smssha.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\smssha.dll - ok
11:35:41.0122 3848  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
11:35:41.0122 3848  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
11:35:41.0122 3848  [ 8080F8DFF9E332825E7E605843A2F390 ] C:\WINDOWS\system32\CCM\rebootcoord.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\rebootcoord.dll - ok
11:35:41.0122 3848  [ 734113B929E18C20F7978B103B2CF479 ] C:\WINDOWS\system32\CCM\RTConfiguration.dll
11:35:41.0122 3848  C:\WINDOWS\system32\CCM\RTConfiguration.dll - ok
11:35:41.0122 3848  [ 03C76895F47A1339A697269000675266 ] C:\WINDOWS\system32\newdev.dll
11:35:41.0122 3848  C:\WINDOWS\system32\newdev.dll - ok
11:35:41.0122 3848  [ 2FA675E9D77E8EAD2D31C6EDDECF6E9B ] C:\Program Files\McAfee\DLP\Agent\fcag.exe
11:35:41.0122 3848  C:\Program Files\McAfee\DLP\Agent\fcag.exe - ok
11:35:41.0122 3848  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
11:35:41.0122 3848  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
11:35:41.0122 3848  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
11:35:41.0122 3848  C:\WINDOWS\explorer.exe - ok
11:35:41.0122 3848  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
11:35:41.0122 3848  C:\WINDOWS\system32\mstask.dll - ok
11:35:41.0137 3848  [ F931798C3A94478BEE548EC47EA0955A ] C:\WINDOWS\system32\CCM\UpdatesDeployment.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\UpdatesDeployment.dll - ok
11:35:41.0137 3848  [ 91CD4D7AAE98150CE63DCC38EE6D0C60 ] C:\WINDOWS\system32\CCM\CcmDTS.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\CcmDTS.dll - ok
11:35:41.0137 3848  [ 3603471788B0BCA891845A91C14B50EB ] C:\WINDOWS\system32\CCM\CcmCTMNotification.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\CcmCTMNotification.dll - ok
11:35:41.0137 3848  [ 3297CFB9B248F10BBBAF097C148DE115 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\saHookMain.exe
11:35:41.0137 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\saHookMain.exe - ok
11:35:41.0137 3848  [ D91E8242CD044D69E46E1E2C48F89C3E ] C:\Program Files\McAfee\DLP\Agent\fcagt.dll
11:35:41.0137 3848  C:\Program Files\McAfee\DLP\Agent\fcagt.dll - ok
11:35:41.0137 3848  [ 9D45C3F88A892BCFBFB63C8B764DDEC4 ] C:\Program Files\McAfee\DLP\Agent\fcregex.dll
11:35:41.0137 3848  C:\Program Files\McAfee\DLP\Agent\fcregex.dll - ok
11:35:41.0137 3848  [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
11:35:41.0137 3848  C:\WINDOWS\system32\mapi32.dll - ok
11:35:41.0137 3848  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
11:35:41.0137 3848  C:\WINDOWS\system32\browseui.dll - ok
11:35:41.0137 3848  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
11:35:41.0137 3848  C:\WINDOWS\system32\shdocvw.dll - ok
11:35:41.0137 3848  [ 006BE2E8619918FF6DE31ED0A76952E1 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\saHook.dll
11:35:41.0137 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\saHook.dll - ok
11:35:41.0137 3848  [ 1A8C189F1BE65D44C7F816D9C521E08D ] C:\WINDOWS\system32\CCM\CPApplet.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\CPApplet.dll - ok
11:35:41.0137 3848  [ 4FE8AC107037D48405DF1B6ECA7B88FB ] C:\WINDOWS\system32\CCM\CcmCTM.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\CcmCTM.dll - ok
11:35:41.0137 3848  [ 44CF581237948F2742987C87E7C28E5B ] C:\WINDOWS\system32\CCM\librdc.dll
11:35:41.0137 3848  C:\WINDOWS\system32\CCM\librdc.dll - ok
11:35:41.0137 3848  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
11:35:41.0137 3848  C:\WINDOWS\system32\desk.cpl - ok
11:35:41.0137 3848  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
11:35:41.0137 3848  C:\WINDOWS\system32\themeui.dll - ok
11:35:41.0153 3848  [ 98D2D549F4B4A97AB628109AB6F0F19C ] C:\WINDOWS\system32\CCM\UpdatesStore.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\UpdatesStore.dll - ok
11:35:41.0153 3848  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
11:35:41.0153 3848  C:\WINDOWS\system32\msimg32.dll - ok
11:35:41.0153 3848  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
11:35:41.0153 3848  C:\WINDOWS\system32\actxprxy.dll - ok
11:35:41.0153 3848  [ D4E1CA768B9741B3C6143112C3EDF72F ] C:\WINDOWS\system32\CCM\ScanAgent.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\ScanAgent.dll - ok
11:35:41.0153 3848  [ DAD9E1739A0A3E86F6AD40E4A662ADFF ] C:\WINDOWS\system32\CCM\execmgr.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\execmgr.dll - ok
11:35:41.0153 3848  [ 63D151A73679BB5BD7CF98BDA1AE5F5B ] C:\WINDOWS\system32\wbem\stdprov.dll
11:35:41.0153 3848  C:\WINDOWS\system32\wbem\stdprov.dll - ok
11:35:41.0153 3848  [ EFEFBEED50EFB289FA877C9AF275A813 ] C:\WINDOWS\system32\CCM\StatusAgent.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\StatusAgent.dll - ok
11:35:41.0153 3848  [ F03A08E8826AFA7DD3C0383359D677AC ] C:\WINDOWS\system32\wbem\wmidcprv.dll
11:35:41.0153 3848  C:\WINDOWS\system32\wbem\wmidcprv.dll - ok
11:35:41.0153 3848  [ 5F865E727F969A91F69FB40AC1949742 ] C:\WINDOWS\system32\CCM\RTEndPoint.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\RTEndPoint.dll - ok
11:35:41.0153 3848  [ 62821D9C90F2B3C7B4D1204CCD3AA881 ] C:\WINDOWS\system32\CCM\RCConfigRes.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\RCConfigRes.dll - ok
11:35:41.0153 3848  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
11:35:41.0153 3848  C:\WINDOWS\system32\msxml3.dll - ok
11:35:41.0153 3848  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
11:35:41.0153 3848  C:\WINDOWS\system32\cmd.exe - ok
11:35:41.0153 3848  [ 2E0338E9FAA15A82FC4444AEF405311E ] C:\WINDOWS\system32\CCM\ccmident.dll
11:35:41.0153 3848  C:\WINDOWS\system32\CCM\ccmident.dll - ok
11:35:41.0153 3848  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
11:35:41.0153 3848  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
11:35:41.0153 3848  [ 4B92B9624ADFEF0C5CE48696BF80DDC9 ] C:\Program Files\McAfee\Common Framework\UdaterUI.exe
11:35:41.0153 3848  C:\Program Files\McAfee\Common Framework\UdaterUI.exe - ok
11:35:41.0169 3848  [ F9973848F8D3AF80DEDE69073B784E51 ] C:\Program Files\McAfee\DLP\Agent\en\fcag.resources.dll
11:35:41.0169 3848  C:\Program Files\McAfee\DLP\Agent\en\fcag.resources.dll - ok
11:35:41.0169 3848  [ EC79BE98DA3FA1C6E373547F6F8B28E9 ] C:\WINDOWS\system32\CCM\CCMAuthMessageHook.dll
11:35:41.0169 3848  C:\WINDOWS\system32\CCM\CCMAuthMessageHook.dll - ok
11:35:41.0169 3848  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
11:35:41.0169 3848  C:\WINDOWS\system32\cfgmgr32.dll - ok
11:35:41.0169 3848  [ 729DA5D23A9AD20A6AA353156A126420 ] C:\WINDOWS\system32\ieframe.dll
11:35:41.0169 3848  C:\WINDOWS\system32\ieframe.dll - ok
11:35:41.0169 3848  [ 21F3490AA2B7429820712A91DB2964E5 ] C:\WINDOWS\system32\CCM\smsclient.dll
11:35:41.0169 3848  C:\WINDOWS\system32\CCM\smsclient.dll - ok
11:35:41.0169 3848  [ D4C5FCB080357C2D181D144BDF6F10F1 ] C:\WINDOWS\system32\CCM\StatusAgentProxy.dll
11:35:41.0169 3848  C:\WINDOWS\system32\CCM\StatusAgentProxy.dll - ok
11:35:41.0169 3848  [ 43BCA5AAE641F52AC3E809DF3CC40CE7 ] C:\WINDOWS\system32\CCM\LSInterface.dll
11:35:41.0169 3848  C:\WINDOWS\system32\CCM\LSInterface.dll - ok
11:35:41.0169 3848  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
11:35:41.0169 3848  C:\WINDOWS\system32\tapisrv.dll - ok
11:35:41.0169 3848  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
11:35:41.0169 3848  C:\WINDOWS\system32\rasmans.dll - ok
11:35:41.0169 3848  [ D16556CAEB29E69B38B946766C170A71 ] C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll
11:35:41.0169 3848  C:\Program Files\McAfee\Common Framework\0409\UpdRes.Dll - ok
11:35:41.0169 3848  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
11:35:41.0169 3848  C:\WINDOWS\system32\rastapi.dll - ok
11:35:41.0169 3848  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
11:35:41.0169 3848  C:\WINDOWS\system32\unimdm.tsp - ok
11:35:41.0169 3848  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
11:35:41.0169 3848  C:\WINDOWS\system32\msxml6.dll - ok
11:35:41.0169 3848  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
11:35:41.0169 3848  C:\WINDOWS\system32\uniplat.dll - ok
11:35:41.0169 3848  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
11:35:41.0169 3848  C:\WINDOWS\system32\kmddsp.tsp - ok
11:35:41.0184 3848  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
11:35:41.0184 3848  C:\WINDOWS\system32\ndptsp.tsp - ok
11:35:41.0184 3848  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
11:35:41.0184 3848  C:\WINDOWS\system32\ipconf.tsp - ok
11:35:41.0184 3848  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
11:35:41.0184 3848  C:\WINDOWS\system32\h323.tsp - ok
11:35:41.0184 3848  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
11:35:41.0184 3848  C:\WINDOWS\system32\hidphone.tsp - ok
11:35:41.0184 3848  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
11:35:41.0184 3848  C:\WINDOWS\system32\hid.dll - ok
11:35:41.0184 3848  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
11:35:41.0184 3848  C:\WINDOWS\system32\rasppp.dll - ok
11:35:41.0184 3848  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
11:35:41.0184 3848  C:\WINDOWS\system32\ntlsapi.dll - ok
11:35:41.0184 3848  [ DE5CBFF96E4A9E49281A61B67C3A8D99 ] C:\WINDOWS\system32\CCM\MtrMgr.dll
11:35:41.0184 3848  C:\WINDOWS\system32\CCM\MtrMgr.dll - ok
11:35:41.0184 3848  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
11:35:41.0184 3848  C:\WINDOWS\system32\rasqec.dll - ok
11:35:41.0184 3848  [ 08004F5322ACD10BBF77A724BE575B52 ] C:\WINDOWS\system32\CCM\Prep.dll
11:35:41.0184 3848  C:\WINDOWS\system32\CCM\Prep.dll - ok
11:35:41.0184 3848  [ 2A4514A9233D35A355F569FF8B8F6240 ] C:\WINDOWS\system32\CCM\PrepDrv.sys
11:35:41.0184 3848  C:\WINDOWS\system32\CCM\PrepDrv.sys - ok
11:35:41.0184 3848  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
11:35:41.0184 3848  C:\WINDOWS\system32\rundll32.exe - ok
11:35:41.0184 3848  [ 2AAAEFCDDBFECDB4CA9A027DBF15FEF0 ] C:\Program Files\McAfee\DLP\Agent\x86\notesins.dll
11:35:41.0184 3848  C:\Program Files\McAfee\DLP\Agent\x86\notesins.dll - ok
11:35:41.0184 3848  [ 1F92977F78FA3348DC19DDBF5A4F3E00 ] C:\Program Files\McAfee\DLP\Agent\mfehidin.exe
11:35:41.0184 3848  C:\Program Files\McAfee\DLP\Agent\mfehidin.exe - ok
11:35:41.0184 3848  [ 768782B9BB5ABB8C930FF455190ED589 ] C:\WINDOWS\system32\CCM\WUAHandler.dll
11:35:41.0184 3848  C:\WINDOWS\system32\CCM\WUAHandler.dll - ok
11:35:41.0200 3848  [ 9C32486B66D3B2C1DFB0D353708A8E2B ] C:\WINDOWS\system32\CCM\UpdatesHandler.dll
11:35:41.0200 3848  C:\WINDOWS\system32\CCM\UpdatesHandler.dll - ok
11:35:41.0200 3848  [ 1A226FA611154D18638B696DDEF01E00 ] C:\WINDOWS\system32\CCM\pdpagent.dll
11:35:41.0200 3848  C:\WINDOWS\system32\CCM\pdpagent.dll - ok
11:35:41.0200 3848  [ 677D27D2669BAB18F6809B505C80A865 ] C:\WINDOWS\system32\CCM\PolicyAgentEndpoint.dll
11:35:41.0200 3848  C:\WINDOWS\system32\CCM\PolicyAgentEndpoint.dll - ok
11:35:41.0200 3848  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMIN~1.WXB\LOCALS~1\temp\5CAE205D-B754-4F70-BBE4-6F1038510563.exe
11:35:41.0200 3848  C:\DOCUME~1\ADMIN~1.WXB\LOCALS~1\temp\5CAE205D-B754-4F70-BBE4-6F1038510563.exe - ok
11:35:41.0200 3848  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
11:35:41.0200 3848  C:\WINDOWS\system32\MSCTF.dll - ok
11:35:41.0200 3848  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
11:35:41.0200 3848  C:\WINDOWS\system32\msutb.dll - ok
11:35:41.0200 3848  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
11:35:41.0200 3848  C:\WINDOWS\system32\linkinfo.dll - ok
11:35:41.0200 3848  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
11:35:41.0200 3848  C:\WINDOWS\system32\ntshrui.dll - ok
11:35:41.0200 3848  [ 05B2715B10DDAE91E5FABAC0491D3F54 ] C:\WINDOWS\system32\AESTFltr.exe
11:35:41.0200 3848  C:\WINDOWS\system32\AESTFltr.exe - ok
11:35:41.0200 3848  [ 5D2C64963A28AE42671914B599F5C625 ] C:\WINDOWS\system32\CCM\SdmAgent.dll
11:35:41.0200 3848  C:\WINDOWS\system32\CCM\SdmAgent.dll - ok
11:35:41.0200 3848  [ 2858B3385DC8891F6A5C33E0A94371C6 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
11:35:41.0200 3848  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
11:35:41.0200 3848  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\69161919.sys
11:35:41.0200 3848  C:\WINDOWS\system32\drivers\69161919.sys - ok
11:35:41.0200 3848  [ FBC2C3470D2A01991D2876E8C46B1F78 ] C:\WINDOWS\system32\hkcmd.exe
11:35:41.0200 3848  C:\WINDOWS\system32\hkcmd.exe - ok
11:35:41.0200 3848  [ F43B3000B0D2A2740B72A1677348E678 ] C:\WINDOWS\system32\SynTPAPI.dll
11:35:41.0200 3848  C:\WINDOWS\system32\SynTPAPI.dll - ok
11:35:41.0215 3848  [ 28BD77CBABBD713DDF65F71ADAC985EB ] C:\WINDOWS\system32\igfxpers.exe
11:35:41.0215 3848  C:\WINDOWS\system32\igfxpers.exe - ok
11:35:41.0215 3848  [ 440E7337FD60A6463B9FDC6C5C822302 ] C:\WINDOWS\system32\SynCOM.dll
11:35:41.0215 3848  C:\WINDOWS\system32\SynCOM.dll - ok
11:35:41.0215 3848  [ 5607FAFC01FADA6662B9359C19F9A312 ] C:\WINDOWS\system32\hccutils.dll
11:35:41.0215 3848  C:\WINDOWS\system32\hccutils.dll - ok
11:35:41.0215 3848  [ 3E4C03CEFAD8DE135263236B61A49C90 ] C:\WINDOWS\system32\NeroCheck.exe
11:35:41.0215 3848  C:\WINDOWS\system32\NeroCheck.exe - ok
11:35:41.0215 3848  [ 826DDBBCA98F2E6CD1DFE33CEF33994C ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
11:35:41.0215 3848  C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
11:35:41.0215 3848  [ 7FE21ECE38A11122949A98EB54606A5C ] C:\WINDOWS\system32\igfxsrvc.exe
11:35:41.0215 3848  C:\WINDOWS\system32\igfxsrvc.exe - ok
11:35:41.0215 3848  [ 921F40D26F9DB203B03271BF07343D38 ] C:\WINDOWS\system32\igfxsrvc.dll
11:35:41.0215 3848  C:\WINDOWS\system32\igfxsrvc.dll - ok
11:35:41.0215 3848  [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:35:41.0215 3848  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
11:35:41.0215 3848  [ A4BC511EE4BB33722962599498615561 ] C:\WINDOWS\system32\igfxdev.dll
11:35:41.0215 3848  C:\WINDOWS\system32\igfxdev.dll - ok
11:35:41.0215 3848  [ 1D28D701460C5633146EAFFB50FBBB2C ] C:\WINDOWS\system32\igfxrenu.lrc
11:35:41.0215 3848  C:\WINDOWS\system32\igfxrenu.lrc - ok
11:35:41.0215 3848  [ A40432BB46793F3A2AD42E6D23A8290F ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
11:35:41.0215 3848  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
11:35:41.0215 3848  [ 99CBCF9CA57ECAEF6F8E078E5287EF14 ] C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
11:35:41.0215 3848  C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe - ok
11:35:41.0215 3848  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
11:35:41.0215 3848  C:\WINDOWS\system32\webcheck.dll - ok
11:35:41.0215 3848  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
11:35:41.0215 3848  C:\WINDOWS\system32\mlang.dll - ok
11:35:41.0215 3848  [ C64C0A77E86F294D1E9FBDBCB316F53C ] C:\WINDOWS\system32\igfxtray.exe
11:35:41.0215 3848  C:\WINDOWS\system32\igfxtray.exe - ok
11:35:41.0231 3848  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
11:35:41.0231 3848  C:\WINDOWS\system32\stobject.dll - ok
11:35:41.0231 3848  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
11:35:41.0231 3848  C:\WINDOWS\system32\batmeter.dll - ok
11:35:41.0231 3848  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
11:35:41.0231 3848  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
11:35:41.0231 3848  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
11:35:41.0231 3848  C:\WINDOWS\system32\imapi.exe - ok
11:35:41.0231 3848  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
11:35:41.0231 3848  C:\WINDOWS\system32\upnp.dll - ok
11:35:41.0231 3848  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
11:35:41.0231 3848  C:\WINDOWS\system32\ssdpapi.dll - ok
11:35:41.0231 3848  [ C96D49795967999AD07E16BE27D8AC74 ] C:\Program Files\ICQ7.6\ICQ.exe
11:35:41.0231 3848  C:\Program Files\ICQ7.6\ICQ.exe - ok
11:35:41.0231 3848  [ B44399AC48812F9404743FADDDF328D2 ] C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll
11:35:41.0231 3848  C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll - ok
11:35:41.0231 3848  [ D83FA0BEF291E748128A52BE038AC43E ] C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll
11:35:41.0231 3848  C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll - ok
11:35:41.0231 3848  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
11:35:41.0231 3848  C:\WINDOWS\system32\ctfmon.exe - ok
11:35:41.0231 3848  [ A7EB02C23497C6F29DE7047B650D96CA ] C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll
11:35:41.0231 3848  C:\Program Files\McAfee\VirusScan Enterprise\graphics.dll - ok
11:35:41.0231 3848  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] C:\WINDOWS\system32\drivers\http.sys
11:35:41.0231 3848  C:\WINDOWS\system32\drivers\http.sys - ok
11:35:41.0231 3848  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
11:35:41.0231 3848  C:\WINDOWS\system32\rasdlg.dll - ok
11:35:41.0231 3848  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
11:35:41.0231 3848  C:\WINDOWS\system32\ssdpsrv.dll - ok
11:35:41.0231 3848  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
11:35:41.0231 3848  C:\WINDOWS\ime\SPTIP.dll - ok
11:35:41.0246 3848  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
11:35:41.0246 3848  C:\WINDOWS\system32\oleacc.dll - ok
11:35:41.0246 3848  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA ] C:\WINDOWS\system32\mslbui.dll
11:35:41.0246 3848  C:\WINDOWS\system32\mslbui.dll - ok
11:35:41.0246 3848  [ 5A9E05991504BD55BF4AD31897D937F5 ] C:\WINDOWS\system32\CCM\ccm_caltrack.dll
11:35:41.0246 3848  C:\WINDOWS\system32\CCM\ccm_caltrack.dll - ok
11:35:41.0246 3848  [ B6C9F13BBF0EEE558F217869E0053165 ] C:\WINDOWS\system32\CCM\CIAgent.dll
11:35:41.0246 3848  C:\WINDOWS\system32\CCM\CIAgent.dll - ok
11:35:41.0246 3848  [ FDE1E481DC57056C6FEFBD2DF2B642D7 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapconfig.dll
11:35:41.0246 3848  C:\Program Files\Common Files\McAfee\SystemCore\mfeapconfig.dll - ok
11:35:41.0246 3848  [ F96A3663E2B129D3B0C812663B255CC1 ] C:\Program Files\McAfee\Host Intrusion Prevention\HipMgtPlugin.dll
11:35:41.0246 3848  C:\Program Files\McAfee\Host Intrusion Prevention\HipMgtPlugin.dll - ok
11:35:41.0246 3848  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
11:35:41.0246 3848  C:\WINDOWS\system32\mmcshext.dll - ok
11:35:41.0246 3848  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
11:35:41.0246 3848  C:\WINDOWS\system32\hhsetup.dll - ok
11:35:41.0246 3848  [ B0FFE7EDB2D7C7CA21FB6908E64BC0DB ] C:\Program Files\McAfee\DLP\Agent\x86\fcepo.dll
11:35:41.0246 3848  C:\Program Files\McAfee\DLP\Agent\x86\fcepo.dll - ok
11:35:41.0246 3848  [ 40425118B4ADCE4134322DBA99071DB9 ] C:\WINDOWS\system32\wshext.dll
11:35:41.0246 3848  C:\WINDOWS\system32\wshext.dll - ok
11:35:41.0246 3848  [ B60DDDD2D63CE41CB8C487FCFBB6419E ] C:\Program Files\Internet Explorer\iexplore.exe
11:35:41.0246 3848  C:\Program Files\Internet Explorer\iexplore.exe - ok
11:35:41.0246 3848  [ FB8E05CEDB3EF65C80FEBD2698C80998 ] C:\WINDOWS\system32\qagent.dll
11:35:41.0246 3848  C:\WINDOWS\system32\qagent.dll - ok
11:35:41.0246 3848  [ C4A363C8EA5BBB615FC60DCA786BC337 ] C:\WINDOWS\system32\CCM\dcmagent.dll
11:35:41.0246 3848  C:\WINDOWS\system32\CCM\dcmagent.dll - ok
11:35:41.0246 3848  [ FD0D9A8978F5CDEFF179F5B8E685F8E0 ] C:\Program Files\ICQ7.6\MUtils.dll
11:35:41.0246 3848  C:\Program Files\ICQ7.6\MUtils.dll - ok
11:35:41.0246 3848  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
11:35:41.0246 3848  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
11:35:41.0262 3848  [ 87734BE80E5213BC5E6C3AFEC4CD9171 ] C:\Program Files\ICQ7.6\xprt6.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\xprt6.dll - ok
11:35:41.0262 3848  [ 02AE27A2BFB48E25B800291140513D00 ] C:\Program Files\ICQ7.6\MDb.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MDb.dll - ok
11:35:41.0262 3848  [ ADE75CB0D0E810DC0BCEF9BE9470DAC4 ] C:\Program Files\ICQ7.6\MKernel.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MKernel.dll - ok
11:35:41.0262 3848  [ A00CFCD39C60659B294762A95578034C ] C:\Program Files\ICQ7.6\MCoreLib.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MCoreLib.dll - ok
11:35:41.0262 3848  [ 93778981271482691710836D2611CDC4 ] C:\Program Files\ICQ7.6\MUIUtils.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MUIUtils.dll - ok
11:35:41.0262 3848  [ 0F00D4C5C6817E5EE848C1E63B590E71 ] C:\Program Files\ICQ7.6\MUICoreLib.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MUICoreLib.dll - ok
11:35:41.0262 3848  [ 14B76103047C8362BDC481D4112E9DFD ] C:\Program Files\ICQ7.6\MBContainer.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MBContainer.dll - ok
11:35:41.0262 3848  [ 3283C2E75E9EE1E4E54A348BB0C91E77 ] C:\Program Files\ICQ7.6\MCore.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MCore.dll - ok
11:35:41.0262 3848  [ E31E0C0DBF6319CF841AA90984C54888 ] C:\Program Files\ICQ7.6\acccore.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\acccore.dll - ok
11:35:41.0262 3848  [ AAF555DC9C5A6C62246D5340811A343B ] C:\Program Files\ICQ7.6\coolcore59.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\coolcore59.dll - ok
11:35:41.0262 3848  [ DD39974A0A504BFA82742A25264CC368 ] C:\Program Files\ICQ7.6\MISB.dll
11:35:41.0262 3848  C:\Program Files\ICQ7.6\MISB.dll - ok
11:35:41.0277 3848  [ 0CB40AE85E9D9430F383E6A8CD121A48 ] C:\Program Files\ICQ7.6\MUICore.dll
11:35:41.0277 3848  C:\Program Files\ICQ7.6\MUICore.dll - ok
11:35:41.0277 3848  [ C36571366EC15E7309D383D10A68EB5F ] C:\WINDOWS\system32\CCM\PwrAgentEndpoint.dll
11:35:41.0277 3848  C:\WINDOWS\system32\CCM\PwrAgentEndpoint.dll - ok
11:35:41.0277 3848  [ B98AC3E7F894EFE47E4E3D8661FA9F3D ] C:\WINDOWS\system32\CCM\PwrEventTask.dll
11:35:41.0277 3848  C:\WINDOWS\system32\CCM\PwrEventTask.dll - ok
11:35:41.0277 3848  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
11:35:41.0277 3848  C:\WINDOWS\system32\msftedit.dll - ok
11:35:41.0277 3848  [ 4ADAF74E71DAAC39341F47AD35F6DAF8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll
11:35:41.0277 3848  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll - ok
11:35:41.0277 3848  [ F83803BEF79046CB7220BAEB2990B6C6 ] C:\WINDOWS\system32\CCM\StateMessage.dll
11:35:41.0277 3848  C:\WINDOWS\system32\CCM\StateMessage.dll - ok
11:35:41.0277 3848  [ F1E15CD86AC3D1B8596F90C00965FA09 ] C:\WINDOWS\system32\CCM\CcmProxy.dll
11:35:41.0277 3848  C:\WINDOWS\system32\CCM\CcmProxy.dll - ok
11:35:41.0277 3848  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Internet Explorer\sqmapi.dll
11:35:41.0277 3848  C:\Program Files\Internet Explorer\sqmapi.dll - ok
11:35:41.0277 3848  [ 9EDDB0723958ABD8EB0FC0D9604EEE69 ] C:\Program Files\McAfee\Common Framework\McTray.exe
11:35:41.0277 3848  C:\Program Files\McAfee\Common Framework\McTray.exe - ok
11:35:41.0277 3848  [ 086E816CCFD9E5F4CB64E582778B23E1 ] C:\WINDOWS\system32\CCM\ccmhttp.dll
11:35:41.0277 3848  C:\WINDOWS\system32\CCM\ccmhttp.dll - ok
11:35:41.0277 3848  [ 36AE28DE964017D186323C7DF69C8369 ] C:\Program Files\ICQ7.6\MFacebook.dll
11:35:41.0277 3848  C:\Program Files\ICQ7.6\MFacebook.dll - ok
11:35:41.0277 3848  [ 065B2F67EBF71130E9126B161F3740DC ] C:\Program Files\Internet Explorer\xpshims.dll
11:35:41.0277 3848  C:\Program Files\Internet Explorer\xpshims.dll - ok
11:35:41.0277 3848  [ EF22E920129796659B03F2DB98A61EB5 ] C:\Program Files\ICQ7.6\MGTalk.dll
11:35:41.0277 3848  C:\Program Files\ICQ7.6\MGTalk.dll - ok
11:35:41.0277 3848  [ 11734790410900D2CD6B7839020E4DD9 ] C:\WINDOWS\system32\ieui.dll
11:35:41.0277 3848  C:\WINDOWS\system32\ieui.dll - ok
11:35:41.0277 3848  [ D67466A49D38673E6CA190A6FC7562AA ] C:\Program Files\ICQ7.6\MReport.dll
11:35:41.0277 3848  C:\Program Files\ICQ7.6\MReport.dll - ok
11:35:41.0293 3848  [ 2AD2E831FB023915188008F5B3103F5B ] C:\Program Files\Internet Explorer\ieproxy.dll
11:35:41.0293 3848  C:\Program Files\Internet Explorer\ieproxy.dll - ok
11:35:41.0293 3848  [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\MSIMTF.dll
11:35:41.0293 3848  C:\WINDOWS\system32\MSIMTF.dll - ok
11:35:41.0293 3848  [ BDBE8A99689F872561244B2EF8838AC4 ] C:\Program Files\McAfee\Common Framework\McAfeeWin32GUISupportDLL.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\McAfeeWin32GUISupportDLL.dll - ok
11:35:41.0293 3848  [ 8B4D615A9D8464BD16DF868B1D2E1888 ] C:\Program Files\McAfee\Common Framework\McTrayInterfaceLib.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\McTrayInterfaceLib.dll - ok
11:35:41.0293 3848  [ 4AEC8029CD0CC19A11CA4BC5D6CBC982 ] C:\Program Files\McAfee\Common Framework\mfevtpa.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\mfevtpa.dll - ok
11:35:41.0293 3848  [ 8EF311198E51E20EC5D4344F528E19FF ] C:\Program Files\McAfee\Host Intrusion Prevention\McTrayHipPlugin.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Host Intrusion Prevention\McTrayHipPlugin.dll - ok
11:35:41.0293 3848  [ 183D978F91410508E33ABCC9BDC1F8BA ] C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\McTrayHipRL.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Host Intrusion Prevention\Resource\0409\McTrayHipRL.dll - ok
11:35:41.0293 3848  [ EB2E8B7D16114D6BF9291ABBB79A1C5E ] C:\Program Files\McAfee\Common Framework\McTrayErrorLoggingPlugin.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\McTrayErrorLoggingPlugin.dll - ok
11:35:41.0293 3848  [ 540B773FD8D94FD8C11981B22D47CAF7 ] C:\Program Files\McAfee\Common Framework\McTrayLegacySupportPlugin.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\McTrayLegacySupportPlugin.dll - ok
11:35:41.0293 3848  [ E91EB427994A57AEC8B376E2F9396F86 ] C:\Program Files\McAfee\VirusScan Enterprise\shstat.dll
11:35:41.0293 3848  C:\Program Files\McAfee\VirusScan Enterprise\shstat.dll - ok
11:35:41.0293 3848  [ 227E6861F1F9392BA51228FEDAAE1D68 ] C:\Program Files\McAfee\Common Framework\traceapp.dll
11:35:41.0293 3848  C:\Program Files\McAfee\Common Framework\traceapp.dll - ok
11:35:41.0293 3848  [ D469A0EBA2EF5C6BEE8065B7E3196E5E ] C:\WINDOWS\system32\mshtml.dll
11:35:41.0293 3848  C:\WINDOWS\system32\mshtml.dll - ok
11:35:41.0293 3848  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
11:35:41.0293 3848  C:\WINDOWS\system32\msls31.dll - ok
11:35:41.0293 3848  [ 7C9AAF547A0AF93C3F1BB7DC3AED4ECC ] C:\WINDOWS\system32\mshtmled.dll
11:35:41.0293 3848  C:\WINDOWS\system32\mshtmled.dll - ok
11:35:41.0308 3848  [ B9497C5ACAEA521663BFFBB321DD3AFA ] C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
11:35:41.0308 3848  C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll - ok
11:35:41.0308 3848  [ 8E7BD91D38F74838DDF3FDC932BB67D8 ] C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll
11:35:41.0308 3848  C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll - ok
11:35:41.0308 3848  [ BEB241BA1E57601B766C6B05E1AAD15F ] C:\Program Files\ICQ7.6\MUIMessage.dll
11:35:41.0308 3848  C:\Program Files\ICQ7.6\MUIMessage.dll - ok
11:35:41.0308 3848  [ B53A732C08002F6EDA943DEB8CE91F6E ] C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll
11:35:41.0308 3848  C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll - ok
11:35:41.0308 3848  [ 91574DB0C747A69195D7E56A5C87426E ] C:\WINDOWS\system32\query.dll
11:35:41.0308 3848  C:\WINDOWS\system32\query.dll - ok
11:35:41.0308 3848  [ 58EC0172DA8A00597E93A072F6E7F044 ] C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll
11:35:41.0308 3848  C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll - ok
11:35:41.0308 3848  [ C4CC2931531ABFB63B0C4C17D3A3B411 ] C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121123093942.dll
11:35:41.0308 3848  C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121123093942.dll - ok
11:35:41.0308 3848  [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
11:35:41.0308 3848  C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
11:35:41.0308 3848  [ 31CF51DCDA1424B813CC97B20F71B431 ] C:\WINDOWS\system32\vbscript.dll
11:35:41.0308 3848  C:\WINDOWS\system32\vbscript.dll - ok
11:35:41.0308 3848  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
11:35:41.0308 3848  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
11:35:41.0308 3848  [ B15D50DED0E965B82BC5B9E9D5ABBA23 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
11:35:41.0308 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll - ok
11:35:41.0308 3848  [ 4121A47161ADC1830F3BAC04B9C0D81D ] C:\Program Files\Alexa Toolbar\AlexaToolbarSSB.10.0.dll
11:35:41.0308 3848  C:\Program Files\Alexa Toolbar\AlexaToolbarSSB.10.0.dll - ok
11:35:41.0308 3848  [ 9CD3089B324152FD76582E5601F0FF8A ] C:\Program Files\Alexa Toolbar\AlxSSBPS.dll
11:35:41.0308 3848  C:\Program Files\Alexa Toolbar\AlxSSBPS.dll - ok
11:35:41.0308 3848  [ E10938F299A333D87E88B6A57C8CD59D ] C:\Program Files\McAfee\SiteAdvisor Enterprise\McBrwCtl.dll
11:35:41.0308 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\McBrwCtl.dll - ok
11:35:41.0308 3848  [ 26FAF4823FF48EAE926A79CDD726AFF0 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\nailite.dll
11:35:41.0308 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\nailite.dll - ok
11:35:41.0324 3848  [ 29BD913D8FD1FEB6728DC9B43B55C1D2 ] C:\WINDOWS\system32\msrating.dll
11:35:41.0324 3848  C:\WINDOWS\system32\msrating.dll - ok
11:35:41.0324 3848  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
11:35:41.0324 3848  C:\WINDOWS\system32\drprov.dll - ok
11:35:41.0324 3848  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
11:35:41.0324 3848  C:\WINDOWS\system32\ntlanman.dll - ok
11:35:41.0324 3848  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
11:35:41.0324 3848  C:\WINDOWS\system32\netui0.dll - ok
11:35:41.0324 3848  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
11:35:41.0324 3848  C:\WINDOWS\system32\netui1.dll - ok
11:35:41.0324 3848  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
11:35:41.0324 3848  C:\WINDOWS\system32\davclnt.dll - ok
11:35:41.0324 3848  [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_6_602_180.ocx
11:35:41.0324 3848  C:\WINDOWS\system32\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
11:35:41.0324 3848  [ 2AD2053DE169BA6878DB41057853F853 ] C:\Program Files\McAfee\SiteAdvisor Enterprise\gatewayutils.dll
11:35:41.0324 3848  C:\Program Files\McAfee\SiteAdvisor Enterprise\gatewayutils.dll - ok
11:35:41.0324 3848  [ 42B928FC8518D793BF7A5EAFC57B1D8B ] C:\WINDOWS\system32\imgutil.dll
11:35:41.0324 3848  C:\WINDOWS\system32\imgutil.dll - ok
11:35:41.0324 3848  [ E5FA1B044DAC5F6F600A1742D73F6936 ] C:\WINDOWS\system32\pngfilt.dll
11:35:41.0324 3848  C:\WINDOWS\system32\pngfilt.dll - ok
11:35:41.0324 3848  [ 254CA8F8B2A387CD59E659991E3E3DBD ] C:\WINDOWS\system32\iepeers.dll
11:35:41.0324 3848  C:\WINDOWS\system32\iepeers.dll - ok
11:35:41.0324 3848  [ 9333DBAEDD617899C3562E937949D068 ] C:\WINDOWS\system32\mscms.dll
11:35:41.0324 3848  C:\WINDOWS\system32\mscms.dll - ok
11:35:41.0324 3848  [ 5E1A0476E009A1930A524DFF4CA13982 ] C:\WINDOWS\system32\dxtrans.dll
11:35:41.0324 3848  C:\WINDOWS\system32\dxtrans.dll - ok
11:35:41.0324 3848  [ A47F6A13202AA54541CA46D6CED79F5F ] C:\WINDOWS\system32\ddrawex.dll
11:35:41.0324 3848  C:\WINDOWS\system32\ddrawex.dll - ok
11:35:41.0339 3848  [ 057D53F1490598D41D9D4DEE9A92B0B1 ] C:\WINDOWS\system32\dxtmsft.dll
11:35:41.0339 3848  C:\WINDOWS\system32\dxtmsft.dll - ok
11:35:41.0339 3848  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
11:35:41.0339 3848  C:\WINDOWS\system32\usp10.dll - ok
11:35:41.0339 3848  [ 56ADB11F7D4D0816C0BE1E701C1B5E52 ] C:\WINDOWS\system32\d3dim700.dll
11:35:41.0339 3848  C:\WINDOWS\system32\d3dim700.dll - ok
11:35:41.0339 3848  [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
11:35:41.0339 3848  C:\WINDOWS\system32\vdmdbg.dll - ok
11:35:41.0339 3848  ============================================================
11:35:41.0339 3848  Scan finished
11:35:41.0339 3848  ============================================================
11:35:41.0339 0508  Detected object count: 1
11:35:41.0339 0508  Actual detected object count: 1
11:36:15.0757 0508  ACPI ( Virus.Win32.Rloader.a ) - skipped by user
11:36:15.0757 0508  ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
11:36:24.0164 0540  Deinitialize success
 


 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 18 March 2013 - 05:24 AM

Run TDSSkiler again and select CURE for

 

11:36:15.0757 0508  ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip

 

Restart the PC,run TDSSkiller scan again and post the clean log(Last few lines of the log should be enough)

 


Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 


Edited by narenxp, 18 March 2013 - 05:24 AM.


#7 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 19 March 2013 - 06:57 AM

Ready, I have run all tools. The problem do not exists anymore!

 

Here are the logs:

 


TDSSKiller

13:43:03.0832 4112  ============================================================
13:43:03.0832 4112  Scan finished
13:43:03.0832 4112  ============================================================
13:43:03.0848 4104  Detected object count: 0
13:43:03.0848 4104  Actual detected object count: 0
13:43:08.0725 3300  Deinitialize success


############################################################################


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: WXBGSF-IT-0484L [administrator]

19.3.2013 г. 10:19:52
mbam-log-2013-03-19 (10-19-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 342403
Time elapsed: 8 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


############################################################################


MiniToolBox by Farbar  Version:05-03-2013
Ran by Admin (administrator) on 19-03-2013 at 11:23:43
Running from "C:\Documents and Settings\Admin.WXBGSF-IT-0484L\My Documents\Install"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "46.249.66.50"
"network.proxy.http_port", 80
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Broadcom 4313 802.11b/g/n = Wireless Network Connection (Disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration

 

Windows IP Configuration

        Host Name . . . . . . . . . . . . : wxbgsf-it-0484l
        Primary Dns Suffix  . . . . . . . : gmea.gad.schneider-electric.com
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : gmea.gad.schneider-electric.com
                                            gmea.gad.schneider-electric.com
                                            gad.schneider-electric.com
                                            schneider-electric.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : gmea.gad.schneider-electric.com
        Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
        Physical Address. . . . . . . . . : 10-1F-74-F2-B7-EB
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.206.16.187
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.206.16.1
        DHCP Server . . . . . . . . . . . : 10.206.16.35
        DNS Servers . . . . . . . . . . . : 10.206.16.40
                                            10.206.18.30
        Lease Obtained. . . . . . . . . . : 19 Март 2013 г. 09:20:51
        Lease Expires . . . . . . . . . . : 19 Март 2013 г. 19:20:51
Server:  wsbg00102.gmea.gad.schneider-electric.com
Address:  10.206.16.40

Name:    google.com
Addresses:  173.194.34.36, 173.194.34.32, 173.194.34.33, 173.194.34.37
   173.194.34.41, 173.194.34.38, 173.194.34.46, 173.194.34.34, 173.194.34.35
   173.194.34.40, 173.194.34.39


Pinging google.com [173.194.34.36] with 32 bytes of data:

Request timed out.
Request timed out.

Ping statistics for 173.194.34.36:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  wsbg00102.gmea.gad.schneider-electric.com
Address:  10.206.16.40

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Request timed out.
Request timed out.

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...10 1f 74 f2 b7 eb ...... Intel® 82579V Gigabit Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      10.206.16.1   10.206.16.187   10
      10.206.16.0    255.255.255.0    10.206.16.187   10.206.16.187   10
    10.206.16.187  255.255.255.255        127.0.0.1       127.0.0.1   10
   10.255.255.255  255.255.255.255    10.206.16.187   10.206.16.187   10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
        224.0.0.0        240.0.0.0    10.206.16.187   10.206.16.187   10
  255.255.255.255  255.255.255.255    10.206.16.187   10.206.16.187   1
Default Gateway:       10.206.16.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/19/2013 09:22:24 AM) (Source: Lotus Notes Network Provider) (User: WXBGSF-IT-0484L)
Description: Notes Single Logon could not execute password change on ID dstameno.id: Wrong Password. (Passwords are case sensitive - be sure to use correct upper and lower case.)

Error: (03/14/2013 03:08:45 PM) (Source: Application Hang) (User: )
Description: Hanging application MyManager.exe, version 5.1.0.5, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/13/2013 10:48:24 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x000d63fe.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/13/2013 10:43:24 AM) (Source: Application Error) (User: )
Description: Faulting application tora.exe, version 0.0.0.0, faulting module qtcore4.dll, version 4.6.3.0, fault address 0x00100995.
Processing media-specific event for [tora.exe!ws!]

Error: (03/12/2013 10:54:17 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0009da70.
Processing media-specific event for [iexplore.exe!ws!]

Error: (03/07/2013 10:00:39 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/06/2013 01:42:09 PM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

Error: (03/06/2013 01:42:08 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (03/06/2013 00:40:09 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: The file C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Local Settings\temp\Av-test.txt contains the EICAR test file Test. No cleaner available, file deleted successfully. Detected using Scan engine version 5400.1158 DAT version 7005.0000.

Error: (03/06/2013 11:49:40 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/19/2013 10:15:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/19/2013 09:33:09 AM) (Source: DCOM) (User: WXBGSF-IT-0484L)
Description: DCOM got error "%%1058" attempting to start the service gupdatem with arguments "/comsvc"
in order to run the server:
{E225E692-4B47-4777-9BED-4FD7FE257F0E}

Error: (03/19/2013 09:33:07 AM) (Source: DCOM) (User: WXBGSF-IT-0484L)
Description: DCOM got error "%%1058" attempting to start the service gusvc with arguments ""
in order to run the server:
{89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

Error: (03/19/2013 09:23:42 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (03/19/2013 09:21:20 AM) (Source: Service Control Manager) (User: )
Description: The 5023 service failed to start due to the following error:
%%2

Error: (03/18/2013 06:15:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (03/18/2013 05:56:43 PM) (Source: NetDDE) (User: )
Description: Listen failed: 23: The ncb_lana_num member did not specify a valid network number.

Error: (03/18/2013 05:56:41 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.

Error: (03/18/2013 05:56:37 PM) (Source: NetDDE) (User: )
Description: Listen failed: 15:

Error: (03/18/2013 05:56:37 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.


Microsoft Office Sessions:
=========================
Error: (01/02/2013 10:55:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 980 seconds with 720 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

7-Zip 9.20 (Version: 9.20.00.0)
ACDSee 5.0 Standard Trial (Version: 5.0.0)
ActivePerl 5.14.2 Build 1402 (Version: 5.14.1402)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader 9.4.7 (Version: 9.4.7)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Advego Plagiatus 1.1.0.80
Alexa Toolbar
Apache HTTP Server 2.2.22 (Version: 2.2.22)
Beyond Compare Version 3.3.3
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.48.64)
Bulgarian (Old Phonetic) (Version: 1.0.3.40)
Bulk Rename Utility 2.7.1.2
Cisco WebEx Meetings
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Configuration Manager Client (Version: 4.00.6487.2000)
CSSI 4.8 - user edition (Version: 4.8)
DomainInspect
EditPlus 3
EMS SQL Manager 2011 for MySQL (Version: 5.1.0.2)
EMS SQL Manager 2011 for Oracle (Version: 2.6.0.1)
EMS SQL Manager 2011 Lite for MySQL (Version: 5.1.0.2)
EMS SQL Manager Lite for PostgreSQL (Version: 5.1.1.1)
ESET Online Scanner v3
Expired Domains (Version: 1.0.1.17)
FadeTop 2.5
FileZilla Client 3.5.3 (Version: 3.5.3)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FlashPeak SlimBrowser (Version: 6.01.100)
Free Monitor for Google 2.5
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 25.0.1364.172)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Google Земя (Version: 6.2.2.6613)
HeidiSQL 6.0 (Version: 6.0)
ICQ7.6 (Version: 7.6)
IDT Audio (Version: 1.0.6341.0)
InfoNotary e-Doc Signer (Version: 1.4.4)
InfoNotary PNP Installer (Version: 1.4.0.0)
InfoNotary Smart Card Manager (Version: 2.0.2)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections Drivers (Version: 16.3)
Intel® Processor Graphics (Version: 6.14.10.5337)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
IrfanView (remove only)
ItaEst - Taka e! (Version: 1.00.0000)
Java Auto Updater (Version: 2.1.5.1)
Java™ 7 Update 1 (Version: 7.0.10)
Java™ SE Development Kit 7 Update 1 (Version: 1.7.0.10)
JMicron 1394 Filter Driver (Version: 1.00.21.00)
JMicron Flash Media Controller Driver (Version: 1.0.58.0)
LightScribe System Software (Version: 1.18.22.2)
Lotus Notes 8.5.3 (Version: 8.53.11258)
Maconomy W 8.0
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Agent (Version: 4.6.0.2292)
McAfee DLP Endpoint (Version: 9.2.100.36)
McAfee Host Intrusion Prevention (Version: 8.00.0000)
McAfee SiteAdvisor Enterprise (Version: 3.5.0.573)
McAfee VirusScan Enterprise (Version: 8.8.01000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft FrontPage Client - English (Version: 7.00.9209)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft Visual Studio .NET Enterprise Developer 2003 - English
Mozilla Firefox 19.0.2 (x86 bg) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MySQL Server 5.5 (Version: 5.5.17)
Nero 6 Ultra Edition
OMNIKEY CardMan 3x21 PC/SC Driver (Version: 2.0.0.11)
OpenOffice.org 3.4 (Version: 3.4.9590)
Opera 12.11 (Version: 12.11.1661)
PaRaMeter 1.3
PHP 5.3.22 (Version: 5.3.22)
PostgreSQL 9.1  (Version: 9.1)
Prepiska.com (Version: 1.0.0)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
Radmin Server 3.5 (Version: 3.50.0000)
Radmin Viewer 3.5 (Version: 3.50.0000)
RDC
Remote Administrator v2.1
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
SA Dictionary 2005 T2
SeekFast (Version: 1.1)
SEO SpyGlass
Skype™ 5.10 (Version: 5.10.116)
Standalone Flash Player 1.2
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.13.0)
TeamViewer 8 (Version: 8.0.17292)
Toolkit for Oracle 1.2.4
UltraEdit-32 Uninstall
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual Studio .NET Enterprise Developer 2003 - English (Version: 7.1.3088)
Visual Studio.NET Baseline - English (Version: 7.1.3088)
VLC media player 2.0.1 (Version: 2.0.1)
WebFldrs XP (Version: 9.50.7523)
WIMGAPI (Version: 1.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
WinRAR archiver
WinSCP 4.3.7 (Version: 4.3.7)
Xenu's Link Sleuth (Version: 1.3.8)

========================= Devices: ================================

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 4313 802.11b/g/n
Description: Broadcom 4313 802.11b/g/n
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Integrated Module
Description: HP Integrated Module
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3014.29 MB
Available physical RAM: 2164.48 MB
Total Pagefile: 4900.24 MB
Available Pagefile: 3739.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.87 MB

========================= Partitions: =====================================

1 Drive c: (System) (Fixed) (Total:60 GB) (Free:18.12 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:405.75 GB) (Free:363.82 GB) NTFS

========================= Users: ========================================

User accounts for \\WXBGSF-IT-0484L

Admin                    Administrator            ASPNET                  
Guest                    HelpAssistant            postgres                
SQLDebugger              SUPPORT_388945a0        


**** End of log ****


############################################################################


Farbar Service Scanner Version: 03-03-2013
Ran by Admin (administrator) on 19-03-2013 at 11:33:07
Running from "C:\Documents and Settings\Admin.WXBGSF-IT-0484L\My Documents\Install"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-10-24 14:51] - [2008-04-14 14:00] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185


Extra List:
=======
Gpc(3) IPSec(5) mfetdi2k(8) NetBT(6) PSched(7) Tcpip(4)
0x0A000000050000000100000002000000030000000400000008000000090000000A0000000600000007000000
IpSec Tag value is correct.

**** End of log ****


############################################################################


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Admin on 19.03.2013 г. at 11:38:52,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\alxssb.alxtbssb
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\alxssb.alxtbssb.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\alxtb2.toolbarproxy
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\alxtb2.toolbarproxy.1

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ammyy"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Application Data\blekko"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Application Data\speedypc software"
Failed to delete: [Folder] "C:\Program Files\alexa toolbar"

 

~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Admin.WXBGSF-IT-0484L\Application Data\mozilla\firefox\profiles\7kvid2sc.default\prefs.js

user_pref("browser.search.selectedEngine", "blekko");

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.03.2013 г. at 12:28:11,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

############################################################################


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/19/2013 12:38:05 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\WISPTIS.EXE (PID: 2172) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/19/2013 12:38:35 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)


############################################################################


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "RDP Clip Monitor" "Microsoft Corporation" "c:\windows\system32\rdpclip.exe"
"HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup" "" "" ""
+ "GMEA-C-TurnOffJAVAUpdate" "" "" "File not found: \\gmea.gad.schneider-electric.com\SysVol\gmea.gad.schneider-electric.com\Policies\{19A4DA96-69E3-4359-B1E1-6E442AD35094}\Machine\Scripts\Startup\turnoffJAVAupdate.VBS"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/octet-stream" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "application/x-complus" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "application/x-msdownload" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "Class Install Handler" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "deflate" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "gzip" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "lzdhtml" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "text/webviewhtml" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "about" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "cdl" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcieplg.dll"
+ "dvd" "ActiveX control for streaming video" "Microsoft Corporation" "c:\windows\system32\msvidctl.dll"
+ "file" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "ftp" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "gopher" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "http" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "https" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "its" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\windows\system32\itss.dll"
+ "javascript" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "local" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "mailto" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "mhtml" "Microsoft Internet Messaging API" "Microsoft Corporation" "c:\windows\system32\inetcomm.dll"
+ "mk" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-its" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\windows\system32\itss.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "res" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcieplg.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "sysimage" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "tv" "ActiveX control for streaming video" "Microsoft Corporation" "c:\windows\system32\msvidctl.dll"
+ "vbscript" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "wia" "WIA Scripting Layer" "Microsoft Corporation" "c:\windows\system32\wiascr.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
+ "Browseui preloader" "Shell Browser UI Library" "Microsoft Corporation" "c:\windows\system32\browseui.dll"
+ "Component Categories cache daemon" "Shell Browser UI Library" "Microsoft Corporation" "c:\windows\system32\browseui.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" "" "" ""
+ "CDBurn" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "PostBootReminder" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "SysTray" "Systray shell service object" "Microsoft Corporation" "c:\windows\system32\stobject.dll"
+ "WebCheck" "Web Site Monitor" "Microsoft Corporation" "c:\windows\system32\webcheck.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "URL Exec Hook" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "BRUMenuHandler" "Context Menu Dynamic Link Library" "Bulk Rename Utility" "c:\program files\bulk rename utility\bruhere.dll"
+ "DLP Manual Tagging" "McAfee DLP Manual Tagging" "McAfee Inc." "c:\program files\mcafee\dlp\agent\fcagmt.dll"
+ "EditPlus 3" "EditPlus eppshell" "" "c:\program files\editplus 3\eppshell.dll"
+ "InfoNotaryShell Class" "EDM Shell Extension Module" "InfoNotary Ltd." "c:\program files\infonotary\insigner\edmshellext.dll"
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
+ "Open With" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Open With EncryptionMenu" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Start Menu Pin" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "CryptoSignMenu" "Crypto Shell Extensions" "Microsoft Corporation" "c:\windows\system32\cryptext.dll"
+ "Microsoft DocProp Shell Ext" "Microsoft DocProp Shell Ext" "Microsoft Corporation" "c:\windows\system32\docprop2.dll"
+ "OLE Docfile Property Page" "OLE DocFile Property Page" "Microsoft Corporation" "c:\windows\system32\docprop.dll"
+ "Security Shell Extension" "Security Shell Extension" "Microsoft Corporation" "c:\windows\system32\rshx32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Send To" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers" "" "" ""
+ "Previous Versions Property Page" "Previous Versions property page" "Microsoft Corporation" "c:\windows\system32\twext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "BRUMenuHandler" "Context Menu Dynamic Link Library" "Bulk Rename Utility" "c:\program files\bulk rename utility\bruhere.dll"
+ "DLP Decrypt" "McAfee DLP Manual Decryption" "McAfee Inc." "c:\program files\mcafee\dlp\agent\fcagmd.dll"
+ "EncryptionMenu" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "DfsShell Class" "Distributed File System shell extension" "Microsoft Corporation" "c:\windows\system32\dfsshlex.dll"
+ "Folder Customization Tab" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Previous Versions Property Page" "Previous Versions property page" "Microsoft Corporation" "c:\windows\system32\twext.dll"
+ "Security Shell Extension" "Security Shell Extension" "Microsoft Corporation" "c:\windows\system32\rshx32.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "CDF" "Shell Doc Object and Control Library" "Microsoft Corporation" "c:\windows\system32\shdocvw.dll"
+ "FileSystem" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext.dll"
+ "MyDocuments" "My Documents Folder UI" "Microsoft Corporation" "c:\windows\system32\mydocs.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
+ "WinSCPCopyHook" "Drag&Drop shell extension for WinSCP (32-bit)" "Martin Prikryl" "c:\program files\winscp\dragext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "New" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{24F14F01-7B1C-11d1-838f-0000F80461CF}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{24F14F02-7B1C-11d1-838f-0000F80461CF}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{66742402-F9B9-11D1-A202-0000F81FEDEE}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\shext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "Compressed (zipped) Folder Right Drag Handler" "Compressed (zipped) Folders" "Microsoft Corporation" "c:\windows\system32\zipfldr.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20121123093942.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcieplg.dll"
+ "Microsoft Url Search Hook" "Internet Explorer" "Microsoft Corporation" "c:\windows\system32\ieframe.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Alexa Toolbar" "" "" "File not found: C:\Program Files\Alexa Toolbar\AlexaToolbar.10.0.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "SiteAdvisor Enterprise" "SiteAdvisor" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Diagnose Connection Problems..." "Network Diagnostic for Windows XP" "Microsoft Corporation" "c:\windows\network diagnostic\xpnetdiag.exe"
+ "ICQ7.6" "ICQ" "ICQ, LLC." "c:\program files\icq7.6\icq.exe"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
X "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.6 r602" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "InfoNotary Smart Card Manager Updates.job" "Advanced Updater" "Caphyon LTD" "c:\program files\infonotary\scmanager2\updater.exe"
+ "InfoNotary updater.job" "Advanced Updater" "Caphyon LTD" "c:\program files\infonotary\pnpinstaller\infonotaryupdater.exe"
+ "Update InfoNotary e-Doc Signer.job" "Advanced Updater" "Caphyon LTD" "c:\program files\infonotary\insigner\insignerupdater.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
X "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "ALG" "Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall." "Microsoft Corporation" "c:\windows\system32\alg.exe"
+ "Apache2.2" "Apache/2.2.22 (Win32) PHP/5.3.22" "Apache Software Foundation" "c:\program files\apache software foundation\apache2.2\bin\httpd.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "Microsoft Corporation" "c:\windows\system32\appmgmts.dll"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe"
+ "AudioSrv" "Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\audiosrv.dll"
+ "BITS" "Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly." "Microsoft Corporation" "c:\windows\system32\qmgr.dll"
+ "Browser" "Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\browser.dll"
+ "CcmExec" "Provides change and configuration services for computer management systems." "Microsoft Corporation" "c:\windows\system32\ccm\ccmexec.exe"
+ "CiSvc" "Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language." "Microsoft Corporation" "c:\windows\system32\cisvc.exe"
+ "ClipSrv" "Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\clipsrv.exe"
+ "clr_optimization_v2.0.50727_32" "Microsoft .NET Framework NGEN" "Microsoft Corporation" "c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe"
+ "COMSysApp" "Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dllhost.exe"
+ "CryptSvc" "Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\cryptsvc.dll"
+ "DcomLaunch" "Provides launch functionality for DCOM services." "Microsoft Corporation" "c:\windows\system32\rpcss.dll"
+ "Dhcp" "Manages network configuration by registering and updating IP addresses and DNS names." "Microsoft Corporation" "c:\windows\system32\dhcpcsvc.dll"
+ "dmadmin" "Configures hard disk drives and volumes. The service only runs for configuration processes and then stops." "Microsoft Corp., Veritas Software" "c:\windows\system32\dmadmin.exe"
+ "dmserver" "Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corp." "c:\windows\system32\dmserver.dll"
+ "Dnscache" "Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dnsrslvr.dll"
+ "Dot3svc" "This service performs IEEE 802.1X authentication on Ethernet interfaces" "Microsoft Corporation" "c:\windows\system32\dot3svc.dll"
+ "EapHost" "Provides windows clients Extensible Authentication Protocol Service" "Microsoft Corporation" "c:\windows\system32\eapsvc.dll"
+ "enterceptAgent" "Host-based intrusion prevention component that blocks exploits and hacks in real-time, including malicious buffer overflow code execution and privilege escalations. If this service is disabled or stopped, the system is no longer protected against intrusions." "McAfee, Inc." "c:\program files\mcafee\host intrusion prevention\firesvc.exe"
+ "ERSvc" "Allows error reporting for services and applictions running in non-standard environments." "Microsoft Corporation" "c:\windows\system32\ersvc.dll"
+ "Eventlog" "Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped." "Microsoft Corporation" "c:\windows\system32\services.exe"
+ "EventSystem" "Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\es.dll"
+ "FastUserSwitchingCompatibility" "Provides management for applications that require assistance in a multiple user environment." "Microsoft Corporation" "c:\windows\system32\shsvcs.dll"
+ "FontCache3.0.0.0" "Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications." "Microsoft Corporation" "c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe"
+ "helpsvc" "Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\pchealth\helpctr\binaries\pchsvc.dll"
+ "hkmsvc" "Manages health certificates and keys (used by NAP)" "Microsoft Corporation" "c:\windows\system32\kmsvc.dll"
+ "HTTPFilter" "This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service,  using the Secure Socket Layer (SSL).  If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\w3ssl.dll"
+ "ImapiService" "Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\imapi.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "LanmanServer" "Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\srvsvc.dll"
+ "lanmanworkstation" "Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\wkssvc.dll"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "LmHosts" "Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution." "Microsoft Corporation" "c:\windows\system32\lmhsvc.dll"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files\intel\intel® management engine components\lms\lms.exe"
+ "LNSUSvc" "A service that helps upgrade the Lotus Notes client. " "IBM Corp" "d:\lotus\notes\suservice.exe"
+ "Lotus Notes Diagnostics" "Performs diagnostics on behalf of Lotus Notes" "IBM" "d:\lotus\notes\nsd.exe"
+ "Lotus Notes Single Logon" "IBM Lotus Notes/Domino" "IBM Corp" "d:\lotus\notes\nslsvice.exe"
+ "McAfee SiteAdvisor Enterprise Service" "Provides low-level support for McAfee SiteAdvisor Enterprise" "McAfee, Inc." "c:\program files\mcafee\siteadvisor enterprise\mcsacore.exe"
+ "McAfeeDLPAgentService" "McAfee DLP Endpoint Service" "McAfee Inc." "c:\program files\mcafee\dlp\agent\fcags.exe"
+ "McAfeeFramework" "Shared component framework for McAfee products" "McAfee, Inc." "c:\program files\mcafee\common framework\frameworkservice.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "McTaskManager" "Allows scheduling of McAfee scanning and updating activities." "McAfee, Inc." "c:\program files\mcafee\virusscan enterprise\vstskmgr.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "mnmsrvc" "Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\mnmsrvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSDTC" "Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. " "Microsoft Corporation" "c:\windows\system32\msdtc.exe"
+ "MSIServer" "Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\msiexec.exe"
+ "MySQL" "" "" "c:\program files\mysql\mysql server 5.5\bin\mysqld.exe"
+ "napagent" "Allows windows clients to participate in Network Access Protection" "Microsoft Corporation" "c:\windows\system32\qagentrt.dll"
+ "NetDDE" "Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\netdde.exe"
+ "NetDDEdsdm" "Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. " "Microsoft Corporation" "c:\windows\system32\netdde.exe"
+ "Netlogon" "Supports pass-through authentication of account logon events for computers in a domain." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "Netman" "Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections." "Microsoft Corporation" "c:\windows\system32\netman.dll"
+ "Nla" "Collects and stores network configuration and location information, and notifies applications when this information changes." "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "NtLmSsp" "Provides security to remote procedure call (RPC) programs that use transports other than named pipes." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "NtmsSvc" "Removable Storage Manager" "Microsoft Corporation" "c:\windows\system32\ntmssvc.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PlugPlay" "Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability." "Microsoft Corporation" "c:\windows\system32\services.exe"
+ "PolicyAgent" "Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "postgresql-9.1" "Provides relational database storage." "PostgreSQL Global Development Group" "c:/program files/postgresql/9.1/bin/pg_ctl.exe"
+ "ProtectedStorage" "Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "RasAuto" "Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address." "Microsoft Corporation" "c:\windows\system32\rasauto.dll"
+ "RasMan" "Creates a network connection." "Microsoft Corporation" "c:\windows\system32\rasmans.dll"
+ "RDSessMgr" "Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box." "Microsoft Corporation" "c:\windows\system32\sessmgr.exe"
+ "RemoteRegistry" "Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\regsvc.dll"
+ "RpcLocator" "Manages the RPC name service database." "Microsoft Corporation" "c:\windows\system32\locator.exe"
+ "RpcSs" "Provides the endpoint mapper and other miscellaneous RPC services." "Microsoft Corporation" "c:\windows\system32\rpcss.dll"
+ "RServer3" "Provides secure remote control, file transfer, text chat, voice chat and other services for authorized remote users." "Famatech Corp." "c:\windows\system32\rserver30\rserver3.exe"
+ "RSVP" "Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets." "Microsoft Corporation" "c:\windows\system32\rsvp.exe"
+ "SamSs" "Stores security information for local user accounts." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "SCardSvr" "Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\scardsvr.exe"
+ "Schedule" "Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\schedsvc.dll"
+ "seclogon" "Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\seclogon.dll"
+ "SENS" "Tracks system events such as Windows logon, network, and power events.  Notifies COM+ Event System subscribers of these events." "Microsoft Corporation" "c:\windows\system32\sens.dll"
+ "SharedAccess" "Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network." "Microsoft Corporation" "c:\windows\system32\ipnathlp.dll"
+ "ShellHWDetection" "Provides notifications for AutoPlay hardware events." "Microsoft Corporation" "c:\windows\system32\shsvcs.dll"
+ "smstsmgr" "SMS client agent for task sequence execution" "Microsoft Corporation" "c:\windows\system32\ccm\tsmanager.exe"
+ "Spooler" "Loads files to memory for later printing." "Microsoft Corporation" "c:\windows\system32\spoolsv.exe"
+ "srservice" "Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties" "Microsoft Corporation" "c:\windows\system32\srsvc.dll"
+ "SSDPSRV" "Enables discovery of UPnP devices on your home network." "Microsoft Corporation" "c:\windows\system32\ssdpsrv.dll"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv.exe"
+ "stisvc" "Provides image acquisition services for scanners and cameras." "Microsoft Corporation" "c:\windows\system32\wiaservc.dll"
+ "SwPrv" "Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dllhost.exe"
+ "SysmonLog" "Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\smlogsvc.exe"
+ "TapiSrv" "Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service." "Microsoft Corporation" "c:\windows\system32\tapisrv.dll"
+ "TeamViewer8" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files\teamviewer\version8\teamviewer_service.exe"
+ "TermService" "Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server." "Microsoft Corporation" "c:\windows\system32\termsrv.dll"
+ "Themes" "Provides user experience theme management." "Microsoft Corporation" "c:\windows\system32\shsvcs.dll"
+ "TlntSvr" "Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\tlntsvr.exe"
+ "TrkWks" "Maintains links between NTFS files within a computer or across computers in a network domain." "Microsoft Corporation" "c:\windows\system32\trkwks.dll"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files\intel\intel® management engine components\uns\uns.exe"
+ "upnphost" "Provides support to host Universal Plug and Play devices." "Microsoft Corporation" "c:\windows\system32\upnphost.dll"
+ "UPS" "Manages an uninterruptible power supply (UPS) connected to the computer." "Microsoft Corporation" "c:\windows\system32\ups.exe"
+ "VSS" "Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\vssvc.exe"
+ "W32Time" "Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\w32time.dll"
+ "WebClient" "Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\webclnt.dll"
+ "winmgmt" "Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\wbem\wmisvc.dll"
+ "WmdmPmSN" "Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device." "Microsoft Corporation" "c:\windows\system32\mspmsnsv.dll"
+ "Wmi" "Provides systems management information to and from drivers." "Microsoft Corporation" "c:\windows\system32\advapi32.dll"
+ "WmiApSrv" "Provides performance library information from WMI HiPerf providers." "Microsoft Corporation" "c:\windows\system32\wbem\wmiapsrv.exe"
+ "wscsvc" "Monitors system security settings and configurations." "Microsoft Corporation" "c:\windows\system32\wscsvc.dll"
+ "wuauserv" "Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site." "Microsoft Corporation" "c:\windows\system32\wuauserv.dll"
+ "WZCSVC" "Provides automatic configuration for the 802.11 adapters" "Microsoft Corporation" "c:\windows\system32\wzcsvc.dll"
+ "xmlprov" "Manages XML configuration files on a domain basis for automatic network provisioning." "Microsoft Corporation" "c:\windows\system32\xmlprov.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "5023" "" "" "File not found: C:\DOCUME~1\ADMIN~1.WXB\LOCALS~1\Temp\5023.sys"
+ "ACPI" "ACPI Driver for NT" "Microsoft Corporation" "c:\windows\system32\drivers\acpi.sys"
+ "ACPIEC" "ACPI Embedded Controller Driver" "Microsoft Corporation" "c:\windows\system32\drivers\acpiec.sys"
+ "aec" "Microsoft Acoustic Echo Canceller" "Microsoft Corporation" "c:\windows\system32\drivers\aec.sys"
+ "AESTAud" "Andrea Audio Driver" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aestaud.sys"
+ "AFD" "AFD Networking Support Environment" "Microsoft Corporation" "c:\windows\system32\drivers\afd.sys"
+ "Arp1394" "1394 ARP Client Protocol" "Microsoft Corporation" "c:\windows\system32\drivers\arp1394.sys"
+ "AsyncMac" "RAS Asynchronous Media Driver" "Microsoft Corporation" "c:\windows\system32\drivers\asyncmac.sys"
+ "atapi" "IDE/ATAPI Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\atapi.sys"
+ "Atmarpc" "ATM ARP Client Protocol" "Microsoft Corporation" "c:\windows\system32\drivers\atmarpc.sys"
+ "audstub" "AudStub Driver" "Microsoft Corporation" "c:\windows\system32\drivers\audstub.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl5.sys"
+ "Beep" "BEEP Driver" "Microsoft Corporation" "c:\windows\system32\drivers\beep.sys"
+ "BTWUSB" "" "" "File not found: System32\Drivers\btwusb.sys"
+ "catchme" "" "" "File not found: C:\DOCUME~1\ADMIN~1.WXB\LOCALS~1\Temp\catchme.sys"
+ "Cdaudio" "CD-ROM Audio Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\cdaudio.sys"
+ "Cdrom" "SCSI CD-ROM Driver" "Microsoft Corporation" "c:\windows\system32\drivers\cdrom.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "CmBatt" "Control Method Battery Driver" "Microsoft Corporation" "c:\windows\system32\drivers\cmbatt.sys"
+ "Compbatt" "Composite Battery Driver" "Microsoft Corporation" "c:\windows\system32\drivers\compbatt.sys"
+ "cxbu0wdm" "PC/SC IFD handler for CCID compliant CardMan" "OMNIKEY" "c:\windows\system32\drivers\cxbu0wdm.sys"
+ "Disk" "PnP Disk Driver" "Microsoft Corporation" "c:\windows\system32\drivers\disk.sys"
+ "dmio" "NT Disk Manager I/O Driver" "Microsoft Corp., Veritas Software" "c:\windows\system32\drivers\dmio.sys"
+ "dmload" "NT Disk Manager Startup Driver" "Microsoft Corp., Veritas Software." "c:\windows\system32\drivers\dmload.sys"
+ "DMusic" "Microsoft Kernel DLS Synthesizer" "Microsoft Corporation" "c:\windows\system32\drivers\dmusic.sys"
+ "drmkaud" "Microsoft Kernel DRM Audio Descrambler Filter" "Microsoft Corporation" "c:\windows\system32\drivers\drmkaud.sys"
+ "e1cexpress" "Intel® Gigabit Adapter NDIS 5.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1c5132.sys"
+ "Fdc" "Floppy Disk Controller Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fdc.sys"
+ "Fips" "FIPS Crypto Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fips.sys"
+ "FireNfcp" "McAfee HIP NIP FireCore Plugin Driver" "McAfee, Inc." "c:\windows\system32\drivers\firenfcp.sys"
+ "Flpydisk" "Floppy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\flpydisk.sys"
+ "FltMgr" "File System Filter Manager Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fltmgr.sys"
+ "Ftdisk" "FT Disk Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ftdisk.sys"
+ "gfibto" "GFI Boot Time Operations Driver" "GFI Software" "c:\windows\system32\drivers\gfibto.sys"
+ "Gpc" "Generic Packet Classifier" "Microsoft Corporation" "c:\windows\system32\drivers\msgpc.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "hdlpctrl" "McAfee DLP Controller Driver" "McAfee Inc." "c:\windows\system32\drivers\hdlpctrl.sys"
+ "hdlpdbk" "McAfee DLP Device Blocking Driver" "McAfee Inc." "c:\windows\system32\drivers\hdlpdbk.sys"
+ "hdlpevnt" "McAfee DLP Event Manager Driver" "McAfee Inc." "c:\windows\system32\drivers\hdlpevnt.sys"
+ "hdlpflt" "McAfee DLP Mini File Filter Driver" "McAfee Inc." "c:\windows\system32\drivers\hdlpflt.sys"
+ "HidUsb" "USB Miniport Driver for Input Devices" "Microsoft Corporation" "c:\windows\system32\drivers\hidusb.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HTTP" "This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\drivers\http.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "i8042prt" "i8042 Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\i8042prt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "Imapi" "IMAPI Kernel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\imapi.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "intelppm" "Processor Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\intelppm.sys"
+ "Ip6Fw" "Provides intrusion prevention service for a home or small office network." "Microsoft Corporation" "c:\windows\system32\drivers\ip6fw.sys"
+ "IpFilterDriver" "IP Traffic Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipfltdrv.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipinip.sys"
+ "IpNat" "IP Network Address Translator" "Microsoft Corporation" "c:\windows\system32\drivers\ipnat.sys"
+ "IPSec" "IPSEC driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipsec.sys"
+ "IRENUM" "Infra-Red Bus Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\irenum.sys"
+ "isapnp" "PNP ISA Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\isapnp.sys"
+ "JMCR" "JMicron PCIe Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "johci" "OHCI1394 upper filter driver" "JMicron Technology Corp." "c:\windows\system32\drivers\johci.sys"
+ "Kbdclass" "Keyboard Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\kbdclass.sys"
+ "kbdhid" "HID Mouse Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\kbdhid.sys"
+ "kmixer" "Kernel Mode Audio Mixer" "Microsoft Corporation" "c:\windows\system32\drivers\kmixer.sys"
+ "KSecDD" "Kernel Security Support Provider Interface" "Microsoft Corporation" "c:\windows\system32\drivers\ksecdd.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MEI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\WINDOWS\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfendisk" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfendisk.sys"
+ "mfendiskmp" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfendisk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "mfetdi2k" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfetdi2k.sys"
+ "mirrorv3" "Radmin Mirror Miniport Driver V3" "Famatech International Corp." "c:\windows\system32\drivers\rminiv3.sys"
+ "mnmdd" "Frame buffer simulator" "Microsoft Corporation" "c:\windows\system32\drivers\mnmdd.sys"
+ "Modem" "Modem Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\modem.sys"
+ "Mouclass" "Mouse Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mouclass.sys"
+ "mouhid" "HID Mouse Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mouhid.sys"
+ "MountMgr" "Mount Manager" "Microsoft Corporation" "c:\windows\system32\drivers\mountmgr.sys"
+ "MRxDAV" "WebDav Client Redirector" "Microsoft Corporation" "c:\windows\system32\drivers\mrxdav.sys"
+ "MRxSmb" "MRXSMB" "Microsoft Corporation" "c:\windows\system32\drivers\mrxsmb.sys"
+ "Msfs" "Mailslot driver" "Microsoft Corporation" "c:\windows\system32\drivers\msfs.sys"
+ "MSKSSRV" "MS KS Server" "Microsoft Corporation" "c:\windows\system32\drivers\mskssrv.sys"
+ "MSPCLOCK" "MS Proxy Clock" "Microsoft Corporation" "c:\windows\system32\drivers\mspclock.sys"
+ "MSPQM" "MS Proxy Quality Manager" "Microsoft Corporation" "c:\windows\system32\drivers\mspqm.sys"
+ "mssmbios" "System Management BIOS Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mssmbios.sys"
+ "Mup" "Multiple UNC Provider driver" "Microsoft Corporation" "c:\windows\system32\drivers\mup.sys"
+ "NDIS" "NDIS 5.1 wrapper driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndis.sys"
+ "NdisTapi" "Remote Access NDIS TAPI Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndistapi.sys"
+ "Ndisuio" "NDIS Usermode I/O Protocol" "Microsoft Corporation" "c:\windows\system32\drivers\ndisuio.sys"
+ "NdisWan" "Remote Access NDIS WAN Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndiswan.sys"
+ "NDProxy" "NDIS Proxy" "Microsoft Corporation" "c:\windows\system32\drivers\ndproxy.sys"
+ "NetBIOS" "NetBIOS Interface" "Microsoft Corporation" "c:\windows\system32\drivers\netbios.sys"
+ "NetBT" "NetBios over Tcpip" "Microsoft Corporation" "c:\windows\system32\drivers\netbt.sys"
+ "NIC1394" "IEEE1394 Ndis Miniport and Call Manager" "Microsoft Corporation" "c:\windows\system32\drivers\nic1394.sys"
+ "Npfs" "NPFS Driver" "Microsoft Corporation" "c:\windows\system32\drivers\npfs.sys"
+ "Null" "NULL Driver" "Microsoft Corporation" "c:\windows\system32\drivers\null.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "Microsoft Corporation" "c:\windows\system32\drivers\nwlnkfwd.sys"
+ "ohci1394" "1394 OpenHCI Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ohci1394.sys"
+ "Parport" "Parallel Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\parport.sys"
+ "PartMgr" "Partition Manager" "Microsoft Corporation" "c:\windows\system32\drivers\partmgr.sys"
+ "ParVdm" "VDM Parallel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\parvdm.sys"
+ "PCI" "NT Plug and Play PCI Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\pci.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PCIIde" "Generic PCI IDE Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\pciide.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "PptpMiniport" "WAN Miniport (PPTP)" "Microsoft Corporation" "c:\windows\system32\drivers\raspptp.sys"
+ "prepdrvr" "SMS Software Metering Process Event Driver" "Microsoft Corporation" "c:\windows\system32\ccm\prepdrv.sys"
+ "PSched" "QoS Packet Scheduler" "Microsoft Corporation" "c:\windows\system32\drivers\psched.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "raddrvv3" "Radmin Server support driver" "Famatech Corp." "c:\windows\system32\rserver30\raddrvv3.sys"
+ "RasAcd" "Remote Access Auto Connection Driver" "Microsoft Corporation" "c:\windows\system32\drivers\rasacd.sys"
+ "Rasl2tp" "WAN Miniport (L2TP)" "Microsoft Corporation" "c:\windows\system32\drivers\rasl2tp.sys"
+ "RasPppoe" "Remote Access PPPOE Driver" "Microsoft Corporation" "c:\windows\system32\drivers\raspppoe.sys"
+ "Raspti" "Direct Parallel" "Microsoft Corporation" "c:\windows\system32\drivers\raspti.sys"
+ "Rdbss" "Rdbss" "Microsoft Corporation" "c:\windows\system32\drivers\rdbss.sys"
+ "RDPCDD" "RDP Miniport" "Microsoft Corporation" "c:\windows\system32\drivers\rdpcdd.sys"
+ "rdpdr" "Microsoft RDP Device redirector" "Microsoft Corporation" "c:\windows\system32\drivers\rdpdr.sys"
+ "RDPWD" "RDP Terminal Stack Driver (US/Canada Only, Not for Export)" "Microsoft Corporation" "c:\windows\system32\drivers\rdpwd.sys"
+ "redbook" "Redbook Audio Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\redbook.sys"
+ "sdbus" "SecureDigital Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sdbus.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Serial Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\serial.sys"
+ "Sfloppy" "SCSI Floppy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sfloppy.sys"
+ "smsmdd" "RDP Miniport" "Microsoft Corporation" "c:\windows\system32\drivers\smsmdm.sys"
+ "splitter" "Microsoft Kernel Audio Splitter" "Microsoft Corporation" "c:\windows\system32\drivers\splitter.sys"
+ "sr" "System Restore Filesystem Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sr.sys"
+ "Srv" "Srv" "Microsoft Corporation" "c:\windows\system32\drivers\srv.sys"
+ "STHDA" "IDT PC Audio TPE" "IDT, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "swenum" "Plug and Play Software Device Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\swenum.sys"
+ "swmidi" "Microsoft GS Wavetable Synthesizer" "Microsoft Corporation" "c:\windows\system32\drivers\swmidi.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "sysaudio" "System Audio WDM Filter" "Microsoft Corporation" "c:\windows\system32\drivers\sysaudio.sys"
+ "Tcpip" "TCP/IP Protocol Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tcpip.sys"
+ "TDPIPE" "Named Pipe Transport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tdpipe.sys"
+ "TDTCP" "TCP Transport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tdtcp.sys"
+ "TermDD" "Terminal Server Driver" "Microsoft Corporation" "c:\windows\system32\drivers\termdd.sys"
+ "Update" "Update Driver" "Microsoft Corporation" "c:\windows\system32\drivers\update.sys"
+ "usbehci" "EHCI eUSB Miniport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbehci.sys"
+ "usbhub" "Default Hub Driver for USB" "Microsoft Corporation" "c:\windows\system32\drivers\usbhub.sys"
+ "USBSTOR" "USB Mass Storage Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbstor.sys"
+ "VgaSave" "VGA/Super VGA Video Driver" "Microsoft Corporation" "c:\windows\system32\drivers\vga.sys"
+ "VolSnap" "Volume Shadow Copy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\volsnap.sys"
+ "Wanarp" "Remote Access IP ARP Driver" "Microsoft Corporation" "c:\windows\system32\drivers\wanarp.sys"
+ "Wdf01000" "Kernel Mode Driver Framework Runtime" "Microsoft Corporation" "c:\windows\system32\drivers\wdf01000.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "wdmaud" "MMSYSTEM Wave/Midi API mapper" "Microsoft Corporation" "c:\windows\system32\drivers\wdmaud.sys"
+ "WmiAcpi" "Windows Management Interface for ACPI" "Microsoft Corporation" "c:\windows\system32\drivers\wmiacpi.sys"
+ "WS2IFSL" "Winsock2 IFS Layer" "Microsoft Corporation" "c:\windows\system32\drivers\ws2ifsl.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "aux" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midi" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midi1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midimapper" "Microsoft MIDI Mapper" "Microsoft Corporation" "c:\windows\system32\midimap.dll"
+ "mixer" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "mixer1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.imaadpcm" "IMA ADPCM CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\imaadp32.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.msadpcm" "Microsoft ADPCM CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msadp32.acm"
+ "msacm.msaudio1" "Windows Media Audio" "Microsoft Corporation" "c:\windows\system32\msaud32.acm"
+ "msacm.msg711" "Microsoft CCITT G.711 (A-Law and u-Law) CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msg711.acm"
+ "msacm.msg723" "Microsoft G.723.1 CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msg723.acm"
+ "msacm.msgsm610" "Microsoft GSM 6.10 Audio CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msgsm32.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.I420" "Microsoft H.263 ICM Driver" "Microsoft Corporation" "c:\windows\system32\msh263.drv"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.iyuv" "Intel Indeo® Video YUV Codec" "Microsoft Corporation" "c:\windows\system32\iyuv_32.dll"
+ "vidc.M261" "Microsoft H.261 ICM Driver" "Microsoft Corporation" "c:\windows\system32\msh261.drv"
+ "vidc.M263" "Microsoft H.263 ICM Driver" "Microsoft Corporation" "c:\windows\system32\msh263.drv"
+ "vidc.mrle" "Microsoft RLE Compressor" "Microsoft Corporation" "c:\windows\system32\msrle32.dll"
+ "vidc.msvc" "Microsoft Video 1 Compressor" "Microsoft Corporation" "c:\windows\system32\msvidc32.dll"
+ "vidc.uyvy" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "vidc.yuy2" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "vidc.yvu9" "Toshiba Video Codec" "Microsoft Corporation" "c:\windows\system32\tsbyuv.dll"
+ "vidc.yvyu" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "wave" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "wave1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "wavemapper" "Microsoft Sound Mapper" "Microsoft Corporation" "c:\windows\system32\msacm32.drv"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ ".RAM Parser" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3 Parser Filter" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "ACM Wrapper" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ASF ACM Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF Animation Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF DIB Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF DJPEG Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF ICM Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF JPEG Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF URL Handler" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASX File Parser" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASX v.2 File Parser" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "AVI Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI Draw Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI mux" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "AVI Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI/WAV File Source" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Color Space Converter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Default Video Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "DV Muxer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DV Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DV Video Decoder" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DVD Navigator" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "File Source (Async.)" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File Source (URL)" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File stream renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File Writer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Full Screen Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "G.711 Codec" "Intel G711 CODEC" "Microsoft Corporation" "c:\windows\system32\g711codc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Infinite Pin Tee Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Internal Text Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Line 21 Decoder" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "Line 21 Decoder 2" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Microsoft MPEG-4 Video Decompressor" "Microsoft MPEG-4 Video Decompressor" "Microsoft Corporation" "c:\windows\system32\mpg4ds32.ax"
+ "Microsoft Screen Video Decompressor" "Microsoft Screen Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msscds32.ax"
+ "MIDI Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MJPEG Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG Audio Codec" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "MPEG Video Codec" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG-2 Demultiplexer" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "MPEG-2 Splitter" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "Mpeg-2 Video Stream Analysis" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "MPEG-I Stream Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Multi-file Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Nero Audio Source" "Nero Library" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Digital Audio Decoder" "Nero Digital Audio Decoding Filter" "Ahead Software AG and its licensors" "c:\program files\common files\ahead\dsfilter\neaudio.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 video decoder w/ DxVA" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero File Source" "Nero Library" "Ahead Software AG
 " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 video decoder w/ DxVA" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Source" "Nero Library" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeroDigital Parser" "NeroDigital file parser" "Ahead Software AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "NSC File Parser" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Null Renderer" "DirectShow Editing." "Microsoft Corporation" "c:\windows\system32\qedit.dll"
+ "Overlay Mixer" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "Overlay Mixer2" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "QT Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "QuickTime Movie Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SAMI (CC) Reader" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Sample Grabber" "DirectShow Editing." "Microsoft Corporation" "c:\windows\system32\qedit.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Smart Tee Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "StreamBufferSink" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "StreamBufferSource" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "VBI Surface Allocator" "VBI Surface Allocator Filter" "Microsoft Corporation" "c:\windows\system32\vbisurf.ax"
+ "VGA 16 color ditherer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Mixing Renderer 9" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Port Manager" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Wave Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Audio Decoder" "Windows Media Audio Decoder" "Microsoft Corporation" "c:\windows\system32\msadds32.ax"
+ "Windows Media Multiplexer" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media splitter" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media Update" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media URL File Source" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media Video Decoder" "Windows Media Video Decoder" "Microsoft Corporation" "c:\windows\system32\wmvds32.ax"
+ "Windows Media Video Decoder" "Windows Media Video Decoder V8" "Microsoft Corporation" "c:\windows\system32\wmv8ds32.ax"
+ "WM ASF Reader" "DirectShow ASF Support" "Microsoft Corporation" "c:\windows\system32\qasf.dll"
+ "WM ASF Writer" "DirectShow ASF Support" "Microsoft Corporation" "c:\windows\system32\qasf.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "World Standard Teletext Decoder" "WST Decoder Filter" "Microsoft Corporation" "c:\windows\system32\wstdecod.dll"
+ "XML-based ASX Parser" "Windows Media Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
"HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
+ "{0131BE10-2001-4C5F-A9B0-CC88FAB64CE8}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{114F5598-0B22-40A0-86A1-C83EA495ADBD}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1A34F5C1-4A5A-46DC-B644-1F4567E7A676}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{27949969-876A-41D7-9447-568F6A35A4DC}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{69BE8BB4-D66D-47C8-865A-ED1589433782}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{AC4CE3CB-E1C1-44CD-8215-5A1665509EC2}" "Windows Media Photo Codec" "Microsoft Corporation" "c:\windows\system32\wmphoto.dll"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{381DDA3C-9CE9-4834-A23E-1F98F8FC52BE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{389EA17B-5078-4CDE-B6EF-25C15175C751}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{6B462062-7CBF-400D-9FDB-813DD10F2778}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{9456A480-E88B-43EA-9E73-0B2D9B71B1CA}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{A26CEC36-234C-4950-AE16-E34AACE71D0D}" "Windows Media Photo Codec" "Microsoft Corporation" "c:\windows\system32\wmphoto.dll"
+ "{B54E85D9-FE23-499F-8B88-6ACEA713752B}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{C61BFCDF-2E0F-4AAD-A8D7-E06BAFEBCDFE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
+ "{00108226-EE41-44A2-9E9C-4BE4D5B1D2CD}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{076C2A6C-F78F-4C46-A723-3583E70876EA}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{122EC645-CD7E-44D8-B186-2C8C20C3B50F}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1249B20C-5DD0-44FE-B0B3-8F92C8E6D080}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1765E14E-1BD4-462E-B6B1-590BF1262AC6}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{22C21F93-7DDB-411C-9B17-C5B7BD064ABC}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{5C5C1935-0235-4434-80BC-251BC1EC39C6}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{6D68D1DE-D432-4B0F-923A-091183A9BDA7}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{7B19A919-A9D6-49E5-BD45-02C34E4E4CD5}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{8ADE5386-8E9B-4F4C-ACF2-F0008706B238}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{A09CCA86-27BA-4F39-9053-121FA4DC08FC}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{B1EBFC28-C9BD-47A2-8D33-B948769777A7}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{B5EBAFB9-253E-4A72-A744-0762D2685683}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{C9A14CDA-C339-460B-9078-D4DEBCFABE91}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{CB8C13E4-62B5-4C96-A48B-6BA6ACE39C76}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{D049B20C-5DD0-44FE-B0B3-8F92C8E6D080}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{ED822C8C-D6BE-4301-A631-0E1416BAD28F}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{EE366069-1832-420F-B381-0479AD066F19}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{F3C633A2-46C8-498E-8FBB-CC6F721BBCDE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\AutorunsDisabled\BootExecute" "" "" ""
X "autocheck autochk *" "Auto Check Utility" "Microsoft Corporation" "c:\windows\system32\autochk.exe"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" ""
X "Your Image File Name Here without a path" "Symbolic Debugger for Windows 2000" "Microsoft Corporation" "c:\windows\system32\ntsd.exe"
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls" "" "" ""
+ "advapi32" "Advanced Windows 32 Base API" "Microsoft Corporation" "c:\windows\system32\advapi32.dll"
+ "comdlg32" "Common Dialogs DLL" "Microsoft Corporation" "c:\windows\system32\comdlg32.dll"
+ "gdi32" "GDI Client DLL" "Microsoft Corporation" "c:\windows\system32\gdi32.dll"
+ "imagehlp" "Windows NT Image Helper" "Microsoft Corporation" "c:\windows\system32\imagehlp.dll"
+ "kernel32" "Windows NT BASE API Client DLL" "Microsoft Corporation" "c:\windows\system32\kernel32.dll"
+ "lz32" "LZ Expand/Compress API DLL" "Microsoft Corporation" "c:\windows\system32\lz32.dll"
+ "ole32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\ole32.dll"
+ "oleaut32" "" "Microsoft Corporation" "c:\windows\system32\oleaut32.dll"
+ "olecli32" "Object Linking and Embedding Client Library" "Microsoft Corporation" "c:\windows\system32\olecli32.dll"
+ "olecnv32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\olecnv32.dll"
+ "olesvr32" "Object Linking and Embedding Server Library" "Microsoft Corporation" "c:\windows\system32\olesvr32.dll"
+ "olethk32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\olethk32.dll"
+ "rpcrt4" "Remote Procedure Call Runtime" "Microsoft Corporation" "c:\windows\system32\rpcrt4.dll"
+ "shell32" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "url" "Internet Shortcut Shell Extension DLL" "Microsoft Corporation" "c:\windows\system32\url.dll"
+ "urlmon" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "user32" "Windows XP USER API Client DLL" "Microsoft Corporation" "c:\windows\system32\user32.dll"
+ "version" "Version Checking and File Installation Libraries" "Microsoft Corporation" "c:\windows\system32\version.dll"
+ "wininet" "Internet Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\wininet.dll"
+ "wldap32" "Win32 LDAP API DLL" "Microsoft Corporation" "c:\windows\system32\wldap32.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost" "" "" ""
+ "logonui.exe" "Windows Logon UI" "Microsoft Corporation" "c:\windows\system32\logonui.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "crypt32chain" "Crypto API32" "Microsoft Corporation" "c:\windows\system32\crypt32.dll"
+ "cryptnet" "Crypto Network Related API" "Microsoft Corporation" "c:\windows\system32\cryptnet.dll"
+ "cscdll" "Offline Network Agent" "Microsoft Corporation" "c:\windows\system32\cscdll.dll"
+ "dimsntfy" "DIMS Notification Handler" "Microsoft Corporation" "c:\windows\system32\dimsntfy.dll"
+ "FCAGWL" "McAfee DLP Endpoint Win Logon" "McAfee Inc." "c:\windows\system32\fcagwl.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "ScCertProp" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "Schedule" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "sclgntfy" "Secondary Logon Service Notification DLL" "Microsoft Corporation" "c:\windows\system32\sclgntfy.dll"
+ "SensLogn" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "termsrv" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "wlballoon" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\WINDOWS\system32\logon.scr" "Logon Screen Saver" "Microsoft Corporation" "c:\windows\system32\logon.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "000000000001" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000002" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000003" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000004" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000005" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000006" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000007" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000008" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000009" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000010" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000011" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000012" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000013" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000014" "Microsoft Windows Rsvp 1.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\rsvpsp.dll"
+ "000000000015" "Microsoft Windows Rsvp 1.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\rsvpsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "Network Location Awareness (NLA) Namespace" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "NTDS" "LDAP RnR Provider DLL" "Microsoft Corporation" "c:\windows\system32\winrnr.dll"
+ "Tcpip" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor" "Langage Monitor for Canon Bubble-Jet Printer" "Microsoft Corporation" "c:\windows\system32\cnbjmon.dll"
+ "Local Port" "Local Spooler DLL" "Microsoft Corporation" "c:\windows\system32\localspl.dll"
+ "Microsoft Document Imaging Writer Monitor" "Microsoft® Document Imaging" "Microsoft Corporation" "c:\windows\system32\mdimon.dll"
+ "PJL Language Monitor" "PJL Language monitor" "Microsoft Corporation" "c:\windows\system32\pjlmon.dll"
+ "PrimoMon" "" "" "c:\windows\system32\primomonnt.dll"
+ "Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Microsoft Corporation" "c:\windows\system32\tcpmon.dll"
+ "USB Monitor" "Standard Dynamic Printing Port Monitor DLL" "Microsoft Corporation" "c:\windows\system32\usbmon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" ""
+ "digest.dll" "Digest SSPI Authentication Package" "Microsoft Corporation" "c:\windows\system32\digest.dll"
+ "msapsspc.dll" "DPA Client for 32 bit platforms" "Microsoft Corporation" "c:\windows\system32\msapsspc.dll"
+ "msnsspc.dll" "MSN Internet Access" "Microsoft Corporation" "c:\windows\system32\msnsspc.dll"
+ "schannel.dll" "TLS / SSL Security Provider" "Microsoft Corporation" "c:\windows\system32\schannel.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
+ "msv1_0" "Microsoft Authentication Package v1.0" "Microsoft Corporation" "c:\windows\system32\msv1_0.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "scecli" "Windows Security Configuration Editor Client Engine" "Microsoft Corporation" "c:\windows\system32\scecli.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages" "" "" ""
+ "kerberos" "Kerberos Security Package" "Microsoft Corporation" "c:\windows\system32\kerberos.dll"
+ "msv1_0" "Microsoft Authentication Package v1.0" "Microsoft Corporation" "c:\windows\system32\msv1_0.dll"
+ "schannel" "TLS / SSL Security Provider" "Microsoft Corporation" "c:\windows\system32\schannel.dll"
+ "wdigest" "Microsoft Digest Access" "Microsoft Corporation" "c:\windows\system32\wdigest.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Broadcom 802.11 Wireless LAN Adapter Logon Provider" "" "File not found: C:\WINDOWS\System32\BCMLogon.dll"
+ "LanmanWorkstation" "Microsoft Windows Network" "Microsoft Corporation" "c:\windows\system32\ntlanman.dll"
+ "npnotes" "Lotus Notes Single Logon" "Lotus Development" "d:\lotus\notes\npnotes.dll"
+ "RDPNP" "Microsoft Terminal Services" "Microsoft Corporation" "c:\windows\system32\drprov.dll"
+ "WebClient" "Web Client Network" "Microsoft Corporation" "c:\windows\system32\davclnt.dll"


############################################################################


# AdwCleaner v2.115 - Logfile created 03/19/2013 at 13:03:05
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Admin - WXBGSF-IT-0484L
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Admin.WXBGSF-IT-0484L\My Documents\Install\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Alexa Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\Software\Alexa Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Alexa Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alexa Toolbar
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (bg)

-\\ Google Chrome v25.0.1364.172

-\\ Opera v12.11.1661.0

*************************

AdwCleaner[R1].txt - [5026 octets] - [06/03/2013 11:56:36]
AdwCleaner[R2].txt - [5145 octets] - [06/03/2013 11:58:05]
AdwCleaner[S1].txt - [369 octets] - [06/03/2013 11:57:25]
AdwCleaner[S2].txt - [369 octets] - [19/03/2013 11:35:14]
AdwCleaner[S3].txt - [4714 octets] - [19/03/2013 13:03:05]

########## EOF - C:\AdwCleaner[S3].txt - [4774 octets] ##########


Edited by pamir, 19 March 2013 - 06:58 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 19 March 2013 - 09:17 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#9 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 20 March 2013 - 03:02 AM

narenxp, I am very grateful to you for your expert help! Thanks a lot! 

 

Thinking about what tool actually removed the problem, may be it was the ESET Online Scanner, because after the scan the problem disappeared. The scan took more than 10 hours, but its worth.



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 20 March 2013 - 05:36 AM

:welcome:






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users