Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirection on Windows XP Machine


  • Please log in to reply
14 replies to this topic

#1 xaracomputers

xaracomputers

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 19 March 2013 - 12:16 PM

Mod edit:moved from XP to the Am I Infected forum ~~boopme

Hi there,
 
I am hoping you can help. We have a Windows XP machine that keeps redirecting search results to malicious websites. I have run a few virus scanners including TDSS which have all come back clean.
 
Any Advice would be appreciated. I have also opened another thread for a Windows 7 machine experiencing exactly the same problem. I am willing to rerun scans and post logs if need be.
 
Regards
 
Xara Computers


Edited by boopme, 19 March 2013 - 12:33 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 19 March 2013 - 12:31 PM

    

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 04:57 AM

1st half of TDSS Log:

 

 

08:51:09.0431 0796  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:51:09.0956 0796  ============================================================
08:51:09.0956 0796  Current date / time: 2013/03/20 08:51:09.0956
08:51:09.0956 0796  SystemInfo:
08:51:09.0956 0796  
08:51:09.0956 0796  OS Version: 5.1.2600 ServicePack: 3.0
08:51:09.0956 0796  Product type: Workstation
08:51:09.0956 0796  ComputerName: THORLT11
08:51:09.0956 0796  UserName: Administrator
08:51:09.0956 0796  Windows directory: C:\WINDOWS
08:51:09.0956 0796  System windows directory: C:\WINDOWS
08:51:09.0956 0796  Processor architecture: Intel x86
08:51:09.0956 0796  Number of processors: 2
08:51:09.0956 0796  Page size: 0x1000
08:51:09.0956 0796  Boot type: Normal boot
08:51:09.0956 0796  ============================================================
08:51:11.0409 0796  BG loaded
08:51:11.0950 0796  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:51:12.0027 0796  ============================================================
08:51:12.0027 0796  \Device\Harddisk0\DR0:
08:51:12.0027 0796  MBR partitions:
08:51:12.0027 0796  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3AD4F, BlocksNum 0x129D9EB1
08:51:12.0027 0796  ============================================================
08:51:12.0182 0796  C: <-> \Device\Harddisk0\DR0\Partition1
08:51:12.0182 0796  ============================================================
08:51:12.0182 0796  Initialize success
08:51:12.0182 0796  ============================================================
08:51:45.0715 3192  ============================================================
08:51:45.0715 3192  Scan started
08:51:45.0715 3192  Mode: Manual; SigCheck; TDLFS; 
08:51:45.0715 3192  ============================================================
08:51:47.0276 3192  ================ Scan system memory ========================
08:51:54.0091 3192  System memory - ok
08:51:54.0091 3192  ================ Scan services =============================
08:51:55.0466 3192  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
08:51:55.0744 3192  !SASCORE - ok
08:51:58.0263 3192  Abiosdsk - ok
08:51:58.0279 3192  abp480n5 - ok
08:51:58.0356 3192  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:51:58.0680 3192  ACPI - ok
08:51:58.0804 3192  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
08:51:59.0113 3192  ACPIEC - ok
08:51:59.0113 3192  adpu160m - ok
08:51:59.0329 3192  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
08:51:59.0546 3192  aec - ok
08:52:00.0040 3192  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
08:52:00.0210 3192  AFD - ok
08:52:00.0210 3192  Aha154x - ok
08:52:00.0210 3192  aic78u2 - ok
08:52:00.0226 3192  aic78xx - ok
08:52:00.0288 3192  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
08:52:00.0767 3192  Alerter - ok
08:52:00.0813 3192  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
08:52:00.0921 3192  ALG - ok
08:52:00.0937 3192  AliIde - ok
08:52:00.0937 3192  amsint - ok
08:52:01.0354 3192  [ D04C057ECCFA4DBFC1ABDA4256BA6F65 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
08:52:02.0250 3192  Amsp - ok
08:52:02.0652 3192  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
08:52:02.0945 3192  AppMgmt - ok
08:52:03.0301 3192  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:52:03.0502 3192  Arp1394 - ok
08:52:03.0502 3192  asc - ok
08:52:03.0517 3192  asc3350p - ok
08:52:03.0517 3192  asc3550 - ok
08:52:03.0934 3192  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:52:04.0089 3192  aspnet_state - ok
08:52:04.0151 3192  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:52:04.0352 3192  AsyncMac - ok
08:52:04.0383 3192  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
08:52:04.0583 3192  atapi - ok
08:52:04.0583 3192  Atdisk - ok
08:52:04.0908 3192  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:52:05.0109 3192  Atmarpc - ok
08:52:05.0217 3192  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
08:52:05.0619 3192  AudioSrv - ok
08:52:05.0851 3192  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
08:52:06.0160 3192  audstub - ok
08:52:06.0222 3192  [ 559DDDA2C88459478056174247706DEB ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:52:06.0361 3192  b57w2k - ok
08:52:06.0608 3192  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
08:52:07.0025 3192  Beep - ok
08:52:07.0334 3192  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
08:52:07.0612 3192  BITS - ok
08:52:07.0736 3192  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
08:52:07.0875 3192  Browser - ok
08:52:07.0983 3192  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
08:52:08.0277 3192  cbidf2k - ok
08:52:08.0277 3192  cd20xrnt - ok
08:52:08.0370 3192  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
08:52:08.0601 3192  Cdaudio - ok
08:52:08.0802 3192  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
08:52:09.0096 3192  Cdfs - ok
08:52:09.0204 3192  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:52:09.0729 3192  Cdrom - ok
08:52:09.0729 3192  cerc6 - ok
08:52:09.0745 3192  Changer - ok
08:52:09.0791 3192  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
08:52:10.0069 3192  CiSvc - ok
08:52:10.0100 3192  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
08:52:10.0502 3192  ClipSrv - ok
08:52:11.0275 3192  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:52:11.0383 3192  clr_optimization_v2.0.50727_32 - ok
08:52:11.0429 3192  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:52:11.0599 3192  clr_optimization_v4.0.30319_32 - ok
08:52:11.0661 3192  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:52:12.0016 3192  CmBatt - ok
08:52:12.0016 3192  CmdIde - ok
08:52:12.0078 3192  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:52:12.0233 3192  Compbatt - ok
08:52:12.0233 3192  COMSysApp - ok
08:52:12.0248 3192  Cpqarray - ok
08:52:12.0279 3192  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
08:52:12.0480 3192  CryptSvc - ok
08:52:12.0480 3192  dac2w2k - ok
08:52:12.0496 3192  dac960nt - ok
08:52:12.0573 3192  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
08:52:12.0727 3192  DcomLaunch - ok
08:52:12.0820 3192  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
08:52:13.0021 3192  Dhcp - ok
08:52:13.0067 3192  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
08:52:13.0284 3192  Disk - ok
08:52:13.0299 3192  dmadmin - ok
08:52:13.0361 3192  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
08:52:13.0639 3192  dmboot - ok
08:52:13.0685 3192  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
08:52:13.0886 3192  dmio - ok
08:52:13.0933 3192  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
08:52:14.0164 3192  dmload - ok
08:52:14.0195 3192  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
08:52:14.0412 3192  dmserver - ok
08:52:14.0443 3192  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
08:52:14.0674 3192  DMusic - ok
08:52:14.0721 3192  [ AA20A40BF05802B33D5979B9F99C1EF0 ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
08:52:15.0107 3192  DNE - ok
08:52:15.0153 3192  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
08:52:15.0215 3192  Dnscache - ok
08:52:15.0323 3192  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
08:52:15.0648 3192  Dot3svc - ok
08:52:15.0648 3192  dpti2o - ok
08:52:15.0694 3192  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
08:52:15.0818 3192  drmkaud - ok
08:52:15.0911 3192  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
08:52:16.0127 3192  EapHost - ok
08:52:16.0220 3192  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
08:52:16.0467 3192  ERSvc - ok
08:52:16.0513 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
08:52:16.0544 3192  Eventlog - ok
08:52:16.0606 3192  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
08:52:16.0699 3192  EventSystem - ok
08:52:16.0977 3192  [ DDEBCC0AA7BD3EB02ABCE6B3D8536DEA ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:52:17.0085 3192  EvtEng - ok
08:52:17.0162 3192  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
08:52:17.0379 3192  Fastfat - ok
08:52:17.0441 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:52:17.0580 3192  FastUserSwitchingCompatibility - ok
08:52:17.0672 3192  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
08:52:17.0873 3192  Fdc - ok
08:52:17.0997 3192  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
08:52:18.0321 3192  Fips - ok
08:52:18.0368 3192  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
08:52:18.0754 3192  Flpydisk - ok
08:52:18.0878 3192  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:52:19.0079 3192  FltMgr - ok
08:52:19.0171 3192  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:52:19.0295 3192  FontCache3.0.0.0 - ok
08:52:19.0341 3192  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:52:19.0589 3192  Fs_Rec - ok
08:52:19.0604 3192  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:52:19.0836 3192  Ftdisk - ok
08:52:19.0882 3192  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:52:20.0037 3192  Gpc - ok
08:52:20.0207 3192  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
08:52:20.0253 3192  gupdate - ok
08:52:20.0268 3192  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
08:52:20.0346 3192  gupdatem - ok
08:52:20.0454 3192  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:52:20.0655 3192  HDAudBus - ok
08:52:20.0794 3192  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:52:20.0995 3192  helpsvc - ok
08:52:20.0995 3192  HidServ - ok
08:52:21.0057 3192  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:52:21.0381 3192  HidUsb - ok
08:52:21.0427 3192  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
08:52:21.0690 3192  hkmsvc - ok
08:52:21.0706 3192  hpn - ok
08:52:21.0783 3192  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
08:52:21.0953 3192  HTTP - ok
08:52:22.0216 3192  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
08:52:22.0324 3192  HTTPFilter - ok
08:52:22.0339 3192  i2omgmt - ok
08:52:22.0339 3192  i2omp - ok
08:52:22.0463 3192  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:52:22.0679 3192  i8042prt - ok
08:52:23.0622 3192  [ C0255E6F43DBDE7F20637A039075318D ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
08:52:24.0657 3192  ialm - ok
08:52:24.0935 3192  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:52:25.0553 3192  idsvc - ok
08:52:25.0631 3192  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
08:52:25.0909 3192  Imapi - ok
08:52:26.0094 3192  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
08:52:26.0357 3192  ImapiService - ok
08:52:26.0373 3192  ini910u - ok
08:52:26.0542 3192  [ F5C70E41B19D33CC764998786AB74165 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
08:52:26.0790 3192  IntcHdmiAddService - ok
08:52:26.0790 3192  IntelIde - ok
08:52:26.0852 3192  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:52:27.0192 3192  intelppm - ok
08:52:27.0300 3192  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:52:27.0701 3192  Ip6Fw - ok
08:52:27.0794 3192  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:52:28.0057 3192  IpFilterDriver - ok
08:52:28.0103 3192  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:52:28.0273 3192  IpInIp - ok
08:52:28.0629 3192  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:52:28.0953 3192  IpNat - ok
08:52:29.0293 3192  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:52:29.0571 3192  IPSec - ok
08:52:29.0757 3192  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
08:52:30.0035 3192  IRENUM - ok
08:52:30.0112 3192  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:52:30.0329 3192  isapnp - ok
08:52:30.0869 3192  [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:52:30.0962 3192  JavaQuickStarterService - ok
08:52:31.0132 3192  [ 8645A43D99194E97D3C597B4EBCF364D ] KAPFA           C:\WINDOWS\system32\drivers\KAPFA.SYS
08:52:31.0194 3192  KAPFA ( UnsignedFile.Multi.Generic ) - warning
08:52:31.0194 3192  KAPFA - detected UnsignedFile.Multi.Generic (1)
08:52:31.0611 3192  [ 8B21704F4F3D5943EFE169DC3F13B695 ] KaseyaAgent     C:\Program Files\Kaseya\Agent\AgentMon.exe
08:52:31.0951 3192  KaseyaAgent ( UnsignedFile.Multi.Generic ) - warning
08:52:31.0951 3192  KaseyaAgent - detected UnsignedFile.Multi.Generic (1)
08:52:32.0138 3192  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:52:32.0465 3192  Kbdclass - ok
08:52:32.0620 3192  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
08:52:33.0009 3192  kmixer - ok
08:52:33.0072 3192  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
08:52:33.0243 3192  KSecDD - ok
08:52:33.0336 3192  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
08:52:33.0523 3192  LanmanServer - ok
08:52:33.0632 3192  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:52:33.0772 3192  lanmanworkstation - ok
08:52:33.0787 3192  lbrtfdc - ok
08:52:33.0881 3192  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
08:52:34.0192 3192  LmHosts - ok
08:52:34.0550 3192  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
08:52:34.0752 3192  MDM ( UnsignedFile.Multi.Generic ) - warning
08:52:34.0752 3192  MDM - detected UnsignedFile.Multi.Generic (1)
08:52:34.0799 3192  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
08:52:34.0986 3192  Messenger - ok
08:52:35.0032 3192  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
08:52:35.0235 3192  mnmdd - ok
08:52:35.0297 3192  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
08:52:35.0484 3192  mnmsrvc - ok
08:52:35.0531 3192  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
08:52:35.0702 3192  Modem - ok
08:52:35.0935 3192  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:52:36.0137 3192  Mouclass - ok
08:52:36.0184 3192  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:52:36.0464 3192  mouhid - ok
08:52:36.0495 3192  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
08:52:36.0760 3192  MountMgr - ok
08:52:36.0760 3192  mraid35x - ok
08:52:37.0040 3192  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:52:37.0165 3192  MRxDAV - ok
08:52:37.0227 3192  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:52:37.0289 3192  MRxSmb - ok
08:52:37.0320 3192  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
08:52:37.0445 3192  MSDTC - ok
08:52:37.0491 3192  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
08:52:37.0632 3192  Msfs - ok
08:52:37.0632 3192  MSIServer - ok
08:52:37.0694 3192  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:52:37.0818 3192  MSKSSRV - ok
08:52:37.0849 3192  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:52:37.0989 3192  MSPCLOCK - ok
08:52:38.0052 3192  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
08:52:38.0207 3192  MSPQM - ok
08:52:38.0238 3192  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:52:38.0394 3192  mssmbios - ok
08:52:38.0503 3192  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
08:52:38.0814 3192  Mup - ok
08:52:39.0094 3192  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
08:52:39.0359 3192  napagent - ok
08:52:39.0515 3192  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
08:52:39.0779 3192  NDIS - ok
08:52:39.0935 3192  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:52:40.0044 3192  NdisTapi - ok
08:52:40.0122 3192  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:52:40.0231 3192  Ndisuio - ok
08:52:40.0293 3192  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:52:40.0448 3192  NdisWan - ok
08:52:40.0495 3192  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
08:52:40.0526 3192  NDProxy - ok
08:52:40.0573 3192  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
08:52:40.0946 3192  NetBIOS - ok
08:52:40.0993 3192  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
08:52:41.0118 3192  NetBT - ok
08:52:41.0164 3192  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
08:52:41.0413 3192  NetDDE - ok
08:52:41.0476 3192  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
08:52:41.0600 3192  NetDDEdsdm - ok
08:52:41.0647 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
08:52:41.0771 3192  Netlogon - ok
08:52:41.0802 3192  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
08:52:41.0927 3192  Netman - ok
08:52:41.0958 3192  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:52:41.0989 3192  NetTcpPortSharing - ok
08:52:42.0363 3192  [ B523D4D55AA6F15E4C4DE1A6107CD149 ] NETwNx32        C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
08:52:42.0612 3192  NETwNx32 - ok
08:52:42.0658 3192  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:52:42.0798 3192  NIC1394 - ok
08:52:42.0830 3192  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
08:52:42.0861 3192  Nla - ok
08:52:42.0907 3192  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
08:52:43.0047 3192  Npfs - ok
08:52:43.0063 3192  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
08:52:43.0234 3192  Ntfs - ok
08:52:43.0265 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
08:52:43.0390 3192  NtLmSsp - ok
08:52:43.0514 3192  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
08:52:43.0919 3192  NtmsSvc - ok
08:52:43.0997 3192  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
08:52:44.0152 3192  Null - ok
08:52:44.0215 3192  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:52:44.0355 3192  NwlnkFlt - ok
08:52:44.0355 3192  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:52:44.0464 3192  NwlnkFwd - ok
08:52:44.0557 3192  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:52:44.0573 3192  odserv - ok
08:52:44.0604 3192  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:52:44.0713 3192  ohci1394 - ok
08:52:44.0728 3192  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:52:44.0759 3192  ose - ok
08:52:44.0791 3192  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
08:52:44.0900 3192  Parport - ok
08:52:44.0915 3192  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
08:52:45.0024 3192  PartMgr - ok
08:52:45.0055 3192  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
08:52:45.0180 3192  ParVdm - ok
08:52:45.0226 3192  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
08:52:45.0351 3192  PCI - ok
08:52:45.0351 3192  PCIDump - ok
08:52:45.0366 3192  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
08:52:45.0491 3192  PCIIde - ok
08:52:45.0553 3192  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
08:52:45.0678 3192  Pcmcia - ok
08:52:45.0678 3192  PDCOMP - ok
08:52:45.0693 3192  PDFRAME - ok
08:52:45.0693 3192  PDRELI - ok
08:52:45.0709 3192  PDRFRAME - ok
08:52:45.0709 3192  perc2 - ok
08:52:45.0724 3192  perc2hib - ok
08:52:45.0740 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
08:52:45.0755 3192  PlugPlay - ok
08:52:45.0771 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
08:52:45.0864 3192  PolicyAgent - ok
08:52:45.0880 3192  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:52:46.0020 3192  PptpMiniport - ok
08:52:46.0020 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:52:46.0145 3192  ProtectedStorage - ok
08:52:46.0145 3192  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
08:52:46.0269 3192  PSched - ok
08:52:46.0269 3192  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:52:46.0394 3192  Ptilink - ok
08:52:46.0394 3192  ql1080 - ok
08:52:46.0394 3192  Ql10wnt - ok
08:52:46.0409 3192  ql12160 - ok
08:52:46.0409 3192  ql1240 - ok
08:52:46.0409 3192  ql1280 - ok
08:52:46.0456 3192  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:52:46.0549 3192  RasAcd - ok
08:52:46.0596 3192  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
08:52:46.0720 3192  RasAuto - ok
08:52:46.0736 3192  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:52:46.0845 3192  Rasl2tp - ok
08:52:46.0860 3192  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
08:52:46.0954 3192  RasMan - ok
08:52:46.0969 3192  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:52:47.0094 3192  RasPppoe - ok
08:52:47.0094 3192  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
08:52:47.0203 3192  Raspti - ok
08:52:47.0218 3192  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:52:47.0327 3192  Rdbss - ok
08:52:47.0358 3192  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:52:47.0452 3192  RDPCDD - ok
08:52:47.0499 3192  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:52:47.0623 3192  rdpdr - ok
08:52:47.0654 3192  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
08:52:47.0701 3192  RDPWD - ok
08:52:47.0748 3192  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
08:52:47.0872 3192  RDSessMgr - ok
08:52:47.0919 3192  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
08:52:48.0059 3192  redbook - ok
08:52:48.0246 3192  [ 5608ED3957105BC14E3C426BB27AC5A1 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:52:48.0355 3192  RegSrvc - ok
08:52:48.0386 3192  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
08:52:48.0557 3192  RemoteAccess - ok
08:52:48.0588 3192  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
08:52:48.0744 3192  RemoteRegistry - ok
08:52:48.0775 3192  [ EA885E7A56F1BE1F14C372337C42FE48 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
08:52:48.0821 3192  rimmptsk - ok
08:52:48.0853 3192  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
08:52:49.0428 3192  RpcLocator - ok
08:52:49.0459 3192  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
08:52:49.0522 3192  RpcSs - ok
08:52:49.0615 3192  [ 162037DE94C44B45326CEF4EB2999077 ] RSMWebServer    C:\Program Files\N-able Technologies\NRM\RSMWinService.exe
08:52:49.0677 3192  RSMWebServer ( UnsignedFile.Multi.Generic ) - warning
08:52:49.0677 3192  RSMWebServer - detected UnsignedFile.Multi.Generic (1)
08:52:49.0708 3192  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
08:52:49.0958 3192  RSVP - ok
08:52:50.0035 3192  [ B67D13453F33F569BA6CAB45447AD724 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
08:52:50.0129 3192  S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
08:52:50.0129 3192  S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
08:52:50.0175 3192  [ 27FC71DA659305E260ACBDA15A318399 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
08:52:50.0238 3192  s24trans ( UnsignedFile.Multi.Generic ) - warning
08:52:50.0238 3192  s24trans - detected UnsignedFile.Multi.Generic (1)
08:52:50.0253 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
08:52:50.0347 3192  SamSs - ok
08:52:50.0378 3192  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:52:50.0409 3192  SASDIFSV - ok
08:52:50.0440 3192  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:52:50.0456 3192  SASKUTIL - ok
08:52:50.0487 3192  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
08:52:50.0642 3192  SCardSvr - ok
08:52:50.0673 3192  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
08:52:50.0829 3192  Schedule - ok
08:52:50.0829 3192  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
08:52:50.0969 3192  sdbus - ok
08:52:50.0985 3192  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:52:51.0047 3192  Secdrv - ok
08:52:51.0078 3192  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
08:52:51.0187 3192  seclogon - ok
08:52:51.0187 3192  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
08:52:51.0327 3192  SENS - ok
08:52:51.0343 3192  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
08:52:51.0436 3192  serenum - ok
08:52:51.0452 3192  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
08:52:51.0561 3192  Serial - ok
08:52:51.0607 3192  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
08:52:51.0716 3192  Sfloppy - ok
08:52:51.0747 3192  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
08:52:51.0856 3192  SharedAccess - ok
08:52:51.0872 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:52:51.0903 3192  ShellHWDetection - ok
08:52:51.0903 3192  Simbad - ok
08:52:51.0903 3192  Sparrow - ok
08:52:51.0965 3192  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
08:52:52.0074 3192  splitter - ok
08:52:52.0121 3192  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
08:52:52.0183 3192  Spooler - ok
08:52:52.0261 3192  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
08:52:52.0416 3192  sr - ok
08:52:52.0448 3192  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
08:52:52.0494 3192  srservice - ok
08:52:52.0665 3192  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
08:52:52.0712 3192  Srv - ok
08:52:52.0774 3192  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
08:52:52.0852 3192  SSDPSRV - ok
08:52:52.0899 3192  [ F70AB08582E06A8BDA3E470592D1A394 ] STacSV          C:\WINDOWS\system32\STacSV.exe
08:52:52.0914 3192  STacSV - ok
08:52:52.0961 3192  [ 146FAC5D70C235CACEBEFF21B67651BA ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
08:52:53.0055 3192  STHDA - ok
08:52:53.0101 3192  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
08:52:53.0304 3192  stisvc - ok
08:52:53.0319 3192  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
08:52:53.0444 3192  swenum - ok
08:52:53.0490 3192  [ 4C6437AAC8938AA1BF887ADA11B88A5D ] SWGVCSvc        C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
08:52:53.0537 3192  SWGVCSvc - ok
08:52:53.0568 3192  [ DFE5F8341D050B97E811B2B903589344 ] SWIPsec         C:\WINDOWS\system32\Drivers\SWIPsec.sys
08:52:53.0599 3192  SWIPsec - ok
08:52:53.0630 3192  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
08:52:53.0770 3192  swmidi - ok
08:52:53.0786 3192  SwPrv - ok
08:52:53.0802 3192  [ 962B13026B10B82D2874BFDA4ECC048D ] SWVNIC          C:\WINDOWS\system32\DRIVERS\swvnic.sys
08:52:53.0833 3192  SWVNIC - ok
08:52:53.0833 3192  symc810 - ok
08:52:53.0848 3192  symc8xx - ok
08:52:53.0848 3192  sym_hi - ok
08:52:53.0848 3192  sym_u3 - ok
08:52:53.0879 3192  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
08:52:53.0988 3192  sysaudio - ok
08:52:54.0035 3192  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
08:52:54.0144 3192  SysmonLog - ok
08:52:54.0175 3192  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
08:52:54.0284 3192  TapiSrv - ok
08:52:54.0315 3192  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:52:54.0346 3192  Tcpip - ok
08:52:54.0393 3192  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
08:52:54.0486 3192  TDPIPE - ok
08:52:54.0502 3192  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
08:52:54.0611 3192  TDTCP - ok
08:52:54.0626 3192  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
08:52:54.0735 3192  TermDD - ok
08:52:54.0751 3192  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
08:52:54.0875 3192  TermService - ok
08:52:54.0891 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
08:52:54.0907 3192  Themes - ok
08:52:54.0938 3192  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
08:52:54.0984 3192  TlntSvr - ok
08:52:55.0031 3192  [ 39CFB66854B304B0F41C9C39F51700FE ] tmactmon        C:\WINDOWS\system32\DRIVERS\tmactmon.sys
08:52:55.0047 3192  tmactmon - ok
08:52:55.0078 3192  [ B17A44B3F65BCA352C67EC78F641D901 ] tmcomm          C:\WINDOWS\system32\DRIVERS\tmcomm.sys
08:52:55.0093 3192  tmcomm - ok
08:52:55.0093 3192  [ 88BDD265B0A455CDE98FCD213D0595C5 ] tmevtmgr        C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
08:52:55.0109 3192  tmevtmgr - ok
08:52:55.0187 3192  [ 11D9644F93FFF9E0AA954D7F69BE0525 ] TmListen        C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
08:52:55.0218 3192  TmListen - ok
08:52:55.0265 3192  [ 69BF24E2871088115F422D6C7F41C400 ] tmtdi           C:\WINDOWS\system32\DRIVERS\tmtdi.sys
08:52:55.0280 3192  tmtdi - ok
08:52:55.0280 3192  TosIde - ok
08:52:55.0296 3192  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
08:52:55.0420 3192  TrkWks - ok
08:52:55.0451 3192  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
08:52:55.0607 3192  Udfs - ok
08:52:55.0622 3192  ultra - ok
08:52:55.0654 3192  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
08:52:55.0794 3192  Update - ok
08:52:55.0809 3192  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
08:52:55.0903 3192  upnphost - ok
08:52:55.0918 3192  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
08:52:56.0058 3192  UPS - ok
08:52:56.0105 3192  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:52:56.0229 3192  usbccgp - ok
08:52:56.0245 3192  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:52:56.0401 3192  usbehci - ok
08:52:56.0432 3192  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:52:56.0572 3192  usbhub - ok
08:52:56.0603 3192  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:52:56.0743 3192  USBSTOR - ok
08:52:56.0759 3192  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:52:56.0852 3192  usbuhci - ok
08:52:56.0976 3192  [ B840C0D1A043BD4F3D98EE0C8BD8DE72 ] uvnc_service    C:\Program Files\UltraVNC\WinVNC.exe
08:52:57.0039 3192  uvnc_service - ok
08:52:57.0054 3192  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
08:52:57.0179 3192  VgaSave - ok
08:52:57.0179 3192  ViaIde - ok
08:52:57.0210 3192  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
08:52:57.0319 3192  VolSnap - ok
08:52:57.0366 3192  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
08:52:57.0459 3192  VSS - ok
08:52:57.0506 3192  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
08:52:57.0646 3192  W32Time - ok
08:52:57.0661 3192  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:52:57.0801 3192  Wanarp - ok
08:52:57.0801 3192  WDICA - ok
08:52:57.0848 3192  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
08:52:57.0941 3192  wdmaud - ok
08:52:57.0957 3192  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
08:52:58.0066 3192  WebClient - ok
08:52:58.0144 3192  [ F493BA99E59DB7740064A55FC44014A5 ] Windows Agent Maintenance Service C:\Program Files\N-able Technologies\Windows Agent\bin\AgentMaint.exe
08:52:58.0175 3192  Windows Agent Maintenance Service ( UnsignedFile.Multi.Generic ) - warning
08:52:58.0175 3192  Windows Agent Maintenance Service - detected UnsignedFile.Multi.Generic (1)
08:52:58.0206 3192  [ 377FBC245B3BCD71E4B8637889B9D797 ] Windows Agent Service C:\Program Files\N-able Technologies\Windows Agent\bin\agent.exe
08:52:58.0253 3192  Windows Agent Service ( UnsignedFile.Multi.Generic ) - warning
08:52:58.0253 3192  Windows Agent Service - detected UnsignedFile.Multi.Generic (1)
08:52:58.0346 3192  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
08:52:58.0455 3192  winmgmt - ok
08:52:58.0533 3192  [ 9AA00D6092C46E59376153A3A4104D18 ] WinVNC4         C:\Program Files\RealVNC\VNC4\WinVNC4.exe
08:52:58.0548 3192  WinVNC4 ( UnsignedFile.Multi.Generic ) - warning
08:52:58.0548 3192  WinVNC4 - detected UnsignedFile.Multi.Generic (1)
08:52:58.0595 3192  [ 2585A858D6E359AC6C4CDF4D63A371E7 ] WLANKEEPER      C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
08:52:58.0720 3192  WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
08:52:58.0720 3192  WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
08:52:58.0751 3192  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
08:52:58.0875 3192  WmdmPmSN - ok
08:52:58.0922 3192  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
08:52:58.0984 3192  Wmi - ok
08:52:59.0000 3192  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
08:52:59.0109 3192  WmiAcpi - ok
08:52:59.0155 3192  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:52:59.0311 3192  WmiApSrv - ok
08:52:59.0404 3192  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:52:59.0435 3192  WPFFontCache_v0400 - ok
08:52:59.0482 3192  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
08:52:59.0591 3192  wscsvc - ok
08:52:59.0607 3192  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
08:52:59.0747 3192  wuauserv - ok
08:52:59.0778 3192  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
08:52:59.0949 3192  WZCSVC - ok
08:53:00.0042 3192  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
08:53:00.0245 3192  xmlprov - ok
08:53:00.0245 3192  ================ Scan global ===============================
08:53:00.0291 3192  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:53:00.0416 3192  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:53:00.0572 3192  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:53:00.0587 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:53:00.0603 3192  [Global] - ok
08:53:00.0603 3192  ================ Scan MBR ==================================
08:53:00.0618 3192  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:53:00.0976 3192  \Device\Harddisk0\DR0 - ok
08:53:00.0976 3192  ================ Scan VBR ==================================
08:53:00.0992 3192  [ EDEADE5C86806C2A4063BBAF2E2B0000 ] \Device\Harddisk0\DR0\Partition1
08:53:00.0992 3192  \Device\Harddisk0\DR0\Partition1 - ok
08:53:00.0992 3192  ================ Scan active images ========================
08:53:00.0992 3192  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
08:53:00.0992 3192  C:\WINDOWS\system32\drivers\videoprt.sys - ok
08:53:00.0992 3192  [ C0255E6F43DBDE7F20637A039075318D ] C:\WINDOWS\system32\drivers\igxpmp32.sys
08:53:00.0992 3192  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
08:53:00.0992 3192  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
08:53:00.0992 3192  C:\WINDOWS\system32\drivers\usbport.sys - ok
08:53:00.0992 3192  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
08:53:00.0992 3192  C:\WINDOWS\system32\drivers\usbehci.sys - ok
08:53:01.0007 3192  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
08:53:01.0007 3192  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
08:53:01.0007 3192  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
08:53:01.0007 3192  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
08:53:01.0007 3192  [ B523D4D55AA6F15E4C4DE1A6107CD149 ] C:\WINDOWS\system32\drivers\NETwNx32.sys
08:53:01.0007 3192  C:\WINDOWS\system32\drivers\NETwNx32.sys - ok
08:53:01.0007 3192  [ 559DDDA2C88459478056174247706DEB ] C:\WINDOWS\system32\drivers\b57xp32.sys
08:53:01.0007 3192  C:\WINDOWS\system32\drivers\b57xp32.sys - ok
08:53:01.0023 3192  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
08:53:01.0023 3192  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
08:53:01.0023 3192  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
08:53:01.0023 3192  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
08:53:01.0023 3192  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
08:53:01.0023 3192  C:\WINDOWS\system32\drivers\mouclass.sys - ok
08:53:01.0038 3192  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
08:53:01.0038 3192  C:\WINDOWS\system32\drivers\nic1394.sys - ok
08:53:01.0038 3192  [ EA885E7A56F1BE1F14C372337C42FE48 ] C:\WINDOWS\system32\drivers\rimmptsk.sys
08:53:01.0038 3192  C:\WINDOWS\system32\drivers\rimmptsk.sys - ok
08:53:01.0054 3192  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys
08:53:01.0054 3192  C:\WINDOWS\system32\drivers\sdbus.sys - ok
08:53:01.0054 3192  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
08:53:01.0054 3192  C:\WINDOWS\system32\drivers\serial.sys - ok
08:53:01.0054 3192  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
08:53:01.0054 3192  C:\WINDOWS\system32\drivers\cdrom.sys - ok
08:53:01.0054 3192  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
08:53:01.0054 3192  C:\WINDOWS\system32\drivers\imapi.sys - ok
08:53:01.0070 3192  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
08:53:01.0070 3192  C:\WINDOWS\system32\drivers\ks.sys - ok
08:53:01.0070 3192  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
08:53:01.0070 3192  C:\WINDOWS\system32\drivers\serenum.sys - ok
08:53:01.0070 3192  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\CmBatt.sys
08:53:01.0070 3192  C:\WINDOWS\system32\drivers\CmBatt.sys - ok
08:53:01.0070 3192  [ AA20A40BF05802B33D5979B9F99C1EF0 ] C:\WINDOWS\system32\drivers\dne2000.sys
08:53:01.0070 3192  C:\WINDOWS\system32\drivers\dne2000.sys - ok
08:53:01.0085 3192  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
08:53:01.0085 3192  C:\WINDOWS\system32\drivers\intelppm.sys - ok
08:53:01.0085 3192  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
08:53:01.0085 3192  C:\WINDOWS\system32\drivers\redbook.sys - ok
08:53:01.0085 3192  [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
08:53:01.0085 3192  C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
08:53:01.0085 3192  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
08:53:01.0085 3192  C:\WINDOWS\system32\drivers\audstub.sys - ok
08:53:01.0085 3192  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
08:53:01.0085 3192  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
08:53:01.0101 3192  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
08:53:01.0101 3192  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
08:53:01.0116 3192  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
08:53:01.0116 3192  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
08:53:01.0116 3192  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
08:53:01.0116 3192  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
08:53:01.0116 3192  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
08:53:01.0116 3192  C:\WINDOWS\system32\drivers\raspptp.sys - ok
08:53:01.0132 3192  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
08:53:01.0132 3192  C:\WINDOWS\system32\drivers\tdi.sys - ok
08:53:01.0132 3192  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
08:53:01.0132 3192  C:\WINDOWS\system32\drivers\msgpc.sys - ok
08:53:01.0132 3192  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
08:53:01.0132 3192  C:\WINDOWS\system32\drivers\psched.sys - ok
08:53:01.0132 3192  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
08:53:01.0132 3192  C:\WINDOWS\system32\drivers\ptilink.sys - ok
08:53:01.0147 3192  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
08:53:01.0147 3192  C:\WINDOWS\system32\drivers\raspti.sys - ok
08:53:01.0147 3192  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
08:53:01.0147 3192  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
08:53:01.0147 3192  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
08:53:01.0147 3192  C:\WINDOWS\system32\drivers\swenum.sys - ok
08:53:01.0147 3192  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
08:53:01.0147 3192  C:\WINDOWS\system32\drivers\termdd.sys - ok
08:53:01.0147 3192  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
08:53:01.0147 3192  C:\WINDOWS\system32\drivers\update.sys - ok
08:53:01.0163 3192  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
08:53:01.0163 3192  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
08:53:01.0163 3192  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
08:53:01.0163 3192  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
08:53:01.0163 3192  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
08:53:01.0163 3192  C:\WINDOWS\system32\drivers\usbd.sys - ok
08:53:01.0163 3192  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
08:53:01.0163 3192  C:\WINDOWS\system32\drivers\usbhub.sys - ok
08:53:01.0179 3192  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
08:53:01.0179 3192  C:\WINDOWS\system32\drivers\drmk.sys - ok
08:53:01.0179 3192  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
08:53:01.0179 3192  C:\WINDOWS\system32\drivers\portcls.sys - ok
08:53:01.0179 3192  [ 146FAC5D70C235CACEBEFF21B67651BA ] C:\WINDOWS\system32\drivers\sthda.sys
08:53:01.0179 3192  C:\WINDOWS\system32\drivers\sthda.sys - ok
08:53:01.0179 3192  [ F5C70E41B19D33CC764998786AB74165 ] C:\WINDOWS\system32\drivers\IntcHdmi.sys
08:53:01.0179 3192  C:\WINDOWS\system32\drivers\IntcHdmi.sys - ok
08:53:01.0179 3192  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
08:53:01.0179 3192  C:\WINDOWS\system32\drivers\fdc.sys - ok
08:53:01.0194 3192  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
08:53:01.0194 3192  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
08:53:01.0194 3192  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
08:53:01.0194 3192  C:\WINDOWS\system32\drivers\beep.sys - ok
08:53:01.0194 3192  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
08:53:01.0194 3192  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
08:53:01.0194 3192  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
08:53:01.0194 3192  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
08:53:01.0194 3192  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
08:53:01.0194 3192  C:\WINDOWS\system32\drivers\null.sys - ok
08:53:01.0210 3192  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
08:53:01.0210 3192  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
08:53:01.0210 3192  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
08:53:01.0210 3192  C:\WINDOWS\system32\drivers\vga.sys - ok
08:53:01.0210 3192  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
08:53:01.0210 3192  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
08:53:01.0210 3192  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
08:53:01.0210 3192  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
08:53:01.0225 3192  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
08:53:01.0225 3192  C:\WINDOWS\system32\drivers\msfs.sys - ok
08:53:01.0225 3192  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
08:53:01.0225 3192  C:\WINDOWS\system32\drivers\ipsec.sys - ok
08:53:01.0225 3192  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
08:53:01.0225 3192  C:\WINDOWS\system32\drivers\npfs.sys - ok
08:53:01.0225 3192  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
08:53:01.0225 3192  C:\WINDOWS\system32\drivers\rasacd.sys - ok
08:53:01.0225 3192  [ DFE5F8341D050B97E811B2B903589344 ] C:\WINDOWS\system32\drivers\SWIPsec.sys
08:53:01.0225 3192  C:\WINDOWS\system32\drivers\SWIPsec.sys - ok
08:53:01.0241 3192  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
08:53:01.0241 3192  C:\WINDOWS\system32\drivers\tcpip.sys - ok
08:53:01.0241 3192  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
08:53:01.0241 3192  C:\WINDOWS\system32\drivers\ipnat.sys - ok
08:53:01.0241 3192  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
08:53:01.0241 3192  C:\WINDOWS\system32\drivers\netbt.sys - ok
08:53:01.0241 3192  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
08:53:01.0241 3192  C:\WINDOWS\system32\drivers\afd.sys - ok
08:53:01.0241 3192  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
08:53:01.0241 3192  C:\WINDOWS\system32\drivers\netbios.sys - ok
08:53:01.0256 3192  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
08:53:01.0256 3192  C:\WINDOWS\system32\drivers\wanarp.sys - ok
08:53:01.0256 3192  [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:53:01.0256 3192  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
08:53:01.0256 3192  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
08:53:01.0256 3192  C:\WINDOWS\system32\drivers\arp1394.sys - ok
08:53:01.0256 3192  [ 69BF24E2871088115F422D6C7F41C400 ] C:\WINDOWS\system32\drivers\tmtdi.sys
08:53:01.0256 3192  C:\WINDOWS\system32\drivers\tmtdi.sys - ok
08:53:01.0272 3192  [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
08:53:01.0272 3192  C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
08:53:01.0272 3192  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
08:53:01.0272 3192  C:\WINDOWS\system32\drivers\rdbss.sys - ok
08:53:01.0272 3192  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
08:53:01.0272 3192  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
08:53:01.0272 3192  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
08:53:01.0272 3192  C:\WINDOWS\system32\drivers\fips.sys - ok
08:53:01.0272 3192  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
08:53:01.0272 3192  C:\WINDOWS\system32\smss.exe - ok
08:53:01.0287 3192  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
08:53:01.0287 3192  C:\WINDOWS\system32\ntdll.dll - ok
08:53:01.0287 3192  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
08:53:01.0287 3192  C:\WINDOWS\system32\autochk.exe - ok
08:53:01.0287 3192  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
08:53:01.0287 3192  C:\WINDOWS\system32\drivers\hidclass.sys - ok
08:53:01.0287 3192  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
08:53:01.0287 3192  C:\WINDOWS\system32\drivers\hidparse.sys - ok
08:53:01.0287 3192  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
08:53:01.0287 3192  C:\WINDOWS\system32\drivers\hidusb.sys - ok
08:53:01.0303 3192  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
08:53:01.0303 3192  C:\WINDOWS\system32\sfcfiles.dll - ok
08:53:01.0303 3192  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
08:53:01.0303 3192  C:\WINDOWS\system32\drivers\cdfs.sys - ok
08:53:01.0303 3192  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
08:53:01.0303 3192  C:\WINDOWS\system32\drivers\mouhid.sys - ok
08:53:01.0303 3192  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
08:53:01.0303 3192  C:\WINDOWS\system32\drivers\wmilib.sys - ok
08:53:01.0319 3192  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
08:53:01.0319 3192  C:\WINDOWS\system32\drivers\atapi.sys - ok
08:53:01.0319 3192  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
08:53:01.0319 3192  C:\WINDOWS\system32\drivers\dxapi.sys - ok
08:53:01.0319 3192  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
08:53:01.0319 3192  C:\WINDOWS\system32\watchdog.sys - ok
08:53:01.0319 3192  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
08:53:01.0319 3192  C:\WINDOWS\system32\win32k.sys - ok
08:53:01.0319 3192  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:53:01.0334 3192  C:\WINDOWS\system32\basesrv.dll - ok
08:53:01.0334 3192  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
08:53:01.0334 3192  C:\WINDOWS\system32\csrsrv.dll - ok
08:53:01.0334 3192  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
08:53:01.0334 3192  C:\WINDOWS\system32\csrss.exe - ok
08:53:01.0334 3192  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:53:01.0334 3192  C:\WINDOWS\system32\winsrv.dll - ok
08:53:01.0334 3192  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
08:53:01.0334 3192  C:\WINDOWS\system32\gdi32.dll - ok
08:53:01.0350 3192  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
08:53:01.0350 3192  C:\WINDOWS\system32\kernel32.dll - ok
08:53:01.0350 3192  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
08:53:01.0350 3192  C:\WINDOWS\system32\user32.dll - ok
08:53:01.0350 3192  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
08:53:01.0350 3192  C:\WINDOWS\system32\drivers\dxg.sys - ok
08:53:01.0350 3192  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
08:53:01.0350 3192  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
08:53:01.0350 3192  [ 3EC2D49D1AA25BAD0422022040365EBF ] C:\WINDOWS\system32\igxpgd32.dll
08:53:01.0350 3192  C:\WINDOWS\system32\igxpgd32.dll - ok
08:53:01.0365 3192  [ 5AD0F34A8C07B761ACDB738E5E6A507E ] C:\WINDOWS\system32\igxprd32.dll
08:53:01.0365 3192  C:\WINDOWS\system32\igxprd32.dll - ok
08:53:01.0365 3192  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
08:53:01.0365 3192  C:\WINDOWS\system32\vga.dll - ok
08:53:01.0365 3192  [ CDB78115C16F8803C7D020CD64A58F46 ] C:\WINDOWS\system32\igxpdv32.dll
08:53:01.0365 3192  C:\WINDOWS\system32\igxpdv32.dll - ok
08:53:01.0365 3192  [ E85C6E24C83D5C5165788D843196B813 ] C:\WINDOWS\system32\igxpdx32.dll
08:53:01.0365 3192  C:\WINDOWS\system32\igxpdx32.dll - ok
08:53:01.0365 3192  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
08:53:01.0381 3192  C:\WINDOWS\system32\winlogon.exe - ok
08:53:01.0381 3192  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
08:53:01.0381 3192  C:\WINDOWS\system32\advapi32.dll - ok
08:53:01.0381 3192  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
08:53:01.0381 3192  C:\WINDOWS\system32\rpcrt4.dll - ok
08:53:01.0381 3192  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
08:53:01.0381 3192  C:\WINDOWS\system32\secur32.dll - ok
08:53:01.0412 3192  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
08:53:01.0412 3192  C:\WINDOWS\system32\authz.dll - ok
08:53:01.0428 3192  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
08:53:01.0428 3192  C:\WINDOWS\system32\msvcrt.dll - ok
08:53:01.0428 3192  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
08:53:01.0428 3192  C:\WINDOWS\system32\crypt32.dll - ok
08:53:01.0428 3192  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
08:53:01.0428 3192  C:\WINDOWS\system32\msasn1.dll - ok
08:53:01.0428 3192  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
08:53:01.0428 3192  C:\WINDOWS\system32\nddeapi.dll - ok
08:53:01.0443 3192  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
08:53:01.0443 3192  C:\WINDOWS\system32\netapi32.dll - ok
08:53:01.0443 3192  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
08:53:01.0443 3192  C:\WINDOWS\system32\profmap.dll - ok
08:53:01.0443 3192  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
08:53:01.0443 3192  C:\WINDOWS\system32\userenv.dll - ok
08:53:01.0459 3192  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
08:53:01.0459 3192  C:\WINDOWS\system32\psapi.dll - ok
08:53:01.0490 3192  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
08:53:01.0490 3192  C:\WINDOWS\system32\regapi.dll - ok
08:53:01.0505 3192  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
08:53:01.0505 3192  C:\WINDOWS\system32\setupapi.dll - ok
08:53:01.0505 3192  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
08:53:01.0505 3192  C:\WINDOWS\system32\version.dll - ok
08:53:01.0505 3192  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
08:53:01.0505 3192  C:\WINDOWS\system32\winsta.dll - ok
08:53:01.0521 3192  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
08:53:01.0521 3192  C:\WINDOWS\system32\wintrust.dll - ok
08:53:01.0521 3192  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
08:53:01.0521 3192  C:\WINDOWS\system32\imagehlp.dll - ok
08:53:01.0521 3192  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
08:53:01.0521 3192  C:\WINDOWS\system32\ws2_32.dll - ok
08:53:01.0521 3192  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
08:53:01.0521 3192  C:\WINDOWS\system32\imm32.dll - ok
08:53:01.0536 3192  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
08:53:01.0536 3192  C:\WINDOWS\system32\ws2help.dll - ok
08:53:01.0552 3192  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
08:53:01.0552 3192  C:\WINDOWS\system32\kbdus.dll - ok
08:53:01.0568 3192  [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
08:53:01.0568 3192  C:\WINDOWS\system32\kbduk.dll - ok
08:53:01.0568 3192  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
08:53:01.0568 3192  C:\WINDOWS\system32\msgina.dll - ok
08:53:01.0568 3192  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
08:53:01.0568 3192  C:\WINDOWS\system32\comctl32.dll - ok
08:53:01.0583 3192  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
08:53:01.0583 3192  C:\WINDOWS\system32\comdlg32.dll - ok
08:53:01.0583 3192  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
08:53:01.0583 3192  C:\WINDOWS\system32\odbc32.dll - ok
08:53:01.0583 3192  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
08:53:01.0583 3192  C:\WINDOWS\system32\shell32.dll - ok
08:53:01.0583 3192  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
08:53:01.0583 3192  C:\WINDOWS\system32\shlwapi.dll - ok
08:53:01.0614 3192  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
08:53:01.0614 3192  C:\WINDOWS\system32\sxs.dll - ok
08:53:01.0630 3192  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
08:53:01.0630 3192  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
08:53:01.0645 3192  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
08:53:01.0645 3192  C:\WINDOWS\system32\odbcint.dll - ok
08:53:01.0645 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
08:53:01.0645 3192  C:\WINDOWS\system32\shsvcs.dll - ok
08:53:01.0645 3192  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
08:53:01.0645 3192  C:\WINDOWS\system32\ole32.dll - ok
08:53:01.0645 3192  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
08:53:01.0645 3192  C:\WINDOWS\system32\sfc.dll - ok
08:53:01.0645 3192  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
08:53:01.0645 3192  C:\WINDOWS\system32\sfc_os.dll - ok
08:53:01.0661 3192  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
08:53:01.0661 3192  C:\WINDOWS\system32\apphelp.dll - ok
08:53:01.0661 3192  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
08:53:01.0661 3192  C:\WINDOWS\system32\lsasrv.dll - ok
08:53:01.0661 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
08:53:01.0661 3192  C:\WINDOWS\system32\lsass.exe - ok
08:53:01.0661 3192  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
08:53:01.0661 3192  C:\WINDOWS\system32\msvcp60.dll - ok
08:53:01.0661 3192  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
08:53:01.0661 3192  C:\WINDOWS\system32\ncobjapi.dll - ok
08:53:01.0677 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:53:01.0677 3192  C:\WINDOWS\system32\services.exe - ok
08:53:01.0677 3192  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
08:53:01.0677 3192  C:\WINDOWS\system32\scesrv.dll - ok
08:53:01.0677 3192  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
08:53:01.0677 3192  C:\WINDOWS\system32\mpr.dll - ok
08:53:01.0677 3192  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
08:53:01.0677 3192  C:\WINDOWS\system32\dnsapi.dll - ok
08:53:01.0692 3192  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
08:53:01.0692 3192  C:\WINDOWS\system32\ntdsapi.dll - ok
08:53:01.0692 3192  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
08:53:01.0692 3192  C:\WINDOWS\system32\shimeng.dll - ok
08:53:01.0692 3192  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
08:53:01.0692 3192  C:\WINDOWS\system32\umpnpmgr.dll - ok
08:53:01.0692 3192  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
08:53:01.0692 3192  C:\WINDOWS\system32\wldap32.dll - ok
08:53:01.0692 3192  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
08:53:01.0692 3192  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
08:53:01.0708 3192  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
08:53:01.0708 3192  C:\WINDOWS\system32\samlib.dll - ok
08:53:01.0708 3192  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
08:53:01.0708 3192  C:\WINDOWS\system32\samsrv.dll - ok
08:53:01.0708 3192  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
08:53:01.0708 3192  C:\WINDOWS\AppPatch\AcGenral.dll - ok
08:53:01.0708 3192  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
08:53:01.0708 3192  C:\WINDOWS\system32\cryptdll.dll - ok
08:53:01.0723 3192  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
08:53:01.0723 3192  C:\WINDOWS\system32\oleaut32.dll - ok
08:53:01.0723 3192  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
08:53:01.0723 3192  C:\WINDOWS\system32\winmm.dll - ok
08:53:01.0723 3192  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
08:53:01.0723 3192  C:\WINDOWS\system32\msacm32.dll - ok
08:53:01.0723 3192  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
08:53:01.0723 3192  C:\WINDOWS\system32\uxtheme.dll - ok
08:53:01.0739 3192  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
08:53:01.0739 3192  C:\WINDOWS\system32\msapsspc.dll - ok
08:53:01.0739 3192  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
08:53:01.0739 3192  C:\WINDOWS\system32\msvcrt40.dll - ok
08:53:01.0739 3192  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
08:53:01.0739 3192  C:\WINDOWS\system32\schannel.dll - ok
08:53:01.0739 3192  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
08:53:01.0739 3192  C:\WINDOWS\system32\digest.dll - ok
08:53:01.0739 3192  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
08:53:01.0739 3192  C:\WINDOWS\system32\msnsspc.dll - ok
08:53:01.0754 3192  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
08:53:01.0754 3192  C:\WINDOWS\system32\kerberos.dll - ok
08:53:01.0754 3192  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME
08:53:01.0754 3192  C:\WINDOWS\system32\MSCTFIME.IME - ok
08:53:01.0754 3192  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
08:53:01.0754 3192  C:\WINDOWS\system32\msprivs.dll - ok
08:53:01.0754 3192  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
08:53:01.0754 3192  C:\WINDOWS\system32\atmfd.dll - ok
08:53:01.0754 3192  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
08:53:01.0754 3192  C:\WINDOWS\system32\msv1_0.dll - ok
08:53:01.0770 3192  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
08:53:01.0770 3192  C:\WINDOWS\system32\iphlpapi.dll - ok
08:53:01.0770 3192  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
08:53:01.0770 3192  C:\WINDOWS\system32\netlogon.dll - ok
08:53:01.0770 3192  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
08:53:01.0770 3192  C:\WINDOWS\system32\w32time.dll - ok
08:53:01.0770 3192  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
08:53:01.0770 3192  C:\WINDOWS\system32\rsaenh.dll - ok
08:53:01.0785 3192  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
08:53:01.0785 3192  C:\WINDOWS\system32\wdigest.dll - ok
08:53:01.0785 3192  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
08:53:01.0785 3192  C:\WINDOWS\system32\winscard.dll - ok
08:53:01.0785 3192  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
08:53:01.0785 3192  C:\WINDOWS\system32\wtsapi32.dll - ok
08:53:01.0785 3192  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
08:53:01.0785 3192  C:\WINDOWS\system32\scecli.dll - ok
08:53:01.0801 3192  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
08:53:01.0801 3192  C:\WINDOWS\system32\svchost.exe - ok
08:53:01.0801 3192  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
08:53:01.0801 3192  C:\WINDOWS\system32\ntmarta.dll - ok
08:53:01.0801 3192  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
08:53:01.0801 3192  C:\WINDOWS\system32\rpcss.dll - ok
08:53:01.0801 3192  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
08:53:01.0801 3192  C:\WINDOWS\system32\xpsp2res.dll - ok
08:53:01.0801 3192  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
08:53:01.0801 3192  C:\WINDOWS\system32\eventlog.dll - ok
08:53:01.0817 3192  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
08:53:01.0817 3192  C:\WINDOWS\system32\mswsock.dll - ok
08:53:01.0817 3192  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
08:53:01.0817 3192  C:\WINDOWS\system32\hnetcfg.dll - ok
08:53:01.0817 3192  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
08:53:01.0817 3192  C:\WINDOWS\system32\winrnr.dll - ok
08:53:01.0817 3192  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
08:53:01.0817 3192  C:\WINDOWS\system32\wshtcpip.dll - ok
08:53:01.0817 3192  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
08:53:01.0817 3192  C:\WINDOWS\system32\rasadhlp.dll - ok
08:53:01.0832 3192  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
08:53:01.0832 3192  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
08:53:01.0832 3192  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
08:53:01.0832 3192  C:\WINDOWS\system32\atl.dll - ok
08:53:01.0832 3192  [ 27FC71DA659305E260ACBDA15A318399 ] C:\WINDOWS\system32\drivers\s24trans.sys
08:53:01.0832 3192  C:\WINDOWS\system32\drivers\s24trans.sys - ok
08:53:01.0832 3192  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
08:53:01.0832 3192  C:\WINDOWS\system32\vssapi.dll - ok
08:53:01.0848 3192  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
08:53:01.0848 3192  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
08:53:01.0848 3192  [ DDEBCC0AA7BD3EB02ABCE6B3D8536DEA ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:53:01.0848 3192  C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
08:53:01.0848 3192  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
08:53:01.0848 3192  C:\WINDOWS\system32\clbcatq.dll - ok
08:53:01.0848 3192  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
08:53:01.0848 3192  C:\WINDOWS\system32\comres.dll - ok
08:53:01.0848 3192  [ 7ED9C63447B2240B123970F7E6FE5115 ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
08:53:01.0848 3192  C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
08:53:01.0863 3192  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
08:53:01.0863 3192  C:\WINDOWS\system32\es.dll - ok
08:53:01.0863 3192  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
08:53:01.0863 3192  C:\WINDOWS\system32\winspool.drv - ok
08:53:01.0863 3192  [ 26C89D43772A5D9898D98ED389E555CB ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
08:53:01.0863 3192  C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
08:53:01.0863 3192  [ 6BBAF2F25A609DFB967F8F7445D64EF8 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
08:53:01.0863 3192  C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
08:53:01.0879 3192  [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
08:53:01.0879 3192  C:\WINDOWS\system32\icmp.dll - ok
08:53:01.0879 3192  [ DD7E78E3B3DE2A52485566F970433F37 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
08:53:01.0879 3192  C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
08:53:01.0879 3192  [ 82B7058995431AFAA0BBEEAF85F4D1BD ] C:\Program Files\Intel\WiFi\bin\pfQOSMgr.dll
08:53:01.0879 3192  C:\Program Files\Intel\WiFi\bin\pfQOSMgr.dll - ok
08:53:01.0879 3192  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
08:53:01.0879 3192  C:\WINDOWS\system32\winhttp.dll - ok
08:53:01.0879 3192  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
08:53:01.0879 3192  C:\WINDOWS\system32\wsock32.dll - ok
08:53:01.0894 3192  [ C56EE8C650CBB70A20A3B2E3DF3FE996 ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
08:53:01.0894 3192  C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
08:53:01.0894 3192  [ 8A8C4398942759FDE4947306B7CD595C ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
08:53:01.0894 3192  C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
08:53:01.0894 3192  [ 93BDFAAD5760D5A0FD6FFDBF32D55C76 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
08:53:01.0894 3192  C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
08:53:01.0894 3192  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
08:53:01.0894 3192  C:\WINDOWS\system32\oleacc.dll - ok
08:53:01.0910 3192  [ B67D13453F33F569BA6CAB45447AD724 ] C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
08:53:01.0910 3192  C:\Program Files\Intel\WiFi\bin\S24EvMon.exe - ok
08:53:01.0910 3192  [ C2D7CD1437D073E2B154D6E32CF58027 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
08:53:01.0910 3192  C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
08:53:01.0910 3192  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
08:53:01.0910 3192  C:\WINDOWS\system32\wlanapi.dll - ok
08:53:01.0910 3192  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
08:53:01.0910 3192  C:\WINDOWS\system32\rtutils.dll - ok
08:53:01.0926 3192  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
08:53:01.0926 3192  C:\WINDOWS\system32\wzcsapi.dll - ok
08:53:01.0926 3192  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
08:53:01.0926 3192  C:\WINDOWS\system32\clusapi.dll - ok
08:53:01.0926 3192  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
08:53:01.0926 3192  C:\WINDOWS\system32\netcfgx.dll - ok
08:53:01.0926 3192  [ 2133B82CD52F1B62CDEA633769819A60 ] C:\Program Files\Common Files\System\ado\msado15.dll
08:53:01.0926 3192  C:\Program Files\Common Files\System\ado\msado15.dll - ok
08:53:01.0926 3192  [ ED2F22BE3F36157E48EFFBAFA5A16A86 ] C:\Program Files\Intel\WiFi\bin\KMMDLPlugins\SupplicantPlugin.dll
08:53:01.0926 3192  C:\Program Files\Intel\WiFi\bin\KMMDLPlugins\SupplicantPlugin.dll - ok
08:53:01.0941 3192  [ 2585A858D6E359AC6C4CDF4D63A371E7 ] C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
08:53:01.0941 3192  C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe - ok
08:53:01.0941 3192  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
08:53:01.0941 3192  C:\WINDOWS\system32\cscdll.dll - ok
08:53:01.0941 3192  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
08:53:01.0941 3192  C:\WINDOWS\system32\dimsntfy.dll - ok
08:53:01.0941 3192  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
08:53:01.0941 3192  C:\WINDOWS\system32\wlnotify.dll - ok
08:53:01.0957 3192  [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
08:53:01.0957 3192  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
08:53:01.0957 3192  [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
08:53:01.0957 3192  C:\WINDOWS\system32\msdart.dll - ok
08:53:01.0957 3192  [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
08:53:01.0957 3192  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
08:53:01.0957 3192  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
08:53:01.0957 3192  C:\WINDOWS\system32\WgaLogon.dll - ok
08:53:01.0972 3192  [ 1ED4C96EC76C3DDFCABD7644DA23F4B6 ] C:\Program Files\Common Files\System\Ole DB\msdasql.dll
08:53:01.0972 3192  C:\Program Files\Common Files\System\Ole DB\msdasql.dll - ok
08:53:01.0972 3192  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
08:53:01.0972 3192  C:\WINDOWS\system32\dhcpcsvc.dll - ok
08:53:01.0972 3192  [ 73BAFFA0B02320690CDC606241078CE4 ] C:\Program Files\Common Files\System\Ole DB\msdatl3.dll
08:53:01.0972 3192  C:\Program Files\Common Files\System\Ole DB\msdatl3.dll - ok
08:53:01.0972 3192  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
08:53:01.0972 3192  C:\WINDOWS\system32\dnsrslvr.dll - ok
08:53:01.0972 3192  [ 8985FCECE06A74017E23DDD093E34D4E ] C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll
08:53:01.0972 3192  C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll - ok
08:53:01.0988 3192  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
08:53:01.0988 3192  C:\WINDOWS\system32\msxml3.dll - ok
08:53:01.0988 3192  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
08:53:01.0988 3192  C:\WINDOWS\system32\comsvcs.dll - ok
08:53:01.0988 3192  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
08:53:01.0988 3192  C:\WINDOWS\system32\colbact.dll - ok
08:53:01.0988 3192  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
08:53:01.0988 3192  C:\WINDOWS\system32\mtxclu.dll - ok
08:53:02.0003 3192  [ 1B05DCC75FBB903A17E3E0DDAEA8D508 ] C:\WINDOWS\system32\odbcjt32.dll
08:53:02.0003 3192  C:\WINDOWS\system32\odbcjt32.dll - ok
08:53:02.0003 3192  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
08:53:02.0003 3192  C:\WINDOWS\system32\resutils.dll - ok
08:53:02.0003 3192  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
08:53:02.0003 3192  C:\WINDOWS\system32\lmhsvc.dll - ok
08:53:02.0019 3192  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
08:53:02.0019 3192  C:\WINDOWS\system32\wzcsvc.dll - ok
08:53:02.0019 3192  [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
08:53:02.0019 3192  C:\WINDOWS\system32\msjet40.dll - ok
08:53:02.0019 3192  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
08:53:02.0019 3192  C:\WINDOWS\system32\dot3api.dll - ok
08:53:02.0019 3192  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
08:53:02.0019 3192  C:\WINDOWS\system32\eapolqec.dll - ok
08:53:02.0034 3192  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
08:53:02.0034 3192  C:\WINDOWS\system32\qutil.dll - ok
08:53:02.0034 3192  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
08:53:02.0034 3192  C:\WINDOWS\system32\wmi.dll - ok
08:53:02.0034 3192  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
08:53:02.0034 3192  C:\WINDOWS\system32\esent.dll - ok
08:53:02.0034 3192  [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
08:53:02.0034 3192  C:\WINDOWS\system32\mswstr10.dll - ok
08:53:02.0034 3192  [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
08:53:02.0034 3192  C:\WINDOWS\system32\msjint40.dll - ok
08:53:02.0050 3192  [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
08:53:02.0050 3192  C:\WINDOWS\system32\msjter40.dll - ok
08:53:02.0050 3192  [ 5CE275CDC5FFB77B1EC29DBDFE4B6689 ] C:\WINDOWS\system32\odbcji32.dll
08:53:02.0050 3192  C:\WINDOWS\system32\odbcji32.dll - ok
08:53:02.0050 3192  [ 2C288AA87E4723AC9FF4D76A192EC3F8 ] C:\WINDOWS\system32\odbccp32.dll
08:53:02.0050 3192  C:\WINDOWS\system32\odbccp32.dll - ok
08:53:02.0050 3192  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
08:53:02.0050 3192  C:\WINDOWS\system32\rastls.dll - ok
08:53:02.0066 3192  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
08:53:02.0066 3192  C:\WINDOWS\system32\cryptui.dll - ok
08:53:02.0066 3192  [ 5AACF4B4DEE1972B7952E8A747122232 ] C:\WINDOWS\system32\wininet.dll
08:53:02.0066 3192  C:\WINDOWS\system32\wininet.dll - ok
08:53:02.0066 3192  [ 142CEDECAE89E372EE347681C3FBB257 ] C:\Program Files\Common Files\System\msadc\msadce.dll
08:53:02.0066 3192  C:\Program Files\Common Files\System\msadc\msadce.dll - ok
08:53:02.0066 3192  [ 81E9041DAC0983AACE5C8920AF73D64E ] C:\Program Files\Common Files\System\msadc\msadcer.dll
08:53:02.0066 3192  C:\Program Files\Common Files\System\msadc\msadcer.dll - ok
08:53:02.0081 3192  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
08:53:02.0081 3192  C:\WINDOWS\system32\normaliz.dll - ok
08:53:02.0081 3192  [ C332870084DB9164F465D6F1B7472728 ] C:\WINDOWS\system32\urlmon.dll
08:53:02.0081 3192  C:\WINDOWS\system32\urlmon.dll - ok
08:53:02.0081 3192  [ 47464CA4943F82E1B8FCB2C57DA15F83 ] C:\WINDOWS\system32\iertutil.dll
08:53:02.0081 3192  C:\WINDOWS\system32\iertutil.dll - ok
08:53:02.0081 3192  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
08:53:02.0081 3192  C:\WINDOWS\system32\mprapi.dll - ok
08:53:02.0081 3192  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
08:53:02.0081 3192  C:\WINDOWS\system32\activeds.dll - ok
08:53:02.0097 3192  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
08:53:02.0097 3192  C:\WINDOWS\system32\adsldpc.dll - ok
08:53:02.0112 3192  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
08:53:02.0112 3192  C:\WINDOWS\system32\rasapi32.dll - ok
08:53:02.0128 3192  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
08:53:02.0128 3192  C:\WINDOWS\system32\rasman.dll - ok
08:53:02.0128 3192  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
08:53:02.0128 3192  C:\WINDOWS\system32\tapi32.dll - ok
08:53:02.0128 3192  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
08:53:02.0128 3192  C:\WINDOWS\system32\riched20.dll - ok
08:53:02.0128 3192  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
08:53:02.0128 3192  C:\WINDOWS\system32\raschap.dll - ok
08:53:02.0143 3192  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
08:53:02.0143 3192  C:\WINDOWS\system32\schedsvc.dll - ok
08:53:02.0143 3192  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
08:53:02.0143 3192  C:\WINDOWS\system32\msidle.dll - ok
08:53:02.0143 3192  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
08:53:02.0143 3192  C:\WINDOWS\system32\spoolsv.exe - ok
08:53:02.0143 3192  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
08:53:02.0143 3192  C:\WINDOWS\system32\audiosrv.dll - ok
08:53:02.0143 3192  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll


#4 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 04:58 AM

2nd half of TDSS log:

 

 

08:53:02.0143 3192  C:\WINDOWS\system32\wkssvc.dll - ok
08:53:02.0159 3192  [ D04F078E9E97C5ABC0EED8A782E3AB64 ] C:\Program Files\Intel\WiFi\bin\KMMDLPlugins\WSCPlugin.dll
08:53:02.0159 3192  C:\Program Files\Intel\WiFi\bin\KMMDLPlugins\WSCPlugin.dll - ok
08:53:02.0159 3192  [ FEF8BA82CD7768372F1FF5B00FC6F554 ] C:\Program Files\Intel\WiFi\bin\supplicant.dll
08:53:02.0159 3192  C:\Program Files\Intel\WiFi\bin\supplicant.dll - ok
08:53:02.0159 3192  [ C58884FAA45B21AFEFB2FA35ADD27A9C ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
08:53:02.0159 3192  C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
08:53:02.0159 3192  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
08:53:02.0159 3192  C:\WINDOWS\system32\mlang.dll - ok
08:53:02.0175 3192  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
08:53:02.0175 3192  C:\WINDOWS\system32\xmlprovi.dll - ok
08:53:02.0175 3192  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
08:53:02.0175 3192  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
08:53:02.0175 3192  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
08:53:02.0175 3192  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
08:53:02.0175 3192  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
08:53:02.0175 3192  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
08:53:02.0175 3192  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
08:53:02.0175 3192  C:\WINDOWS\system32\wbem\esscli.dll - ok
08:53:02.0190 3192  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
08:53:02.0190 3192  C:\WINDOWS\system32\wbem\fastprox.dll - ok
08:53:02.0190 3192  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
08:53:02.0190 3192  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
08:53:02.0190 3192  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
08:53:02.0190 3192  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
08:53:02.0190 3192  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
08:53:02.0190 3192  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
08:53:02.0206 3192  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
08:53:02.0206 3192  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
08:53:02.0206 3192  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
08:53:02.0206 3192  C:\WINDOWS\system32\wbem\wbemess.dll - ok
08:53:02.0206 3192  [ C7000F2DB2A5515C64C257478769A481 ] C:\WINDOWS\system32\wbem\unsecapp.exe
08:53:02.0206 3192  C:\WINDOWS\system32\wbem\unsecapp.exe - ok
08:53:02.0206 3192  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
08:53:02.0206 3192  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
08:53:02.0206 3192  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
08:53:02.0206 3192  C:\WINDOWS\system32\wbem\ncprov.dll - ok
08:53:02.0221 3192  [ BAA47C5D0CA33C714A033627678A5E32 ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
08:53:02.0221 3192  C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
08:53:02.0221 3192  [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
08:53:02.0221 3192  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
08:53:02.0221 3192  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
08:53:02.0221 3192  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
08:53:02.0221 3192  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
08:53:02.0221 3192  C:\WINDOWS\system32\webclnt.dll - ok
08:53:02.0221 3192  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
08:53:02.0221 3192  C:\WINDOWS\system32\drivers\parport.sys - ok
08:53:02.0237 3192  [ D04C057ECCFA4DBFC1ABDA4256BA6F65 ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
08:53:02.0237 3192  C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
08:53:02.0237 3192  [ AF7466548D957D8DCB4A331DA4F39045 ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
08:53:02.0237 3192  C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
08:53:02.0237 3192  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
08:53:02.0237 3192  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
08:53:02.0237 3192  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
08:53:02.0237 3192  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
08:53:02.0252 3192  [ 7BDA9423415F7612454B91DF4FA11576 ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
08:53:02.0252 3192  C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll - ok
08:53:02.0252 3192  [ 50EE778BF4C4EE52CF1FB49E268710CD ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
08:53:02.0252 3192  C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll - ok
08:53:02.0252 3192  [ 0BF2D8D6EED059CB3BA82EF784C5A35F ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
08:53:02.0252 3192  C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
08:53:02.0252 3192  [ 9926BB462A41FCB71BD9FEB99037E6EC ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
08:53:02.0252 3192  C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
08:53:02.0268 3192  [ B5F1F2B39F1241F8AF9D3A8B38D4C887 ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
08:53:02.0268 3192  C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
08:53:02.0268 3192  [ 6A73E535E778991EA3B7B70EEB7ADEAF ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
08:53:02.0268 3192  C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
08:53:02.0268 3192  [ 61487F79AF2679F0E675498663D56486 ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
08:53:02.0268 3192  C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
08:53:02.0268 3192  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
08:53:02.0268 3192  C:\WINDOWS\system32\dbghelp.dll - ok
08:53:02.0283 3192  [ 0C2E89A6E7E97E68EBBEDEEA7FB52B31 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
08:53:02.0283 3192  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
08:53:02.0283 3192  [ B17A44B3F65BCA352C67EC78F641D901 ] C:\WINDOWS\system32\drivers\tmcomm.sys
08:53:02.0283 3192  C:\WINDOWS\system32\drivers\tmcomm.sys - ok
08:53:02.0283 3192  [ 6AF05F39F580618B40C2395A4CC137B8 ] C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
08:53:02.0283 3192  C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe - ok
08:53:02.0283 3192  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
08:53:02.0283 3192  C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
08:53:02.0299 3192  [ 39CFB66854B304B0F41C9C39F51700FE ] C:\WINDOWS\system32\drivers\tmactmon.sys
08:53:02.0299 3192  C:\WINDOWS\system32\drivers\tmactmon.sys - ok
08:53:02.0299 3192  [ 88BDD265B0A455CDE98FCD213D0595C5 ] C:\WINDOWS\system32\drivers\tmevtmgr.sys
08:53:02.0299 3192  C:\WINDOWS\system32\drivers\tmevtmgr.sys - ok
08:53:02.0299 3192  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:53:02.0299 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
08:53:02.0299 3192  [ 14E22953B3713BD7038B739A6D4C17AE ] C:\Program Files\Trend Micro\AMSP\sqlite3.dll
08:53:02.0299 3192  C:\Program Files\Trend Micro\AMSP\sqlite3.dll - ok
08:53:02.0315 3192  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
08:53:02.0315 3192  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
08:53:02.0315 3192  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
08:53:02.0315 3192  C:\WINDOWS\system32\mscoree.dll - ok
08:53:02.0315 3192  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
08:53:02.0315 3192  C:\WINDOWS\system32\cryptsvc.dll - ok
08:53:02.0315 3192  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
08:53:02.0315 3192  C:\WINDOWS\system32\certcli.dll - ok
08:53:02.0315 3192  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
08:53:02.0315 3192  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
08:53:02.0330 3192  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
08:53:02.0330 3192  C:\WINDOWS\system32\dmserver.dll - ok
08:53:02.0330 3192  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
08:53:02.0330 3192  C:\WINDOWS\system32\ersvc.dll - ok
08:53:02.0330 3192  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
08:53:02.0330 3192  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
08:53:02.0330 3192  [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
08:53:02.0330 3192  C:\WINDOWS\system32\msi.dll - ok
08:53:02.0346 3192  [ 1758AF653723679E3746FC7DDD93C69B ] C:\Program Files\Java\jre7\bin\jqs.exe
08:53:02.0346 3192  C:\Program Files\Java\jre7\bin\jqs.exe - ok
08:53:02.0346 3192  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
08:53:02.0346 3192  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
08:53:02.0346 3192  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
08:53:02.0346 3192  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
08:53:02.0346 3192  [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
08:53:02.0346 3192  C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
08:53:02.0346 3192  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
08:53:02.0346 3192  C:\WINDOWS\system32\pdh.dll - ok
08:53:02.0361 3192  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
08:53:02.0361 3192  C:\WINDOWS\system32\odbcbcp.dll - ok
08:53:02.0361 3192  [ 8B21704F4F3D5943EFE169DC3F13B695 ] C:\Program Files\Kaseya\Agent\AgentMon.exe
08:53:02.0361 3192  C:\Program Files\Kaseya\Agent\AgentMon.exe - ok
08:53:02.0361 3192  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
08:53:02.0361 3192  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
08:53:02.0361 3192  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
08:53:02.0361 3192  C:\WINDOWS\system32\mstask.dll - ok
08:53:02.0377 3192  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
08:53:02.0377 3192  C:\WINDOWS\system32\perfos.dll - ok
08:53:02.0392 3192  [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
08:53:02.0392 3192  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
08:53:02.0392 3192  [ 8F1A549C7868A59B479108D34D57E673 ] C:\Program Files\Kaseya\Agent\KEventLog.dll
08:53:02.0392 3192  C:\Program Files\Kaseya\Agent\KEventLog.dll - ok
08:53:02.0392 3192  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
08:53:02.0392 3192  C:\WINDOWS\system32\perfdisk.dll - ok
08:53:02.0408 3192  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
08:53:02.0408 3192  C:\WINDOWS\system32\srvsvc.dll - ok
08:53:02.0408 3192  [ F3D5398C92D3E14502DE8467D669C1A2 ] C:\Program Files\Kaseya\Agent\LogParser.dll
08:53:02.0408 3192  C:\Program Files\Kaseya\Agent\LogParser.dll - ok
08:53:02.0408 3192  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
08:53:02.0408 3192  C:\WINDOWS\system32\netmsg.dll - ok
08:53:02.0408 3192  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
08:53:02.0408 3192  C:\WINDOWS\system32\drivers\srv.sys - ok
08:53:02.0424 3192  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
08:53:02.0424 3192  C:\WINDOWS\system32\ipsecsvc.dll - ok
08:53:02.0424 3192  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
08:53:02.0424 3192  C:\WINDOWS\system32\netman.dll - ok
08:53:02.0424 3192  [ 5608ED3957105BC14E3C426BB27AC5A1 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:53:02.0424 3192  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
08:53:02.0424 3192  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
08:53:02.0424 3192  C:\WINDOWS\system32\netshell.dll - ok
08:53:02.0424 3192  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
08:53:02.0424 3192  C:\WINDOWS\system32\oakley.dll - ok
08:53:02.0439 3192  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
08:53:02.0439 3192  C:\WINDOWS\system32\pstorsvc.dll - ok
08:53:02.0439 3192  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
08:53:02.0439 3192  C:\WINDOWS\system32\winipsec.dll - ok
08:53:02.0439 3192  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
08:53:02.0439 3192  C:\WINDOWS\system32\psbase.dll - ok
08:53:02.0439 3192  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
08:53:02.0439 3192  C:\WINDOWS\system32\dssenh.dll - ok
08:53:02.0455 3192  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
08:53:02.0455 3192  C:\WINDOWS\system32\credui.dll - ok
08:53:02.0455 3192  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
08:53:02.0455 3192  C:\WINDOWS\system32\dot3dlg.dll - ok
08:53:02.0455 3192  [ 162037DE94C44B45326CEF4EB2999077 ] C:\Program Files\N-able Technologies\NRM\RSMWinService.exe
08:53:02.0455 3192  C:\Program Files\N-able Technologies\NRM\RSMWinService.exe - ok
08:53:02.0455 3192  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
08:53:02.0455 3192  C:\WINDOWS\system32\onex.dll - ok
08:53:02.0455 3192  [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
08:53:02.0455 3192  C:\WINDOWS\system32\regsvc.dll - ok
08:53:02.0470 3192  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
08:53:02.0470 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
08:53:02.0470 3192  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
08:53:02.0470 3192  C:\WINDOWS\system32\eappcfg.dll - ok
08:53:02.0470 3192  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
08:53:02.0470 3192  C:\WINDOWS\system32\eappprxy.dll - ok
08:53:02.0470 3192  [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
08:53:02.0470 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
08:53:02.0470 3192  [ B7344C0398455374E85383F99A477446 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
08:53:02.0470 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll - ok
08:53:02.0486 3192  [ 1986443C2F2C0E2A18E908DD241BF84D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
08:53:02.0486 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
08:53:02.0486 3192  [ E5BC8D93CDCB957146D971647849A154 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
08:53:02.0486 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
08:53:02.0486 3192  [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
08:53:02.0486 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
08:53:02.0486 3192  [ 3FC9E879BABA2379302A029F01547F50 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\da100161503047a994c55c9832d72ce7\System.ni.dll
08:53:02.0486 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\da100161503047a994c55c9832d72ce7\System.ni.dll - ok
08:53:02.0501 3192  [ C5E4AA00DC1C615811FBE5D82689F2E8 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\66476359cfb5550178ddb0d34128aa61\System.ServiceProcess.ni.dll
08:53:02.0501 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\66476359cfb5550178ddb0d34128aa61\System.ServiceProcess.ni.dll - ok
08:53:02.0501 3192  [ 158A4B7F3CCA4C668FFEAC52D18856F3 ] C:\Program Files\N-able Technologies\NRM\RSMRelayLibrary.dll
08:53:02.0501 3192  C:\Program Files\N-able Technologies\NRM\RSMRelayLibrary.dll - ok
08:53:02.0501 3192  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
08:53:02.0501 3192  C:\WINDOWS\system32\seclogon.dll - ok
08:53:02.0501 3192  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
08:53:02.0501 3192  C:\WINDOWS\system32\sens.dll - ok
08:53:02.0517 3192  [ F70AB08582E06A8BDA3E470592D1A394 ] C:\WINDOWS\system32\stacsv.exe
08:53:02.0517 3192  C:\WINDOWS\system32\stacsv.exe - ok
08:53:02.0517 3192  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
08:53:02.0517 3192  C:\WINDOWS\system32\srsvc.dll - ok
08:53:02.0517 3192  [ EACEA70D0C48A8B30EA22883B15B1BBC ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\1c27a7c883c2dfe6fb67a7296ab0bc2d\System.Drawing.ni.dll
08:53:02.0517 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\1c27a7c883c2dfe6fb67a7296ab0bc2d\System.Drawing.ni.dll - ok
08:53:02.0517 3192  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
08:53:02.0517 3192  C:\WINDOWS\system32\dsound.dll - ok
08:53:02.0517 3192  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
08:53:02.0517 3192  C:\WINDOWS\system32\powrprof.dll - ok
08:53:02.0532 3192  [ C797FF930E512C0EF5EC5B4335534030 ] C:\Program Files\Java\jre7\bin\awt.dll
08:53:02.0532 3192  C:\Program Files\Java\jre7\bin\awt.dll - ok
08:53:02.0532 3192  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
08:53:02.0532 3192  C:\WINDOWS\system32\wdmaud.drv - ok
08:53:02.0532 3192  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
08:53:02.0532 3192  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
08:53:02.0532 3192  [ DD44698A92280B41D2140B7C9B4DBAB7 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
08:53:02.0532 3192  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
08:53:02.0532 3192  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
08:53:02.0532 3192  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
08:53:02.0548 3192  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
08:53:02.0548 3192  C:\WINDOWS\system32\drivers\splitter.sys - ok
08:53:02.0548 3192  [ 8BFC995E871DB699261CA436434B4E4B ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\14b55546abb9ff105fb08138cc121ca6\System.Windows.Forms.ni.dll
08:53:02.0548 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\14b55546abb9ff105fb08138cc121ca6\System.Windows.Forms.ni.dll - ok
08:53:02.0548 3192  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
08:53:02.0548 3192  C:\WINDOWS\system32\drivers\aec.sys - ok
08:53:02.0548 3192  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
08:53:02.0548 3192  C:\WINDOWS\system32\drivers\swmidi.sys - ok
08:53:02.0564 3192  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
08:53:02.0564 3192  C:\WINDOWS\system32\drivers\DMusic.sys - ok
08:53:02.0564 3192  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
08:53:02.0564 3192  C:\WINDOWS\system32\drivers\kmixer.sys - ok
08:53:02.0564 3192  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
08:53:02.0564 3192  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
08:53:02.0564 3192  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
08:53:02.0564 3192  C:\WINDOWS\system32\msacm32.drv - ok
08:53:02.0564 3192  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
08:53:02.0564 3192  C:\WINDOWS\system32\midimap.dll - ok
08:53:02.0579 3192  [ 35ED0DBE578F30F68211BA22A8D16857 ] C:\Program Files\Java\jre7\bin\dcpr.dll
08:53:02.0579 3192  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
08:53:02.0579 3192  [ 311614D17E5FCB8FB7E5B886DBC7CE1D ] C:\WINDOWS\system32\stacapi.dll
08:53:02.0579 3192  C:\WINDOWS\system32\stacapi.dll - ok
08:53:02.0579 3192  [ 04B0CFF85D5225ADE066C4AD233ACD89 ] C:\Program Files\Java\jre7\bin\deploy.dll
08:53:02.0579 3192  C:\Program Files\Java\jre7\bin\deploy.dll - ok
08:53:02.0579 3192  [ B0BB987E66461EADFB4333C87BB357E2 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
08:53:02.0579 3192  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
08:53:02.0595 3192  [ E760BA96E51505EFD60144B7AFEF3BDD ] C:\Program Files\Java\jre7\bin\java.dll
08:53:02.0595 3192  C:\Program Files\Java\jre7\bin\java.dll - ok
08:53:02.0595 3192  [ 959063AAAC7E288B1AF52F94D9C22188 ] C:\Program Files\Java\jre7\bin\javaw.exe
08:53:02.0595 3192  C:\Program Files\Java\jre7\bin\javaw.exe - ok
08:53:02.0595 3192  [ 4C6437AAC8938AA1BF887ADA11B88A5D ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
08:53:02.0595 3192  C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe - ok
08:53:02.0595 3192  [ 03CF355CD7346F4A03FA253C64E07E70 ] C:\Program Files\Java\jre7\bin\jp2native.dll
08:53:02.0595 3192  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
08:53:02.0595 3192  [ 173D39D9DAF591BD735631DD2EADD2F1 ] C:\Program Files\Java\jre7\bin\jpeg.dll
08:53:02.0595 3192  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
08:53:02.0610 3192  [ 667E77A6042BB8F6E559D9AF1ECF0342 ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWIPHlp.dll
08:53:02.0610 3192  C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWIPHlp.dll - ok
08:53:02.0610 3192  [ E30A866E61A0947F947ED89D973D0EAE ] C:\Program Files\Java\jre7\bin\net.dll
08:53:02.0610 3192  C:\Program Files\Java\jre7\bin\net.dll - ok
08:53:02.0610 3192  [ 992A7A3B2B0E8552DF00C811ECF4E859 ] C:\Program Files\Java\jre7\bin\nio.dll
08:53:02.0610 3192  C:\Program Files\Java\jre7\bin\nio.dll - ok
08:53:02.0610 3192  [ A952235FF6F4AA10BFC0D78F7C1616A1 ] C:\Program Files\Java\jre7\bin\verify.dll
08:53:02.0610 3192  C:\Program Files\Java\jre7\bin\verify.dll - ok
08:53:02.0610 3192  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
08:53:02.0610 3192  C:\WINDOWS\system32\snmpapi.dll - ok
08:53:02.0626 3192  [ 616C03B0687A715F5DEF21E6D9B6DA50 ] C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWCommon.dll
08:53:02.0626 3192  C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWCommon.dll - ok
08:53:02.0626 3192  [ B840C0D1A043BD4F3D98EE0C8BD8DE72 ] C:\Program Files\UltraVNC\winvnc.exe
08:53:02.0626 3192  C:\Program Files\UltraVNC\winvnc.exe - ok
08:53:02.0626 3192  [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
08:53:02.0626 3192  C:\WINDOWS\system32\inetmib1.dll - ok
08:53:02.0626 3192  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
08:53:02.0626 3192  C:\WINDOWS\system32\trkwks.dll - ok
08:53:02.0641 3192  [ 473F2FD44322C71C48BF67D593FCA07D ] C:\Program Files\Java\jre7\bin\zip.dll
08:53:02.0641 3192  C:\Program Files\Java\jre7\bin\zip.dll - ok
08:53:02.0641 3192  [ F64F465025023182247A65ACE7CB32C9 ] C:\WINDOWS\assembly\GAC_MSIL\RSMWebHost\1.0.0.0__25777b8235f5c82a\RSMWebHost.dll
08:53:02.0641 3192  C:\WINDOWS\assembly\GAC_MSIL\RSMWebHost\1.0.0.0__25777b8235f5c82a\RSMWebHost.dll - ok
08:53:02.0641 3192  [ F493BA99E59DB7740064A55FC44014A5 ] C:\Program Files\N-able Technologies\Windows Agent\bin\AgentMaint.exe
08:53:02.0641 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\AgentMaint.exe - ok
08:53:02.0641 3192  [ 209407F79E3949036CBB501455C38959 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\4e2cac0827fc76ba1caa25443cc4ca61\System.Xml.ni.dll
08:53:02.0641 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\4e2cac0827fc76ba1caa25443cc4ca61\System.Xml.ni.dll - ok
08:53:02.0657 3192  [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
08:53:02.0657 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
08:53:02.0657 3192  [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
08:53:02.0657 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
08:53:02.0657 3192  [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
08:53:02.0657 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
08:53:02.0657 3192  [ 5903D586A61AD8AC054167C173439DF8 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a5abe2f70b67e025cccd8e5007d7efa5\System.Configuration.ni.dll
08:53:02.0657 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a5abe2f70b67e025cccd8e5007d7efa5\System.Configuration.ni.dll - ok
08:53:02.0657 3192  [ E8DC9EC0006A7CBF390D59C074C982A5 ] C:\Program Files\N-able Technologies\NRM\rsmfm.dll
08:53:02.0657 3192  C:\Program Files\N-able Technologies\NRM\rsmfm.dll - ok
08:53:02.0673 3192  [ 2A7C7401F2DC22AD24D864E57B4C3D5B ] C:\Program Files\IIS Express\iisexpress.exe
08:53:02.0673 3192  C:\Program Files\IIS Express\iisexpress.exe - ok
08:53:02.0673 3192  [ C01A7D65498CA5561B3737847D630D0A ] C:\Program Files\N-able Technologies\NRM\RSMTelnetLibrary.dll
08:53:02.0673 3192  C:\Program Files\N-able Technologies\NRM\RSMTelnetLibrary.dll - ok
08:53:02.0688 3192  [ 7ED9C36FD068AF49AAB870117B8BAFB0 ] C:\Program Files\IIS Express\nativrd2.dll
08:53:02.0688 3192  C:\Program Files\IIS Express\nativrd2.dll - ok
08:53:02.0704 3192  [ 1988806EDB9D6D1F661713708B7F5E27 ] C:\Program Files\IIS Express\rtinfo.dll
08:53:02.0704 3192  C:\Program Files\IIS Express\rtinfo.dll - ok
08:53:02.0704 3192  [ 835023E99C7EA7B29FCC49D0C4FE8555 ] C:\Program Files\IIS Express\iisexpresshelper.dll
08:53:02.0704 3192  C:\Program Files\IIS Express\iisexpresshelper.dll - ok
08:53:02.0704 3192  [ 123947EB6BFCF1C95ADB29CEA42588CA ] C:\Program Files\IIS Express\iisutil2.dll
08:53:02.0704 3192  C:\Program Files\IIS Express\iisutil2.dll - ok
08:53:02.0704 3192  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
08:53:02.0704 3192  C:\WINDOWS\system32\xmllite.dll - ok
08:53:02.0719 3192  [ 71E84B52FCEF5CD42EE244EDDAC6F2F2 ] C:\Program Files\IIS Express\en-us\iisres.dll.mui
08:53:02.0719 3192  C:\Program Files\IIS Express\en-us\iisres.dll.mui - ok
08:53:02.0719 3192  [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
08:53:02.0719 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
08:53:02.0719 3192  [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
08:53:02.0719 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
08:53:02.0719 3192  [ A8DD9855A35156E92BB750BC33AB5F9B ] C:\Program Files\IIS Express\hwebcore.dll
08:53:02.0719 3192  C:\Program Files\IIS Express\hwebcore.dll - ok
08:53:02.0735 3192  [ 2A2EFE8C0DE84B31EB043C24C0CE6E15 ] C:\Program Files\IIS Express\w3wphost.dll
08:53:02.0735 3192  C:\Program Files\IIS Express\w3wphost.dll - ok
08:53:02.0735 3192  [ 1467532810384012428AE78C440DA488 ] C:\Program Files\IIS Express\iiscore.dll
08:53:02.0735 3192  C:\Program Files\IIS Express\iiscore.dll - ok
08:53:02.0750 3192  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
08:53:02.0750 3192  C:\WINDOWS\system32\cabinet.dll - ok
08:53:02.0750 3192  [ BA46B18A692512C794FD1304E536DBFF ] C:\Program Files\IIS Express\w3dt.dll
08:53:02.0750 3192  C:\Program Files\IIS Express\w3dt.dll - ok
08:53:02.0750 3192  [ 48DC8861D8C316E743075CB838EAD576 ] C:\Program Files\IIS Express\w3tp.dll
08:53:02.0750 3192  C:\Program Files\IIS Express\w3tp.dll - ok
08:53:02.0766 3192  [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
08:53:02.0766 3192  C:\WINDOWS\system32\httpapi.dll - ok
08:53:02.0766 3192  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
08:53:02.0766 3192  C:\WINDOWS\system32\faultrep.dll - ok
08:53:02.0766 3192  [ 84ECD510A319D4E35AE8A83535CDF015 ] C:\Program Files\IIS Express\cachtokn.dll
08:53:02.0766 3192  C:\Program Files\IIS Express\cachtokn.dll - ok
08:53:02.0782 3192  [ C9A75E264C927C52E39745605964EC67 ] C:\Program Files\IIS Express\cachuri.dll
08:53:02.0782 3192  C:\Program Files\IIS Express\cachuri.dll - ok
08:53:02.0782 3192  [ 713D09CD4B1D327BC6377B33C3B0A9D0 ] C:\Program Files\IIS Express\compdyn.dll
08:53:02.0782 3192  C:\Program Files\IIS Express\compdyn.dll - ok
08:53:02.0782 3192  [ AC4CD8308653040DE751F9D7D65371B6 ] C:\Program Files\IIS Express\compstat.dll
08:53:02.0782 3192  C:\Program Files\IIS Express\compstat.dll - ok
08:53:02.0797 3192  [ F411FFA69C6FF42E8B34736A78CCFFDF ] C:\Program Files\IIS Express\defdoc.dll
08:53:02.0797 3192  C:\Program Files\IIS Express\defdoc.dll - ok
08:53:02.0797 3192  [ 9F8E90AAA712767E49ADBCD6D3BB4E45 ] C:\Program Files\IIS Express\dirlist.dll
08:53:02.0797 3192  C:\Program Files\IIS Express\dirlist.dll - ok
08:53:02.0797 3192  [ CBF40978343659AA8BCCAF2DDB82A26E ] C:\Program Files\IIS Express\protsup.dll
08:53:02.0797 3192  C:\Program Files\IIS Express\protsup.dll - ok
08:53:02.0797 3192  [ 4EADA9FE7A7FD72D1FF012A4C4FC21E7 ] C:\Program Files\IIS Express\redirect.dll
08:53:02.0797 3192  C:\Program Files\IIS Express\redirect.dll - ok
08:53:02.0797 3192  [ 9D4336985581D186CFC2916AD153A21A ] C:\Program Files\IIS Express\iis_ssi.dll
08:53:02.0797 3192  C:\Program Files\IIS Express\iis_ssi.dll - ok
08:53:02.0813 3192  [ FD15C1AA1C92BB8ED62F600BDFF2E1D0 ] C:\Program Files\IIS Express\static.dll
08:53:02.0813 3192  C:\Program Files\IIS Express\static.dll - ok
08:53:02.0813 3192  [ 39CDC77EBF705279EDAE54C79F2C8808 ] C:\Program Files\IIS Express\authanon.dll
08:53:02.0813 3192  C:\Program Files\IIS Express\authanon.dll - ok
08:53:02.0813 3192  [ 66E48F91879A9D42D0AAC2EC911EF031 ] C:\Program Files\IIS Express\authbas.dll
08:53:02.0813 3192  C:\Program Files\IIS Express\authbas.dll - ok
08:53:02.0813 3192  [ 14F36B3C00EF111F90CEE60A1C9EAC46 ] C:\Program Files\IIS Express\authcert.dll
08:53:02.0813 3192  C:\Program Files\IIS Express\authcert.dll - ok
08:53:02.0828 3192  [ 49FDA58038BF97B21827F5D0EA4A4773 ] C:\Program Files\IIS Express\urlauthz.dll
08:53:02.0828 3192  C:\Program Files\IIS Express\urlauthz.dll - ok
08:53:02.0828 3192  [ 1E408194B8ABF84FD673B12CAEF44156 ] C:\Program Files\IIS Express\authsspi.dll
08:53:02.0828 3192  C:\Program Files\IIS Express\authsspi.dll - ok
08:53:02.0828 3192  [ 9441C70D9629D69C5DA7FA7419DB0BE1 ] C:\Program Files\IIS Express\authmap.dll
08:53:02.0828 3192  C:\Program Files\IIS Express\authmap.dll - ok
08:53:02.0828 3192  [ 9EE7EC4052A5AF9DFF1AABBBB007E091 ] C:\Program Files\IIS Express\iprestr.dll
08:53:02.0828 3192  C:\Program Files\IIS Express\iprestr.dll - ok
08:53:02.0844 3192  [ D1F26B8EF1F099E298C0CEE649FA0339 ] C:\Program Files\IIS Express\modrqflt.dll
08:53:02.0844 3192  C:\Program Files\IIS Express\modrqflt.dll - ok
08:53:02.0844 3192  [ BA3675EF29DEA332D0C09A5EC76C2C9A ] C:\Program Files\IIS Express\custerr.dll
08:53:02.0844 3192  C:\Program Files\IIS Express\custerr.dll - ok
08:53:02.0844 3192  [ 4A147835F5D77CE547011C2F1DC96EBF ] C:\Program Files\IIS Express\logcust.dll
08:53:02.0844 3192  C:\Program Files\IIS Express\logcust.dll - ok
08:53:02.0844 3192  [ 61853CDC0B4EC7C4D9396A70323667DE ] C:\Program Files\IIS Express\loghttp.dll
08:53:02.0844 3192  C:\Program Files\IIS Express\loghttp.dll - ok
08:53:02.0844 3192  [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\Program Files\N-able Technologies\Windows Agent\bin\log4net.dll
08:53:02.0844 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\log4net.dll - ok
08:53:02.0859 3192  [ C1649188479440AA5834EDA555445CDC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
08:53:02.0859 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll - ok
08:53:02.0859 3192  [ F6720A00F3878FED15D7E8F95482F784 ] C:\Program Files\IIS Express\iisfreb.dll
08:53:02.0859 3192  C:\Program Files\IIS Express\iisfreb.dll - ok
08:53:02.0859 3192  [ 851BC9E3C3539FA47B31E7E194B990F0 ] C:\Program Files\IIS Express\iisreqs.dll
08:53:02.0859 3192  C:\Program Files\IIS Express\iisreqs.dll - ok
08:53:02.0859 3192  [ 7EF8D2DDA219B9F7DABAF176377DA254 ] C:\Program Files\IIS Express\cgi.dll
08:53:02.0859 3192  C:\Program Files\IIS Express\cgi.dll - ok
08:53:02.0875 3192  [ 5F85E0D35854AD7496D59B96855CFB4C ] C:\Program Files\IIS Express\filter.dll
08:53:02.0875 3192  C:\Program Files\IIS Express\filter.dll - ok
08:53:02.0875 3192  [ 9C9339ED024210A335AD8CC3A187B4C2 ] C:\Program Files\IIS Express\iisfcgi.dll
08:53:02.0875 3192  C:\Program Files\IIS Express\iisfcgi.dll - ok
08:53:02.0875 3192  [ E166AF4434FD08FBFD52194651E39A9F ] C:\Program Files\IIS Express\isapi.dll
08:53:02.0875 3192  C:\Program Files\IIS Express\isapi.dll - ok
08:53:02.0875 3192  [ E7120A53787C370A36547A82AE03FBD4 ] C:\Program Files\IIS Express\rewrite.dll
08:53:02.0875 3192  C:\Program Files\IIS Express\rewrite.dll - ok
08:53:02.0875 3192  [ 2FECC9CDBD50A9DDCD5A82324E1D6DB0 ] C:\Program Files\IIS Express\validcfg.dll
08:53:02.0875 3192  C:\Program Files\IIS Express\validcfg.dll - ok
08:53:02.0890 3192  [ 0E82EC203BE49233BCFA0FEAFCD81D6A ] C:\Program Files\IIS Express\webmatrixsup.dll
08:53:02.0890 3192  C:\Program Files\IIS Express\webmatrixsup.dll - ok
08:53:02.0890 3192  [ 57BCB402841C7AD7D3B2BE450E154976 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\webengine4.dll
08:53:02.0890 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\webengine4.dll - ok
08:53:02.0890 3192  [ 0C720C33E8D28AD60B7932EAD82309EA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
08:53:02.0890 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll - ok
08:53:02.0890 3192  [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
08:53:02.0890 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok
08:53:02.0906 3192  [ 377FBC245B3BCD71E4B8637889B9D797 ] C:\Program Files\N-able Technologies\Windows Agent\bin\agent.exe
08:53:02.0906 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\agent.exe - ok
08:53:02.0906 3192  [ E7342E471F9CFB2D262076495A873717 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ffea95c32cab6d4e56ff8027c1b8de21\System.Core.ni.dll
08:53:02.0906 3192  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ffea95c32cab6d4e56ff8027c1b8de21\System.Core.ni.dll - ok
08:53:02.0922 3192  [ 5F4C8C098BECCDE6F8616A88E4FADB36 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Framework.dll
08:53:02.0922 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Framework.dll - ok
08:53:02.0937 3192  [ 9AA00D6092C46E59376153A3A4104D18 ] C:\Program Files\RealVNC\VNC4\WinVNC4.exe
08:53:02.0937 3192  C:\Program Files\RealVNC\VNC4\WinVNC4.exe - ok
08:53:02.0937 3192  [ AFB2DAC0666824498E3F40139A7084AE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\203f25ba39b45027d2d0c8f849a471db\System.Security.ni.dll
08:53:02.0937 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\203f25ba39b45027d2d0c8f849a471db\System.Security.ni.dll - ok
08:53:02.0937 3192  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
08:53:02.0937 3192  C:\WINDOWS\system32\browser.dll - ok
08:53:02.0937 3192  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
08:53:02.0937 3192  C:\WINDOWS\system32\wscsvc.dll - ok
08:53:02.0953 3192  [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
08:53:02.0953 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
08:53:02.0953 3192  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
08:53:02.0953 3192  C:\WINDOWS\system32\wuaueng.dll - ok
08:53:02.0953 3192  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
08:53:02.0953 3192  C:\WINDOWS\system32\wuauserv.dll - ok
08:53:02.0968 3192  [ 51301ACC5E5FDA65CFA1968395E5D951 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
08:53:02.0968 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
08:53:02.0968 3192  [ 98B17BDA1D0BEA2FC8313DB218C0139F ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
08:53:02.0968 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
08:53:02.0984 3192  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
08:53:02.0984 3192  C:\WINDOWS\system32\ipnathlp.dll - ok
08:53:02.0984 3192  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
08:53:02.0984 3192  C:\WINDOWS\system32\mspatcha.dll - ok
08:53:02.0984 3192  [ 30B5A2254561E21CCC7BA21F80165D0B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
08:53:02.0984 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
08:53:02.0984 3192  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
08:53:02.0984 3192  C:\WINDOWS\system32\wups.dll - ok
08:53:02.0999 3192  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
08:53:02.0999 3192  C:\WINDOWS\system32\wups2.dll - ok
08:53:02.0999 3192  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
08:53:02.0999 3192  C:\WINDOWS\system32\wuauclt.exe - ok
08:53:02.0999 3192  [ 44DE39CB56D1919346C09C92A4B57C69 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
08:53:02.0999 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
08:53:03.0015 3192  [ 88E05F3B2031980A48D458EB78C67659 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
08:53:03.0015 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
08:53:03.0015 3192  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
08:53:03.0015 3192  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
08:53:03.0015 3192  [ 3A7C34AD5DCF3040435FAD363AD1BCD1 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll
08:53:03.0015 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll - ok
08:53:03.0015 3192  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
08:53:03.0015 3192  C:\WINDOWS\system32\drivers\http.sys - ok
08:53:03.0015 3192  [ 35A936C7C029A5B705D3FFD40518D660 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
08:53:03.0015 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
08:53:03.0031 3192  [ 5A4B93F78473F397C332A0BF6B8F093F ] C:\WINDOWS\system32\wbem\mofd.dll
08:53:03.0031 3192  C:\WINDOWS\system32\wbem\mofd.dll - ok
08:53:03.0031 3192  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
08:53:03.0031 3192  C:\WINDOWS\system32\userinit.exe - ok
08:53:03.0031 3192  [ 8645A43D99194E97D3C597B4EBCF364D ] C:\WINDOWS\system32\drivers\KaPFA.sys
08:53:03.0031 3192  C:\WINDOWS\system32\drivers\KaPFA.sys - ok
08:53:03.0031 3192  [ 1CAD39337202BA05BA929A44CA585A6A ] C:\WINDOWS\system32\pautoenr.dll
08:53:03.0031 3192  C:\WINDOWS\system32\pautoenr.dll - ok
08:53:03.0046 3192  [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
08:53:03.0046 3192  C:\WINDOWS\system32\w3ssl.dll - ok
08:53:03.0062 3192  [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
08:53:03.0062 3192  C:\WINDOWS\system32\strmfilt.dll - ok
08:53:03.0062 3192  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
08:53:03.0062 3192  C:\WINDOWS\system32\sensapi.dll - ok
08:53:03.0077 3192  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
08:53:03.0077 3192  C:\WINDOWS\system32\alg.exe - ok
08:53:03.0077 3192  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
08:53:03.0077 3192  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
08:53:03.0077 3192  [ 34781A7E9683F42C4B2FE6F09456568C ] C:\WINDOWS\system32\ipconfig.exe
08:53:03.0077 3192  C:\WINDOWS\system32\ipconfig.exe - ok
08:53:03.0077 3192  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
08:53:03.0077 3192  C:\WINDOWS\system32\wbem\framedyn.dll - ok
08:53:03.0093 3192  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
08:53:03.0093 3192  C:\WINDOWS\system32\security.dll - ok
08:53:03.0093 3192  [ EF3B1D3786EE735A05C8F4B0BE151C1A ] C:\Program Files\N-able Technologies\Windows Agent\bin\EndpointSecurity.dll
08:53:03.0093 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\EndpointSecurity.dll - ok
08:53:03.0093 3192  [ C3960D93DD11E2179AC9AE1E8CB8C065 ] C:\Program Files\N-able Technologies\Windows Agent\bin\IntegratedBackupMaintenance.dll
08:53:03.0093 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\IntegratedBackupMaintenance.dll - ok
08:53:03.0093 3192  [ 0882C4D8A1A39DDC9AA5C5A6043E4FF0 ] C:\Program Files\N-able Technologies\Windows Agent\bin\RemoteControl.dll
08:53:03.0093 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\RemoteControl.dll - ok
08:53:03.0108 3192  [ D7E8F16B63C04C18B1DF228A9CF840DC ] C:\Program Files\N-able Technologies\Windows Agent\bin\tunnel_common.dll
08:53:03.0108 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\tunnel_common.dll - ok
08:53:03.0108 3192  [ 0758759958453D8D1564F582E09488E9 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Interop.PAdminSDK.dll
08:53:03.0108 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Interop.PAdminSDK.dll - ok
08:53:03.0108 3192  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
08:53:03.0108 3192  C:\WINDOWS\system32\shfolder.dll - ok
08:53:03.0108 3192  [ 70B034685916298B6394B5DA4FD8B630 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8a0eba3c8f881dd718ab4d1bb5118f15\System.Web.Services.ni.dll
08:53:03.0108 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8a0eba3c8f881dd718ab4d1bb5118f15\System.Web.Services.ni.dll - ok
08:53:03.0124 3192  [ 0DBE12E4FF77FBE9EA02FCC7DFC30992 ] C:\Program Files\N-able Technologies\Windows Agent\bin\QTaskScheduler.dll
08:53:03.0124 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\QTaskScheduler.dll - ok
08:53:03.0124 3192  [ F607251CCBD5C21050DA62CAF1226256 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Common.Logging.dll
08:53:03.0124 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Common.Logging.dll - ok
08:53:03.0124 3192  [ BFF7E14E93F539EAAFEB610CCEF14FA7 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Quartz.dll
08:53:03.0124 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Quartz.dll - ok
08:53:03.0124 3192  [ 5530F64A3DFA218874E4B44C47A840F7 ] C:\Program Files\N-able Technologies\Windows Agent\bin\imrsdk.dll
08:53:03.0124 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\imrsdk.dll - ok
08:53:03.0139 3192  [ E7A06A9E6FB145701B95C2407D94F7E6 ] C:\Program Files\N-able Technologies\Windows Agent\bin\WSUSManager.dll
08:53:03.0139 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\WSUSManager.dll - ok
08:53:03.0139 3192  [ FE6D3095E77C845D34C9B84CF7958465 ] C:\Program Files\N-able Technologies\Windows Agent\bin\WUAManager.dll
08:53:03.0139 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\WUAManager.dll - ok
08:53:03.0139 3192  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
08:53:03.0139 3192  C:\WINDOWS\system32\tapisrv.dll - ok
08:53:03.0155 3192  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
08:53:03.0155 3192  C:\WINDOWS\system32\rasmans.dll - ok
08:53:03.0155 3192  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
08:53:03.0155 3192  C:\WINDOWS\system32\rastapi.dll - ok
08:53:03.0155 3192  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
08:53:03.0155 3192  C:\WINDOWS\system32\unimdm.tsp - ok
08:53:03.0155 3192  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
08:53:03.0155 3192  C:\WINDOWS\system32\uniplat.dll - ok
08:53:03.0155 3192  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
08:53:03.0155 3192  C:\WINDOWS\system32\h323.tsp - ok
08:53:03.0171 3192  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
08:53:03.0171 3192  C:\WINDOWS\system32\ipconf.tsp - ok
08:53:03.0171 3192  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
08:53:03.0171 3192  C:\WINDOWS\system32\kmddsp.tsp - ok
08:53:03.0171 3192  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
08:53:03.0171 3192  C:\WINDOWS\system32\ndptsp.tsp - ok
08:53:03.0171 3192  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
08:53:03.0171 3192  C:\WINDOWS\system32\hid.dll - ok
08:53:03.0186 3192  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
08:53:03.0186 3192  C:\WINDOWS\system32\hidphone.tsp - ok
08:53:03.0186 3192  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
08:53:03.0186 3192  C:\WINDOWS\system32\rasppp.dll - ok
08:53:03.0186 3192  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
08:53:03.0186 3192  C:\WINDOWS\system32\ntlsapi.dll - ok
08:53:03.0186 3192  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
08:53:03.0186 3192  C:\WINDOWS\system32\rasqec.dll - ok
08:53:03.0202 3192  [ 2849F13593D2712CCB97FFBDD3C1232E ] C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
08:53:03.0202 3192  C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
08:53:03.0202 3192  [ 235F385803F682FBA9B3826C6113E716 ] C:\Program Files\N-able Technologies\Windows Agent\bin\AVDefenderMaintenance.dll
08:53:03.0202 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\AVDefenderMaintenance.dll - ok
08:53:03.0202 3192  [ E186CEFDDD0BB438594B83B92E9B39D3 ] C:\Program Files\N-able Technologies\Windows Agent\modules\NALocalAssetDiscovery.dll
08:53:03.0202 3192  C:\Program Files\N-able Technologies\Windows Agent\modules\NALocalAssetDiscovery.dll - ok
08:53:03.0202 3192  [ B6CA7D40A0C08A2402FF34B41AB92DB7 ] C:\Program Files\N-able Technologies\Windows Agent\bin\localAssetScanner.dll
08:53:03.0202 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\localAssetScanner.dll - ok
08:53:03.0202 3192  [ 092EC5E6635B7CDF3BD08DF7C34536BC ] C:\Program Files\N-able Technologies\Windows Agent\modules\TCPModule.dll
08:53:03.0202 3192  C:\Program Files\N-able Technologies\Windows Agent\modules\TCPModule.dll - ok
08:53:03.0217 3192  [ 234E59F237038225232E2B34058EA5C4 ] C:\Program Files\N-able Technologies\Windows Agent\modules\LocalResourceModule.dll
08:53:03.0217 3192  C:\Program Files\N-able Technologies\Windows Agent\modules\LocalResourceModule.dll - ok
08:53:03.0217 3192  [ DE1A1893676021013C8DF6FFF7C45C99 ] C:\Program Files\N-able Technologies\Windows Agent\modules\PatchMonitoringModule.dll
08:53:03.0217 3192  C:\Program Files\N-able Technologies\Windows Agent\modules\PatchMonitoringModule.dll - ok
08:53:03.0217 3192  [ 06CEEDDDA0EA20C726361B383BEEF442 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Interop.WUApiLib.dll
08:53:03.0217 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Interop.WUApiLib.dll - ok
08:53:03.0217 3192  [ 433648B10638C205C6E86A7C1F887D33 ] C:\Program Files\N-able Technologies\Windows Agent\bin\Microsoft.UpdateServices.Administration.dll
08:53:03.0217 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\Microsoft.UpdateServices.Administration.dll - ok
08:53:03.0233 3192  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
08:53:03.0233 3192  C:\WINDOWS\system32\wuapi.dll - ok
08:53:03.0233 3192  [ 349C17B1EB3E88AE18C10309ABA446B5 ] C:\WINDOWS\system32\netfxperf.dll
08:53:03.0233 3192  C:\WINDOWS\system32\netfxperf.dll - ok
08:53:03.0233 3192  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
08:53:03.0233 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
08:53:03.0233 3192  [ 257147843B66B67CB72AE8197DD479CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
08:53:03.0233 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
08:53:03.0248 3192  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
08:53:03.0248 3192  C:\WINDOWS\system32\cryptnet.dll - ok
08:53:03.0248 3192  [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
08:53:03.0248 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
08:53:03.0248 3192  [ 239936B3AB3E943F489AC6568A55B045 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3283b562a391db4f3f6dcee754de15a8\CustomMarshalers.ni.dll
08:53:03.0248 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3283b562a391db4f3f6dcee754de15a8\CustomMarshalers.ni.dll - ok
08:53:03.0248 3192  [ DC426A365577F27187F99EB506ECD5D1 ] C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
08:53:03.0248 3192  C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
08:53:03.0248 3192  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
08:53:03.0248 3192  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
08:53:03.0264 3192  [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\WINDOWS\system32\aspnet_counters.dll
08:53:03.0264 3192  C:\WINDOWS\system32\aspnet_counters.dll - ok
08:53:03.0264 3192  [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
08:53:03.0264 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
08:53:03.0264 3192  [ F4E9693F449600A30088A0B16079F3CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
08:53:03.0264 3192  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
08:53:03.0264 3192  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
08:53:03.0264 3192  C:\WINDOWS\system32\cfgmgr32.dll - ok
08:53:03.0264 3192  [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
08:53:03.0264 3192  C:\WINDOWS\system32\query.dll - ok
08:53:03.0280 3192  [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
08:53:03.0280 3192  C:\WINDOWS\system32\mfc42u.dll - ok
08:53:03.0280 3192  [ 39C6377F5CFFF489F3F04F442D076442 ] C:\WINDOWS\system32\msdtcuiu.dll
08:53:03.0280 3192  C:\WINDOWS\system32\msdtcuiu.dll - ok
08:53:03.0280 3192  [ 92E1A82CA4B048D1D970CBEA1A097F6E ] C:\WINDOWS\system32\msdtcprx.dll
08:53:03.0280 3192  C:\WINDOWS\system32\msdtcprx.dll - ok
08:53:03.0280 3192  [ B6FCAB5092BE93BA44DADDF8C42E1295 ] C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL
08:53:03.0280 3192  C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL - ok
08:53:03.0280 3192  [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINDOWS\system32\perfnet.dll
08:53:03.0280 3192  C:\WINDOWS\system32\perfnet.dll - ok
08:53:03.0295 3192  [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
08:53:03.0295 3192  C:\WINDOWS\system32\perfproc.dll - ok
08:53:03.0295 3192  [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
08:53:03.0295 3192  C:\WINDOWS\system32\pschdprf.dll - ok
08:53:03.0295 3192  [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll
08:53:03.0295 3192  C:\WINDOWS\system32\rasctrs.dll - ok
08:53:03.0295 3192  [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
08:53:03.0295 3192  C:\WINDOWS\system32\rsvpperf.dll - ok
08:53:03.0295 3192  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
08:53:03.0311 3192  C:\WINDOWS\system32\spoolss.dll - ok
08:53:03.0311 3192  [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
08:53:03.0311 3192  C:\WINDOWS\system32\traffic.dll - ok
08:53:03.0311 3192  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
08:53:03.0311 3192  C:\WINDOWS\system32\localspl.dll - ok
08:53:03.0311 3192  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
08:53:03.0311 3192  C:\WINDOWS\system32\cnbjmon.dll - ok
08:53:03.0311 3192  [ 94D297432C2B09BB1C4FFAF89FBEE340 ] C:\WINDOWS\system32\cpwmon2k.dll
08:53:03.0311 3192  C:\WINDOWS\system32\cpwmon2k.dll - ok
08:53:03.0326 3192  [ 95647F820CBC025676D7B407E2BCFBE6 ] C:\WINDOWS\system32\mdimon.dll
08:53:03.0326 3192  C:\WINDOWS\system32\mdimon.dll - ok
08:53:03.0326 3192  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
08:53:03.0326 3192  C:\WINDOWS\system32\pjlmon.dll - ok
08:53:03.0326 3192  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
08:53:03.0326 3192  C:\WINDOWS\system32\tcpmon.dll - ok
08:53:03.0326 3192  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
08:53:03.0326 3192  C:\WINDOWS\system32\usbmon.dll - ok
08:53:03.0326 3192  [ 4424AE65F7AF8181AC99FE46BC2700C9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
08:53:03.0326 3192  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
08:53:03.0342 3192  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
08:53:03.0342 3192  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
08:53:03.0342 3192  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
08:53:03.0342 3192  C:\WINDOWS\system32\win32spl.dll - ok
08:53:03.0342 3192  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
08:53:03.0342 3192  C:\WINDOWS\system32\netrap.dll - ok
08:53:03.0342 3192  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
08:53:03.0342 3192  C:\WINDOWS\system32\inetpp.dll - ok
08:53:03.0342 3192  [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
08:53:03.0342 3192  C:\WINDOWS\system32\tapiperf.dll - ok
08:53:03.0357 3192  [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
08:53:03.0357 3192  C:\WINDOWS\system32\perfctrs.dll - ok
08:53:03.0357 3192  [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINDOWS\system32\perfts.dll
08:53:03.0357 3192  C:\WINDOWS\system32\perfts.dll - ok
08:53:03.0357 3192  [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll
08:53:03.0357 3192  C:\WINDOWS\system32\loadperf.dll - ok
08:53:03.0357 3192  [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\system32\utildll.dll
08:53:03.0357 3192  C:\WINDOWS\system32\utildll.dll - ok
08:53:03.0373 3192  [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINDOWS\system32\wbem\wmiaprpl.dll
08:53:03.0373 3192  C:\WINDOWS\system32\wbem\wmiaprpl.dll - ok
08:53:03.0373 3192  [ E0673F1106E62A68D2257E376079F821 ] C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:53:03.0373 3192  C:\WINDOWS\system32\wbem\wmiapsrv.exe - ok
08:53:03.0373 3192  [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\system32\wbem\wmiapres.dll
08:53:03.0373 3192  C:\WINDOWS\system32\wbem\wmiapres.dll - ok
08:53:03.0373 3192  [ C5A9554406507AB2AB341B221D97519D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
08:53:03.0373 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll - ok
08:53:03.0373 3192  [ 59E9A77A6836A611F3DF55D1A75167C6 ] C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepository.dll
08:53:03.0373 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepository.dll - ok
08:53:03.0388 3192  [ 406BEA8AB46BB632426EC3AC938B3BD9 ] C:\Program Files\N-able Technologies\Windows Agent\bin\bitsadmin.exe
08:53:03.0388 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\bitsadmin.exe - ok
08:53:03.0388 3192  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
08:53:03.0388 3192  C:\WINDOWS\system32\advpack.dll - ok
08:53:03.0388 3192  [ 35AB028D26608576B860FB923FEA5E40 ] C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepositoryCommon.dll
08:53:03.0388 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\SISRepositoryCommon.dll - ok
08:53:03.0388 3192  [ 9DF19149F4E487A271D89C9E6F69C652 ] C:\Program Files\N-able Technologies\Windows Agent\bin\VNCDES.exe
08:53:03.0388 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\VNCDES.exe - ok
08:53:03.0388 3192  [ 5AEEC80B9DF42186759211B1C46B8635 ] C:\Program Files\N-able Technologies\Windows Agent\bin\RebootManager.dll
08:53:03.0404 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\RebootManager.dll - ok
08:53:03.0404 3192  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
08:53:03.0404 3192  C:\WINDOWS\system32\termsrv.dll - ok
08:53:03.0404 3192  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
08:53:03.0404 3192  C:\WINDOWS\system32\icaapi.dll - ok
08:53:03.0404 3192  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
08:53:03.0404 3192  C:\WINDOWS\system32\mstlsapi.dll - ok
08:53:03.0404 3192  [ E4B98F2D6F02A422D163E58DBF9EE9E5 ] C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll
08:53:03.0404 3192  C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll - ok
08:53:03.0420 3192  [ 803BFFE165289CDA800D3CE221C671FB ] C:\Program Files\Trend Micro\AMSP\module\1\1.6.1242\coreFrameworkBuilder.dll
08:53:03.0420 3192  C:\Program Files\Trend Micro\AMSP\module\1\1.6.1242\coreFrameworkBuilder.dll - ok
08:53:03.0420 3192  [ E4B98F2D6F02A422D163E58DBF9EE9E5 ] C:\Program Files\Trend Micro\AMSP\module\5\1.6.1242\coreConfigRepository.dll
08:53:03.0420 3192  C:\Program Files\Trend Micro\AMSP\module\5\1.6.1242\coreConfigRepository.dll - ok
08:53:03.0420 3192  [ E1D789FB57FAA7AB593F06D3A35F801D ] C:\Program Files\Trend Micro\AMSP\module\7\1.6.1246\coreUpdateManager.dll
08:53:03.0420 3192  C:\Program Files\Trend Micro\AMSP\module\7\1.6.1246\coreUpdateManager.dll - ok
08:53:03.0420 3192  [ 3F0243B9EA6BC1D184D9318EBA31AA60 ] C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll
08:53:03.0420 3192  C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll - ok
08:53:03.0435 3192  [ 37E58A0B0ED9618C2F58C15FEDD3593B ] C:\Program Files\Trend Micro\AMSP\module\10\1.6.1242\coreActionManager.dll
08:53:03.0435 3192  C:\Program Files\Trend Micro\AMSP\module\10\1.6.1242\coreActionManager.dll - ok
08:53:03.0435 3192  [ 052990240D25E024FE460772E13D0A53 ] C:\Program Files\Trend Micro\AMSP\module\11\1.6.1242\coreScanManager.dll
08:53:03.0435 3192  C:\Program Files\Trend Micro\AMSP\module\11\1.6.1242\coreScanManager.dll - ok
08:53:03.0435 3192  [ F1E97BC181C70596029660FE0CB48C21 ] C:\Program Files\Trend Micro\AMSP\module\2\1.6.1242\coreCommandManager.dll
08:53:03.0435 3192  C:\Program Files\Trend Micro\AMSP\module\2\1.6.1242\coreCommandManager.dll - ok
08:53:03.0435 3192  [ 74DDE031F6DC3767CB422E33744850EC ] C:\Program Files\Trend Micro\AMSP\utilRPC.dll
08:53:03.0435 3192  C:\Program Files\Trend Micro\AMSP\utilRPC.dll - ok
08:53:03.0435 3192  [ 6D3BBEA06410926BEB42A9AC9DDF8192 ] C:\Program Files\Trend Micro\AMSP\utilIPC.dll
08:53:03.0435 3192  C:\Program Files\Trend Micro\AMSP\utilIPC.dll - ok
08:53:03.0451 3192  [ E10696D598ABE38C8E29DEB350705391 ] C:\Program Files\Trend Micro\AMSP\module\3\1.6.1242\coreEventManager.dll
08:53:03.0451 3192  C:\Program Files\Trend Micro\AMSP\module\3\1.6.1242\coreEventManager.dll - ok
08:53:03.0451 3192  [ 3F961954BF3C9CBE3A52296397F067F1 ] C:\Program Files\Trend Micro\AMSP\module\4\1.6.1242\coreTaskManager.dll
08:53:03.0451 3192  C:\Program Files\Trend Micro\AMSP\module\4\1.6.1242\coreTaskManager.dll - ok
08:53:03.0451 3192  [ 2A8F814F86EAF99693DA9776DF2BFA73 ] C:\Program Files\Trend Micro\AMSP\module\6\1.6.1242\coreReportManager.dll
08:53:03.0451 3192  C:\Program Files\Trend Micro\AMSP\module\6\1.6.1242\coreReportManager.dll - ok
08:53:03.0451 3192  [ 5E17183E8F77E4E35E30CDFAE5A0A9AD ] C:\Program Files\Trend Micro\AMSP\module\10000\1.6.1242\9.700.1001\plugEngineVSAPI.dll
08:53:03.0451 3192  C:\Program Files\Trend Micro\AMSP\module\10000\1.6.1242\9.700.1001\plugEngineVSAPI.dll - ok
08:53:03.0466 3192  [ 3E41ABF14EE9965DE8CD158B2B651252 ] C:\Program Files\Trend Micro\AMSP\module\10001\1.6.1242\6.2.1034\plugEngineSSAPI.dll
08:53:03.0466 3192  C:\Program Files\Trend Micro\AMSP\module\10001\1.6.1242\6.2.1034\plugEngineSSAPI.dll - ok
08:53:03.0466 3192  [ BDA873806E2F4963B69C3AF38E871FF9 ] C:\Program Files\Trend Micro\AMSP\module\10002\1.6.1242\7.0.1028\plugEngineDCE.dll
08:53:03.0466 3192  C:\Program Files\Trend Micro\AMSP\module\10002\1.6.1242\7.0.1028\plugEngineDCE.dll - ok
08:53:03.0466 3192  [ D010C3F8F57C1A76440292D54C63891F ] C:\Program Files\Trend Micro\AMSP\module\30001\1.6.1106\plugManualScanFlow.dll
08:53:03.0466 3192  C:\Program Files\Trend Micro\AMSP\module\30001\1.6.1106\plugManualScanFlow.dll - ok
08:53:03.0466 3192  [ C9A20EBAC4CBE3108C362029B71181BC ] C:\Program Files\Trend Micro\AMSP\module\40000\1.6.1215\3.60.1093\plugUtilRCM.dll
08:53:03.0466 3192  C:\Program Files\Trend Micro\AMSP\module\40000\1.6.1215\3.60.1093\plugUtilRCM.dll - ok
08:53:03.0466 3192  [ 6978D1E6C59F0DAA535F9A1939AEE928 ] C:\Program Files\Trend Micro\AMSP\module\40001\1.6.1242\plugUtilEnum.dll
08:53:03.0466 3192  C:\Program Files\Trend Micro\AMSP\module\40001\1.6.1242\plugUtilEnum.dll - ok
08:53:03.0482 3192  [ 279CB1460B583BC777BD37CD869F5BDB ] C:\Program Files\Trend Micro\AMSP\module\1000001\1.6.1163\paCoreProductAdaptor.dll
08:53:03.0482 3192  C:\Program Files\Trend Micro\AMSP\module\1000001\1.6.1163\paCoreProductAdaptor.dll - ok
08:53:03.0482 3192  [ 283B5762FB2290FF67466151B9425908 ] C:\Program Files\Trend Micro\AMSP\inner_AMSP_ClientLibrary.dll
08:53:03.0482 3192  C:\Program Files\Trend Micro\AMSP\inner_AMSP_ClientLibrary.dll - ok
08:53:03.0482 3192  [ B8D79E194CA779EFCDBDA78904971687 ] C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll
08:53:03.0482 3192  C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll - ok
08:53:03.0482 3192  [ 57CDD8148B7CF8025659EFB95FEA4BD6 ] C:\Program Files\Trend Micro\AMSP\module\20001\1.6.1242\3.60.1080\plugAdapterSystem.dll
08:53:03.0482 3192  C:\Program Files\Trend Micro\AMSP\module\20001\1.6.1242\3.60.1080\plugAdapterSystem.dll - ok
08:53:03.0497 3192  [ F5FA619546C0D1B578EC7CE859C5ADDF ] C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\plugEngineAEGIS.dll
08:53:03.0497 3192  C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\plugEngineAEGIS.dll - ok
08:53:03.0497 3192  [ EDDD8539BC0DA147E9E037E20C4A6BB5 ] C:\Program Files\Trend Micro\AMSP\module\10005\1.6.1106\3.5.1047\plugEngineTMUFE.dll
08:53:03.0497 3192  C:\Program Files\Trend Micro\AMSP\module\10005\1.6.1106\3.5.1047\plugEngineTMUFE.dll - ok
08:53:03.0497 3192  [ 16E0F29387AF93E34E79FC210C1A6644 ] C:\Program Files\Trend Micro\AMSP\module\10007\1.6.1242\2.5.1037\plugEngineTMFBE.dll
08:53:03.0497 3192  C:\Program Files\Trend Micro\AMSP\module\10007\1.6.1242\2.5.1037\plugEngineTMFBE.dll - ok
08:53:03.0513 3192  [ 7394354B60171DD8057634EB2E1B0723 ] C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\plugAdapterProxy.dll
08:53:03.0513 3192  C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\plugAdapterProxy.dll - ok
08:53:03.0513 3192  [ C2375156D1075D74025E9389BF8CD5BC ] C:\Program Files\Trend Micro\AMSP\module\30000\1.6.1242\plugRealtimeScanFlow.dll
08:53:03.0513 3192  C:\Program Files\Trend Micro\AMSP\module\30000\1.6.1242\plugRealtimeScanFlow.dll - ok
08:53:03.0529 3192  [ 641F5C5814F318BE5B6081EB7FD3AC7C ] C:\Program Files\Trend Micro\AMSP\module\30004\1.6.1106\plugRealTimeScanCache.dll
08:53:03.0529 3192  C:\Program Files\Trend Micro\AMSP\module\30004\1.6.1106\plugRealTimeScanCache.dll - ok
08:53:03.0529 3192  [ D77C4E3685FC53EEC181284AEBC0DAB7 ] C:\Program Files\Trend Micro\AMSP\module\40002\1.6.1242\plugUtilSysInfo.dll
08:53:03.0529 3192  C:\Program Files\Trend Micro\AMSP\module\40002\1.6.1242\plugUtilSysInfo.dll - ok
08:53:03.0529 3192  [ 4BC0D36D574E12AA598B0286254848D4 ] C:\Program Files\Trend Micro\AMSP\module\10011\1.0.1275\1.0.1275\plugEngineTMSA.dll
08:53:03.0529 3192  C:\Program Files\Trend Micro\AMSP\module\10011\1.0.1275\1.0.1275\plugEngineTMSA.dll - ok
08:53:03.0529 3192  [ 43D03A66693B2B84DBC6C23BE7AA6BB9 ] C:\Program Files\Trend Micro\AMSP\module\40003\1.6.1242\1.6.1242\plugUtilException.dll
08:53:03.0529 3192  C:\Program Files\Trend Micro\AMSP\module\40003\1.6.1242\1.6.1242\plugUtilException.dll - ok
08:53:03.0544 3192  [ 5A3C722C73F05D2192DE492AF4B73D65 ] C:\Program Files\Trend Micro\AMSP\module\30006\1.6.1242\plugCommonScanCache.dll
08:53:03.0544 3192  C:\Program Files\Trend Micro\AMSP\module\30006\1.6.1242\plugCommonScanCache.dll - ok
08:53:03.0544 3192  [ 260B5930258C7CBEEDDF8A4F4568D1A8 ] C:\Program Files\Trend Micro\AMSP\module\10000\1.6.1242\9.700.1001\vsapi32.dll
08:53:03.0544 3192  C:\Program Files\Trend Micro\AMSP\module\10000\1.6.1242\9.700.1001\vsapi32.dll - ok
08:53:03.0544 3192  [ 56156E48B13063DC738BC43C38645274 ] C:\Program Files\Trend Micro\AMSP\module\10002\1.6.1242\7.0.1028\tscdll32.dll
08:53:03.0544 3192  C:\Program Files\Trend Micro\AMSP\module\10002\1.6.1242\7.0.1028\tscdll32.dll - ok
08:53:03.0544 3192  [ 8147825E36BF0492BA3D98C1118C7139 ] C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\TmAegis.dll
08:53:03.0544 3192  C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\TmAegis.dll - ok
08:53:03.0544 3192  [ 3F90147696534CD712B8E031ACCACACE ] C:\Program Files\Trend Micro\AMSP\module\10005\1.6.1106\3.5.1047\tmufeng.dll
08:53:03.0544 3192  C:\Program Files\Trend Micro\AMSP\module\10005\1.6.1106\3.5.1047\tmufeng.dll - ok
08:53:03.0560 3192  [ 4EF524AFA6148EE87C19222E6771297A ] C:\Program Files\Trend Micro\AMSP\module\10007\1.6.1242\2.5.1037\tmfbeng.dll
08:53:03.0560 3192  C:\Program Files\Trend Micro\AMSP\module\10007\1.6.1242\2.5.1037\tmfbeng.dll - ok
08:53:03.0560 3192  [ A6784C940CBB6C030EEE7ECD2A669539 ] C:\Program Files\Trend Micro\AMSP\module\10011\1.0.1275\1.0.1275\tmsa32.dll
08:53:03.0560 3192  C:\Program Files\Trend Micro\AMSP\module\10011\1.0.1275\1.0.1275\tmsa32.dll - ok
08:53:03.0560 3192  [ 5C89192886800B3A9ECB46BC836B7800 ] C:\Program Files\Trend Micro\AMSP\module\20001\1.6.1242\3.60.1080\TmSysEvt.dll
08:53:03.0560 3192  C:\Program Files\Trend Micro\AMSP\module\20001\1.6.1242\3.60.1080\TmSysEvt.dll - ok
08:53:03.0560 3192  [ 79E8814E405BF39DDB2F3EFB32C4215D ] C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\TmpxCfg.dll
08:53:03.0560 3192  C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\TmpxCfg.dll - ok
08:53:03.0575 3192  [ 70E5C8C11134572DEF16AC8846CD2EBB ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmNscDbg.dll
08:53:03.0575 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmNscDbg.dll - ok
08:53:03.0575 3192  [ 79DBA3575B8D612DE83BCA9913262B82 ] C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\TmpxCtl.dll
08:53:03.0575 3192  C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1242\6.6.1089\TmpxCtl.dll - ok
08:53:03.0591 3192  [ FDBD63D77167A99841337702EFB6A837 ] C:\Program Files\Trend Micro\AMSP\module\10001\1.6.1242\6.2.1034\ssapi32.dll
08:53:03.0591 3192  C:\Program Files\Trend Micro\AMSP\module\10001\1.6.1242\6.2.1034\ssapi32.dll - ok
08:53:03.0591 3192  [ 74C07F05D9ECB05B627D2973BC07AE20 ] C:\WINDOWS\system32\occache.dll
08:53:03.0591 3192  C:\WINDOWS\system32\occache.dll - ok
08:53:03.0606 3192  [ E734A1B04460A092FA41D8F78B4D1A02 ] C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\tmwlchk.dll
08:53:03.0606 3192  C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\tmwlchk.dll - ok
08:53:03.0606 3192  [ 61C28B3869D70726FDE15FE31A819A3D ] C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\tmtap.dll
08:53:03.0606 3192  C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\tmtap.dll - ok
08:53:03.0606 3192  [ A523A3341A1EAD84D7FD4030EA65FA91 ] C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\TMPEM.dll
08:53:03.0606 3192  C:\Program Files\Trend Micro\AMSP\module\10004\1.6.1242\3.60.1055\TMPEM.dll - ok
08:53:03.0606 3192  [ A60E337E5C366AFAFAE5E0751826BEFD ] C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
08:53:03.0606 3192  C:\Program Files\Trend Micro\AMSP\libprotobuf.dll - ok
08:53:03.0622 3192  [ 74540C9552C472FDC6CE3FC7759C7E5F ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\tmtdi.dll
08:53:03.0622 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\tmtdi.dll - ok
08:53:03.0622 3192  [ 018689D243B662E505648312DBEBA389 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmIm.dll
08:53:03.0622 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmIm.dll - ok
08:53:03.0622 3192  [ C79EFF1A54EB7D7935BAB692713B22A7 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpePDP.dll
08:53:03.0622 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpePDP.dll - ok
08:53:03.0622 3192  [ C6A052A6960CB5EA488BE2CA5458E7CD ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\tmcfscan.dll
08:53:03.0622 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\tmcfscan.dll - ok
08:53:03.0622 3192  [ 7B9C0938025532E241190FE3BB99DCA7 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphAim.dll
08:53:03.0622 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphAim.dll - ok
08:53:03.0637 3192  [ 78D1449B14E25944EACA722705BC97FF ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmHttp.dll
08:53:03.0637 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmHttp.dll - ok
08:53:03.0637 3192  [ BB1C21BBC16B2E55A1DF68E2B4813CA6 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpeUrlF.dll
08:53:03.0637 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpeUrlF.dll - ok
08:53:03.0637 3192  [ DB19CE4D997E90FAC831C253A8A04F52 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpeHosF.dll
08:53:03.0637 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmpeHosF.dll - ok
08:53:03.0637 3192  [ 6BBED821CB2856C74B2E6887F306F654 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphHttp.dll
08:53:03.0637 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphHttp.dll - ok
08:53:03.0653 3192  [ E166FCB845D1D0C23FDC65CFD6059EE0 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphIcq.dll
08:53:03.0653 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphIcq.dll - ok
08:53:03.0653 3192  [ C896F8595ADB60BE1830B87B576B24C1 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphMsn.dll
08:53:03.0653 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphMsn.dll - ok
08:53:03.0653 3192  [ E6A4E31B908EB82FD7A690743B0A1301 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphYmsg.dll
08:53:03.0653 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphYmsg.dll - ok
08:53:03.0653 3192  [ 1920AE5C2D2A1C43EA698238A021253A ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmPlgAdp.dll
08:53:03.0653 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmPlgAdp.dll - ok
08:53:03.0653 3192  [ 987C99C320736E28231039BEC25B5938 ] C:\Program Files\Trend Micro\AMSP\instInstallationLibrary.dll
08:53:03.0653 3192  C:\Program Files\Trend Micro\AMSP\instInstallationLibrary.dll - ok
08:53:03.0669 3192  [ 5180FD15186FFC1FC348B6B54FDEB940 ] C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll
08:53:03.0669 3192  C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll - ok
08:53:03.0669 3192  [ 503438F4A49C4EBC8ADBCF05DFBFA2E3 ] C:\Program Files\Trend Micro\AMSP\module\1000001\1.6.1163\utilUniClient.dll
08:53:03.0669 3192  C:\Program Files\Trend Micro\AMSP\module\1000001\1.6.1163\utilUniClient.dll - ok
08:53:03.0669 3192  [ C927AAD9E7469BDC103DC399A8A28FDC ] C:\Program Files\Trend Micro\UniClient\plugins\plugEventHub.dll
08:53:03.0669 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugEventHub.dll - ok
08:53:03.0669 3192  [ 082C20FB519C973DFE40F499DE4C96DE ] C:\Program Files\Trend Micro\UniClient\plugins\plugWorkflowHost.dll
08:53:03.0669 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugWorkflowHost.dll - ok
08:53:03.0684 3192  [ B027A109598AF68C3414AF78C9AA9F65 ] C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
08:53:03.0684 3192  C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll - ok
08:53:03.0684 3192  [ E9F23000332DA26CF82D55A0E04B4C03 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugTMAS.dll
08:53:03.0684 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugTMAS.dll - ok
08:53:03.0684 3192  [ 9B81EDB6080FAF05F3E26D91B8AB7302 ] C:\Program Files\Trend Micro\UniClient\plugins\plugUpdater.dll
08:53:03.0684 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugUpdater.dll - ok
08:53:03.0684 3192  [ A2B3229822347C0CDEF6D0BD1143D4CA ] C:\Program Files\Trend Micro\UniClient\plugins\plugCfgProxy.dll
08:53:03.0684 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugCfgProxy.dll - ok
08:53:03.0700 3192  [ 1229A8E4B16F845F6640993F0EB72F43 ] C:\Program Files\Trend Micro\UniClient\plugins\plugFeatureToggle.dll
08:53:03.0700 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugFeatureToggle.dll - ok
08:53:03.0700 3192  [ 8C2D39C01C5D4251D8B1F05562266E0C ] C:\XaraTemp\KRlyCLis.exe
08:53:03.0700 3192  C:\XaraTemp\KRlyCLis.exe - ok
08:53:03.0700 3192  [ 7FC987E275F8909B2742F82818F1DBDF ] C:\Program Files\Trend Micro\UniClient\workflows\util\utilWofieLuaHelper.dll
08:53:03.0700 3192  C:\Program Files\Trend Micro\UniClient\workflows\util\utilWofieLuaHelper.dll - ok
08:53:03.0700 3192  [ 56DCE7B35A9A3E046310D16535194F85 ] C:\Program Files\Trend Micro\AMSP\ZLib.dll
08:53:03.0700 3192  C:\Program Files\Trend Micro\AMSP\ZLib.dll - ok
08:53:03.0700 3192  [ F87B69B39FC074060E06FE69F72C94FA ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieOfie.dll
08:53:03.0700 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieOfie.dll - ok
08:53:03.0715 3192  [ 11D9644F93FFF9E0AA954D7F69BE0525 ] C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe
08:53:03.0715 3192  C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe - ok
08:53:03.0715 3192  [ AF7466548D957D8DCB4A331DA4F39045 ] C:\Program Files\Trend Micro\Client Server Security Agent\utilDebugLog.dll
08:53:03.0715 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilDebugLog.dll - ok
08:53:03.0715 3192  [ 7BDA9423415F7612454B91DF4FA11576 ] C:\Program Files\Trend Micro\Client Server Security Agent\boost_thread-vc80-mt-1_36.dll
08:53:03.0715 3192  C:\Program Files\Trend Micro\Client Server Security Agent\boost_thread-vc80-mt-1_36.dll - ok
08:53:03.0715 3192  [ 50EE778BF4C4EE52CF1FB49E268710CD ] C:\Program Files\Trend Micro\Client Server Security Agent\boost_date_time-vc80-mt-1_36.dll
08:53:03.0715 3192  C:\Program Files\Trend Micro\Client Server Security Agent\boost_date_time-vc80-mt-1_36.dll - ok
08:53:03.0731 3192  [ 1BB15115C5B9D3BD02986D8AD0B227E8 ] C:\Program Files\Trend Micro\Client Server Security Agent\libpwd.dll
08:53:03.0731 3192  C:\Program Files\Trend Micro\Client Server Security Agent\libpwd.dll - ok
08:53:03.0731 3192  [ 1C756EB8C9D651091915D8A4C5681D25 ] C:\Program Files\Trend Micro\Client Server Security Agent\libTmHttpServer.dll
08:53:03.0731 3192  C:\Program Files\Trend Micro\Client Server Security Agent\libTmHttpServer.dll - ok
08:53:03.0731 3192  [ 1DB7B0F1BA4041617E45281C184C3738 ] C:\Program Files\Trend Micro\Client Server Security Agent\libTmHttpClient.dll
08:53:03.0731 3192  C:\Program Files\Trend Micro\Client Server Security Agent\libTmHttpClient.dll - ok
08:53:03.0731 3192  [ 5180FD15186FFC1FC348B6B54FDEB940 ] C:\Program Files\Trend Micro\Client Server Security Agent\outer_AMSP_ClientLibrary.dll
08:53:03.0731 3192  C:\Program Files\Trend Micro\Client Server Security Agent\outer_AMSP_ClientLibrary.dll - ok
08:53:03.0731 3192  [ 74DDE031F6DC3767CB422E33744850EC ] C:\Program Files\Trend Micro\Client Server Security Agent\utilRPC.dll
08:53:03.0731 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilRPC.dll - ok
08:53:03.0746 3192  [ 61487F79AF2679F0E675498663D56486 ] C:\Program Files\Trend Micro\Client Server Security Agent\utilThread.dll
08:53:03.0746 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilThread.dll - ok
08:53:03.0746 3192  [ 6D3BBEA06410926BEB42A9AC9DDF8192 ] C:\Program Files\Trend Micro\Client Server Security Agent\utilIPC.dll
08:53:03.0746 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilIPC.dll - ok
08:53:03.0746 3192  [ B5F1F2B39F1241F8AF9D3A8B38D4C887 ] C:\Program Files\Trend Micro\Client Server Security Agent\utilInstallation.dll
08:53:03.0746 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilInstallation.dll - ok
08:53:03.0746 3192  [ 6A73E535E778991EA3B7B70EEB7ADEAF ] C:\Program Files\Trend Micro\Client Server Security Agent\utilMsgBuffer.dll
08:53:03.0746 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilMsgBuffer.dll - ok
08:53:03.0762 3192  [ 0BF2D8D6EED059CB3BA82EF784C5A35F ] C:\Program Files\Trend Micro\Client Server Security Agent\utilComponentInfo.dll
08:53:03.0762 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilComponentInfo.dll - ok
08:53:03.0762 3192  [ 9926BB462A41FCB71BD9FEB99037E6EC ] C:\Program Files\Trend Micro\Client Server Security Agent\utilGenericLoader.dll
08:53:03.0762 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilGenericLoader.dll - ok
08:53:03.0762 3192  [ F4E14CE0F8655EC30E7F34E97A3241A6 ] C:\Program Files\Trend Micro\Client Server Security Agent\PccWFWMo.dll
08:53:03.0762 3192  C:\Program Files\Trend Micro\Client Server Security Agent\PccWFWMo.dll - ok
08:53:03.0762 3192  [ B8D79E194CA779EFCDBDA78904971687 ] C:\Program Files\Trend Micro\Client Server Security Agent\utilJsonHandle.dll
08:53:03.0762 3192  C:\Program Files\Trend Micro\Client Server Security Agent\utilJsonHandle.dll - ok
08:53:03.0762 3192  [ AFF01FA8298592A30005E81044C2D939 ] C:\Program Files\RealVNC\VNC4\wm_hooks.dll
08:53:03.0762 3192  C:\Program Files\RealVNC\VNC4\wm_hooks.dll - ok
08:53:03.0778 3192  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
08:53:03.0778 3192  C:\WINDOWS\system32\upnp.dll - ok
08:53:03.0778 3192  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
08:53:03.0778 3192  C:\WINDOWS\system32\ssdpapi.dll - ok
08:53:03.0778 3192  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
08:53:03.0778 3192  C:\WINDOWS\system32\ssdpsrv.dll - ok
08:53:03.0778 3192  [ DD704BB98693FE980677A4F087B31B0A ] C:\Program Files\Trend Micro\AMSP\utilNetCtrl.dll
08:53:03.0778 3192  C:\Program Files\Trend Micro\AMSP\utilNetCtrl.dll - ok
08:53:03.0778 3192  [ 590B989E5D557FA5453B88F0E124AB8F ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieAntiX.dll
08:53:03.0778 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieAntiX.dll - ok
08:53:03.0793 3192  [ 078D4E8BD2314F4C1670BC5C07D29108 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofiePEM.dll
08:53:03.0793 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofiePEM.dll - ok
08:53:03.0793 3192  [ F6773E23411E30AD5DD558C409F322CE ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofiePfw.dll
08:53:03.0793 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofiePfw.dll - ok
08:53:03.0793 3192  [ 8467DA2FAC3192682EB1300E44E9ED04 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieOPP.dll
08:53:03.0793 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieOPP.dll - ok
08:53:03.0793 3192  [ 747DD227F0C8CED5B4C201F5D447DBA2 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieUpdate.dll
08:53:03.0793 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieUpdate.dll - ok
08:53:03.0809 3192  [ 0ECB01B4B96741824DAAA2DA8E8B3012 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmMail.dll
08:53:03.0809 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmsmMail.dll - ok
08:53:03.0809 3192  [ C11A96BCF02A45FDA85CE8BD96351CD4 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmMsg.dll
08:53:03.0809 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmMsg.dll - ok
08:53:03.0809 3192  [ 1C46E43F49A9BE3B218110C6B4948B24 ] C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphSMTP.dll
08:53:03.0809 3192  C:\PROGRA~1\TRENDM~1\AMSP\module\20004\16C70A~1.124\66225A~1.108\TmphSMTP.dll - ok
08:53:03.0809 3192  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
08:53:03.0809 3192  C:\WINDOWS\system32\mpnotify.exe - ok
08:53:03.0824 3192  [ D502AEBA93790ACD2EC3118713CA6531 ] C:\WINDOWS\system32\NetProvCredMan.dll
08:53:03.0824 3192  C:\WINDOWS\system32\NetProvCredMan.dll - ok
08:53:03.0824 3192  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
08:53:03.0824 3192  C:\WINDOWS\system32\cscui.dll - ok
08:53:03.0824 3192  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
08:53:03.0824 3192  C:\WINDOWS\system32\dpcdll.dll - ok
08:53:03.0824 3192  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
08:53:03.0824 3192  C:\WINDOWS\system32\WgaTray.exe - ok
08:53:03.0824 3192  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
08:53:03.0824 3192  C:\WINDOWS\explorer.exe - ok
08:53:03.0840 3192  [ 2ADA5F32491F23F181601A7C969EE826 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieWsc.dll
08:53:03.0840 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWofieWsc.dll - ok
08:53:03.0840 3192  [ A5A0EC93C87A838462C11DC880512379 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\WSCStatusController.exe
08:53:03.0840 3192  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\WSCStatusController.exe - ok
08:53:03.0840 3192  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
08:53:03.0840 3192  C:\WINDOWS\system32\LegitCheckControl.dll - ok
08:53:03.0840 3192  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
08:53:03.0840 3192  C:\WINDOWS\system32\licwmi.dll - ok
08:53:03.0840 3192  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
08:53:03.0840 3192  C:\WINDOWS\system32\licdll.dll - ok
08:53:03.0855 3192  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
08:53:03.0855 3192  C:\WINDOWS\system32\msxml6.dll - ok
08:53:03.0855 3192  [ 507C4733C0411B780E55DD44172C05ED ] C:\WINDOWS\system32\browseui.dll
08:53:03.0855 3192  C:\WINDOWS\system32\browseui.dll - ok
08:53:03.0855 3192  [ D38F3ECA6DCA72D30B3DC016758B17F4 ] C:\WINDOWS\system32\shdocvw.dll
08:53:03.0855 3192  C:\WINDOWS\system32\shdocvw.dll - ok
08:53:03.0855 3192  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
08:53:03.0855 3192  C:\WINDOWS\system32\desk.cpl - ok
08:53:03.0855 3192  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
08:53:03.0855 3192  C:\WINDOWS\system32\themeui.dll - ok
08:53:03.0871 3192  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
08:53:03.0871 3192  C:\WINDOWS\system32\msimg32.dll - ok
08:53:03.0871 3192  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
08:53:03.0871 3192  C:\WINDOWS\system32\actxprxy.dll - ok
08:53:03.0871 3192  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
08:53:03.0871 3192  C:\WINDOWS\system32\cmd.exe - ok
08:53:03.0871 3192  [ 59570CA554C9D75E72241AC3252E84BD ] C:\WINDOWS\system32\ieframe.dll
08:53:03.0871 3192  C:\WINDOWS\system32\ieframe.dll - ok
08:53:03.0886 3192  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
08:53:03.0886 3192  C:\WINDOWS\system32\wucltui.dll - ok
08:53:03.0886 3192  [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
08:53:03.0886 3192  C:\WINDOWS\system32\wuaucpl.cpl - ok
08:53:03.0886 3192  [ 159A37A2712876C0AE9A5E4362FF0429 ] C:\Program Files\Trend Micro\UniClient\plugins\plugManualScan.dll
08:53:03.0886 3192  C:\Program Files\Trend Micro\UniClient\plugins\plugManualScan.dll - ok
08:53:03.0886 3192  [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
08:53:03.0886 3192  C:\WINDOWS\system32\mucltui.dll - ok
08:53:03.0886 3192  [ A125CBFE55C05735417786DD15A5BE76 ] C:\WINDOWS\system32\tscfgwmi.dll
08:53:03.0886 3192  C:\WINDOWS\system32\tscfgwmi.dll - ok
08:53:03.0902 3192  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
08:53:03.0902 3192  C:\WINDOWS\system32\drprov.dll - ok
08:53:03.0902 3192  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
08:53:03.0902 3192  C:\WINDOWS\system32\netui0.dll - ok
08:53:03.0902 3192  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
08:53:03.0902 3192  C:\WINDOWS\system32\netui1.dll - ok
08:53:03.0902 3192  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
08:53:03.0902 3192  C:\WINDOWS\system32\ntlanman.dll - ok
08:53:03.0902 3192  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
08:53:03.0902 3192  C:\WINDOWS\system32\davclnt.dll - ok
08:53:03.0918 3192  [ 63B6E4C603FBDE9299BA77B721265712 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv.dll
08:53:03.0918 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv.dll - ok
08:53:03.0918 3192  [ 6B7622CA9F9E218B37A4CA89CCD2BD3C ] C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
08:53:03.0918 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL - ok
08:53:03.0918 3192  [ 663CC57DAFD43F5994ECD9D710C56D6D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.dll
08:53:03.0918 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.dll - ok
08:53:03.0918 3192  [ 23C6AE30459BFA4AA1B9B89A00BCB535 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll
08:53:03.0918 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll - ok
08:53:03.0933 3192  [ 70CF09C70F73EF34F71FD4112A7FF9D5 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll
08:53:03.0933 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\mdigraph.dll - ok
08:53:03.0933 3192  [ A5BCD2458EFAC167797D6BA23B0842F1 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
08:53:03.0933 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll - ok
08:53:03.0933 3192  [ E54788CE91DF3A45CCEABAFCD9D2FEBE ] C:\Program Files\Common Files\Microsoft Shared\MODI\12.0\1033\MSPLCRES.DLL
08:53:03.0933 3192  C:\Program Files\Common Files\Microsoft Shared\MODI\12.0\1033\MSPLCRES.DLL - ok
08:53:03.0933 3192  [ 28E60CEF92843C1EA5C221DDC308B766 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
08:53:03.0933 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL - ok
08:53:03.0933 3192  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
08:53:03.0933 3192  C:\WINDOWS\system32\mscms.dll - ok
08:53:03.0949 3192  [ A8C4D265F14C4F977C399D51971041B6 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\PS5UI.DLL
08:53:03.0949 3192  C:\WINDOWS\system32\spool\drivers\w32x86\3\PS5UI.DLL - ok
08:53:03.0949 3192  [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
08:53:03.0949 3192  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
08:53:03.0949 3192  [ 63D151A73679BB5BD7CF98BDA1AE5F5B ] C:\WINDOWS\system32\wbem\stdprov.dll
08:53:03.0949 3192  C:\WINDOWS\system32\wbem\stdprov.dll - ok
08:53:03.0949 3192  [ 38BA6D09415CE81EAAC2436EEA398663 ] C:\Program Files\N-able Technologies\Windows Agent\bin\QstComm.dll
08:53:03.0949 3192  C:\Program Files\N-able Technologies\Windows Agent\bin\QstComm.dll - ok
08:53:03.0964 3192  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\92987B8D-1BD4-41D2-AF62-AD9CCF449F09.exe
08:53:03.0964 3192  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\92987B8D-1BD4-41D2-AF62-AD9CCF449F09.exe - ok
08:53:03.0964 3192  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
08:53:03.0964 3192  C:\WINDOWS\system32\msutb.dll - ok
08:53:03.0964 3192  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
08:53:03.0964 3192  C:\WINDOWS\system32\MSCTF.dll - ok
08:53:03.0964 3192  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
08:53:03.0964 3192  C:\WINDOWS\system32\linkinfo.dll - ok
08:53:03.0964 3192  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
08:53:03.0964 3192  C:\WINDOWS\system32\verclsid.exe - ok
08:53:03.0980 3192  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
08:53:03.0980 3192  C:\WINDOWS\system32\ntshrui.dll - ok
08:53:03.0980 3192  [ 254A70FB8A0341AB15DF8A3D6195BDCB ] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
08:53:03.0980 3192  C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe - ok
08:53:03.0980 3192  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\29805209.sys
08:53:03.0980 3192  C:\WINDOWS\system32\drivers\29805209.sys - ok
08:53:03.0980 3192  [ 9E5532DE17B64A74098F0F52EB6EDDF5 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
08:53:03.0980 3192  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
08:53:03.0995 3192  [ 4511120E54BC976634C08CA3CDD7DC9E ] C:\WINDOWS\system32\igfxtray.exe
08:53:03.0995 3192  C:\WINDOWS\system32\igfxtray.exe - ok
08:53:03.0995 3192  [ E0780891D1C0B6267A0F874D1B56E38A ] C:\WINDOWS\system32\hkcmd.exe
08:53:03.0995 3192  C:\WINDOWS\system32\hkcmd.exe - ok
08:53:03.0995 3192  [ 3BDB1F5F0A84222FA5AEBD84F48EF65C ] C:\WINDOWS\system32\igfxpers.exe
08:53:03.0995 3192  C:\WINDOWS\system32\igfxpers.exe - ok
08:53:03.0995 3192  [ 12BFA6EC8F01B33F783B5D1E43D17B29 ] C:\WINDOWS\system32\hccutils.dll
08:53:03.0995 3192  C:\WINDOWS\system32\hccutils.dll - ok
08:53:03.0995 3192  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
08:53:03.0995 3192  C:\WINDOWS\system32\oledlg.dll - ok
08:53:04.0011 3192  [ D75DCF6198A68CA8760CD5B2FEF687CF ] C:\WINDOWS\system32\igfxsrvc.exe
08:53:04.0011 3192  C:\WINDOWS\system32\igfxsrvc.exe - ok
08:53:04.0011 3192  [ 394FE85B1D45F96E1E63D2E5AAB938D2 ] C:\WINDOWS\sttray.exe
08:53:04.0011 3192  C:\WINDOWS\sttray.exe - ok
08:53:04.0011 3192  [ 935942CCAEF3CFE3EDBB0F28007E62C9 ] C:\WINDOWS\system32\igfxsrvc.dll
08:53:04.0011 3192  C:\WINDOWS\system32\igfxsrvc.dll - ok
08:53:04.0011 3192  [ 5C9189C7DEA74A3E68DD278A9B313CF8 ] C:\WINDOWS\system32\stlang.dll
08:53:04.0011 3192  C:\WINDOWS\system32\stlang.dll - ok
08:53:04.0011 3192  [ 6D337A62EAF5729A1AB7BFF075E95D86 ] C:\WINDOWS\system32\igfxdev.dll
08:53:04.0011 3192  C:\WINDOWS\system32\igfxdev.dll - ok
08:53:04.0027 3192  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
08:53:04.0027 3192  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
08:53:04.0027 3192  [ 82AA304BF49E0C315631AD16D16A3ECE ] C:\WINDOWS\system32\igfxrenu.lrc
08:53:04.0027 3192  C:\WINDOWS\system32\igfxrenu.lrc - ok
08:53:04.0027 3192  [ D7C09BDF3092116AA2D14D9499E9AE72 ] C:\WINDOWS\system32\igfxress.dll
08:53:04.0027 3192  C:\WINDOWS\system32\igfxress.dll - ok
08:53:04.0027 3192  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:53:04.0027 3192  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
08:53:04.0042 3192  [ D2DAD71C96C113ED07F7BB79AD831C28 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
08:53:04.0042 3192  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
08:53:04.0042 3192  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files\QuickTime\QTTask.exe
08:53:04.0042 3192  C:\Program Files\QuickTime\QTTask.exe - ok
08:53:04.0042 3192  [ D00194E52D84DEAC7BFAEE8F2DF93DD9 ] C:\Program Files\Kaseya\Agent\KaUsrTsk.exe
08:53:04.0042 3192  C:\Program Files\Kaseya\Agent\KaUsrTsk.exe - ok
08:53:04.0042 3192  [ 80942B137077DA7D2375B3041DA9127F ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
08:53:04.0042 3192  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
08:53:04.0042 3192  [ 7290A6DD34862278DF9E26D96E5A95D8 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
08:53:04.0058 3192  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
08:53:04.0058 3192  [ 2FDFA845DCE5D6A843E413F18307561A ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
08:53:04.0058 3192  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
08:53:04.0058 3192  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
08:53:04.0058 3192  C:\WINDOWS\system32\ctfmon.exe - ok
08:53:04.0058 3192  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
08:53:04.0058 3192  C:\WINDOWS\system32\webcheck.dll - ok
08:53:04.0058 3192  [ 9070C7FECDD3AB7967E6C4777E5AA23B ] C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll
08:53:04.0058 3192  C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll - ok
08:53:04.0073 3192  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
08:53:04.0073 3192  C:\WINDOWS\ime\SPTIP.dll - ok
08:53:04.0073 3192  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
08:53:04.0073 3192  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
08:53:04.0073 3192  [ B69FDAA5248D8E3E2676AAD266366462 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
08:53:04.0073 3192  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe - ok
08:53:04.0073 3192  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
08:53:04.0073 3192  C:\WINDOWS\system32\imapi.exe - ok
08:53:04.0089 3192  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
08:53:04.0089 3192  C:\WINDOWS\system32\stobject.dll - ok
08:53:04.0089 3192  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll
08:53:04.0089 3192  C:\WINDOWS\system32\msvcp100.dll - ok
08:53:04.0089 3192  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
08:53:04.0089 3192  C:\WINDOWS\system32\batmeter.dll - ok
08:53:04.0089 3192  [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
08:53:04.0089 3192  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
08:53:04.0089 3192  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
08:53:04.0089 3192  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
08:53:04.0104 3192  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll
08:53:04.0104 3192  C:\WINDOWS\system32\msvcr100.dll - ok
08:53:04.0104 3192  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
08:53:04.0104 3192  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
08:53:04.0104 3192  [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
08:53:04.0104 3192  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
08:53:04.0104 3192  [ 9B05296BA746C8D09BB8FDA636C9329B ] C:\WINDOWS\system32\GfxUI.exe
08:53:04.0104 3192  C:\WINDOWS\system32\GfxUI.exe - ok
08:53:04.0104 3192  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
08:53:04.0104 3192  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
08:53:04.0135 3192  [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
08:53:04.0135 3192  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
08:53:04.0135 3192  [ 57CF9272AB66AAA196BBAA1016E71C86 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
08:53:04.0135 3192  C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll - ok
08:53:04.0135 3192  [ A47799E5421964C0A7860B37F1166821 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\ConnMgr.dll
08:53:04.0135 3192  C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\ConnMgr.dll - ok
08:53:04.0151 3192  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
08:53:04.0151 3192  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
08:53:04.0151 3192  [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
08:53:04.0151 3192  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
08:53:04.0151 3192  [ 03C75FAC6CFD3A0524F8C042E134033E ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\utilUIProfile.dll
08:53:04.0151 3192  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\utilUIProfile.dll - ok
08:53:04.0151 3192  [ AAB979089E192ACC0FE1E3C018F8B591 ] C:\Documents and Settings\administrator\Local Settings\Application Data\Akamai\netsession_win.exe
08:53:04.0151 3192  C:\Documents and Settings\administrator\Local Settings\Application Data\Akamai\netsession_win.exe - ok
08:53:04.0151 3192  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
08:53:04.0151 3192  C:\WINDOWS\system32\rasdlg.dll - ok
08:53:04.0167 3192  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
08:53:04.0167 3192  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
08:53:04.0167 3192  [ 413E34EEBC80351027BE9738B32DEAE2 ] C:\Program Files\Skype\Phone\Skype.exe
08:53:04.0167 3192  C:\Program Files\Skype\Phone\Skype.exe - ok
08:53:04.0167 3192  [ C87FED0BF3CA6E9A5D7EA4B1B947AC89 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll
08:53:04.0167 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll - ok
08:53:04.0167 3192  [ 691771D7570A53130E7E885D8266E6C0 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
08:53:04.0167 3192  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
08:53:04.0182 3192  [ E5244A5462FA1F0267D8923538530AF4 ] C:\WINDOWS\system32\nlsdl.dll
08:53:04.0182 3192  C:\WINDOWS\system32\nlsdl.dll - ok
08:53:04.0182 3192  [ 2D0157B482115B37F1D84D69A22790D4 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
08:53:04.0182 3192  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
08:53:04.0182 3192  [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
08:53:04.0182 3192  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
08:53:04.0182 3192  [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
08:53:04.0182 3192  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
08:53:04.0182 3192  [ E8F932E855CBF23ED4632439A35E7354 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
08:53:04.0182 3192  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
08:53:04.0198 3192  [ 787E483CF57F7C9B44CE59A6E8F28C14 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\www\1600\fcWofieUI.dll
08:53:04.0198 3192  C:\Program Files\Trend Micro\UniClient\UiFrmwrk\www\1600\fcWofieUI.dll - ok
08:53:04.0198 3192  [ 690E7BAE16A5454732CC195D71020F55 ] C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWIFIAdv.dll
08:53:04.0198 3192  C:\Program Files\Trend Micro\Client Server Security Agent\plugin\plugWIFIAdv.dll - ok
08:53:04.0198 3192  [ 17170EF2E1B181CBF056A894362A4B69 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll
08:53:04.0198 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll - ok
08:53:04.0198 3192  [ 751184DF487A1B3C95CB29B0D0069C28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
08:53:04.0198 3192  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
08:53:04.0198 3192  [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
08:53:04.0198 3192  C:\WINDOWS\system32\d3d9.dll - ok
08:53:04.0213 3192  [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
08:53:04.0213 3192  C:\WINDOWS\system32\d3d8thk.dll - ok
08:53:04.0213 3192  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
08:53:04.0213 3192  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
08:53:04.0213 3192  [ 477E08FE0114AFEA114FC954C983D4DB ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
08:53:04.0213 3192  C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok
08:53:04.0213 3192  [ 6B447F5802D67E20220BE91917F76033 ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
08:53:04.0213 3192  C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
08:53:04.0229 3192  [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
08:53:04.0229 3192  C:\WINDOWS\system32\hhctrl.ocx - ok
08:53:04.0229 3192  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
08:53:04.0229 3192  C:\WINDOWS\system32\olepro32.dll - ok
08:53:04.0229 3192  [ 98ACA424F22691965BD079B8DEEF68A1 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll
08:53:04.0229 3192  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll - ok
08:53:04.0229 3192  [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
08:53:04.0229 3192  C:\WINDOWS\system32\mapi32.dll - ok
08:53:04.0229 3192  [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll
08:53:04.0229 3192  C:\WINDOWS\system32\devenum.dll - ok
08:53:04.0244 3192  [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
08:53:04.0244 3192  C:\WINDOWS\system32\msdmo.dll - ok
08:53:04.0244 3192  [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
08:53:04.0244 3192  C:\WINDOWS\system32\avicap32.dll - ok
08:53:04.0244 3192  [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
08:53:04.0244 3192  C:\WINDOWS\system32\msvfw32.dll - ok
08:53:04.0244 3192  ============================================================
08:53:04.0244 3192  Scan finished
08:53:04.0244 3192  ============================================================
08:53:04.0369 3692  Detected object count: 10
08:53:04.0369 3692  Actual detected object count: 10


#5 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 05:00 AM

aswMBR Log:

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-20 08:55:38
-----------------------------
08:55:38.226    OS Version: Windows 5.1.2600 Service Pack 3
08:55:38.226    Number of processors: 2 586 0xF0D
08:55:38.226    ComputerName: THORLT11  UserName: 
08:55:38.817    Initialize success
08:59:22.961    AVAST engine defs: 13031901
09:02:32.989    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:02:33.005    Disk 0 Vendor: TOSHIBA_MK1655GSX FG010D Size: 152627MB BusType: 3
09:02:33.161    Disk 0 MBR read successfully
09:02:33.161    Disk 0 MBR scan
09:02:33.192    Disk 0 Windows XP default MBR code
09:02:33.208    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      117 MB offset 63
09:02:33.223    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152499 MB offset 240975
09:02:33.239    Disk 0 scanning sectors +312560640
09:02:33.395    Disk 0 scanning C:\WINDOWS\system32\drivers
09:02:40.860    Service scanning
09:03:04.270    Modules scanning
09:03:11.485    Disk 0 trace - called modules:
09:03:11.501    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 
09:03:11.516    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89dd5ab8]
09:03:11.516    3 CLASSPNP.SYS[b9908fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89cead98]
09:03:12.063    AVAST engine scan C:\WINDOWS
09:03:25.946    AVAST engine scan C:\WINDOWS\system32
09:05:43.182    AVAST engine scan C:\WINDOWS\system32\drivers
09:05:56.052    AVAST engine scan C:\Documents and Settings\administrator
09:06:44.815    AVAST engine scan C:\Documents and Settings\All Users
09:06:52.718    Scan finished successfully
09:07:50.212    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\administrator\Desktop\MBR.dat"
09:07:50.212    The log file has been saved successfully to "C:\Documents and Settings\administrator\Desktop\aswMBR.txt"


ESET Online Scanner log:

 

 

C:\Documents and Settings\TEGS-cem\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\24\48542cd8-15682ac3 a variant of Java/Mocup.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\TEGS-cem\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\30\4554631e-6e8bb0f0 a variant of Java/Mocup.B trojan cleaned by deleting - quarantined
C:\Documents and Settings\Xara\Desktop\Office 07 OPK Kit\README.HTM JS/TrojanDownloader.HackLoad.AG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Xara\Desktop\Office 2007 basic-OEM\README.HTM JS/TrojanDownloader.HackLoad.AG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Xara\Local Settings\Temporary Internet Files\Content.IE5\A7ECN6ZG\README[1].HTM JS/TrojanDownloader.HackLoad.AG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Xara\Local Settings\Temporary Internet Files\Content.IE5\DFNMBO8C\README[1].HTM JS/TrojanDownloader.HackLoad.AG trojan cleaned by deleting - quarantined


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 20 March 2013 - 05:35 AM

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#7 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 06:42 AM

Malwarebytes did not pickup anything:

 

Minitool box log:

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Administrator (administrator) on 20-03-2013 at 11:32:11
Running from "C:\Documents and Settings\administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
SonicWALL Virtual NIC = SonicWALL VPN Connection (Disconnected)
1394 Net Adapter = 1394 Connection (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
Windows IP Configuration
 
        Host Name . . . . . . . . . . . . : thorlt11
        Primary Dns Suffix  . . . . . . . : thorns.local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : thorns.local
                                            thorns.local
 
Ethernet adapter Local Area Connection:
 
        Connection-specific DNS Suffix  . : thorns.local
        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
        Physical Address. . . . . . . . . : 00-23-AE-3A-F9-4C
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.125.53
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.125.1
        DHCP Server . . . . . . . . . . . : 192.168.125.2
        DNS Servers . . . . . . . . . . . : 192.168.125.3
                                            192.168.125.2
        Lease Obtained. . . . . . . . . . : 20 March 2013 08:47:04
        Lease Expires . . . . . . . . . . : 28 March 2013 08:47:04
 
Ethernet adapter Wireless Network Connection:
 
        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
        Physical Address. . . . . . . . . : 00-22-FB-82-8A-E0
Server:  iris-app01.thorns.local
Address:  192.168.125.3
 
Name:    google.com
Addresses:  173.194.34.160, 173.194.34.163, 173.194.34.164, 173.194.34.168
 173.194.34.162, 173.194.34.174, 173.194.34.169, 173.194.34.166, 173.194.34.165
 173.194.34.161, 173.194.34.167
 
 
Pinging google.com [173.194.34.163] with 32 bytes of data:
 
Reply from 173.194.34.163: bytes=32 time=17ms TTL=58
Reply from 173.194.34.163: bytes=32 time=37ms TTL=58
 
Ping statistics for 173.194.34.163:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 37ms, Average = 27ms
Server:  iris-app01.thorns.local
Address:  192.168.125.3
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
Reply from 98.138.253.109: bytes=32 time=232ms TTL=51
Reply from 98.138.253.109: bytes=32 time=278ms TTL=51
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 232ms, Maximum = 278ms, Average = 255ms
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 ae 3a f9 4c ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x3 ...00 22 fb 82 8a e0 ...... Intel® WiFi Link 5100 AGN - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.125.1  192.168.125.53  10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
    192.168.125.0    255.255.255.0   192.168.125.53  192.168.125.53  10
   192.168.125.53  255.255.255.255        127.0.0.1       127.0.0.1  10
  192.168.125.255  255.255.255.255   192.168.125.53  192.168.125.53  10
        224.0.0.0        240.0.0.0   192.168.125.53  192.168.125.53  10
  255.255.255.255  255.255.255.255   192.168.125.53  192.168.125.53  1
  255.255.255.255  255.255.255.255   192.168.125.53               3  1
Default Gateway:     192.168.125.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/20/2013 08:50:48 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 08:47:44 AM) (Source: WinVNC4) (User: )
Description: HTTPServer: untrapped: End of stream
 
Error: (03/20/2013 08:47:44 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 08:47:44 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 08:45:45 AM) (Source: WinVNC4) (User: )
Description: HTTPServer: untrapped: End of stream
 
Error: (03/20/2013 08:45:45 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 03:20:11 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 03:17:43 AM) (Source: WinVNC4) (User: )
Description: HTTPServer: untrapped: End of stream
 
Error: (03/20/2013 03:17:43 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
Error: (03/20/2013 03:17:43 AM) (Source: WinVNC4) (User: )
Description: SocketManager: unknown listener event: 0
 
 
System errors:
=============
Error: (03/19/2013 08:37:00 AM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain THORNS due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
Error: (03/18/2013 00:07:50 PM) (Source: Print) (User: NT AUTHORITY)
Description: Failed to ugrade printer settings for printer \\irisfs\HP LJ 4050 - ACCOUNTS,LocalOnly driver C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL error 5.
 
Error: (03/18/2013 00:07:50 PM) (Source: Print) (User: NT AUTHORITY)
Description: Failed to ugrade printer settings for printer \\irisfs\HPLJ 4050 - MAIN OFFICE,LocalOnly driver C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL error 5.
 
Error: (03/13/2013 08:07:00 AM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain THORNS due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
Error: (03/12/2013 09:17:14 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.
 
Error: (03/11/2013 06:16:54 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
 
Error: (03/11/2013 11:52:52 AM) (Source: NETLOGON) (User: )
Description: No Domain Controller is available for domain THORNS due to the following: 
%%1311.
 
Make sure that the computer is connected to the network and try
again. If the problem persists, please contact your domain administrator.
 
 
Microsoft Office Sessions:
=========================
Error: (03/13/2013 09:23:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 68146 seconds with 1440 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (Version: 3.6.0.5970)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.171)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Akamai NetSession Interface
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Broadcom Gigabit Integrated Controller (Version: 11.11.03)
CutePDF Writer 3.0 (Version:  3.0)
ESET Online Scanner v3
GoldMine (Version: 9.2.1.92)
Google Chrome (Version: 25.0.1364.172)
Google Update Helper (Version: 1.3.21.135)
IIS 7.5 Express (Version: 7.5.1070)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.5420)
Intel® PROSet/Wireless WiFi Software (Version: 13.03.0000)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Kaseya Agent
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Basic 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)
QuickTime (Version: 7.73.80.64)
RICOH R5U241 / R5C847 Media Driver ver.2.04.01.00 (Version: 2.04.01.00)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Skype 6.2 (Version: 6.2.106)
SonicWALL Global VPN Client (Version: 4.7.3)
SUPERAntiSpyware (Version: 5.6.1014)
Trend Micro Worry-Free Business Security Agent (Version: 7.0)
Trend Micro Worry-Free Business Security Agent (Version: 7.0.2316)
UltraVNC 1.0.6.4 (Version: 1.0.6.4)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual Studio 2005 Tools for Office Second Edition Runtime
VLC media player 2.0.5 (Version: 2.0.5)
WebFldrs XP (Version: 9.50.7523)
Windows Agent (Version: 9.0.10239)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
 
========================= Devices: ================================
 
Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI
 
Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci
 
Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm
 
Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 
 
Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 
 
Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm
 
Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus
 
Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: IDT
Service: STHDA
 
Name: Intel® High Definition Audio HDMI Service
Description: Intel® High Definition Audio HDMI Service
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel® Corporation
Service: IntcHdmiAddService
 
Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci
 
Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci
 
Name: Intel® WiFi Link 5100 AGN
Description: Intel® WiFi Link 5100 AGN
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: NETwNx32
 
Name: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci
 
Name: Broadcom NetXtreme 57xx Gigabit Controller
Description: Broadcom NetXtreme 57xx Gigabit Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: b57w2k
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb
 
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid
 
Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci
 
Name: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
Description: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: RICOH
Service: pcmcia
 
Name: OHCI Compliant IEEE 1394 Host Controller
Description: OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: IEEE 1394 OHCI Compliant Host Controller Vendor
Service: ohci1394
 
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
 
Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus
 
Name: Ricoh SD/MMC Host Controller
Description: Ricoh SD/MMC Host Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Ricoh Company
Service: rimmptsk
 
Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp
 
Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
 
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard port types)
Service: Serial
 
Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC
 
Name: Intel® ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928
Description: Intel® ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide
 
Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
 
Name: TOSHIBA MK1655GSX
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk
 
Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
 
Name: HL-DT-ST CDRW/DVD GCCT20N
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
 
Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: 
 
Name: Intel® ICH9M/M-E 2 port Serial ATA Storage Controller 2 - 292D
Description: Intel® ICH9M/M-E 2 port Serial ATA Storage Controller 2 - 292D
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide
 
Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
 
Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi
 
Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi
 
Name: Intel® Core™2 Duo CPU     T7250  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm
 
Name: Intel® Core™2 Duo CPU     T7250  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt
 
Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio
 
Name: Intel® WiFi Link 5100 AGN - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Deterministic Networks
Service: DNE
 
Name: Broadcom NetXtreme 57xx Gigabit Controller - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Deterministic Networks
Service: DNE
 
Name: WAN Miniport (IP) - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Deterministic Networks
Service: DNE
 
Name: SonicWALL Virtual NIC - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Deterministic Networks
Service: DNE
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk
 
Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service: 
 
Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AFD
 
Name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Arp1394
 
Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Beep
 
Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: dmboot
 
Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: dmload
 
Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Fips
 
Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Gpc
 
Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP
 
Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IpNat
 
Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IPSec
 
Name: KAPFA
Description: KAPFA
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: KAPFA
 
Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ksecdd
 
Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mnmdd
 
Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mountmgr
 
Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDIS
 
Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NdisTapi
 
Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Ndisuio
 
Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDProxy
 
Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NetBT
 
Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Null
 
Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ParVdm
 
Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RasAcd
 
Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RDPCDD
 
Name: WLAN Transport
Description: WLAN Transport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: s24trans
 
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASDIFSV
 
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SASKUTIL
 
Name: SonicWALL IPsec Driver
Description: SonicWALL IPsec Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SWIPsec
 
Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Tcpip
 
Name: tmactmon
Description: tmactmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tmactmon
 
Name: tmcomm
Description: tmcomm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tmcomm
 
Name: tmevtmgr
Description: tmevtmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tmevtmgr
 
Name: Trend Micro TDI Driver
Description: Trend Micro TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tmtdi
 
Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VgaSave
 
Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VolSnap
 
Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Wanarp
 
Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub
 
Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub
 
Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub
 
Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub
 
Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub
 
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp
 
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe
 
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport
 
Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
 
Name: Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
 
Name: Intel® WiFi Link 5100 AGN - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
 
Name: SonicWALL Virtual NIC - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
 
Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti
 
Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr
 
Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD
 
Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD
 
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum
 
Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud
 
Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio
 
Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer
 
Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios
 
Name: aswMBR
Description: aswMBR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswMBR
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 2003.09 MB
Available physical RAM: 1212.95 MB
Total Pagefile: 3896.05 MB
Available Pagefile: 3218.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.86 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:148.93 GB) (Free:130.22 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\THORLT11
 
Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         Xara                     
 
 
**** End of log ****


Farbar Log:

 

 

Farbar Service Scanner Version: 03-03-2013
Ran by Administrator (administrator) on 20-03-2013 at 11:37:19
Running from "C:\Documents and Settings\administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2013-03-01 13:14] - [2008-04-14 12:00] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A
 
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2008-04-14 12:00] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315
 
 
Extra List:
=======
DNE(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) SWIPsec(1) Tcpip(4) 
0x080000000500000001000000020000000300000004000000060000000700000008000000
IpSec Tag value is correct.
 
**** End of log ****


AdwCleaner log:

 

 

# AdwCleaner v2.115 - Logfile created 03/20/2013 at 11:38:03
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - THORLT11
# Boot Mode : Normal
# Running from : C:\Documents and Settings\administrator\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.172
 
File : C:\Documents and Settings\TEGS-cem\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
File : C:\Documents and Settings\administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [875 octets] - [20/03/2013 11:38:03]
 
########## EOF - C:\AdwCleaner[R1].txt - [934 octets] ##########


#8 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 08:34 AM

JRT Log: 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 20/03/2013 at 13:27:14.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/03/2013 at 13:31:32.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#9 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 08:36 AM

Rkill Log:

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/20/2013 01:34:14 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 03/20/2013 01:34:42 PM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)


#10 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 20 March 2013 - 08:40 AM

AutoRuns log: 

 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IDTSysTrayApp" "IDT Audio system tray application" "IDT, Inc." "c:\windows\sttray.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "IntelZeroConfig" "Intel® PROSet/Wireless Zero Config Service" "Intel® Corporation" "c:\program files\intel\wifi\bin\zcfgsvc.exe"
+ "Kaseya Agent Service Helper" "Kaseya Agent Service Helper" "Kaseya" "c:\program files\kaseya\agent\kausrtsk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "Trend Micro Client Framework" "Trend Micro Client Session Agent Monitor" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\uiwatchdog.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\documents and settings\administrator\local settings\application data\akamai\netsession_win.exe"
+ "Skype" "Skype" "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "tmpx" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.6.1242\6.6.1089\tmieplg.dll"
+ "tmtbim" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\client server security agent\uiframework\protoolbarimratingactivex.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.6.1242\6.6.1089\tmieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "Amsp" "Trend Micro Anti-Malware Solution Platform" "Trend Micro Inc." "c:\program files\trend micro\amsp\coreserviceshell.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "KaseyaAgent" "Virtual System Administrator Agent" "Kaseya" "c:\program files\kaseya\agent\agentmon.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "RegSrvc" "Provides registry access to all Intel PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RSMWebServer" "This service provides web services for the N-able Remote Support Manager." "N-able Technologies Inc." "c:\program files\n-able technologies\nrm\rsmwinservice.exe"
+ "S24EventMonitor" "Wireless Management Service for Intel® PROSet/Wireless WiFi Software" "Intel® Corporation" "c:\program files\intel\wifi\bin\s24evmon.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\stacsv.exe"
+ "SWGVCSvc" "Provides services for the SonicWALL Global VPN Client." "SonicWALL, Inc." "c:\program files\sonicwall\sonicwall global vpn client\swgvcsvc.exe"
+ "TmListen" "Facilitates communication between the Security Agent and the Security Server" "Trend Micro Inc." "c:\program files\trend micro\client server security agent\tmlisten.exe"
+ "uvnc_service" "Provides secure remote desktop sharing" "UltraVNC" "c:\program files\ultravnc\winvnc.exe"
+ "Windows Agent Maintenance Service" "The Windows Agent Maintenance Service to perform module maintenance/upgrade." "N-able Technologies" "c:\program files\n-able technologies\windows agent\bin\agentmaint.exe"
+ "Windows Agent Service" "The Windows Agent monitors local resources and reports to the N-central server." "N-able Technologies" "c:\program files\n-able technologies\windows agent\bin\agent.exe"
+ "WinVNC4" "VNC Server Free Edition for Win32" "RealVNC Ltd." "c:\program files\realvnc\vnc4\winvnc4.exe"
+ "WLANKEEPER" "Provides Single Sign On (SSO) functionality." "Intel® Corporation" "c:\program files\intel\wifi\bin\wlkeeper.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "b57w2k" "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57xp32.sys"
+ "cerc6" "" "" "File not found: C:\WINDOWS\System32\Drivers\cerc6.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DNE" "Deterministic Network Enhancer" "Citrix Systems, Inc." "c:\windows\system32\drivers\dne2000.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "NETwNx32" "Intel Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwnx32.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "rimmptsk" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys"
+ "s24trans" "WLAN Transport" "Intel Corporation" "c:\windows\system32\drivers\s24trans.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "NDRC" "IDT, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "SWIPsec" "SonicWALL VPN Client IPsec Driver" "SonicWALL, Inc." "c:\windows\system32\drivers\swipsec.sys"
+ "SWVNIC" "SonicWALL Virtual NIC" "SonicWALL, Inc." "c:\windows\system32\drivers\swvnic.sys"
+ "tmactmon" "Trend Micro Activity Monitor Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm" "Trend Micro Common Engine Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmcomm.sys"
+ "tmevtmgr" "Trend Micro Event Manager Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmevtmgr.sys"
+ "tmtdi" "Trend Micro TDI Driver (i386-fre)" "Trend Micro Inc." "c:\windows\system32\drivers\tmtdi.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo video 4.4 Compression Filter" "Intel Indeo Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo video 4.4 Compression Filter" "Intel Indeo Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo video 4.4 Decompression Filter" "Intel Indeo Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo video 4.4 Decompression Filter" "Intel Indeo Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo audio software" "Indeo audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo video 5.10 Compression Filter" "Intel Indeo video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo video 5.10 Decompression Filter" "Intel Indeo video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon2k.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "IntelNetProvCredMan" "IntelNetProvCredMan" "Intel® Corporation" "c:\windows\system32\netprovcredman.dll"


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 20 March 2013 - 09:00 AM

.


Edited by narenxp, 21 March 2013 - 11:21 AM.


#12 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 21 March 2013 - 08:58 AM

Hi, thanks for all your help but the machine is still redirecting.



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 March 2013 - 11:21 AM

Which browser?



#14 xaracomputers

xaracomputers
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 21 March 2013 - 11:31 AM

Internet Explorer



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 AM

Posted 21 March 2013 - 11:31 AM

Press Windows+R key and type

 

msconfig and click ok

 

Change the startup to normal startup and click ok

 

Run Autoruns again and post the new log






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users