Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer 8 redirect virus from redirect.cpvrdr.com


  • This topic is locked This topic is locked
44 replies to this topic

#16 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 02:36 PM


Hello BorisBadenough

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script
  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.
    :OTL
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin:  File not found
    FF - HKLM\Software\MozillaPlugins\@RadioPI_4e.com/Plugin:  File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad
    DRV - (354734c8) -- C:\WINDOWS\system32\drivers\354734c8.sys ()
    FF - prefs.js..extensions.enabledItems: {e1b4e09c-e0c4-4509-adb8-82c997c4e4d8}:1.0
    FF - prefs.js..extensions.enabledItems: {91003513-1348-44ea-aea3-b2723013561f}:1.0
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.


Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

BC AdBot (Login to Remove)

 


#17 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 08:00 PM

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@RadioPI_4e.com/Plugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Service 354734c8 stopped successfully!
Service 354734c8 deleted successfully!
C:\WINDOWS\system32\drivers\354734c8.sys moved successfully.
Prefs.js: {e1b4e09c-e0c4-4509-adb8-82c997c4e4d8}:1.0 removed from extensions.enabledItems
Prefs.js: {91003513-1348-44ea-aea3-b2723013561f}:1.0 removed from extensions.enabledItems
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Colorado Protection\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Colorado Protection\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: Administrator
 
User: Administrator.COLORADO-PROTEC
 
User: All Users
 
User: Colorado Protection
->Java cache emptied: 15573558 bytes
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
Total Java Files Cleaned = 15.00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: Administrator.COLORADO-PROTEC
 
User: All Users
 
User: Colorado Protection
->Flash cache emptied: 1964643 bytes
 
User: Default User
->Flash cache emptied: 57472 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 2.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05082013_152434
 

 


No luck. Same old same old.



#18 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 08:19 PM


Hello BorisBadenough



I would like you to go to this page - Troubleshooting and Internet Explorer’s (No Add-ons) Mode



Step 1 is going to show you how to run IE without any add/ons, If by running IE this way the problem goes away Then we can go to step 2


Step 2 will show you how to find the add/on that is causing the problem and then how to remove it




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#19 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 09:13 PM

Disabled Add Ons. Hijacker still present



#20 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 09:21 PM


Create and Run Batch File
  • Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:

@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
  • Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

    It should look like this: batfileicon.gif <--XP
    Double-click on router.bat to run it. it will open notepad when done please post back the results

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#21 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 09:30 PM


Windows IP Configuration



        Host Name . . . . . . . . . . . . : colorado-protec

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : Home



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : Home

        Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

        Physical Address. . . . . . . . . : 00-1A-A0-9D-3E-5C

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.5

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

                                            205.171.2.65

        Lease Obtained. . . . . . . . . . : Wednesday, May 08, 2013 3:26:26 PM

        Lease Expires . . . . . . . . . . : Thursday, May 09, 2013 3:26:26 PM

DNS request timed out.
    timeout was 2 seconds.
Server:  resolver.qwest.net
Address:  205.171.2.65

Name:    google.com
Addresses:  74.125.239.9, 74.125.239.0, 74.125.239.1, 74.125.239.14
      74.125.239.8, 74.125.239.2, 74.125.239.3, 74.125.239.6, 74.125.239.4
      74.125.239.5, 74.125.239.7

DNS request timed out.
    timeout was 2 seconds.
Server:  resolver.qwest.net
Address:  205.171.2.65

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging google.com [74.125.239.4] with 32 bytes of data:



Reply from 74.125.239.4: bytes=32 time=34ms TTL=57

Reply from 74.125.239.4: bytes=32 time=32ms TTL=57



Ping statistics for 74.125.239.4:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 34ms, Average = 33ms



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=207ms TTL=51

Reply from 98.138.253.109: bytes=32 time=146ms TTL=51



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 146ms, Maximum = 207ms, Average = 176ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 9d 3e 5c ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.5      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.5     192.168.0.5      20
      192.168.0.5  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255      192.168.0.5     192.168.0.5      20
        224.0.0.0        240.0.0.0      192.168.0.5     192.168.0.5      20
  255.255.255.255  255.255.255.255      192.168.0.5     192.168.0.5      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
 

 



#22 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 09:35 PM

BTW, I would completely delete Microsoft Internet Explorer if I could but that option doesn't appear in Add/Remove programs. Has something to do with Service Pack 3 which purposely eliminated the option to remove.



#23 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 09:37 PM


After you have run these steps - you need to let me know how the computer is doing

Resetting Router
  • This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
  • If you don’t know the router's default password, you can look it up. Here
  • You also need to reconfigure any security settings you had in place prior to the reset.
  • You may also need to consult with your Internet service provider to find out which DNS servers your network should be using or you can use OpenDNS
Note: After resetting your router, it is important to set a non-default password, and if possible, username, on the router. This will assist in eliminating the possibility of the router being hijacked again.

flush the DNS:

Now lets flush the DNS on the computer:
  • click on Start
  • select run
  • enter cmd and hit enter
  • a black window will open.
  • please enter the following text into that window and hit enter:

    • ipconfig /flushdns

Now lets check the router again

Create and Run Batch File
  • Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:

@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
  • Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

    It should look like this: batfileicon.gif <--XP
    Double-click on router.bat to run it. it will open notepad when done please post back the results

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#24 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 10:24 PM


Windows IP Configuration



        Host Name . . . . . . . . . . . . : colorado-protec

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : Home



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : Home

        Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

        Physical Address. . . . . . . . . : 00-1A-A0-9D-3E-5C

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.5

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Wednesday, May 08, 2013 7:57:36 PM

        Lease Expires . . . . . . . . . . : Thursday, May 09, 2013 7:57:36 PM

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  74.125.224.198, 74.125.224.195, 74.125.224.200, 74.125.224.193
      74.125.224.196, 74.125.224.206, 74.125.224.194, 74.125.224.199, 74.125.224.201
      74.125.224.197, 74.125.224.192

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging google.com [74.125.224.192] with 32 bytes of data:



Reply from 74.125.224.192: bytes=32 time=33ms TTL=57

Reply from 74.125.224.192: bytes=32 time=32ms TTL=57



Ping statistics for 74.125.224.192:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 33ms, Average = 32ms



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=90ms TTL=53

Reply from 206.190.36.45: bytes=32 time=73ms TTL=53



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 73ms, Maximum = 90ms, Average = 81ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 9d 3e 5c ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.5      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.5     192.168.0.5      20
      192.168.0.5  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255      192.168.0.5     192.168.0.5      20
        224.0.0.0        240.0.0.0      192.168.0.5     192.168.0.5      20
  255.255.255.255  255.255.255.255      192.168.0.5     192.168.0.5      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
 

 



#25 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 10:30 PM

did it help any?
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#26 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 10:35 PM

Hijacker still present



#27 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 10:37 PM

After reseting router I didn't know what to do. Called ISP Tech Support. They had me log in to reconfigure security settings. They had me use a unique user name and password but that user name and password remains the same. Is that a problem?



#28 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 10:39 PM

Something I have noticed on reboots in the last week or so. At some point during the reboot process red shield pops up in tray at lower right near clock saying my firewall is down. After cycling through for about another minute red shield disappears. At about that same time I hear a sound, the same sound I hear when disconnecting an external drive. Never heard that sound during reboot before. Only when disconnecting external drive.

 

Don't know if that rings any bells for you.



#29 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:21 PM

Posted 08 May 2013 - 10:42 PM


Hello BorisBadenough

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#30 BorisBadenough

BorisBadenough
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:05:21 PM

Posted 08 May 2013 - 11:28 PM

21:01:13.0328 2316  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:01:15.0328 2316  ============================================================
21:01:15.0328 2316  Current date / time: 2013/05/08 21:01:15.0328
21:01:15.0328 2316  SystemInfo:
21:01:15.0328 2316  
21:01:15.0328 2316  OS Version: 5.1.2600 ServicePack: 3.0
21:01:15.0328 2316  Product type: Workstation
21:01:15.0328 2316  ComputerName: COLORADO-PROTEC
21:01:15.0328 2316  UserName: Colorado Protection
21:01:15.0328 2316  Windows directory: C:\WINDOWS
21:01:15.0328 2316  System windows directory: C:\WINDOWS
21:01:15.0328 2316  Processor architecture: Intel x86
21:01:15.0328 2316  Number of processors: 2
21:01:15.0328 2316  Page size: 0x1000
21:01:15.0328 2316  Boot type: Normal boot
21:01:15.0328 2316  ============================================================
21:01:23.0734 2316  BG loaded
21:01:25.0171 2316  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:01:25.0828 2316  ============================================================
21:01:25.0828 2316  \Device\Harddisk0\DR0:
21:01:26.0921 2316  MBR partitions:
21:01:26.0921 2316  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39D67D72
21:01:26.0921 2316  ============================================================
21:01:27.0875 2316  C: <-> \Device\Harddisk0\DR0\Partition1
21:01:29.0609 2316  ============================================================
21:01:29.0609 2316  Initialize success
21:01:29.0609 2316  ============================================================
21:01:51.0578 4072  ============================================================
21:01:51.0578 4072  Scan started
21:01:51.0578 4072  Mode: Manual; SigCheck; TDLFS;
21:01:51.0578 4072  ============================================================
21:01:55.0906 4072  ================ Scan system memory ========================
21:01:55.0906 4072  System memory - ok
21:01:55.0906 4072  ================ Scan services =============================
21:02:02.0500 4072  Abiosdsk - ok
21:02:02.0515 4072  abp480n5 - ok
21:02:02.0625 4072  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:02:07.0750 4072  ACPI - ok
21:02:07.0796 4072  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:02:08.0015 4072  ACPIEC - ok
21:02:08.0671 4072  [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:02:08.0953 4072  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
21:02:08.0953 4072  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
21:02:09.0125 4072  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:09.0218 4072  AdobeFlashPlayerUpdateSvc - ok
21:02:09.0234 4072  adpu160m - ok
21:02:09.0906 4072  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:02:10.0093 4072  aec - ok
21:02:10.0265 4072  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:02:10.0343 4072  AFD - ok
21:02:10.0343 4072  Aha154x - ok
21:02:10.0359 4072  aic78u2 - ok
21:02:10.0359 4072  aic78xx - ok
21:02:10.0468 4072  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:02:10.0640 4072  Alerter - ok
21:02:10.0671 4072  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
21:02:10.0796 4072  ALG - ok
21:02:10.0796 4072  AliIde - ok
21:02:10.0796 4072  amsint - ok
21:02:11.0000 4072  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:02:11.0062 4072  Apple Mobile Device - ok
21:02:11.0078 4072  AppMgmt - ok
21:02:11.0078 4072  asc - ok
21:02:11.0078 4072  asc3350p - ok
21:02:11.0078 4072  asc3550 - ok
21:02:12.0437 4072  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:02:12.0562 4072  aspnet_state - ok
21:02:12.0625 4072  [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:02:12.0796 4072  aswFsBlk - ok
21:02:12.0828 4072  [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
21:02:12.0859 4072  aswMonFlt - ok
21:02:12.0875 4072  [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
21:02:12.0890 4072  AswRdr - ok
21:02:12.0953 4072  [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
21:02:12.0984 4072  aswRvrt - ok
21:02:13.0015 4072  [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
21:02:13.0046 4072  aswSnx - ok
21:02:13.0078 4072  [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
21:02:13.0109 4072  aswSP - ok
21:02:13.0171 4072  [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
21:02:13.0203 4072  aswTdi - ok
21:02:13.0250 4072  [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
21:02:13.0281 4072  aswVmm - ok
21:02:13.0343 4072  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:02:13.0484 4072  AsyncMac - ok
21:02:13.0500 4072  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:02:13.0609 4072  atapi - ok
21:02:13.0640 4072  Atdisk - ok
21:02:13.0671 4072  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:02:13.0796 4072  Atmarpc - ok
21:02:13.0843 4072  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:02:13.0953 4072  AudioSrv - ok
21:02:14.0046 4072  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:02:14.0156 4072  audstub - ok
21:02:14.0312 4072  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:02:14.0343 4072  avast! Antivirus - ok
21:02:14.0531 4072  [ C3EDB060C0427607EB9344EC861585FF ] B-Service       C:\Documents and Settings\Colorado Protection\Application Data\Mikogo\B-Service.exe
21:02:14.0562 4072  B-Service - ok
21:02:14.0609 4072  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:02:14.0750 4072  Beep - ok
21:02:14.0843 4072  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:02:15.0125 4072  BITS - ok
21:02:15.0171 4072  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
21:02:15.0218 4072  Browser - ok
21:02:15.0312 4072  [ ABE9ED5FBA84FB5E07A3C7CD58DA4961 ] bzserv          C:\Program Files\Backblaze\bzserv.exe
21:02:15.0343 4072  bzserv - ok
21:02:15.0375 4072  catchme - ok
21:02:15.0406 4072  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:02:15.0531 4072  cbidf2k - ok
21:02:15.0609 4072  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:02:15.0703 4072  CCDECODE - ok
21:02:15.0703 4072  cd20xrnt - ok
21:02:15.0734 4072  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:02:15.0859 4072  Cdaudio - ok
21:02:15.0906 4072  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:02:16.0000 4072  Cdfs - ok
21:02:16.0031 4072  [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:02:16.0062 4072  Cdrom - ok
21:02:16.0093 4072  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
21:02:16.0109 4072  cercsr6 ( UnsignedFile.Multi.Generic ) - warning
21:02:16.0109 4072  cercsr6 - detected UnsignedFile.Multi.Generic (1)
21:02:16.0109 4072  Changer - ok
21:02:16.0140 4072  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
21:02:16.0250 4072  CiSvc - ok
21:02:16.0265 4072  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:02:16.0359 4072  ClipSrv - ok
21:02:16.0421 4072  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:16.0562 4072  clr_optimization_v2.0.50727_32 - ok
21:02:16.0609 4072  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:16.0687 4072  clr_optimization_v4.0.30319_32 - ok
21:02:16.0703 4072  CmdIde - ok
21:02:16.0703 4072  COMSysApp - ok
21:02:16.0703 4072  Cpqarray - ok
21:02:16.0718 4072  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:02:16.0843 4072  CryptSvc - ok
21:02:16.0843 4072  dac2w2k - ok
21:02:16.0859 4072  dac960nt - ok
21:02:16.0890 4072  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:02:16.0968 4072  DcomLaunch - ok
21:02:17.0015 4072  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:02:17.0156 4072  Dhcp - ok
21:02:17.0187 4072  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:02:17.0312 4072  Disk - ok
21:02:17.0390 4072  [ 0659E6E0A95564F958D9DF7313F7701E ] DLABMFSM        C:\WINDOWS\system32\DLA\DLABMFSM.SYS
21:02:17.0421 4072  DLABMFSM - ok
21:02:17.0453 4072  [ 8691C78908F0BD66170669DB268369F2 ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:02:17.0484 4072  DLABOIOM - ok
21:02:17.0515 4072  [ 76167B5EB2DFFC729EDC36386876B40B ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:02:17.0546 4072  DLACDBHM - ok
21:02:17.0562 4072  [ 5615744A1056933B90E6AC54FEB86F35 ] DLADResM        C:\WINDOWS\system32\DLA\DLADResM.SYS
21:02:17.0578 4072  DLADResM - ok
21:02:17.0578 4072  [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:02:17.0609 4072  DLAIFS_M - ok
21:02:17.0609 4072  [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:02:17.0640 4072  DLAOPIOM - ok
21:02:17.0640 4072  [ 0294D18731AC05DA80132CE88F8A876B ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:02:17.0671 4072  DLAPoolM - ok
21:02:17.0687 4072  [ 91886FED52A3F9966207BCE46CFD794F ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:02:17.0703 4072  DLARTL_M - ok
21:02:17.0718 4072  [ CCA4E121D599D7D1706A30F603731E59 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:02:17.0750 4072  DLAUDFAM - ok
21:02:17.0750 4072  [ 7DAB85C33135DF24419951DA4E7D38E5 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:02:17.0765 4072  DLAUDF_M - ok
21:02:17.0781 4072  dmadmin - ok
21:02:17.0812 4072  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:02:17.0953 4072  dmboot - ok
21:02:17.0984 4072  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:02:18.0109 4072  dmio - ok
21:02:18.0140 4072  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:02:18.0250 4072  dmload - ok
21:02:18.0328 4072  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:02:18.0421 4072  dmserver - ok
21:02:18.0453 4072  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:02:18.0562 4072  DMusic - ok
21:02:18.0609 4072  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:02:18.0640 4072  Dnscache - ok
21:02:18.0671 4072  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:02:18.0796 4072  Dot3svc - ok
21:02:18.0796 4072  dpti2o - ok
21:02:18.0828 4072  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:02:18.0921 4072  drmkaud - ok
21:02:18.0937 4072  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:02:18.0968 4072  DRVMCDB - ok
21:02:18.0968 4072  [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:02:19.0000 4072  DRVNDDM - ok
21:02:19.0031 4072  [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
21:02:19.0062 4072  e1express - ok
21:02:19.0093 4072  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:02:19.0187 4072  EapHost - ok
21:02:19.0218 4072  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:02:19.0328 4072  ERSvc - ok
21:02:19.0406 4072  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
21:02:19.0453 4072  Eventlog - ok
21:02:19.0500 4072  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
21:02:19.0546 4072  EventSystem - ok
21:02:19.0593 4072  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:02:19.0703 4072  Fastfat - ok
21:02:19.0765 4072  [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:02:19.0890 4072  FastUserSwitchingCompatibility - ok
21:02:19.0906 4072  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
21:02:20.0000 4072  Fdc - ok
21:02:20.0031 4072  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:02:20.0125 4072  Fips - ok
21:02:20.0125 4072  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
21:02:20.0218 4072  Flpydisk - ok
21:02:20.0218 4072  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:02:20.0328 4072  FltMgr - ok
21:02:20.0453 4072  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:02:20.0468 4072  FontCache3.0.0.0 - ok
21:02:20.0515 4072  [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
21:02:20.0546 4072  FreeAgentGoNext Service - ok
21:02:20.0562 4072  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:02:20.0671 4072  Fs_Rec - ok
21:02:20.0703 4072  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:02:20.0828 4072  Ftdisk - ok
21:02:20.0890 4072  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:02:20.0921 4072  GEARAspiWDM - ok
21:02:20.0968 4072  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
21:02:21.0000 4072  GoToAssist - ok
21:02:21.0015 4072  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:02:21.0125 4072  Gpc - ok
21:02:21.0265 4072  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca573aceed13e6 C:\Program Files\Google\Update\GoogleUpdate.exe
21:02:21.0281 4072  gupdate1ca573aceed13e6 - ok
21:02:21.0296 4072  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:02:21.0328 4072  gupdatem - ok
21:02:21.0359 4072  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:02:21.0468 4072  HDAudBus - ok
21:02:21.0578 4072  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:02:21.0687 4072  helpsvc - ok
21:02:21.0750 4072  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
21:02:21.0875 4072  HidServ - ok
21:02:21.0906 4072  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:02:22.0000 4072  hidusb - ok
21:02:22.0093 4072  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:02:22.0187 4072  hkmsvc - ok
21:02:22.0187 4072  hpn - ok
21:02:22.0250 4072  [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:02:22.0296 4072  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:02:22.0296 4072  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:02:22.0296 4072  [ DF446BA625CC441617843E87798CE048 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:02:22.0312 4072  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:02:22.0312 4072  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:02:22.0359 4072  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:02:22.0390 4072  HPZid412 - ok
21:02:22.0421 4072  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:02:22.0453 4072  HPZipr12 - ok
21:02:22.0484 4072  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:02:22.0531 4072  HPZius12 - ok
21:02:22.0562 4072  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:02:22.0578 4072  HSFHWBS2 - ok
21:02:22.0625 4072  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
21:02:22.0656 4072  HSF_DP - ok
21:02:22.0671 4072  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:02:22.0750 4072  HTTP - ok
21:02:22.0765 4072  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:02:22.0906 4072  HTTPFilter - ok
21:02:22.0906 4072  i2omgmt - ok
21:02:22.0906 4072  i2omp - ok
21:02:22.0953 4072  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
21:02:23.0046 4072  i8042prt - ok
21:02:23.0109 4072  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:02:23.0125 4072  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:02:23.0125 4072  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:02:23.0187 4072  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:02:23.0234 4072  idsvc - ok
21:02:23.0265 4072  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:02:23.0375 4072  Imapi - ok
21:02:23.0406 4072  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:02:23.0515 4072  ImapiService - ok
21:02:23.0515 4072  ini910u - ok
21:02:23.0609 4072  [ 17BBBABB21F86B650B2626045A9D016C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:02:23.0765 4072  IntcAzAudAddService - ok
21:02:23.0781 4072  IntelIde - ok
21:02:23.0828 4072  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:02:23.0921 4072  intelppm - ok
21:02:23.0937 4072  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
21:02:24.0046 4072  Ip6Fw - ok
21:02:24.0093 4072  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:02:24.0187 4072  IpFilterDriver - ok
21:02:24.0218 4072  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:02:24.0328 4072  IpInIp - ok
21:02:24.0359 4072  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:02:24.0468 4072  IpNat - ok
21:02:24.0500 4072  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:02:24.0593 4072  IPSec - ok
21:02:24.0609 4072  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:02:24.0703 4072  IRENUM - ok
21:02:24.0718 4072  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:02:24.0812 4072  isapnp - ok
21:02:24.0890 4072  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:02:25.0000 4072  Kbdclass - ok
21:02:25.0000 4072  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:02:25.0093 4072  kbdhid - ok
21:02:25.0109 4072  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:02:25.0234 4072  kmixer - ok
21:02:25.0265 4072  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:02:25.0281 4072  KSecDD - ok
21:02:25.0312 4072  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:02:25.0343 4072  lanmanserver - ok
21:02:25.0375 4072  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:02:25.0406 4072  lanmanworkstation - ok
21:02:25.0406 4072  lbrtfdc - ok
21:02:25.0421 4072  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:02:25.0531 4072  LmHosts - ok
21:02:25.0562 4072  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:02:25.0578 4072  MBAMProtector - ok
21:02:25.0687 4072  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:02:25.0750 4072  MBAMScheduler - ok
21:02:25.0843 4072  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:02:25.0875 4072  MBAMService - ok
21:02:26.0078 4072  [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
21:02:26.0187 4072  McComponentHostService - ok
21:02:26.0218 4072  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:02:26.0250 4072  MDM ( UnsignedFile.Multi.Generic ) - warning
21:02:26.0250 4072  MDM - detected UnsignedFile.Multi.Generic (1)
21:02:26.0250 4072  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:02:26.0265 4072  mdmxsdk - ok
21:02:26.0281 4072  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:02:26.0406 4072  Messenger - ok
21:02:26.0468 4072  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:02:26.0484 4072  Microsoft Office Groove Audit Service - ok
21:02:26.0515 4072  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:02:26.0625 4072  mnmdd - ok
21:02:26.0718 4072  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
21:02:26.0812 4072  mnmsrvc - ok
21:02:26.0859 4072  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:02:26.0953 4072  Modem - ok
21:02:27.0031 4072  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:02:27.0125 4072  MODEMCSA - ok
21:02:27.0156 4072  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:02:27.0265 4072  Mouclass - ok
21:02:27.0281 4072  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:02:27.0406 4072  mouhid - ok
21:02:27.0421 4072  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:02:27.0515 4072  MountMgr - ok
21:02:27.0593 4072  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:02:27.0625 4072  MozillaMaintenance - ok
21:02:27.0625 4072  mraid35x - ok
21:02:27.0625 4072  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:02:27.0718 4072  MRxDAV - ok
21:02:27.0765 4072  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:02:27.0796 4072  MRxSmb - ok
21:02:27.0812 4072  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
21:02:27.0906 4072  MSDTC - ok
21:02:27.0953 4072  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:02:28.0046 4072  Msfs - ok
21:02:28.0062 4072  MSIServer - ok
21:02:28.0078 4072  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:02:28.0171 4072  MSKSSRV - ok
21:02:28.0234 4072  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:02:28.0375 4072  MSPCLOCK - ok
21:02:28.0390 4072  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:02:28.0500 4072  MSPQM - ok
21:02:28.0500 4072  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:02:28.0609 4072  mssmbios - ok
21:02:28.0640 4072  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:02:28.0734 4072  MSTEE - ok
21:02:28.0781 4072  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:02:28.0812 4072  Mup - ok
21:02:28.0875 4072  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:02:28.0984 4072  NABTSFEC - ok
21:02:29.0031 4072  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:02:29.0140 4072  napagent - ok
21:02:29.0140 4072  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:02:29.0265 4072  NDIS - ok
21:02:29.0281 4072  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:02:29.0390 4072  NdisIP - ok
21:02:29.0484 4072  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:02:29.0515 4072  NdisTapi - ok
21:02:29.0531 4072  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:02:29.0625 4072  Ndisuio - ok
21:02:29.0640 4072  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:02:29.0750 4072  NdisWan - ok
21:02:29.0765 4072  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:02:29.0781 4072  NDProxy - ok
21:02:29.0828 4072  [ 19715A9A573DAD2521348ABC74266A48 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
21:02:29.0843 4072  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:02:29.0843 4072  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:02:29.0843 4072  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:02:29.0937 4072  NetBIOS - ok
21:02:29.0968 4072  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:02:30.0078 4072  NetBT - ok
21:02:30.0125 4072  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:02:30.0218 4072  NetDDE - ok
21:02:30.0234 4072  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:02:30.0328 4072  NetDDEdsdm - ok
21:02:30.0406 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:02:30.0515 4072  Netlogon - ok
21:02:30.0515 4072  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
21:02:30.0640 4072  Netman - ok
21:02:30.0703 4072  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:02:30.0765 4072  NetTcpPortSharing - ok
21:02:30.0781 4072  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:02:30.0812 4072  Nla - ok
21:02:30.0812 4072  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:02:30.0921 4072  Npfs - ok
21:02:30.0953 4072  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:02:31.0078 4072  Ntfs - ok
21:02:31.0078 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
21:02:31.0171 4072  NtLmSsp - ok
21:02:31.0203 4072  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:02:31.0296 4072  NtmsSvc - ok
21:02:31.0312 4072  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:02:31.0406 4072  Null - ok
21:02:31.0593 4072  [ B702BE0AA72EA2E1D644BAEF9123A4CE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:02:31.0796 4072  nv - ok
21:02:31.0828 4072  [ E2FCBF957405AC17668C7DACCE537F1E ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
21:02:31.0875 4072  NVSvc - ok
21:02:31.0906 4072  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:02:32.0031 4072  NwlnkFlt - ok
21:02:32.0046 4072  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:02:32.0171 4072  NwlnkFwd - ok
21:02:32.0234 4072  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:02:32.0265 4072  odserv - ok
21:02:32.0343 4072  [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService  C:\Program Files\HMA! Pro VPN\bin\openvpnserv.exe
21:02:32.0375 4072  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
21:02:32.0375 4072  OpenVPNService - detected UnsignedFile.Multi.Generic (1)
21:02:32.0437 4072  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:32.0453 4072  ose - ok
21:02:32.0500 4072  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
21:02:32.0609 4072  Parport - ok
21:02:32.0640 4072  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:02:32.0750 4072  PartMgr - ok
21:02:32.0781 4072  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:02:32.0906 4072  ParVdm - ok
21:02:32.0906 4072  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:02:33.0000 4072  PCI - ok
21:02:33.0000 4072  PCIDump - ok
21:02:33.0109 4072  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:02:33.0203 4072  PCIIde - ok
21:02:33.0234 4072  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:02:33.0328 4072  Pcmcia - ok
21:02:33.0328 4072  PDCOMP - ok
21:02:33.0343 4072  PDFRAME - ok
21:02:33.0343 4072  PDRELI - ok
21:02:33.0343 4072  PDRFRAME - ok
21:02:33.0343 4072  perc2 - ok
21:02:33.0343 4072  perc2hib - ok
21:02:33.0375 4072  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:02:33.0421 4072  PlugPlay - ok
21:02:33.0437 4072  [ B36CD3F2ECA751C0CA8B8868BD1C5449 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
21:02:33.0468 4072  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:02:33.0468 4072  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:02:33.0468 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:02:33.0562 4072  PolicyAgent - ok
21:02:33.0625 4072  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:02:33.0718 4072  PptpMiniport - ok
21:02:33.0718 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:02:33.0812 4072  ProtectedStorage - ok
21:02:33.0828 4072  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:02:33.0921 4072  PSched - ok
21:02:33.0921 4072  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:02:34.0031 4072  Ptilink - ok
21:02:34.0062 4072  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:02:34.0078 4072  PxHelp20 - ok
21:02:34.0078 4072  ql1080 - ok
21:02:34.0093 4072  Ql10wnt - ok
21:02:34.0093 4072  ql12160 - ok
21:02:34.0093 4072  ql1240 - ok
21:02:34.0093 4072  ql1280 - ok
21:02:34.0359 4072  [ 6BAF8B9538B62BD5484449A447BD63D9 ] RapportCerberus_51755 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_51755.sys
21:02:34.0390 4072  RapportCerberus_51755 - ok
21:02:34.0484 4072  [ CAA060CF8D5292526A627ED487E0FCFF ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
21:02:34.0500 4072  RapportEI - ok
21:02:34.0640 4072  [ AE845C6B4305AAD70B9FE2C1F2D4593D ] RapportIaso     c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys
21:02:34.0656 4072  RapportIaso - ok
21:02:34.0750 4072  [ 10EAE66EC126E317F7457EAC3416EDC2 ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
21:02:34.0765 4072  RapportKELL - ok
21:02:34.0921 4072  [ 975E3A0CBABDD7ABB326ECE6860F5EC8 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
21:02:34.0953 4072  RapportMgmtService - ok
21:02:35.0046 4072  [ ABC4827E9BEADAEB37ECCF31510B88DF ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
21:02:35.0078 4072  RapportPG - ok
21:02:35.0125 4072  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:02:35.0218 4072  RasAcd - ok
21:02:35.0250 4072  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:02:35.0375 4072  RasAuto - ok
21:02:35.0390 4072  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:02:35.0500 4072  Rasl2tp - ok
21:02:35.0625 4072  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:02:35.0734 4072  RasMan - ok
21:02:35.0734 4072  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:02:35.0828 4072  RasPppoe - ok
21:02:35.0843 4072  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:02:35.0937 4072  Raspti - ok
21:02:36.0031 4072  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:02:36.0125 4072  Rdbss - ok
21:02:36.0125 4072  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:02:36.0250 4072  RDPCDD - ok
21:02:36.0359 4072  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:02:36.0375 4072  RDPWD - ok
21:02:36.0406 4072  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:02:36.0500 4072  RDSessMgr - ok
21:02:36.0609 4072  [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
21:02:36.0640 4072  RealNetworks Downloader Resolver Service - ok
21:02:36.0671 4072  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:02:36.0796 4072  redbook - ok
21:02:36.0828 4072  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:02:36.0921 4072  RemoteAccess - ok
21:02:37.0015 4072  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
21:02:37.0078 4072  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
21:02:37.0078 4072  RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
21:02:37.0140 4072  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
21:02:37.0156 4072  RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
21:02:37.0156 4072  RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
21:02:37.0171 4072  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:02:37.0281 4072  RpcLocator - ok
21:02:37.0328 4072  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
21:02:37.0359 4072  RpcSs - ok
21:02:37.0406 4072  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:02:37.0531 4072  RSVP - ok
21:02:37.0546 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:02:37.0640 4072  SamSs - ok
21:02:37.0703 4072  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:02:37.0796 4072  SCardSvr - ok
21:02:37.0828 4072  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:02:37.0953 4072  Schedule - ok
21:02:37.0984 4072  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:02:38.0031 4072  Secdrv - ok
21:02:38.0046 4072  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:02:38.0171 4072  seclogon - ok
21:02:38.0187 4072  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
21:02:38.0296 4072  SENS - ok
21:02:38.0359 4072  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
21:02:38.0468 4072  Serial - ok
21:02:38.0531 4072  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:02:38.0640 4072  Sfloppy - ok
21:02:38.0671 4072  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:02:38.0765 4072  SharedAccess - ok
21:02:38.0796 4072  [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:02:38.0890 4072  ShellHWDetection - ok
21:02:38.0890 4072  Simbad - ok
21:02:38.0968 4072  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:02:39.0000 4072  SkypeUpdate - ok
21:02:39.0046 4072  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:02:39.0140 4072  SLIP - ok
21:02:39.0187 4072  Sparrow - ok
21:02:39.0187 4072  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:02:39.0296 4072  splitter - ok
21:02:39.0328 4072  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:02:39.0343 4072  Spooler - ok
21:02:39.0359 4072  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:02:39.0421 4072  sr - ok
21:02:39.0453 4072  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:02:39.0531 4072  srservice - ok
21:02:39.0562 4072  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:02:39.0609 4072  Srv - ok
21:02:39.0640 4072  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:02:39.0734 4072  SSDPSRV - ok
21:02:39.0781 4072  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:02:39.0875 4072  stisvc - ok
21:02:39.0968 4072  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:02:39.0984 4072  stllssvr ( UnsignedFile.Multi.Generic ) - warning
21:02:39.0984 4072  stllssvr - detected UnsignedFile.Multi.Generic (1)
21:02:40.0015 4072  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:02:40.0109 4072  streamip - ok
21:02:40.0156 4072  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:02:40.0281 4072  swenum - ok
21:02:40.0281 4072  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:02:40.0390 4072  swmidi - ok
21:02:40.0390 4072  SwPrv - ok
21:02:40.0390 4072  symc810 - ok
21:02:40.0406 4072  symc8xx - ok
21:02:40.0406 4072  sym_hi - ok
21:02:40.0406 4072  sym_u3 - ok
21:02:40.0406 4072  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:02:40.0500 4072  sysaudio - ok
21:02:40.0531 4072  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:02:40.0625 4072  SysmonLog - ok
21:02:40.0718 4072  [ 11D34FC869F5BDA29949FE3858380894 ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
21:02:40.0734 4072  tap0901 ( UnsignedFile.Multi.Generic ) - warning
21:02:40.0734 4072  tap0901 - detected UnsignedFile.Multi.Generic (1)
21:02:40.0796 4072  [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss          C:\WINDOWS\system32\DRIVERS\taphss.sys
21:02:40.0828 4072  taphss - ok
21:02:40.0843 4072  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:02:40.0937 4072  TapiSrv - ok
21:02:41.0031 4072  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:02:41.0078 4072  Tcpip - ok
21:02:41.0109 4072  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:02:41.0234 4072  TDPIPE - ok
21:02:41.0250 4072  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:02:41.0375 4072  TDTCP - ok
21:02:41.0375 4072  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:02:41.0468 4072  TermDD - ok
21:02:41.0500 4072  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
21:02:41.0625 4072  TermService - ok
21:02:41.0640 4072  TfFsMon - ok
21:02:41.0640 4072  TfNetMon - ok
21:02:41.0640 4072  TfSysMon - ok
21:02:41.0703 4072  [ 1926899BF9FFE2602B63074971700412 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:02:41.0796 4072  Themes - ok
21:02:41.0796 4072  TosIde - ok
21:02:41.0828 4072  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:02:41.0953 4072  TrkWks - ok
21:02:42.0015 4072  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:02:42.0125 4072  Udfs - ok
21:02:42.0125 4072  ultra - ok
21:02:42.0187 4072  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:02:42.0281 4072  Update - ok
21:02:42.0296 4072  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:02:42.0375 4072  upnphost - ok
21:02:42.0390 4072  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
21:02:42.0500 4072  UPS - ok
21:02:42.0531 4072  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
21:02:42.0562 4072  USBAAPL - ok
21:02:42.0609 4072  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:02:42.0703 4072  usbaudio - ok
21:02:42.0734 4072  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:02:42.0843 4072  usbccgp - ok
21:02:42.0859 4072  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:02:42.0953 4072  usbehci - ok
21:02:42.0968 4072  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:02:43.0078 4072  usbhub - ok
21:02:43.0140 4072  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:02:43.0265 4072  usbprint - ok
21:02:43.0265 4072  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:02:43.0359 4072  usbscan - ok
21:02:43.0359 4072  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:02:43.0453 4072  usbstor - ok
21:02:43.0484 4072  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:02:43.0578 4072  usbuhci - ok
21:02:43.0625 4072  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
21:02:43.0718 4072  usbvideo - ok
21:02:43.0734 4072  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:02:43.0843 4072  VgaSave - ok
21:02:43.0843 4072  ViaIde - ok
21:02:43.0859 4072  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:02:43.0953 4072  VolSnap - ok
21:02:44.0015 4072  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
21:02:44.0078 4072  VSS - ok
21:02:44.0093 4072  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
21:02:44.0203 4072  W32Time - ok
21:02:44.0234 4072  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:02:44.0328 4072  Wanarp - ok
21:02:44.0375 4072  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
21:02:44.0406 4072  Wdf01000 - ok
21:02:44.0406 4072  WDICA - ok
21:02:44.0453 4072  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:02:44.0546 4072  wdmaud - ok
21:02:44.0562 4072  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:02:44.0656 4072  WebClient - ok
21:02:44.0687 4072  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:02:44.0718 4072  winachsf - ok
21:02:44.0796 4072  [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
21:02:44.0812 4072  WinDefend - ok
21:02:44.0921 4072  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:02:45.0015 4072  winmgmt - ok
21:02:45.0078 4072  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
21:02:45.0109 4072  WinUSB - ok
21:02:45.0140 4072  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:02:45.0156 4072  WmdmPmSN - ok
21:02:45.0171 4072  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:02:45.0296 4072  WmiApSrv - ok
21:02:45.0406 4072  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
21:02:45.0453 4072  WMPNetworkSvc - ok
21:02:45.0515 4072  [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
21:02:45.0546 4072  WMZuneComm - ok
21:02:45.0640 4072  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:02:45.0687 4072  WPFFontCache_v0400 - ok
21:02:45.0765 4072  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:02:45.0875 4072  WS2IFSL - ok
21:02:45.0953 4072  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:02:46.0062 4072  wscsvc - ok
21:02:46.0062 4072  WSearch - ok
21:02:46.0140 4072  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:02:46.0265 4072  WSTCODEC - ok
21:02:46.0281 4072  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:02:46.0421 4072  wuauserv - ok
21:02:46.0453 4072  [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:02:46.0500 4072  WudfPf - ok
21:02:46.0500 4072  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:02:46.0531 4072  WudfRd - ok
21:02:46.0562 4072  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
21:02:46.0609 4072  WudfSvc - ok
21:02:46.0671 4072  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:02:46.0796 4072  WZCSVC - ok
21:02:46.0812 4072  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:02:46.0921 4072  xmlprov - ok
21:02:46.0953 4072  [ AE279CD76B38FC079EEC3CA6D65A5926 ] zumbus          C:\WINDOWS\system32\DRIVERS\zumbus.sys
21:02:47.0000 4072  zumbus - ok
21:02:47.0015 4072  [ 37F339B64F19E2775284ED7161B96683 ] ZuneBusEnum     C:\Program Files\Zune\ZuneBusEnum.exe
21:02:47.0046 4072  ZuneBusEnum - ok
21:02:47.0203 4072  [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
21:02:47.0390 4072  ZuneNetworkSvc - ok
21:02:47.0468 4072  [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
21:02:47.0500 4072  ZuneWlanCfgSvc - ok
21:02:47.0515 4072  ================ Scan global ===============================
21:02:47.0593 4072  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:02:47.0625 4072  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:02:47.0640 4072  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:02:47.0656 4072  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:02:47.0671 4072  [Global] - ok
21:02:47.0671 4072  ================ Scan MBR ==================================
21:02:47.0687 4072  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:02:48.0000 4072  \Device\Harddisk0\DR0 - ok
21:02:48.0000 4072  ================ Scan VBR ==================================
21:02:48.0000 4072  [ F63AA2A20E8F72DDDED2D2FDE7DEC8BF ] \Device\Harddisk0\DR0\Partition1
21:02:48.0000 4072  \Device\Harddisk0\DR0\Partition1 - ok
21:02:48.0000 4072  ================ Scan active images ========================
21:02:48.0000 4072  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\intelppm.sys - ok
21:02:48.0000 4072  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\videoprt.sys - ok
21:02:48.0000 4072  [ B702BE0AA72EA2E1D644BAEF9123A4CE ] C:\WINDOWS\system32\drivers\nv4_mini.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
21:02:48.0000 4072  [ 34AAA3B298A852B3663E6E0D94D12945 ] C:\WINDOWS\system32\drivers\e1e5132.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\e1e5132.sys - ok
21:02:48.0000 4072  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\usbport.sys - ok
21:02:48.0000 4072  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
21:02:48.0000 4072  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
21:02:48.0015 4072  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\usbehci.sys - ok
21:02:48.0015 4072  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
21:02:48.0015 4072  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\ks.sys - ok
21:02:48.0015 4072  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] C:\WINDOWS\system32\drivers\HSFHWBS2.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\HSFHWBS2.sys - ok
21:02:48.0015 4072  [ 60E1604729A15EF4A3B05F298427B3B1 ] C:\WINDOWS\system32\drivers\HSF_DP.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\HSF_DP.sys - ok
21:02:48.0015 4072  [ F59ED5A43B988A18EF582BB07B2327A7 ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
21:02:48.0015 4072  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\fdc.sys - ok
21:02:48.0015 4072  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\imapi.sys - ok
21:02:48.0015 4072  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\modem.sys - ok
21:02:48.0015 4072  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
21:02:48.0015 4072  C:\WINDOWS\system32\drivers\audstub.sys - ok
21:02:48.0031 4072  [ 4B0A100EAF5C49EF3CCA8C641431EACC ] C:\WINDOWS\system32\drivers\cdrom.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\cdrom.sys - ok
21:02:48.0031 4072  [ 76167B5EB2DFFC729EDC36386876B40B ] C:\WINDOWS\system32\drivers\DLACDBHM.SYS
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\DLACDBHM.SYS - ok
21:02:48.0031 4072  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
21:02:48.0031 4072  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\redbook.sys - ok
21:02:48.0031 4072  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
21:02:48.0031 4072  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
21:02:48.0031 4072  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
21:02:48.0031 4072  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
21:02:48.0031 4072  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\raspptp.sys - ok
21:02:48.0031 4072  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
21:02:48.0031 4072  C:\WINDOWS\system32\drivers\tdi.sys - ok
21:02:48.0046 4072  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\msgpc.sys - ok
21:02:48.0046 4072  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\psched.sys - ok
21:02:48.0046 4072  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\ptilink.sys - ok
21:02:48.0046 4072  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
21:02:48.0046 4072  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\mouclass.sys - ok
21:02:48.0046 4072  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\raspti.sys - ok
21:02:48.0046 4072  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\swenum.sys - ok
21:02:48.0046 4072  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\termdd.sys - ok
21:02:48.0046 4072  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
21:02:48.0046 4072  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
21:02:48.0046 4072  C:\WINDOWS\system32\drivers\update.sys - ok
21:02:48.0062 4072  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
21:02:48.0062 4072  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
21:02:48.0062 4072  [ AE279CD76B38FC079EEC3CA6D65A5926 ] C:\WINDOWS\system32\drivers\zumbus.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\zumbus.sys - ok
21:02:48.0062 4072  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
21:02:48.0062 4072  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\usbd.sys - ok
21:02:48.0062 4072  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\usbhub.sys - ok
21:02:48.0062 4072  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\MODEMCSA.sys - ok
21:02:48.0062 4072  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\drmk.sys - ok
21:02:48.0062 4072  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\portcls.sys - ok
21:02:48.0062 4072  [ 17BBBABB21F86B650B2626045A9D016C ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:02:48.0062 4072  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
21:02:48.0078 4072  [ 6BAF8B9538B62BD5484449A447BD63D9 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_51755.sys
21:02:48.0078 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_51755.sys - ok
21:02:48.0078 4072  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
21:02:48.0078 4072  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
21:02:48.0078 4072  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\beep.sys - ok
21:02:48.0078 4072  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
21:02:48.0078 4072  [ 91886FED52A3F9966207BCE46CFD794F ] C:\WINDOWS\system32\drivers\DLARTL_M.SYS
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\DLARTL_M.SYS - ok
21:02:48.0078 4072  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
21:02:48.0078 4072  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
21:02:48.0078 4072  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\null.sys - ok
21:02:48.0078 4072  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\hidparse.sys - ok
21:02:48.0078 4072  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
21:02:48.0078 4072  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
21:02:48.0093 4072  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
21:02:48.0093 4072  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
21:02:48.0093 4072  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\vga.sys - ok
21:02:48.0093 4072  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\ipsec.sys - ok
21:02:48.0093 4072  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\msfs.sys - ok
21:02:48.0093 4072  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\npfs.sys - ok
21:02:48.0093 4072  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\rasacd.sys - ok
21:02:48.0093 4072  [ 33E21FFB063CA6C7E00D568467DC72E4 ] C:\WINDOWS\system32\drivers\aswTdi.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\aswTdi.sys - ok
21:02:48.0093 4072  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\ipnat.sys - ok
21:02:48.0093 4072  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
21:02:48.0093 4072  C:\WINDOWS\system32\drivers\netbt.sys - ok
21:02:48.0109 4072  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\tcpip.sys - ok
21:02:48.0109 4072  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\afd.sys - ok
21:02:48.0109 4072  [ C1A411B7CCD604554D96EFDAC2F83617 ] C:\WINDOWS\system32\drivers\aswRdr.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\aswRdr.sys - ok
21:02:48.0109 4072  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\wanarp.sys - ok
21:02:48.0109 4072  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
21:02:48.0109 4072  [ ABC4827E9BEADAEB37ECCF31510B88DF ] C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
21:02:48.0109 4072  C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys - ok
21:02:48.0109 4072  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\netbios.sys - ok
21:02:48.0109 4072  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\rdbss.sys - ok
21:02:48.0109 4072  [ CAA060CF8D5292526A627ED487E0FCFF ] C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
21:02:48.0109 4072  C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys - ok
21:02:48.0109 4072  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
21:02:48.0109 4072  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
21:02:48.0125 4072  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\fips.sys - ok
21:02:48.0125 4072  [ 6FC4AA106AA505394C908D37CCCB9148 ] C:\WINDOWS\system32\drivers\aswSP.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\aswSP.sys - ok
21:02:48.0125 4072  [ 0E604867FC28F00D91CB0B00D2EC830D ] C:\WINDOWS\system32\drivers\aswSnx.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\aswSnx.sys - ok
21:02:48.0125 4072  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
21:02:48.0125 4072  C:\WINDOWS\system32\smss.exe - ok
21:02:48.0125 4072  [ 911DDF2E16761643A47225F654D811E5 ] C:\WINDOWS\system32\ntdll.dll
21:02:48.0125 4072  C:\WINDOWS\system32\ntdll.dll - ok
21:02:48.0125 4072  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
21:02:48.0125 4072  C:\WINDOWS\system32\autochk.exe - ok
21:02:48.0125 4072  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\hidclass.sys - ok
21:02:48.0125 4072  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
21:02:48.0125 4072  C:\WINDOWS\system32\sfcfiles.dll - ok
21:02:48.0125 4072  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\hidusb.sys - ok
21:02:48.0125 4072  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
21:02:48.0125 4072  C:\WINDOWS\system32\drivers\cdfs.sys - ok
21:02:48.0140 4072  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
21:02:48.0140 4072  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\usbstor.sys - ok
21:02:48.0140 4072  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\mouhid.sys - ok
21:02:48.0140 4072  [ ABCB05CCDBF03000354B9553820E39F8 ] C:\WINDOWS\system32\drivers\HPZius12.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\HPZius12.sys - ok
21:02:48.0140 4072  [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\usbprint.sys - ok
21:02:48.0140 4072  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] C:\WINDOWS\system32\drivers\usbscan.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\usbscan.sys - ok
21:02:48.0140 4072  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] C:\WINDOWS\system32\drivers\HPZid412.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\HPZid412.sys - ok
21:02:48.0140 4072  [ 89F41658929393487B6B7D13C8528CE3 ] C:\WINDOWS\system32\drivers\HPZipr12.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\HPZipr12.sys - ok
21:02:48.0140 4072  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\atapi.sys - ok
21:02:48.0140 4072  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
21:02:48.0140 4072  C:\WINDOWS\system32\drivers\wmilib.sys - ok
21:02:48.0156 4072  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
21:02:48.0156 4072  C:\WINDOWS\system32\drivers\dxapi.sys - ok
21:02:48.0156 4072  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
21:02:48.0156 4072  C:\WINDOWS\system32\watchdog.sys - ok
21:02:48.0156 4072  [ 860AC2E4711D2DACF12D98A42105A611 ] C:\WINDOWS\system32\win32k.sys
21:02:48.0156 4072  C:\WINDOWS\system32\win32k.sys - ok
21:02:48.0156 4072  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
21:02:48.0156 4072  C:\WINDOWS\system32\csrsrv.dll - ok
21:02:48.0156 4072  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
21:02:48.0156 4072  C:\WINDOWS\system32\csrss.exe - ok
21:02:48.0156 4072  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:02:48.0156 4072  C:\WINDOWS\system32\basesrv.dll - ok
21:02:48.0156 4072  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
21:02:48.0156 4072  C:\WINDOWS\system32\winsrv.dll - ok
21:02:48.0156 4072  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
21:02:48.0156 4072  C:\WINDOWS\system32\gdi32.dll - ok
21:02:48.0156 4072  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
21:02:48.0156 4072  C:\WINDOWS\system32\kernel32.dll - ok
21:02:48.0156 4072  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
21:02:48.0156 4072  C:\WINDOWS\system32\user32.dll - ok
21:02:48.0171 4072  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
21:02:48.0171 4072  C:\WINDOWS\system32\drivers\dxg.sys - ok
21:02:48.0171 4072  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
21:02:48.0171 4072  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
21:02:48.0171 4072  [ 4134114B236CE58BB6103AEE88A1ECC4 ] C:\WINDOWS\system32\nv4_disp.dll
21:02:48.0171 4072  C:\WINDOWS\system32\nv4_disp.dll - ok
21:02:48.0171 4072  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
21:02:48.0171 4072  C:\WINDOWS\system32\vga.dll - ok
21:02:48.0171 4072  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
21:02:48.0171 4072  C:\WINDOWS\system32\winlogon.exe - ok
21:02:48.0171 4072  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
21:02:48.0171 4072  C:\WINDOWS\system32\advapi32.dll - ok
21:02:48.0171 4072  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
21:02:48.0171 4072  C:\WINDOWS\system32\rpcrt4.dll - ok
21:02:48.0171 4072  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
21:02:48.0171 4072  C:\WINDOWS\system32\authz.dll - ok
21:02:48.0171 4072  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
21:02:48.0171 4072  C:\WINDOWS\system32\secur32.dll - ok
21:02:48.0171 4072  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
21:02:48.0171 4072  C:\WINDOWS\system32\crypt32.dll - ok
21:02:48.0171 4072  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
21:02:48.0171 4072  C:\WINDOWS\system32\msvcrt.dll - ok
21:02:48.0187 4072  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
21:02:48.0187 4072  C:\WINDOWS\system32\msasn1.dll - ok
21:02:48.0187 4072  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
21:02:48.0187 4072  C:\WINDOWS\system32\nddeapi.dll - ok
21:02:48.0187 4072  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
21:02:48.0187 4072  C:\WINDOWS\system32\netapi32.dll - ok
21:02:48.0187 4072  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
21:02:48.0187 4072  C:\WINDOWS\system32\profmap.dll - ok
21:02:48.0187 4072  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
21:02:48.0187 4072  C:\WINDOWS\system32\userenv.dll - ok
21:02:48.0187 4072  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
21:02:48.0187 4072  C:\WINDOWS\system32\psapi.dll - ok
21:02:48.0187 4072  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
21:02:48.0187 4072  C:\WINDOWS\system32\regapi.dll - ok
21:02:48.0187 4072  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
21:02:48.0187 4072  C:\WINDOWS\system32\setupapi.dll - ok
21:02:48.0187 4072  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
21:02:48.0187 4072  C:\WINDOWS\system32\version.dll - ok
21:02:48.0187 4072  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
21:02:48.0187 4072  C:\WINDOWS\system32\winsta.dll - ok
21:02:48.0203 4072  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
21:02:48.0203 4072  C:\WINDOWS\system32\wintrust.dll - ok
21:02:48.0203 4072  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
21:02:48.0203 4072  C:\WINDOWS\system32\imagehlp.dll - ok
21:02:48.0203 4072  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
21:02:48.0203 4072  C:\WINDOWS\system32\imm32.dll - ok
21:02:48.0203 4072  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
21:02:48.0203 4072  C:\WINDOWS\system32\ws2help.dll - ok
21:02:48.0203 4072  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
21:02:48.0203 4072  C:\WINDOWS\system32\ws2_32.dll - ok
21:02:48.0203 4072  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
21:02:48.0203 4072  C:\WINDOWS\system32\kbdus.dll - ok
21:02:48.0203 4072  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
21:02:48.0203 4072  C:\WINDOWS\system32\msgina.dll - ok
21:02:48.0203 4072  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
21:02:48.0203 4072  C:\WINDOWS\system32\comctl32.dll - ok
21:02:48.0203 4072  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
21:02:48.0203 4072  C:\WINDOWS\system32\comdlg32.dll - ok
21:02:48.0203 4072  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
21:02:48.0203 4072  C:\WINDOWS\system32\odbc32.dll - ok
21:02:48.0218 4072  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
21:02:48.0218 4072  C:\WINDOWS\system32\shell32.dll - ok
21:02:48.0218 4072  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
21:02:48.0218 4072  C:\WINDOWS\system32\shlwapi.dll - ok
21:02:48.0218 4072  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
21:02:48.0218 4072  C:\WINDOWS\system32\sxs.dll - ok
21:02:48.0218 4072  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
21:02:48.0218 4072  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
21:02:48.0218 4072  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
21:02:48.0218 4072  C:\WINDOWS\system32\odbcint.dll - ok
21:02:48.0218 4072  [ 1926899BF9FFE2602B63074971700412 ] C:\WINDOWS\system32\shsvcs.dll
21:02:48.0218 4072  C:\WINDOWS\system32\shsvcs.dll - ok
21:02:48.0218 4072  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
21:02:48.0218 4072  C:\WINDOWS\system32\ole32.dll - ok
21:02:48.0218 4072  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
21:02:48.0218 4072  C:\WINDOWS\system32\sfc.dll - ok
21:02:48.0218 4072  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
21:02:48.0218 4072  C:\WINDOWS\system32\sfc_os.dll - ok
21:02:48.0218 4072  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
21:02:48.0218 4072  C:\WINDOWS\system32\apphelp.dll - ok
21:02:48.0234 4072  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
21:02:48.0234 4072  C:\WINDOWS\system32\lsasrv.dll - ok
21:02:48.0234 4072  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
21:02:48.0234 4072  C:\WINDOWS\system32\lsass.exe - ok
21:02:48.0234 4072  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
21:02:48.0234 4072  C:\WINDOWS\system32\msvcp60.dll - ok
21:02:48.0234 4072  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
21:02:48.0234 4072  C:\WINDOWS\system32\ncobjapi.dll - ok
21:02:48.0234 4072  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:02:48.0234 4072  C:\WINDOWS\system32\services.exe - ok
21:02:48.0234 4072  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
21:02:48.0234 4072  C:\WINDOWS\system32\scesrv.dll - ok
21:02:48.0234 4072  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
21:02:48.0234 4072  C:\WINDOWS\system32\dnsapi.dll - ok
21:02:48.0234 4072  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
21:02:48.0234 4072  C:\WINDOWS\system32\mpr.dll - ok
21:02:48.0234 4072  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
21:02:48.0234 4072  C:\WINDOWS\system32\ntdsapi.dll - ok
21:02:48.0234 4072  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
21:02:48.0234 4072  C:\WINDOWS\system32\umpnpmgr.dll - ok
21:02:48.0250 4072  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
21:02:48.0250 4072  C:\WINDOWS\system32\shimeng.dll - ok
21:02:48.0250 4072  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
21:02:48.0250 4072  C:\WINDOWS\system32\wldap32.dll - ok
21:02:48.0250 4072  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
21:02:48.0250 4072  C:\WINDOWS\AppPatch\acadproc.dll - ok
21:02:48.0250 4072  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
21:02:48.0250 4072  C:\WINDOWS\system32\samlib.dll - ok
21:02:48.0250 4072  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
21:02:48.0250 4072  C:\WINDOWS\system32\samsrv.dll - ok
21:02:48.0250 4072  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
21:02:48.0250 4072  C:\WINDOWS\AppPatch\acgenral.dll - ok
21:02:48.0250 4072  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
21:02:48.0250 4072  C:\WINDOWS\system32\cryptdll.dll - ok
21:02:48.0250 4072  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
21:02:48.0250 4072  C:\WINDOWS\system32\winmm.dll - ok
21:02:48.0250 4072  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
21:02:48.0250 4072  C:\WINDOWS\system32\oleaut32.dll - ok
21:02:48.0250 4072  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
21:02:48.0250 4072  C:\WINDOWS\system32\msacm32.dll - ok
21:02:48.0265 4072  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
21:02:48.0265 4072  C:\WINDOWS\system32\uxtheme.dll - ok
21:02:48.0265 4072  [ E73F18195CCF4AAAA87B2D22E83F791C ] C:\WINDOWS\system32\serwvdrv.dll
21:02:48.0265 4072  C:\WINDOWS\system32\serwvdrv.dll - ok
21:02:48.0265 4072  [ EC2AD9AC452E0A8D976FB1B1718517CE ] C:\WINDOWS\system32\umdmxfrm.dll
21:02:48.0265 4072  C:\WINDOWS\system32\umdmxfrm.dll - ok
21:02:48.0265 4072  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
21:02:48.0265 4072  C:\WINDOWS\system32\msapsspc.dll - ok
21:02:48.0265 4072  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
21:02:48.0265 4072  C:\WINDOWS\system32\msvcrt40.dll - ok
21:02:48.0265 4072  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
21:02:48.0265 4072  C:\WINDOWS\system32\schannel.dll - ok
21:02:48.0265 4072  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
21:02:48.0265 4072  C:\WINDOWS\system32\digest.dll - ok
21:02:48.0265 4072  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
21:02:48.0265 4072  C:\WINDOWS\system32\msnsspc.dll - ok
21:02:48.0265 4072  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
21:02:48.0265 4072  C:\WINDOWS\system32\kerberos.dll - ok
21:02:48.0265 4072  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
21:02:48.0265 4072  C:\WINDOWS\system32\msctfime.ime - ok
21:02:48.0265 4072  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
21:02:48.0265 4072  C:\WINDOWS\system32\msprivs.dll - ok
21:02:48.0281 4072  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
21:02:48.0281 4072  C:\WINDOWS\system32\atmfd.dll - ok
21:02:48.0281 4072  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
21:02:48.0281 4072  C:\WINDOWS\system32\msv1_0.dll - ok
21:02:48.0281 4072  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
21:02:48.0281 4072  C:\WINDOWS\system32\iphlpapi.dll - ok
21:02:48.0281 4072  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
21:02:48.0281 4072  C:\WINDOWS\system32\netlogon.dll - ok
21:02:48.0281 4072  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
21:02:48.0281 4072  C:\WINDOWS\system32\w32time.dll - ok
21:02:48.0281 4072  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
21:02:48.0281 4072  C:\WINDOWS\system32\wdigest.dll - ok
21:02:48.0281 4072  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
21:02:48.0281 4072  C:\WINDOWS\system32\rsaenh.dll - ok
21:02:48.0281 4072  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
21:02:48.0281 4072  C:\WINDOWS\system32\winscard.dll - ok
21:02:48.0281 4072  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
21:02:48.0281 4072  C:\WINDOWS\system32\wtsapi32.dll - ok
21:02:48.0281 4072  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
21:02:48.0281 4072  C:\WINDOWS\system32\scecli.dll - ok
21:02:48.0296 4072  [ A6E20E62871A28A0F1C05B1681848FA7 ] C:\WINDOWS\system32\drivers\aswMonFlt.sys
21:02:48.0296 4072  C:\WINDOWS\system32\drivers\aswMonFlt.sys - ok
21:02:48.0296 4072  [ 4470E3C1E0C3378E4CAB137893C12C3A ] C:\WINDOWS\system32\drivers\mbam.sys
21:02:48.0296 4072  C:\WINDOWS\system32\drivers\mbam.sys - ok
21:02:48.0296 4072  [ CCDA8D84FD02AEC52E62F296433AE9DC ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:02:48.0296 4072  C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
21:02:48.0296 4072  [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] C:\WINDOWS\system32\drivers\DRVNDDM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\drivers\DRVNDDM.SYS - ok
21:02:48.0296 4072  [ 0659E6E0A95564F958D9DF7313F7701E ] C:\WINDOWS\system32\DLA\DLABMFSM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLABMFSM.SYS - ok
21:02:48.0296 4072  [ 8691C78908F0BD66170669DB268369F2 ] C:\WINDOWS\system32\DLA\DLABOIOM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLABOIOM.SYS - ok
21:02:48.0296 4072  [ 5615744A1056933B90E6AC54FEB86F35 ] C:\WINDOWS\system32\DLA\DLADResM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLADResM.SYS - ok
21:02:48.0296 4072  [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLAIFS_M.SYS - ok
21:02:48.0296 4072  [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLAOPIOM.SYS - ok
21:02:48.0296 4072  [ 0294D18731AC05DA80132CE88F8A876B ] C:\WINDOWS\system32\DLA\DLAPoolM.SYS
21:02:48.0296 4072  C:\WINDOWS\system32\DLA\DLAPoolM.SYS - ok
21:02:48.0312 4072  [ CCA4E121D599D7D1706A30F603731E59 ] C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
21:02:48.0312 4072  C:\WINDOWS\system32\DLA\DLAUDFAM.SYS - ok
21:02:48.0312 4072  [ EAA6324F51214D2F6718977EC9CE0DEF ] C:\WINDOWS\system32\drivers\WudfPf.sys
21:02:48.0312 4072  C:\WINDOWS\system32\drivers\WudfPf.sys - ok
21:02:48.0312 4072  [ 7DAB85C33135DF24419951DA4E7D38E5 ] C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
21:02:48.0312 4072  C:\WINDOWS\system32\DLA\DLAUDF_M.SYS - ok
21:02:48.0312 4072  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
21:02:48.0312 4072  C:\WINDOWS\system32\svchost.exe - ok
21:02:48.0312 4072  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
21:02:48.0312 4072  C:\WINDOWS\system32\ntmarta.dll - ok
21:02:48.0312 4072  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
21:02:48.0312 4072  C:\WINDOWS\system32\rpcss.dll - ok
21:02:48.0312 4072  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
21:02:48.0312 4072  C:\WINDOWS\system32\xpsp2res.dll - ok
21:02:48.0312 4072  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
21:02:48.0312 4072  C:\WINDOWS\system32\eventlog.dll - ok
21:02:48.0312 4072  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
21:02:48.0312 4072  C:\WINDOWS\system32\mswsock.dll - ok
21:02:48.0312 4072  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
21:02:48.0312 4072  C:\WINDOWS\system32\hnetcfg.dll - ok
21:02:48.0328 4072  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
21:02:48.0328 4072  C:\WINDOWS\system32\wshtcpip.dll - ok
21:02:48.0328 4072  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
21:02:48.0328 4072  C:\WINDOWS\system32\rasadhlp.dll - ok
21:02:48.0328 4072  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
21:02:48.0328 4072  C:\WINDOWS\system32\winrnr.dll - ok
21:02:48.0328 4072  [ F45DD1E1365D857DD08BC23563370D0E ] C:\Program Files\Windows Defender\MsMpEng.exe
21:02:48.0328 4072  C:\Program Files\Windows Defender\MsMpEng.exe - ok
21:02:48.0328 4072  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
21:02:48.0328 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
21:02:48.0328 4072  [ 64898BEA32C12BADDA4218BE88DBD595 ] C:\Program Files\Windows Defender\MpSvc.dll
21:02:48.0328 4072  C:\Program Files\Windows Defender\MpSvc.dll - ok
21:02:48.0328 4072  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
21:02:48.0328 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
21:02:48.0328 4072  [ 6F44DD636C791B70ADE78FE974BE0A1D ] C:\Program Files\Windows Defender\MpClient.dll
21:02:48.0328 4072  C:\Program Files\Windows Defender\MpClient.dll - ok
21:02:48.0328 4072  [ 975E3A0CBABDD7ABB326ECE6860F5EC8 ] C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
21:02:48.0328 4072  C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe - ok
21:02:48.0328 4072  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
21:02:48.0328 4072  C:\WINDOWS\system32\logonui.exe - ok
21:02:48.0343 4072  [ 5FC8307E040C2E95EA4F486C8379FB64 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{2BA7365C-5F46-4BAD-875C-3192883327AF}\mpengine.dll
21:02:48.0343 4072  C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{2BA7365C-5F46-4BAD-875C-3192883327AF}\mpengine.dll - ok
21:02:48.0343 4072  [ FB034D0B537324C02B91940C780E5F49 ] C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll
21:02:48.0343 4072  C:\Program Files\Trusteer\Rapport\bin\RapportUtil.dll - ok
21:02:48.0343 4072  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
21:02:48.0343 4072  C:\WINDOWS\system32\duser.dll - ok
21:02:48.0343 4072  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
21:02:48.0343 4072  C:\WINDOWS\system32\msimg32.dll - ok
21:02:48.0343 4072  [ 39C583102A3BAD601E54BA3460AE24BA ] C:\Program Files\Trusteer\Rapport\bin\TRF.dll
21:02:48.0343 4072  C:\Program Files\Trusteer\Rapport\bin\TRF.dll - ok
21:02:48.0343 4072  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
21:02:48.0343 4072  C:\WINDOWS\system32\oleacc.dll - ok
21:02:48.0343 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll
21:02:48.0343 4072  C:\Program Files\Trusteer\Rapport\bin\msvcr80.dll - ok
21:02:48.0343 4072  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
21:02:48.0343 4072  C:\WINDOWS\system32\clbcatq.dll - ok
21:02:48.0343 4072  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
21:02:48.0343 4072  C:\WINDOWS\system32\comres.dll - ok
21:02:48.0343 4072  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
21:02:48.0343 4072  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
21:02:48.0359 4072  [ 84C07D29912726032A583AEA2FF29B7D ] C:\Program Files\Windows Defender\MpRtPlug.dll
21:02:48.0359 4072  C:\Program Files\Windows Defender\MpRtPlug.dll - ok
21:02:48.0359 4072  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
21:02:48.0359 4072  C:\WINDOWS\system32\shgina.dll - ok
21:02:48.0359 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll
21:02:48.0359 4072  C:\Program Files\Trusteer\Rapport\bin\msvcp80.dll - ok
21:02:48.0359 4072  [ DA5B96A293B006572209E5EAC9F3A045 ] C:\WINDOWS\system32\wininet.dll
21:02:48.0359 4072  C:\WINDOWS\system32\wininet.dll - ok
21:02:48.0359 4072  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
21:02:48.0359 4072  C:\WINDOWS\system32\normaliz.dll - ok
21:02:48.0359 4072  [ A9D17E2AFAB5EB5C4920D8E07505D3CA ] C:\WINDOWS\system32\urlmon.dll
21:02:48.0359 4072  C:\WINDOWS\system32\urlmon.dll - ok
21:02:48.0359 4072  [ BD485DBD15FFA3286A75906E4C4DD914 ] C:\WINDOWS\system32\iertutil.dll
21:02:48.0359 4072  C:\WINDOWS\system32\iertutil.dll - ok
21:02:48.0359 4072  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
21:02:48.0359 4072  C:\WINDOWS\system32\wsock32.dll - ok
21:02:48.0359 4072  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
21:02:48.0359 4072  C:\WINDOWS\system32\msi.dll - ok
21:02:48.0359 4072  [ 9ED39805DF38061BB031D0F2B20DFB77 ] C:\WINDOWS\system32\ntkrnlpa.exe
21:02:48.0359 4072  C:\WINDOWS\system32\ntkrnlpa.exe - ok
21:02:48.0359 4072  [ 355129539881BCA4311EE32E79A99D67 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll
21:02:48.0359 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\KoanLight.dll - ok
21:02:48.0375 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcp80.dll - ok
21:02:48.0375 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\msvcr80.dll - ok
21:02:48.0375 4072  [ 1C7AA32AB502ED57B9A7A857E181C0ED ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\KoanLight\baseline\atl80.dll - ok
21:02:48.0375 4072  [ B00E9442B0BFE13C5ED2E5A07C20AEEC ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\NikkoLight.dll - ok
21:02:48.0375 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcr80.dll - ok
21:02:48.0375 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\msvcp80.dll - ok
21:02:48.0375 4072  [ 1C7AA32AB502ED57B9A7A857E181C0ED ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\NikkoLight\baseline\atl80.dll - ok
21:02:48.0375 4072  [ 81437FFE4702EEC19CE44E37929EC1F9 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll - ok
21:02:48.0375 4072  [ 1557FADD7DECA8C54AAB360EC125DB41 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\RapportGP.dll - ok
21:02:48.0375 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll
21:02:48.0375 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcp80.dll - ok
21:02:48.0390 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportGP\baseline\msvcr80.dll - ok
21:02:48.0390 4072  [ 8DDCC5CB606133D914430841CAD180FA ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll - ok
21:02:48.0390 4072  [ B7E3E9D97C0E11EEA30C8B305A38B087 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\RapportVB.dll - ok
21:02:48.0390 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcp80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcp80.dll - ok
21:02:48.0390 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcr80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportVB\baseline\msvcr80.dll - ok
21:02:48.0390 4072  [ B170C933C71C439AE44DD0865B01D04D ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\TanzanLight.dll - ok
21:02:48.0390 4072  [ 7B41A8D9A0060F758C71EB6CF84FC7EB ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcp80.dll - ok
21:02:48.0390 4072  [ 7A42A7679010D34C676B81B4038A6AD5 ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\msvcr80.dll - ok
21:02:48.0390 4072  [ 1C7AA32AB502ED57B9A7A857E181C0ED ] C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll
21:02:48.0390 4072  C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\TanzanLight\baseline\atl80.dll - ok
21:02:48.0406 4072  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] C:\WINDOWS\system32\WudfSvc.dll
21:02:48.0406 4072  C:\WINDOWS\system32\WudfSvc.dll - ok
21:02:48.0406 4072  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
21:02:48.0406 4072  C:\WINDOWS\system32\cscdll.dll - ok
21:02:48.0406 4072  [ 708E6997420592E033CF01B60E6E4223 ] C:\WINDOWS\system32\WudfPlatform.dll
21:02:48.0406 4072  C:\WINDOWS\system32\WudfPlatform.dll - ok
21:02:48.0406 4072  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
21:02:48.0406 4072  C:\WINDOWS\system32\dimsntfy.dll - ok
21:02:48.0406 4072  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
21:02:48.0406 4072  C:\WINDOWS\system32\wlnotify.dll - ok
21:02:48.0406 4072  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
21:02:48.0406 4072  C:\WINDOWS\system32\winspool.drv - ok
21:02:48.0406 4072  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
21:02:48.0406 4072  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
21:02:48.0406 4072  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
21:02:48.0406 4072  C:\WINDOWS\system32\dhcpcsvc.dll - ok
21:02:48.0406 4072  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
21:02:48.0406 4072  C:\WINDOWS\system32\dnsrslvr.dll - ok
21:02:48.0406 4072  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
21:02:48.0406 4072  C:\WINDOWS\system32\cscui.dll - ok
21:02:48.0406 4072  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
21:02:48.0406 4072  C:\WINDOWS\system32\lmhsvc.dll - ok
21:02:48.0421 4072  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
21:02:48.0421 4072  C:\WINDOWS\system32\powrprof.dll - ok
21:02:48.0421 4072  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
21:02:48.0421 4072  C:\WINDOWS\system32\wzcsvc.dll - ok
21:02:48.0421 4072  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
21:02:48.0421 4072  C:\WINDOWS\system32\dpcdll.dll - ok
21:02:48.0421 4072  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
21:02:48.0421 4072  C:\WINDOWS\system32\rtutils.dll - ok
21:02:48.0421 4072  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
21:02:48.0421 4072  C:\WINDOWS\system32\eapolqec.dll - ok
21:02:48.0421 4072  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
21:02:48.0421 4072  C:\WINDOWS\system32\wmi.dll - ok
21:02:48.0421 4072  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
21:02:48.0421 4072  C:\WINDOWS\system32\atl.dll - ok
21:02:48.0421 4072  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
21:02:48.0421 4072  C:\WINDOWS\system32\dot3api.dll - ok
21:02:48.0421 4072  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
21:02:48.0421 4072  C:\WINDOWS\system32\esent.dll - ok
21:02:48.0421 4072  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
21:02:48.0421 4072  C:\WINDOWS\system32\qutil.dll - ok
21:02:48.0437 4072  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
21:02:48.0437 4072  C:\WINDOWS\system32\userinit.exe - ok
21:02:48.0437 4072  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
21:02:48.0437 4072  C:\WINDOWS\explorer.exe - ok
21:02:48.0437 4072  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
21:02:48.0437 4072  C:\WINDOWS\system32\rastls.dll - ok
21:02:48.0437 4072  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
21:02:48.0437 4072  C:\WINDOWS\system32\cryptui.dll - ok
21:02:48.0437 4072  [ 81BC2B7B6C5C46EB31DEDAC66548053E ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
21:02:48.0437 4072  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
21:02:48.0437 4072  [ 41735B82DB57E4EBE9504EC400FD120E ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:02:48.0437 4072  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
21:02:48.0437 4072  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
21:02:48.0437 4072  C:\WINDOWS\system32\browseui.dll - ok
21:02:48.0437 4072  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
21:02:48.0437 4072  C:\WINDOWS\system32\mprapi.dll - ok
21:02:48.0437 4072  [ 35868C1F8B1BFF5CA1F957E3548A96FC ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
21:02:48.0437 4072  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
21:02:48.0453 4072  [ 4021AEBD765FBFD22E5E7B21FB0E9549 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
21:02:48.0453 4072  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
21:02:48.0453 4072  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
21:02:48.0453 4072  C:\WINDOWS\system32\activeds.dll - ok
21:02:48.0453 4072  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
21:02:48.0453 4072  C:\WINDOWS\system32\adsldpc.dll - ok
21:02:48.0453 4072  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
21:02:48.0453 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
21:02:48.0453 4072  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
21:02:48.0453 4072  C:\WINDOWS\system32\rasapi32.dll - ok
21:02:48.0453 4072  [ C896F6270EC20A60799298B423D5F58B ] C:\WINDOWS\system32\shdocvw.dll
21:02:48.0453 4072  C:\WINDOWS\system32\shdocvw.dll - ok
21:02:48.0453 4072  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
21:02:48.0453 4072  C:\WINDOWS\system32\rasman.dll - ok
21:02:48.0453 4072  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
21:02:48.0453 4072  C:\WINDOWS\system32\tapi32.dll - ok
21:02:48.0453 4072  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
21:02:48.0453 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
21:02:48.0453 4072  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
21:02:48.0453 4072  C:\WINDOWS\system32\riched20.dll - ok
21:02:48.0468 4072  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
21:02:48.0468 4072  C:\WINDOWS\system32\raschap.dll - ok
21:02:48.0468 4072  [ E9CE9F8CD76B81B1CE5C9F3F58D0591A ] C:\Program Files\AVAST Software\Avast\ashBase.dll
21:02:48.0468 4072  C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
21:02:48.0468 4072  [ FFF65CA2746E1FA5673D2BF2CC706955 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
21:02:48.0468 4072  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
21:02:48.0468 4072  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
21:02:48.0468 4072  C:\WINDOWS\system32\netman.dll - ok
21:02:48.0468 4072  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
21:02:48.0468 4072  C:\WINDOWS\system32\netshell.dll - ok
21:02:48.0468 4072  [ 47742160BBC1B66D0CB09AA45F907540 ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
21:02:48.0468 4072  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
21:02:48.0468 4072  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
21:02:48.0468 4072  C:\WINDOWS\system32\dbghelp.dll - ok
21:02:48.0468 4072  [ 0127F0E5C76C1C02842952DD7B38157A ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
21:02:48.0468 4072  C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
21:02:48.0468 4072  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
21:02:48.0468 4072  C:\WINDOWS\system32\winhttp.dll - ok
21:02:48.0468 4072  [ 1BE8D8DCCEBD1174BCC22D0BC575C237 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
21:02:48.0468 4072  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
21:02:48.0484 4072  [ 3B8707AC8BB05CD0D4D96333D4411EE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
21:02:48.0484 4072  [ 8588D68F3A51C147EA8019E496F805EB ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
21:02:48.0484 4072  [ FD639FEEE160F399DB58A3FDB2E0DF4D ] C:\Program Files\AVAST Software\Avast\aswAux.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
21:02:48.0484 4072  [ 31472162FB12CFE31226343FDEE94318 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
21:02:48.0484 4072  [ 720B5083FC3037150801504F9ECA1591 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
21:02:48.0484 4072  [ 129D3C6FF2E0C60FBD757C63C72F15B8 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
21:02:48.0484 4072  [ F5FEDB7D35E030A2DACD40FB3245C765 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
21:02:48.0484 4072  [ 482310DD75538EB321210FF1E2538C72 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
21:02:48.0484 4072  [ 1650A06EB48C18969057761AFCCBF001 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
21:02:48.0484 4072  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
21:02:48.0484 4072  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
21:02:48.0484 4072  C:\WINDOWS\system32\credui.dll - ok
21:02:48.0484 4072  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
21:02:48.0484 4072  C:\WINDOWS\system32\dot3dlg.dll - ok
21:02:48.0500 4072  [ 682F67B86B4F586D813BACA7A0AA06A7 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
21:02:48.0500 4072  C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
21:02:48.0500 4072  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
21:02:48.0500 4072  C:\WINDOWS\system32\onex.dll - ok
21:02:48.0500 4072  [ EB6613261E287A8B9783C9C8B7F118F8 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
21:02:48.0500 4072  C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
21:02:48.0500 4072  [ 20EEC2605DC89048E9989FE8D73E26BD ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
21:02:48.0500 4072  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
21:02:48.0500 4072  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
21:02:48.0500 4072  C:\WINDOWS\system32\eappcfg.dll - ok
21:02:48.0500 4072  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
21:02:48.0500 4072  C:\WINDOWS\system32\eappprxy.dll - ok
21:02:48.0500 4072  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
21:02:48.0500 4072  C:\WINDOWS\system32\wzcsapi.dll - ok
21:02:48.0500 4072  [ 56DEC67E273BA88A630C4B7B29D9D7BB ] C:\Program Files\AVAST Software\Avast\ashShell.dll
21:02:48.0500 4072  C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
21:02:48.0500 4072  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
21:02:48.0500 4072  C:\WINDOWS\system32\schedsvc.dll - ok
21:02:48.0500 4072  [ D1F4EF194A129726FBF30E2F514824AA ] C:\Documents and Settings\Colorado Protection\Application Data\Dropbox\bin\DropboxExt.17.dll
21:02:48.0500 4072  C:\Documents and Settings\Colorado Protection\Application Data\Dropbox\bin\DropboxExt.17.dll - ok
21:02:48.0515 4072  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
21:02:48.0515 4072  C:\WINDOWS\system32\msidle.dll - ok
21:02:48.0515 4072  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
21:02:48.0515 4072  C:\WINDOWS\system32\spoolsv.exe - ok
21:02:48.0515 4072  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
21:02:48.0515 4072  C:\WINDOWS\system32\audiosrv.dll - ok
21:02:48.0515 4072  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
21:02:48.0515 4072  C:\WINDOWS\system32\wkssvc.dll - ok
21:02:48.0515 4072  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
21:02:48.0515 4072  C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
21:02:48.0515 4072  [ 73A720073843EDB55D7E67C42E846BE8 ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswEngin.dll
21:02:48.0515 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswEngin.dll - ok
21:02:48.0515 4072  [ 64790077F7574E0EB97F3CD2C7B46796 ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnIS.dll
21:02:48.0515 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnIS.dll - ok
21:02:48.0515 4072  [ 09C5CB1DEEFFB23C29FDF135C70E506E ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnOS.dll
21:02:48.0515 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnOS.dll - ok
21:02:48.0515 4072  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
21:02:48.0515 4072  C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
21:02:48.0515 4072  [ 3E573496112D62DFCCE4E0D745E6D1DD ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnBS.dll
21:02:48.0515 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswCmnBS.dll - ok
21:02:48.0531 4072  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
21:02:48.0531 4072  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
21:02:48.0531 4072  C:\WINDOWS\system32\wdmaud.drv - ok
21:02:48.0531 4072  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
21:02:48.0531 4072  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
21:02:48.0531 4072  C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
21:02:48.0531 4072  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\splitter.sys - ok
21:02:48.0531 4072  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\aec.sys - ok
21:02:48.0531 4072  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
21:02:48.0531 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
21:02:48.0531 4072  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\dmusic.sys - ok
21:02:48.0531 4072  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\swmidi.sys - ok
21:02:48.0531 4072  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
21:02:48.0531 4072  C:\WINDOWS\system32\drivers\kmixer.sys - ok
21:02:48.0546 4072  [ B04ABC47319CB3C808A3A5525F2F3F2F ] C:\Program Files\real\RealUpgrade\realupgrade.exe
21:02:48.0546 4072  C:\Program Files\real\RealUpgrade\realupgrade.exe - ok
21:02:48.0546 4072  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
21:02:48.0546 4072  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
21:02:48.0546 4072  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
21:02:48.0546 4072  C:\WINDOWS\system32\desk.cpl - ok
21:02:48.0546 4072  [ F4B53E84EBD4EDC4938E9B40B583D6FE ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswScan.dll
21:02:48.0546 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswScan.dll - ok
21:02:48.0546 4072  [ D1C8ADF4140E20B9D575A7763F2902AD ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
21:02:48.0546 4072  C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
21:02:48.0546 4072  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
21:02:48.0546 4072  C:\WINDOWS\system32\msacm32.drv - ok
21:02:48.0546 4072  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
21:02:48.0546 4072  C:\WINDOWS\system32\midimap.dll - ok
21:02:48.0546 4072  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
21:02:48.0546 4072  C:\WINDOWS\system32\themeui.dll - ok
21:02:48.0546 4072  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
21:02:48.0546 4072  C:\WINDOWS\system32\msvcr100.dll - ok
21:02:48.0546 4072  [ 32ED62D8C410117E09B0B7CA44FC4456 ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswRep.dll
21:02:48.0546 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswRep.dll - ok
21:02:48.0562 4072  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
21:02:48.0562 4072  C:\WINDOWS\system32\actxprxy.dll - ok
21:02:48.0562 4072  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
21:02:48.0562 4072  C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
21:02:48.0562 4072  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
21:02:48.0562 4072  C:\WINDOWS\system32\msvcp100.dll - ok
21:02:48.0562 4072  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
21:02:48.0562 4072  C:\WINDOWS\system32\msxml3.dll - ok
21:02:48.0562 4072  [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswFiDb.dll
21:02:48.0562 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswFiDb.dll - ok
21:02:48.0562 4072  [ 9930863F3FDD34690A4BA44FE590E00A ] C:\Program Files\RealNetworks\RealDownloader\Common\hxmedpltfm.dll
21:02:48.0562 4072  C:\Program Files\RealNetworks\RealDownloader\Common\hxmedpltfm.dll - ok
21:02:48.0562 4072  [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
21:02:48.0562 4072  C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
21:02:48.0562 4072  [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WIFD1F~1\MpShHook.dll
21:02:48.0562 4072  C:\PROGRA~1\WIFD1F~1\MpShHook.dll - ok
21:02:48.0562 4072  [ 6A9F5001D8ABC421F05E0344DFFA547E ] C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll
21:02:48.0562 4072  C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll - ok
21:02:48.0562 4072  [ DF5A5630739165BF89B624E1E8DB4780 ] C:\Program Files\AVAST Software\Avast\defs\13050801\algo.dll
21:02:48.0562 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\algo.dll - ok
21:02:48.0578 4072  [ CE7BE19BC7C695776607044E22DFC0C1 ] C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll
21:02:48.0578 4072  C:\Program Files\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll - ok
21:02:48.0578 4072  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
21:02:48.0578 4072  C:\WINDOWS\system32\cmd.exe - ok
21:02:48.0578 4072  [ 903FF9BA73E379237C0EDDDA8F17168C ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
21:02:48.0578 4072  C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
21:02:48.0578 4072  [ A2180B455AE266D66F38634DE018E7CE ] C:\WINDOWS\system32\ieframe.dll
21:02:48.0578 4072  C:\WINDOWS\system32\ieframe.dll - ok
21:02:48.0578 4072  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
21:02:48.0578 4072  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
21:02:48.0578 4072  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
21:02:48.0578 4072  C:\WINDOWS\system32\webclnt.dll - ok
21:02:48.0578 4072  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
21:02:48.0578 4072  C:\WINDOWS\system32\drivers\parport.sys - ok
21:02:48.0578 4072  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
21:02:48.0578 4072  C:\WINDOWS\system32\drivers\serial.sys - ok
21:02:48.0578 4072  [ ABE9ED5FBA84FB5E07A3C7CD58DA4961 ] C:\Program Files\Backblaze\bzserv.exe
21:02:48.0578 4072  C:\Program Files\Backblaze\bzserv.exe - ok
21:02:48.0578 4072  [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Program Files\Backblaze\msvcr100.dll
21:02:48.0578 4072  C:\Program Files\Backblaze\msvcr100.dll - ok
21:02:48.0593 4072  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:48.0593 4072  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:02:48.0593 4072  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
21:02:48.0593 4072  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
21:02:48.0593 4072  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
21:02:48.0593 4072  C:\WINDOWS\system32\mscoree.dll - ok
21:02:48.0593 4072  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
21:02:48.0593 4072  C:\WINDOWS\system32\cryptsvc.dll - ok
21:02:48.0593 4072  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
21:02:48.0593 4072  C:\WINDOWS\system32\certcli.dll - ok
21:02:48.0593 4072  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
21:02:48.0593 4072  C:\WINDOWS\system32\es.dll - ok
21:02:48.0593 4072  [ 9513B437B7ADB1E6065B7F0D83D11ECF ] C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
21:02:48.0593 4072  C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe - ok
21:02:48.0593 4072  [ BA7A14CE488EC33BC3CF19AA1574D1EE ] C:\Program Files\Seagate\SeagateManager\Sync\STXDEVIF.dll
21:02:48.0593 4072  C:\Program Files\Seagate\SeagateManager\Sync\STXDEVIF.dll - ok
21:02:48.0593 4072  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
21:02:48.0593 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
21:02:48.0593 4072  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
21:02:48.0593 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
21:02:48.0609 4072  [ 06E9F58208A5CC2A2F7231E0BD8AF6E2 ] C:\Program Files\Seagate\SeagateManager\Encryption\SFEConfiguration.dll
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Encryption\SFEConfiguration.dll - ok
21:02:48.0609 4072  [ 277C753EEB845D8556809079155F8CF9 ] C:\Program Files\Seagate\SeagateManager\Encryption\SFECopier.dll
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Encryption\SFECopier.dll - ok
21:02:48.0609 4072  [ 77EB21801462857CFD843DFFDDA9895E ] C:\Program Files\Seagate\SeagateManager\Encryption\SFECrypto.dll
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Encryption\SFECrypto.dll - ok
21:02:48.0609 4072  [ A145B4126F6BBB25A34BBBA9DC90DA4A ] C:\Program Files\Seagate\SeagateManager\Encryption\SFEPassword.dll
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Encryption\SFEPassword.dll - ok
21:02:48.0609 4072  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
21:02:48.0609 4072  C:\WINDOWS\system32\ersvc.dll - ok
21:02:48.0609 4072  [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe
21:02:48.0609 4072  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
21:02:48.0609 4072  [ 2A554B759EC7FA76B72D38CBC549DEF2 ] C:\Program Files\Seagate\SeagateManager\Backup\MaxBackServiceInt.exe
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Backup\MaxBackServiceInt.exe - ok
21:02:48.0609 4072  [ 0756EE69E0B87190253CC54A20F89CD8 ] C:\Program Files\Seagate\SeagateManager\Backup\STXDEVIF.dll
21:02:48.0609 4072  C:\Program Files\Seagate\SeagateManager\Backup\STXDEVIF.dll - ok
21:02:48.0609 4072  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
21:02:48.0609 4072  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
21:02:48.0625 4072  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
21:02:48.0625 4072  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
21:02:48.0625 4072  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
21:02:48.0625 4072  C:\WINDOWS\system32\hid.dll - ok
21:02:48.0625 4072  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
21:02:48.0625 4072  C:\WINDOWS\system32\hidserv.dll - ok
21:02:48.0625 4072  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
21:02:48.0625 4072  C:\WINDOWS\system32\cryptnet.dll - ok
21:02:48.0625 4072  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
21:02:48.0625 4072  C:\WINDOWS\system32\sensapi.dll - ok
21:02:48.0625 4072  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
21:02:48.0625 4072  C:\WINDOWS\system32\srvsvc.dll - ok
21:02:48.0625 4072  [ DF446BA625CC441617843E87798CE048 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:02:48.0625 4072  C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
21:02:48.0625 4072  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:02:48.0625 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
21:02:48.0625 4072  [ C83C0791FC7FA3CBE9BE2825B8A47EAF ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
21:02:48.0625 4072  C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
21:02:48.0625 4072  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
21:02:48.0625 4072  C:\WINDOWS\system32\netmsg.dll - ok
21:02:48.0640 4072  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
21:02:48.0640 4072  C:\WINDOWS\system32\drivers\srv.sys - ok
21:02:48.0640 4072  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
21:02:48.0640 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
21:02:48.0640 4072  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
21:02:48.0640 4072  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
21:02:48.0640 4072  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
21:02:48.0640 4072  C:\WINDOWS\system32\mstask.dll - ok
21:02:48.0640 4072  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
21:02:48.0640 4072  C:\WINDOWS\system32\cabinet.dll - ok
21:02:48.0640 4072  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
21:02:48.0640 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
21:02:48.0640 4072  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
21:02:48.0640 4072  C:\WINDOWS\system32\spoolss.dll - ok
21:02:48.0640 4072  [ A7E408134B47266E64F83C4DBA1EEA6C ] C:\Program Files\Seagate\SeagateManager\Sync\synconf.dll
21:02:48.0640 4072  C:\Program Files\Seagate\SeagateManager\Sync\synconf.dll - ok
21:02:48.0640 4072  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
21:02:48.0640 4072  C:\WINDOWS\system32\localspl.dll - ok
21:02:48.0640 4072  [ F100EE264165CAC6A784A313D47A2819 ] C:\WINDOWS\system32\AdobePDF.dll
21:02:48.0640 4072  C:\WINDOWS\system32\AdobePDF.dll - ok
21:02:48.0640 4072  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
21:02:48.0640 4072  C:\WINDOWS\system32\msvcr71.dll - ok
21:02:48.0656 4072  [ C32E446EF72D89B592AB030F48596ACC ] C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll
21:02:48.0656 4072  C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll - ok
21:02:48.0656 4072  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\cnbjmon.dll - ok
21:02:48.0656 4072  [ B373075CC1C45C1A8F3147088E85BB15 ] C:\WINDOWS\system32\cpwmon2k.dll
21:02:48.0656 4072  C:\WINDOWS\system32\cpwmon2k.dll - ok
21:02:48.0656 4072  [ 95647F820CBC025676D7B407E2BCFBE6 ] C:\WINDOWS\system32\mdimon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\mdimon.dll - ok
21:02:48.0656 4072  [ BE3CD116130174657EAD2731AB3DAA5D ] C:\WINDOWS\system32\hpz3l5ha.dll
21:02:48.0656 4072  C:\WINDOWS\system32\hpz3l5ha.dll - ok
21:02:48.0656 4072  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\pjlmon.dll - ok
21:02:48.0656 4072  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\msonpmon.dll - ok
21:02:48.0656 4072  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\tcpmon.dll - ok
21:02:48.0656 4072  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
21:02:48.0656 4072  C:\WINDOWS\system32\usbmon.dll - ok
21:02:48.0656 4072  [ 75BF87E542C1368DBD6768AE6E6ED507 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll
21:02:48.0656 4072  C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
21:02:48.0671 4072  [ 4424AE65F7AF8181AC99FE46BC2700C9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
21:02:48.0671 4072  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
21:02:48.0671 4072  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
21:02:48.0671 4072  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
21:02:48.0671 4072  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
21:02:48.0671 4072  C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
21:02:48.0671 4072  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
21:02:48.0671 4072  C:\WINDOWS\system32\win32spl.dll - ok
21:02:48.0671 4072  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
21:02:48.0671 4072  C:\WINDOWS\system32\netrap.dll - ok
21:02:48.0671 4072  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
21:02:48.0671 4072  C:\WINDOWS\system32\inetpp.dll - ok
21:02:48.0671 4072  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:02:48.0671 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
21:02:48.0671 4072  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
21:02:48.0671 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
21:02:48.0671 4072  [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:02:48.0671 4072  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
21:02:48.0687 4072  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
21:02:48.0687 4072  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
21:02:48.0687 4072  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
21:02:48.0687 4072  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
21:02:48.0687 4072  [ 19715A9A573DAD2521348ABC74266A48 ] C:\WINDOWS\system32\HPZinw12.dll
21:02:48.0687 4072  C:\WINDOWS\system32\HPZinw12.dll - ok
21:02:48.0687 4072  [ E2FCBF957405AC17668C7DACCE537F1E ] C:\WINDOWS\system32\nvsvc32.exe
21:02:48.0687 4072  C:\WINDOWS\system32\nvsvc32.exe - ok
21:02:48.0687 4072  [ 5F0B1F12FC09C8A678E17B00B9056FAE ] C:\WINDOWS\system32\nvcpl.dll
21:02:48.0687 4072  C:\WINDOWS\system32\nvcpl.dll - ok
21:02:48.0687 4072  [ B36CD3F2ECA751C0CA8B8868BD1C5449 ] C:\WINDOWS\system32\HPZipm12.dll
21:02:48.0687 4072  C:\WINDOWS\system32\HPZipm12.dll - ok
21:02:48.0687 4072  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
21:02:48.0687 4072  C:\WINDOWS\system32\ipsecsvc.dll - ok
21:02:48.0687 4072  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
21:02:48.0687 4072  C:\WINDOWS\system32\fltlib.dll - ok
21:02:48.0687 4072  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
21:02:48.0687 4072  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok
21:02:48.0687 4072  [ 4AE04D9608F272F3F468B34F2F1329E5 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
21:02:48.0687 4072  C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
21:02:48.0703 4072  [ 94868FC1295C8B76B8D45C1F44D9F653 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
21:02:48.0703 4072  C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
21:02:48.0703 4072  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
21:02:48.0703 4072  C:\WINDOWS\system32\oakley.dll - ok
21:02:48.0703 4072  [ DEA9DFD3E83F48D7005E066011D340F7 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
21:02:48.0703 4072  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
21:02:48.0703 4072  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
21:02:48.0703 4072  C:\WINDOWS\system32\winipsec.dll - ok
21:02:48.0703 4072  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
21:02:48.0703 4072  C:\WINDOWS\system32\msvcp71.dll - ok
21:02:48.0703 4072  [ C03EC02F6C9F492293D78F850E2E48FC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
21:02:48.0703 4072  C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
21:02:48.0703 4072  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
21:02:48.0703 4072  C:\WINDOWS\system32\pstorsvc.dll - ok
21:02:48.0703 4072  [ 15D7A4070D2B52D2EEA8D99E551E9E53 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
21:02:48.0703 4072  C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
21:02:48.0703 4072  [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
21:02:48.0703 4072  C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
21:02:48.0703 4072  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
21:02:48.0703 4072  C:\WINDOWS\system32\psbase.dll - ok
21:02:48.0718 4072  [ A46789AD5F3A85470F898B15D5C056BD ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
21:02:48.0718 4072  [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
21:02:48.0718 4072  C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
21:02:48.0718 4072  [ B2D91A72C78D27D9A25FFF8BAF6EB2F4 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
21:02:48.0718 4072  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
21:02:48.0718 4072  C:\WINDOWS\system32\dssenh.dll - ok
21:02:48.0718 4072  [ 39F39B23969512842F6A6D259E68FF11 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
21:02:48.0718 4072  [ AAC3C0194EEBA939E18590411130CF43 ] C:\Program Files\AVAST Software\Avast\defs\13050801\ArPot.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\ArPot.dll - ok
21:02:48.0718 4072  [ 2C8F7A0B6D023C6DD817E999528F2F98 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
21:02:48.0718 4072  [ AF718FFE60D958E590AF49C4FC3BD6A6 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
21:02:48.0718 4072  [ 9C70887708A7C88D20DD215AC5AA757F ] C:\Program Files\AVAST Software\Avast\libeay32.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
21:02:48.0718 4072  [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13050801\exts.dll
21:02:48.0718 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\exts.dll - ok
21:02:48.0734 4072  [ C339473B25526F866DBB21425F3D8F3A ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
21:02:48.0734 4072  C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
21:02:48.0734 4072  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
21:02:48.0734 4072  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
21:02:48.0734 4072  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
21:02:48.0734 4072  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
21:02:48.0734 4072  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
21:02:48.0734 4072  C:\WINDOWS\system32\security.dll - ok
21:02:48.0734 4072  [ 2FFBCD4394E60013EAF45427EC4E6A1E ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswAR.dll
21:02:48.0734 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswAR.dll - ok
21:02:48.0734 4072  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
21:02:48.0734 4072  C:\WINDOWS\system32\wlanapi.dll - ok
21:02:48.0734 4072  [ DF7A5058504EE982914A3C24676F4485 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
21:02:48.0734 4072  C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
21:02:48.0734 4072  [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\AVAST Software\Avast\defs\13050801\aswRawFS.dll
21:02:48.0734 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\aswRawFS.dll - ok
21:02:48.0734 4072  [ 9D2680936DA1CB440E34482C6CAD9098 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
21:02:48.0734 4072  C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
21:02:48.0734 4072  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
21:02:48.0734 4072  C:\WINDOWS\system32\rasdlg.dll - ok
21:02:48.0750 4072  [ 112EEF699F3E5EFBE13EDDB50AEDE249 ] C:\Program Files\AVAST Software\Avast\defs\13050801\swhealthex.dll
21:02:48.0750 4072  C:\Program Files\AVAST Software\Avast\defs\13050801\swhealthex.dll - ok
21:02:48.0750 4072  [ A17CF34972FB570DB6269F5C1009000B ] C:\WINDOWS\system32\nvapi.dll
21:02:48.0750 4072  C:\WINDOWS\system32\nvapi.dll - ok
21:02:48.0750 4072  [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
21:02:48.0750 4072  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
21:02:48.0750 4072  [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
21:02:48.0750 4072  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok
21:02:48.0750 4072  [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll
21:02:48.0750 4072  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok
21:02:48.0750 4072  [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll
21:02:48.0750 4072  C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok
21:02:48.0750 4072  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
21:02:48.0750 4072  C:\WINDOWS\system32\msxml4.dll - ok
21:02:48.0750 4072  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
21:02:48.0750 4072  C:\WINDOWS\system32\seclogon.dll - ok
21:02:48.0750 4072  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
21:02:48.0750 4072  C:\WINDOWS\system32\sens.dll - ok
21:02:48.0750 4072  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
21:02:48.0750 4072  C:\Program Files\Skype\Updater\Updater.exe - ok
21:02:48.0765 4072  [ 44B1C057B30890C55FB6F4C1582E8522 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
21:02:48.0765 4072  C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
21:02:48.0765 4072  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
21:02:48.0765 4072  C:\WINDOWS\system32\rundll32.exe - ok
21:02:48.0765 4072  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
21:02:48.0765 4072  C:\WINDOWS\system32\srsvc.dll - ok
21:02:48.0765 4072  [ 37F339B64F19E2775284ED7161B96683 ] C:\Program Files\Zune\ZuneBusEnum.exe
21:02:48.0765 4072  C:\Program Files\Zune\ZuneBusEnum.exe - ok
21:02:48.0765 4072  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
21:02:48.0765 4072  C:\WINDOWS\system32\termsrv.dll - ok
21:02:48.0765 4072  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
21:02:48.0765 4072  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
21:02:48.0765 4072  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
21:02:48.0765 4072  C:\WINDOWS\system32\wiaservc.dll - ok
21:02:48.0765 4072  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
21:02:48.0765 4072  C:\WINDOWS\system32\icaapi.dll - ok
21:02:48.0765 4072  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
21:02:48.0765 4072  C:\WINDOWS\system32\cfgmgr32.dll - ok
21:02:48.0765 4072  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
21:02:48.0765 4072  C:\WINDOWS\system32\vssapi.dll - ok
21:02:48.0781 4072  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
21:02:48.0781 4072  C:\WINDOWS\system32\mscms.dll - ok
21:02:48.0781 4072  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
21:02:48.0781 4072  C:\WINDOWS\system32\mstlsapi.dll - ok
21:02:48.0781 4072  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
21:02:48.0781 4072  C:\WINDOWS\system32\wuauserv.dll - ok
21:02:48.0781 4072  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
21:02:48.0781 4072  C:\WINDOWS\system32\wuaueng.dll - ok
21:02:48.0781 4072  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
21:02:48.0781 4072  C:\WINDOWS\system32\mspatcha.dll - ok
21:02:48.0781 4072  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
21:02:48.0781 4072  C:\WINDOWS\system32\xmllite.dll - ok
21:02:48.0781 4072  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
21:02:48.0781 4072  C:\WINDOWS\system32\trkwks.dll - ok
21:02:48.0781 4072  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
21:02:48.0781 4072  C:\WINDOWS\system32\wups.dll - ok
21:02:48.0781 4072  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
21:02:48.0781 4072  C:\WINDOWS\system32\wups2.dll - ok
21:02:48.0781 4072  [ 9B6CBB8C9BEB0E250A5983C41756D76C ] C:\WINDOWS\system32\hpowiax5.dll
21:02:48.0781 4072  C:\WINDOWS\system32\hpowiax5.dll - ok
21:02:48.0781 4072  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
21:02:48.0781 4072  C:\WINDOWS\system32\comsvcs.dll - ok
21:02:48.0796 4072  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
21:02:48.0796 4072  C:\WINDOWS\system32\colbact.dll - ok
21:02:48.0796 4072  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
21:02:48.0796 4072  C:\WINDOWS\system32\mtxclu.dll - ok
21:02:48.0796 4072  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
21:02:48.0796 4072  C:\WINDOWS\system32\clusapi.dll - ok
21:02:48.0796 4072  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
21:02:48.0796 4072  C:\WINDOWS\system32\resutils.dll - ok
21:02:48.0796 4072  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
21:02:48.0796 4072  C:\WINDOWS\system32\wuauclt.exe - ok
21:02:48.0796 4072  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\COLORA~1\LOCALS~1\temp\C3A81626-8661-4692-BA9F-217E985543A7.exe
21:02:48.0796 4072  C:\DOCUME~1\COLORA~1\LOCALS~1\temp\C3A81626-8661-4692-BA9F-217E985543A7.exe - ok
21:02:48.0796 4072  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
21:02:48.0796 4072  C:\WINDOWS\system32\msctf.dll - ok
21:02:48.0796 4072  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
21:02:48.0796 4072  C:\WINDOWS\system32\msutb.dll - ok
21:02:48.0796 4072  [ E8A3670314B3DDFE6DD18C4B501A9476 ] C:\Program Files\Windows Desktop Search\deskbar.dll
21:02:48.0796 4072  C:\Program Files\Windows Desktop Search\deskbar.dll - ok
21:02:48.0796 4072  [ 2A0B76FCC5138AC0321A01766C980387 ] C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui
21:02:48.0796 4072  C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui - ok
21:02:48.0812 4072  [ F2ECE68ACF2C051EFFB305708C3AEFA9 ] C:\Program Files\Windows Desktop Search\dbres.dll
21:02:48.0812 4072  C:\Program Files\Windows Desktop Search\dbres.dll - ok
21:02:48.0812 4072  [ B5B27B057B97A947C31B41F0EF3B4D44 ] C:\Program Files\Windows Desktop Search\wordwheel.dll
21:02:48.0812 4072  C:\Program Files\Windows Desktop Search\wordwheel.dll - ok
21:02:48.0812 4072  [ 0E28E671281EBF1F1F8FE093D2BD4A7B ] C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui
21:02:48.0812 4072  C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui - ok
21:02:48.0812 4072  [ 2996FAECA864EE4938AA247B2386A69B ] C:\Program Files\Windows Desktop Search\MSNLExtRes.dll
21:02:48.0812 4072  C:\Program Files\Windows Desktop Search\MSNLExtRes.dll - ok
21:02:48.0812 4072  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
21:02:48.0812 4072  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
21:02:48.0812 4072  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
21:02:48.0812 4072  C:\WINDOWS\system32\linkinfo.dll - ok
21:02:48.0812 4072  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
21:02:48.0812 4072  C:\WINDOWS\system32\ntshrui.dll - ok
21:02:48.0812 4072  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
21:02:48.0812 4072  C:\WINDOWS\system32\wbem\esscli.dll - ok
21:02:48.0812 4072  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
21:02:48.0812 4072  C:\WINDOWS\system32\verclsid.exe - ok
21:02:48.0812 4072  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
21:02:48.0812 4072  C:\WINDOWS\system32\wbem\fastprox.dll - ok
21:02:48.0828 4072  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
21:02:48.0828 4072  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
21:02:48.0828 4072  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
21:02:48.0828 4072  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
21:02:48.0828 4072  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
21:02:48.0828 4072  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
21:02:48.0828 4072  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
21:02:48.0828 4072  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
21:02:48.0828 4072  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
21:02:48.0828 4072  C:\WINDOWS\system32\browser.dll - ok
21:02:48.0828 4072  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
21:02:48.0828 4072  C:\WINDOWS\system32\webcheck.dll - ok
21:02:48.0828 4072  [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
21:02:48.0828 4072  C:\WINDOWS\system32\searchindexer.exe - ok
21:02:48.0828 4072  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
21:02:48.0828 4072  C:\WINDOWS\system32\ipnathlp.dll - ok
21:02:48.0828 4072  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
21:02:48.0828 4072  C:\WINDOWS\system32\mlang.dll - ok
21:02:48.0828 4072  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
21:02:48.0828 4072  C:\WINDOWS\system32\stobject.dll - ok
21:02:48.0828 4072  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
21:02:48.0828 4072  C:\WINDOWS\system32\batmeter.dll - ok
21:02:48.0843 4072  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\wpdshserviceobj.dll
21:02:48.0843 4072  C:\WINDOWS\system32\wpdshserviceobj.dll - ok
21:02:48.0843 4072  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
21:02:48.0843 4072  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
21:02:48.0843 4072  [ DFB820B5225E9227113122B5B64F4FEA ] C:\Program Files\FileZilla Client\fzshellext.dll
21:02:48.0843 4072  C:\Program Files\FileZilla Client\fzshellext.dll - ok
21:02:48.0843 4072  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
21:02:48.0843 4072  C:\WINDOWS\system32\wscsvc.dll - ok
21:02:48.0843 4072  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
21:02:48.0843 4072  C:\WINDOWS\system32\mydocs.dll - ok
21:02:48.0843 4072  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
21:02:48.0843 4072  C:\WINDOWS\system32\wbem\wbemess.dll - ok
21:02:48.0843 4072  [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
21:02:48.0843 4072  C:\WINDOWS\system32\tquery.dll - ok
21:02:48.0843 4072  [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
21:02:48.0843 4072  C:\WINDOWS\system32\propsys.dll - ok
21:02:48.0843 4072  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
21:02:48.0843 4072  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
21:02:48.0843 4072  [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
21:02:48.0843 4072  C:\WINDOWS\system32\mssrch.dll - ok
21:02:48.0859 4072  [ 3080FDE0A83B388B87DA94E10E6764BA ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll
21:02:48.0859 4072  C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok
21:02:48.0859 4072  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
21:02:48.0859 4072  C:\WINDOWS\system32\upnp.dll - ok
21:02:48.0859 4072  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\01117134.sys
21:02:48.0859 4072  C:\WINDOWS\system32\drivers\01117134.sys - ok
21:02:48.0859 4072  [ 378894E833489C07AAE541BE974CB59B ] C:\WINDOWS\system32\DLAAPI_W.DLL
21:02:48.0859 4072  C:\WINDOWS\system32\DLAAPI_W.DLL - ok
21:02:48.0859 4072  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
21:02:48.0859 4072  C:\WINDOWS\system32\ssdpapi.dll - ok
21:02:48.0859 4072  [ 34DB287373333A7B1C6C451BE6F5D321 ] C:\WINDOWS\system32\cdrtc.dll
21:02:48.0859 4072  C:\WINDOWS\system32\cdrtc.dll - ok
21:02:48.0859 4072  [ 9A7B2AB99D908CAFAFFD128C27C08ADB ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL
21:02:48.0859 4072  C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok
21:02:48.0859 4072  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\portabledevicetypes.dll
21:02:48.0859 4072  C:\WINDOWS\system32\portabledevicetypes.dll - ok
21:02:48.0859 4072  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\portabledeviceapi.dll
21:02:48.0859 4072  C:\WINDOWS\system32\portabledeviceapi.dll - ok
21:02:48.0859 4072  [ 7F2691FD961C9A704DA221745CCE6295 ] C:\Program Files\real\realplayer\Update\realsched.exe
21:02:48.0859 4072  C:\Program Files\real\realplayer\Update\realsched.exe - ok
21:02:48.0875 4072  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
21:02:48.0875 4072  C:\WINDOWS\system32\wuapi.dll - ok
21:02:48.0875 4072  [ 148C545849C1379A3D4448F5DE768E86 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:02:48.0875 4072  C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
21:02:48.0875 4072  [ B2D4A37B12F04736362268FFC5B6F5BF ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
21:02:48.0875 4072  C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
21:02:48.0875 4072  [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
21:02:48.0875 4072  C:\WINDOWS\system32\query.dll - ok
21:02:48.0875 4072  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
21:02:48.0875 4072  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
21:02:48.0875 4072  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
21:02:48.0875 4072  C:\WINDOWS\system32\wbem\ncprov.dll - ok
21:02:48.0875 4072  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
21:02:48.0875 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - ok
21:02:48.0875 4072  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
21:02:48.0875 4072  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
21:02:48.0875 4072  [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
21:02:48.0875 4072  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
21:02:48.0875 4072  [ 7EA351E5AB744DC2C22D98E23485A262 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
21:02:48.0875 4072  C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
21:02:48.0890 4072  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
21:02:48.0890 4072  C:\WINDOWS\system32\netcfgx.dll - ok
21:02:48.0890 4072  [ 520C1168F1D8447EFDE7C101CA5E75EC ] C:\Program Files\AVAST Software\Avast\aswData.dll
21:02:48.0890 4072  C:\Program Files\AVAST Software\Avast\aswData.dll - ok
21:02:48.0890 4072  [ 390679F7A217A5E73D756276C40AE887 ] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
21:02:48.0890 4072  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - ok
21:02:48.0890 4072  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
21:02:48.0890 4072  C:\WINDOWS\system32\rasmans.dll - ok
21:02:48.0890 4072  [ AB3C4A3667AEAD147F175721D8719B78 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
21:02:48.0890 4072  C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
21:02:48.0890 4072  [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui
21:02:48.0890 4072  C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
21:02:48.0890 4072  [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
21:02:48.0890 4072  C:\WINDOWS\system32\hhctrl.ocx - ok
21:02:48.0890 4072  [ 069D0270526BED51C336198F71261A89 ] C:\WINDOWS\system32\jsproxy.dll
21:02:48.0890 4072  C:\WINDOWS\system32\jsproxy.dll - ok
21:02:48.0890 4072  [ 9F0E7FBD08442DDCF856E933D26A296C ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
21:02:48.0890 4072  C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
21:02:48.0890 4072  [ 78710CC0B5AD01430A2DF8143015B2C3 ] C:\Program Files\Backblaze\bzbui.exe
21:02:48.0890 4072  C:\Program Files\Backblaze\bzbui.exe - ok
21:02:48.0906 4072  [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
21:02:48.0906 4072  C:\WINDOWS\system32\msscb.dll - ok
21:02:48.0906 4072  [ ED13869C11FD522B80EDF712D77251F1 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
21:02:48.0906 4072  C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
21:02:48.0906 4072  [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
21:02:48.0906 4072  C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
21:02:48.0906 4072  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
21:02:48.0906 4072  C:\WINDOWS\system32\msisip.dll - ok
21:02:48.0906 4072  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
21:02:48.0906 4072  C:\WINDOWS\system32\wshext.dll - ok
21:02:48.0906 4072  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
21:02:48.0906 4072  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
21:02:48.0906 4072  [ 731EA87CC4C5B411FAD0304DDD7C77E8 ] C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
21:02:48.0906 4072  C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL - ok
21:02:48.0906 4072  [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
21:02:48.0906 4072  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
21:02:48.0906 4072  [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
21:02:48.0906 4072  C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - ok
21:02:48.0906 4072  [ 1843E81FA7ACFFF4344A7DD4328D7DA0 ] C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL
21:02:48.0906 4072  C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL - ok
21:02:48.0921 4072  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
21:02:48.0921 4072  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
21:02:48.0921 4072  [ AD1EA59C74D873AC22FB839B8E3E97F7 ] C:\Program Files\Spybot - Search & Destroy\advcheck.dll
21:02:48.0921 4072  C:\Program Files\Spybot - Search & Destroy\advcheck.dll - ok
21:02:48.0921 4072  [ 9D8F3B5E2FACDAF0183CAA834AAD7171 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_169.ocx
21:02:48.0921 4072  C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_169.ocx - ok
21:02:48.0921 4072  ============================================================
21:02:48.0921 4072  Scan finished
21:02:48.0921 4072  ============================================================
21:02:49.0031 4056  Detected object count: 13
21:02:49.0031 4056  Actual detected object count: 13
21:06:37.0281 4056  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:06:37.0281 4056  tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
21:06:37.0281 4056  tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:07:07.0953 2844  Deinitialize success
 

 



RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Colorado Protection [Admin rights]
Mode : Remove -- Date : 05/08/2013 21:19:22
| ARK || FAK || MBR |

¤¤¤ Bad processes : 3 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll [x] -> UNLOADED
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll [x] -> UNLOADED
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll [x] -> UNLOADED

¤¤¤ Registry Entries : 1 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD501LJ +++++
--- User ---
[MBR] abea50d945de84992d54de7058d9adaf
[BSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473807 Mo
1 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 970470585 | Size: 3074 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_05082013_02d2119.txt >>
RKreport[1]_S_05082013_02d2118.txt ; RKreport[2]_D_05082013_02d2119.txt


 

 



Hijacker still present






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users