Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advice is really appreciated, disabled microsoft security essentials


  • This topic is locked This topic is locked
24 replies to this topic

#1 jaber.a

jaber.a

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 21 June 2013 - 01:43 PM

Good day,

 

My problem started yesterday after I found that it isn't possible to start microsoft security essentials anymore.

During that time, MBAM scan found pum.disabled.securitycenter and pup.blabbers on several registry data and keys - all of them were checked for removal - but till now I'm not able to start security essentials yet and It seems that I can't follow some of the links in google search regarding the problem as I get redirected to blank page.

 

I've included logs from MBAM, MBAR, tdsskiller, adwcleaner, OTL AND FSS.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ZAI [administrator]

11/08/1434 03:00:56 م
mbam-log-2013-06-19 (15-00-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218905
Time elapsed: 15 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

___________________________________________________________________________

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.20.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ZAI [administrator]

12/08/1434 08:43:47 م
mbar-log-2013-06-20 (20-43-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 215220
Time elapsed: 32 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

______________________________________________________________________________

 

10:38:49.0328 1144  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:38:49.0906 1144  ============================================================
10:38:49.0906 1144  Current date / time: 2013/06/20 10:38:49.0906
10:38:49.0906 1144  SystemInfo:
10:38:49.0906 1144 
10:38:49.0906 1144  OS Version: 5.1.2600 ServicePack: 3.0
10:38:49.0906 1144  Product type: Workstation
10:38:49.0906 1144  ComputerName: ZAI
10:38:49.0906 1144  UserName: Owner
10:38:49.0906 1144  Windows directory: C:\WINDOWS
10:38:49.0906 1144  System windows directory: C:\WINDOWS
10:38:49.0906 1144  Processor architecture: Intel x86
10:38:49.0906 1144  Number of processors: 2
10:38:49.0906 1144  Page size: 0x1000
10:38:49.0906 1144  Boot type: Normal boot
10:38:49.0906 1144  ============================================================
10:38:52.0343 1144  BG loaded
10:38:52.0781 1144  Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:38:52.0796 1144  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:38:52.0796 1144  ============================================================
10:38:52.0796 1144  \Device\Harddisk0\DR0:
10:38:52.0796 1144  MBR partitions:
10:38:52.0796 1144  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
10:38:52.0796 1144  \Device\Harddisk1\DR1:
10:38:52.0796 1144  MBR partitions:
10:38:52.0796 1144  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
10:38:52.0796 1144  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x12F35000
10:38:52.0796 1144  ============================================================
10:38:52.0859 1144  C: <-> \Device\Harddisk0\DR0\Partition1
10:38:52.0859 1144  D: <-> \Device\Harddisk1\DR1\Partition1
10:38:52.0890 1144  E: <-> \Device\Harddisk1\DR1\Partition2
10:38:52.0906 1144  ============================================================
10:38:52.0906 1144  Initialize success
10:38:52.0906 1144  ============================================================
10:39:42.0734 0564  ============================================================
10:39:42.0734 0564  Scan started
10:39:42.0734 0564  Mode: Manual; SigCheck; TDLFS;
10:39:42.0734 0564  ============================================================
10:39:43.0000 0564  ================ Scan system memory ========================
10:39:43.0000 0564  System memory - ok
10:39:43.0000 0564  ================ Scan services =============================
10:39:43.0156 0564  Abiosdsk - ok
10:39:43.0156 0564  abp480n5 - ok
10:39:43.0234 0564  [ 29DD2C058BDC1D4AB75D9E5E2ED81907 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:39:45.0671 0564  ACPI - ok
10:39:45.0703 0564  [ 3837D7349B1749D55D8EC6C5B490B8A8 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:39:45.0906 0564  ACPIEC - ok
10:39:45.0906 0564  adpu160m - ok
10:39:45.0953 0564  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:39:46.0125 0564  aec - ok
10:39:46.0171 0564  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:39:46.0265 0564  AFD - ok
10:39:46.0281 0564  Aha154x - ok
10:39:46.0296 0564  aic78u2 - ok
10:39:46.0296 0564  aic78xx - ok
10:39:46.0390 0564  [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS        C:\WINDOWS\system32\drivers\ALCXSENS.SYS
10:39:46.0515 0564  ALCXSENS - ok
10:39:46.0578 0564  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
10:39:46.0687 0564  ALCXWDM - ok
10:39:46.0718 0564  [ 45C1E500444DEED9C4E961222C4ACB5E ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:39:46.0875 0564  Alerter - ok
10:39:46.0890 0564  [ 89482328ADEA23DF2B2B0D6DCE5A1A76 ] ALG             C:\WINDOWS\System32\alg.exe
10:39:47.0046 0564  ALG - ok
10:39:47.0062 0564  AliIde - ok
10:39:47.0078 0564  amsint - ok
10:39:47.0203 0564  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:39:47.0234 0564  Apple Mobile Device - ok
10:39:47.0234 0564  AppMgmt - ok
10:39:47.0250 0564  asc - ok
10:39:47.0265 0564  asc3350p - ok
10:39:47.0265 0564  asc3550 - ok
10:39:47.0406 0564  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:39:47.0421 0564  aspnet_state - ok
10:39:47.0468 0564  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:39:47.0625 0564  AsyncMac - ok
10:39:47.0656 0564  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:39:47.0812 0564  atapi - ok
10:39:47.0812 0564  Atdisk - ok
10:39:47.0843 0564  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:39:48.0015 0564  Atmarpc - ok
10:39:48.0078 0564  [ 62F1AA8277ED78ED3DFB5D9F58B6B31C ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:39:48.0203 0564  AudioSrv - ok
10:39:48.0265 0564  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:39:48.0406 0564  audstub - ok
10:39:48.0453 0564  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:39:48.0609 0564  Beep - ok
10:39:48.0703 0564  [ B2B94DB65227B0FE579E8DB3C9595E27 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:39:48.0984 0564  BITS - ok
10:39:49.0171 0564  [ 686045905787B68D829CE647A6DFAD2B ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
10:39:49.0437 0564  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - warning
10:39:49.0437 0564  Blackberry Device Manager - detected UnsignedFile.Multi.Generic (1)
10:39:49.0609 0564  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:39:49.0640 0564  Bonjour Service - ok
10:39:49.0687 0564  [ F160073B9B9D95F65B6D467E88A52F00 ] Browser         C:\WINDOWS\System32\browser.dll
10:39:49.0812 0564  Browser - ok
10:39:49.0859 0564  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:39:50.0015 0564  BthEnum - ok
10:39:50.0031 0564  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:39:50.0156 0564  BthPan - ok
10:39:50.0234 0564  [ C32A38535BD714CEDD0205AC8B65E195 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
10:39:50.0296 0564  BTHPORT - ok
10:39:50.0359 0564  [ 020CADC9A5352A7AB5E1C8AD7AB6EE13 ] BthServ         C:\WINDOWS\System32\bthserv.dll
10:39:50.0515 0564  BthServ - ok
10:39:50.0546 0564  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
10:39:50.0687 0564  BTHUSB - ok
10:39:50.0734 0564  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:39:50.0875 0564  cbidf2k - ok
10:39:50.0890 0564  cd20xrnt - ok
10:39:50.0953 0564  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:39:51.0093 0564  Cdaudio - ok
10:39:51.0171 0564  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:39:51.0312 0564  Cdfs - ok
10:39:51.0375 0564  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:39:51.0515 0564  Cdrom - ok
10:39:51.0531 0564  Changer - ok
10:39:51.0578 0564  [ 91EECA88745E6FC10796E06006BAF6CE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:39:51.0718 0564  CiSvc - ok
10:39:51.0734 0564  [ 21E0DE7ED9C691E9E7BD25F58EE7F91B ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:39:51.0875 0564  ClipSrv - ok
10:39:51.0937 0564  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:39:51.0953 0564  clr_optimization_v2.0.50727_32 - ok
10:39:52.0078 0564  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:39:52.0109 0564  clr_optimization_v4.0.30319_32 - ok
10:39:52.0109 0564  CmdIde - ok
10:39:52.0125 0564  COMSysApp - ok
10:39:52.0140 0564  Cpqarray - ok
10:39:52.0218 0564  [ DE99DF7D8DD1E84F053CB27106DBE301 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:39:52.0359 0564  CryptSvc - ok
10:39:52.0375 0564  dac2w2k - ok
10:39:52.0375 0564  dac960nt - ok
10:39:52.0453 0564  [ 271830BCE6D77085E72D571F60EAF85A ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:39:52.0531 0564  DcomLaunch - ok
10:39:52.0593 0564  [ 43152852C8F5CE63B1D3466184E7E644 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:39:52.0734 0564  Dhcp - ok
10:39:52.0796 0564  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:39:52.0921 0564  Disk - ok
10:39:52.0921 0564  dmadmin - ok
10:39:53.0000 0564  [ 0F4F942D622B0D9FD4213431B729E993 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:39:53.0187 0564  dmboot - ok
10:39:53.0218 0564  [ 86EB492C80A43418685D88DA3D6CEDC7 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:39:53.0359 0564  dmio - ok
10:39:53.0406 0564  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:39:53.0546 0564  dmload - ok
10:39:53.0578 0564  [ F8B639DCA00D408BBC0906E6AB620279 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:39:53.0750 0564  dmserver - ok
10:39:53.0765 0564  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:39:53.0906 0564  DMusic - ok
10:39:53.0984 0564  [ E0ADCB569D9FC9A3861D05C02DC22BBF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:39:54.0140 0564  Dnscache - ok
10:39:54.0187 0564  [ BBF4CD4A914D2B0F0AAF966DE000687D ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:39:54.0328 0564  Dot3svc - ok
10:39:54.0343 0564  dpti2o - ok
10:39:54.0390 0564  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:39:54.0531 0564  drmkaud - ok
10:39:54.0609 0564  [ 01A605DEDCC8D9723CC762B804AF6B36 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:39:54.0750 0564  EapHost - ok
10:39:54.0812 0564  [ 085452A002B8B5A950F2F4AE956A0E2A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:39:54.0953 0564  ERSvc - ok
10:39:55.0015 0564  [ 1427365EFF6F4758DDC88388045E8400 ] Eventlog        C:\WINDOWS\system32\services.exe
10:39:55.0046 0564  Eventlog - ok
10:39:55.0109 0564  [ 584A7EDA1F7DC89E22BB046878A5E350 ] EventSystem     C:\WINDOWS\system32\es.dll
10:39:55.0156 0564  EventSystem - ok
10:39:55.0187 0564  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:39:55.0312 0564  Fastfat - ok
10:39:55.0375 0564  [ 6A5E5E928FB466B95FC9CC2C313D810D ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:39:55.0468 0564  FastUserSwitchingCompatibility - ok
10:39:55.0531 0564  [ 011B5FC678EC357E8653C8C6EE4F3D10 ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:39:55.0687 0564  Fax - ok
10:39:55.0703 0564  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:39:55.0843 0564  Fdc - ok
10:39:55.0921 0564  [ 9B6AF9E7E172249AFC4AF5576B506233 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:39:56.0062 0564  Fips - ok
10:39:56.0078 0564  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:39:56.0218 0564  Flpydisk - ok
10:39:56.0281 0564  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:39:56.0421 0564  FltMgr - ok
10:39:56.0531 0564  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:39:56.0546 0564  FontCache3.0.0.0 - ok
10:39:56.0562 0564  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:39:56.0703 0564  Fs_Rec - ok
10:39:56.0718 0564  [ 0F47404101E488D7D49E45A8AF4CDF90 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:39:56.0859 0564  Ftdisk - ok
10:39:56.0906 0564  [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv            C:\WINDOWS\gdrv.sys
10:39:58.0265 0564  gdrv - ok
10:39:58.0312 0564  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:39:58.0328 0564  GEARAspiWDM - ok
10:39:58.0406 0564  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:39:58.0546 0564  Gpc - ok
10:39:58.0640 0564  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:39:58.0656 0564  gupdate - ok
10:39:58.0656 0564  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:39:58.0687 0564  gupdatem - ok
10:39:58.0781 0564  [ 7BADB9F996095DF9BF9199D976850A43 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:39:58.0921 0564  helpsvc - ok
10:39:58.0937 0564  HidServ - ok
10:39:59.0000 0564  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:39:59.0140 0564  HidUsb - ok
10:39:59.0218 0564  [ BD539A6F8B0BB2FDB36C0C5AE501B629 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:39:59.0359 0564  hkmsvc - ok
10:39:59.0359 0564  hpn - ok
10:39:59.0421 0564  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:39:59.0562 0564  HPZid412 - ok
10:39:59.0593 0564  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:39:59.0625 0564  HPZipr12 - ok
10:39:59.0625 0564  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:39:59.0671 0564  HPZius12 - ok
10:39:59.0765 0564  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:39:59.0906 0564  HTTP - ok
10:39:59.0984 0564  [ 771F0AF6057426C881FA47D68D7C76C7 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:40:00.0156 0564  HTTPFilter - ok
10:40:00.0171 0564  i2omgmt - ok
10:40:00.0187 0564  i2omp - ok
10:40:00.0250 0564  [ 9354FAA5F4084CCB31A868BFA4BC2ED0 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:40:00.0390 0564  i8042prt - ok
10:40:00.0421 0564  [ 1406D6EF4436AEE970EFE13193123965 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:40:00.0750 0564  ialm - ok
10:40:00.0859 0564  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:40:00.0921 0564  idsvc - ok
10:40:00.0953 0564  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:40:01.0125 0564  Imapi - ok
10:40:01.0171 0564  [ 5B6CAC3413D122AC7C35165602E02416 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:40:01.0312 0564  ImapiService - ok
10:40:01.0328 0564  ini910u - ok
10:40:01.0375 0564  [ 482068F766AE1B79C12DE149897CEC74 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
10:40:01.0515 0564  IntelIde - ok
10:40:01.0562 0564  [ 40C589797CB66DA0C1FE305F3BFCFDAF ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:40:01.0703 0564  intelppm - ok
10:40:01.0734 0564  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:40:01.0875 0564  Ip6Fw - ok
10:40:01.0921 0564  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:40:02.0078 0564  IpFilterDriver - ok
10:40:02.0109 0564  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:40:02.0218 0564  IpInIp - ok
10:40:02.0281 0564  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:40:02.0421 0564  IpNat - ok
10:40:02.0500 0564  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:40:02.0531 0564  iPod Service - ok
10:40:02.0562 0564  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:40:02.0703 0564  IPSec - ok
10:40:02.0734 0564  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:40:02.0875 0564  IRENUM - ok
10:40:02.0890 0564  [ 338AC2EBB3E3410B7E95185DA8E73A41 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:40:03.0031 0564  isapnp - ok
10:40:03.0187 0564  [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:40:03.0203 0564  JavaQuickStarterService - ok
10:40:03.0265 0564  [ 9C1C146FA88A622FE5A7BC526E2E1289 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:40:03.0406 0564  Kbdclass - ok
10:40:03.0437 0564  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:40:03.0578 0564  kmixer - ok
10:40:03.0625 0564  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:40:03.0812 0564  KSecDD - ok
10:40:03.0875 0564  [ 23144A1C86483871370BEAD46CB37E68 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:40:03.0953 0564  lanmanserver - ok
10:40:04.0015 0564  [ 9E79D743CBCF217F9A6BE5DFA3AB4252 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:40:04.0093 0564  lanmanworkstation - ok
10:40:04.0109 0564  lbrtfdc - ok
10:40:04.0171 0564  [ CC63093B849D045246706E08A3342ED0 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:40:04.0281 0564  LmHosts - ok
10:40:04.0421 0564  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
10:40:04.0500 0564  MDM ( UnsignedFile.Multi.Generic ) - warning
10:40:04.0500 0564  MDM - detected UnsignedFile.Multi.Generic (1)
10:40:04.0546 0564  [ D12F21ED0E0D90631B2E653F6840CB9C ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:40:04.0656 0564  Messenger - ok
10:40:04.0750 0564  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:40:04.0781 0564  Microsoft Office Groove Audit Service - ok
10:40:04.0828 0564  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:40:04.0968 0564  mnmdd - ok
10:40:05.0031 0564  [ 879A0067D316AE2430787491DE9CCDC0 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:40:06.0484 0564  mnmsrvc - ok
10:40:06.0531 0564  [ 829696409B58694B97F9DCAA4053C559 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:40:06.0687 0564  Modem - ok
10:40:06.0734 0564  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:40:06.0937 0564  MODEMCSA - ok
10:40:06.0953 0564  [ A08EAF51779F54ED303650D1D42ECD90 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:40:07.0062 0564  Mouclass - ok
10:40:07.0093 0564  [ BB04BB4D7FE1A38BDC61F0A174198E69 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:40:07.0234 0564  mouhid - ok
10:40:07.0265 0564  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:40:07.0375 0564  MountMgr - ok
10:40:07.0437 0564  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:40:07.0484 0564  MpFilter - ok
10:40:07.0500 0564  mraid35x - ok
10:40:07.0546 0564  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:40:07.0671 0564  MRxDAV - ok
10:40:07.0781 0564  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:40:07.0906 0564  MRxSmb - ok
10:40:07.0968 0564  [ A1D2E6DD4FC0C9A4208717B11E0CA79C ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:40:08.0093 0564  MSDTC - ok
10:40:08.0140 0564  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:40:08.0281 0564  Msfs - ok
10:40:08.0281 0564  MSIServer - ok
10:40:08.0328 0564  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:40:08.0468 0564  MSKSSRV - ok
10:40:08.0562 0564  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:40:08.0578 0564  MsMpSvc - ok
10:40:08.0609 0564  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:40:08.0765 0564  MSPCLOCK - ok
10:40:08.0796 0564  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:40:08.0937 0564  MSPQM - ok
10:40:09.0000 0564  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:40:09.0140 0564  mssmbios - ok
10:40:09.0187 0564  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:40:09.0281 0564  Mup - ok
10:40:09.0343 0564  [ 025F2AF826358E88B25D82C8017A5AA9 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:40:09.0500 0564  napagent - ok
10:40:09.0562 0564  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:40:09.0687 0564  NDIS - ok
10:40:09.0750 0564  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:40:09.0796 0564  NdisTapi - ok
10:40:09.0812 0564  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:40:09.0953 0564  Ndisuio - ok
10:40:09.0984 0564  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:40:10.0109 0564  NdisWan - ok
10:40:10.0156 0564  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:40:10.0250 0564  NDProxy - ok
10:40:10.0328 0564  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:40:10.0453 0564  NetBIOS - ok
10:40:10.0484 0564  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:40:10.0625 0564  NetBT - ok
10:40:10.0687 0564  [ 6DEF5A7A8887CC7FEF24EBBAFF74385C ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:40:10.0812 0564  NetDDE - ok
10:40:10.0828 0564  [ 6DEF5A7A8887CC7FEF24EBBAFF74385C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:40:10.0953 0564  NetDDEdsdm - ok
10:40:11.0000 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:40:11.0140 0564  Netlogon - ok
10:40:11.0203 0564  [ 06A4ECA228EA636F4A1F6CE7542B6923 ] Netman          C:\WINDOWS\System32\netman.dll
10:40:11.0343 0564  Netman - ok
10:40:11.0390 0564  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:40:11.0406 0564  NetTcpPortSharing - ok
10:40:11.0468 0564  [ 291B944E825F8AA629A7A41716C2EC24 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:40:11.0515 0564  Nla - ok
10:40:11.0671 0564  [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
10:40:11.0703 0564  nmservice - ok
10:40:11.0781 0564  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:40:11.0906 0564  Npfs - ok
10:40:11.0968 0564  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:40:12.0171 0564  Ntfs - ok
10:40:12.0187 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:40:12.0312 0564  NtLmSsp - ok
10:40:12.0375 0564  [ F3111AEB82E09867722BF0A92742B9F6 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:40:12.0562 0564  NtmsSvc - ok
10:40:12.0578 0564  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:40:12.0703 0564  Null - ok
10:40:12.0750 0564  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:40:12.0921 0564  NwlnkFlt - ok
10:40:12.0921 0564  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:40:13.0062 0564  NwlnkFwd - ok
10:40:13.0187 0564  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:40:13.0218 0564  odserv - ok
10:40:13.0234 0564  omwofevh - ok
10:40:13.0281 0564  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:40:13.0312 0564  ose - ok
10:40:13.0359 0564  [ 88FFA60E94CA89C489DB4C6A38994EBF ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:40:13.0500 0564  Parport - ok
10:40:13.0515 0564  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:40:13.0640 0564  PartMgr - ok
10:40:13.0703 0564  [ B3239C7D0AB1346AFA76076EE76778D3 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:40:13.0828 0564  ParVdm - ok
10:40:13.0859 0564  [ 542690F2E4D5840202B0F13EA1BADA05 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:40:13.0968 0564  PCI - ok
10:40:13.0984 0564  PCIDump - ok
10:40:14.0046 0564  [ B928CA32FD2294EEDD7DF3BD9528D24C ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:40:14.0203 0564  PCIIde - ok
10:40:14.0250 0564  [ 5D631C4C0270A9982423DB089AFE7621 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:40:14.0390 0564  Pcmcia - ok
10:40:14.0406 0564  PDCOMP - ok
10:40:14.0406 0564  PDFRAME - ok
10:40:14.0421 0564  PDRELI - ok
10:40:14.0437 0564  PDRFRAME - ok
10:40:14.0437 0564  perc2 - ok
10:40:14.0453 0564  perc2hib - ok
10:40:14.0515 0564  [ 1427365EFF6F4758DDC88388045E8400 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:40:14.0546 0564  PlugPlay - ok
10:40:14.0609 0564  [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:40:14.0625 0564  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:40:14.0625 0564  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:40:14.0687 0564  [ 36FCAC4FA28B462CA867742DEA59B0D0 ] pnarp           C:\WINDOWS\system32\DRIVERS\pnarp.sys
10:40:14.0703 0564  pnarp - ok
10:40:14.0718 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:40:14.0843 0564  PolicyAgent - ok
10:40:14.0906 0564  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:40:15.0031 0564  PptpMiniport - ok
10:40:15.0046 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:40:15.0156 0564  ProtectedStorage - ok
10:40:15.0187 0564  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:40:15.0312 0564  PSched - ok
10:40:15.0343 0564  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:40:15.0484 0564  Ptilink - ok
10:40:15.0531 0564  [ 1219AC397BB4BA5B41346016C4C9C29C ] Ptserial        C:\WINDOWS\system32\DRIVERS\ptserial.sys
10:40:15.0562 0564  Ptserial ( UnsignedFile.Multi.Generic ) - warning
10:40:15.0562 0564  Ptserial - detected UnsignedFile.Multi.Generic (1)
10:40:15.0625 0564  [ D8AC00388262B1A4878A7EE12F31D376 ] purendis        C:\WINDOWS\system32\DRIVERS\purendis.sys
10:40:15.0640 0564  purendis - ok
10:40:15.0640 0564  ql1080 - ok
10:40:15.0656 0564  Ql10wnt - ok
10:40:15.0671 0564  ql12160 - ok
10:40:15.0671 0564  ql1240 - ok
10:40:15.0687 0564  ql1280 - ok
10:40:15.0812 0564  RapportIaso - ok
10:40:15.0859 0564  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:40:16.0000 0564  RasAcd - ok
10:40:16.0031 0564  [ A8B7E42255E670199ACE9C01DDA49846 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:40:16.0187 0564  RasAuto - ok
10:40:16.0187 0564  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:40:16.0328 0564  Rasl2tp - ok
10:40:16.0390 0564  [ 9F0F55A61BA52FD45E22C4377FA66CE6 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:40:16.0531 0564  RasMan - ok
10:40:16.0546 0564  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:40:16.0687 0564  RasPppoe - ok
10:40:16.0703 0564  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:40:16.0859 0564  Raspti - ok
10:40:16.0921 0564  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:40:17.0031 0564  Rdbss - ok
10:40:17.0046 0564  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:40:17.0203 0564  RDPCDD - ok
10:40:17.0250 0564  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:40:17.0390 0564  RDPWD - ok
10:40:17.0468 0564  [ 47B61AA3807EA393A970857B70ED72E0 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:40:17.0609 0564  RDSessMgr - ok
10:40:17.0703 0564  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
10:40:17.0718 0564  RealNetworks Downloader Resolver Service - ok
10:40:17.0734 0564  [ 1AAFCAEED86CD38DB3C501610F28F131 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:40:17.0875 0564  redbook - ok
10:40:17.0921 0564  [ CAB398502582FA3BEDB8C47B45373A0E ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:40:18.0062 0564  RemoteAccess - ok
10:40:18.0109 0564  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:40:18.0218 0564  RFCOMM - ok
10:40:18.0281 0564  [ BBCE96557881586683611C561FB06269 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
10:40:18.0390 0564  RimUsb - ok
10:40:18.0437 0564  [ C4F4FCD5AE48BDD31648981DDF8EF993 ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
10:40:18.0468 0564  RimVSerPort - ok
10:40:18.0515 0564  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
10:40:18.0671 0564  ROOTMODEM - ok
10:40:18.0734 0564  [ BB74202C4EB883082385CD366CFF7BDA ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:40:18.0875 0564  RpcLocator - ok
10:40:18.0921 0564  [ 271830BCE6D77085E72D571F60EAF85A ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:40:18.0984 0564  RpcSs - ok
10:40:19.0046 0564  [ FF74A30958DABC43813AC8E0283CFD87 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:40:19.0171 0564  RSVP - ok
10:40:19.0265 0564  [ 84BEAF4A13A36CB9BB0663DF9089CEA2 ] rt2870          C:\WINDOWS\system32\DRIVERS\rt2870.sys
10:40:19.0359 0564  rt2870 - ok
10:40:19.0406 0564  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:40:19.0531 0564  rtl8139 - ok
10:40:19.0562 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:40:19.0671 0564  SamSs - ok
10:40:19.0750 0564  [ 6DA4BBD3F1CE9041B9D881C8CAD572AD ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:40:19.0921 0564  SCardSvr - ok
10:40:19.0984 0564  [ 8F97E67ECB9F450F3E0FF626641DA365 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:40:20.0109 0564  Schedule - ok
10:40:20.0156 0564  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:40:20.0296 0564  Secdrv - ok
10:40:20.0312 0564  [ FCECA7F90E5EB601BE5FD8ADFF2A19C7 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:40:20.0453 0564  seclogon - ok
10:40:20.0484 0564  [ FABB04E47EA91FA05AACF03C8BB7AF16 ] SENS            C:\WINDOWS\system32\sens.dll
10:40:20.0609 0564  SENS - ok
10:40:20.0687 0564  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:40:20.0828 0564  serenum - ok
10:40:20.0843 0564  [ CF89293B8D37CBC287B13A079AFD7C5C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:40:20.0984 0564  Serial - ok
10:40:21.0031 0564  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:40:21.0156 0564  Sfloppy - ok
10:40:21.0234 0564  [ C4E4C037245CD2A2610EE58F46614712 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:40:21.0359 0564  SharedAccess - ok
10:40:21.0390 0564  [ 6A5E5E928FB466B95FC9CC2C313D810D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:40:21.0437 0564  ShellHWDetection - ok
10:40:21.0437 0564  Simbad - ok
10:40:21.0859 0564  [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:40:21.0984 0564  Skype C2C Service - ok
10:40:22.0046 0564  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:40:22.0062 0564  SkypeUpdate - ok
10:40:22.0125 0564  [ D72A21424CA66C7A745BD995ECA6A710 ] SMBios          C:\WINDOWS\system32\DRIVERS\SMBios.sys
10:40:22.0140 0564  SMBios ( UnsignedFile.Multi.Generic ) - warning
10:40:22.0140 0564  SMBios - detected UnsignedFile.Multi.Generic (1)
10:40:22.0171 0564  Sparrow - ok
10:40:22.0234 0564  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:40:22.0375 0564  splitter - ok
10:40:22.0421 0564  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:40:22.0500 0564  Spooler - ok
10:40:22.0546 0564  [ B57E685C65D8A5CB53DFC0DB97E3A590 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:40:22.0656 0564  sr - ok
10:40:22.0718 0564  [ 0C486E769D9F0BD558EDF1028D5B3A97 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:40:22.0843 0564  srservice - ok
10:40:22.0921 0564  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:40:23.0062 0564  Srv - ok
10:40:23.0125 0564  [ A7CB4B261EAC77F66ABBC3A6D67310D7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:40:23.0265 0564  SSDPSRV - ok
10:40:23.0328 0564  [ C80D292B0B9CBC59AF1D194EE5D85918 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
10:40:23.0468 0564  StillCam - ok
10:40:23.0546 0564  [ 2CD5C528EB34C1DB277A49B31BDAC41F ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:40:23.0734 0564  stisvc - ok
10:40:23.0750 0564  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:40:23.0875 0564  swenum - ok
10:40:23.0906 0564  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:40:24.0046 0564  swmidi - ok
10:40:24.0046 0564  SwPrv - ok
10:40:24.0078 0564  symc810 - ok
10:40:24.0093 0564  symc8xx - ok
10:40:24.0093 0564  sym_hi - ok
10:40:24.0109 0564  sym_u3 - ok
10:40:24.0140 0564  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:40:24.0484 0564  sysaudio - ok
10:40:24.0531 0564  [ A2D06F4F655CBB94ADE61F9F9B8D7DE7 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:40:24.0671 0564  SysmonLog - ok
10:40:24.0734 0564  [ 1171249B20075E2A5FF1EE09B96E505E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:40:24.0875 0564  TapiSrv - ok
10:40:24.0937 0564  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:40:25.0015 0564  Tcpip - ok
10:40:25.0062 0564  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:40:25.0218 0564  TDPIPE - ok
10:40:25.0234 0564  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:40:25.0375 0564  TDTCP - ok
10:40:25.0421 0564  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:40:25.0562 0564  TermDD - ok
10:40:25.0625 0564  [ 58E202572D3251BF2687BF841EA00CE0 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:40:25.0750 0564  TermService - ok
10:40:25.0781 0564  [ 6A5E5E928FB466B95FC9CC2C313D810D ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:40:25.0796 0564  Themes - ok
10:40:25.0796 0564  TosIde - ok
10:40:25.0843 0564  [ A4B93780AF1876BB0195B1BC3688C5CB ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:40:25.0953 0564  TrkWks - ok
10:40:25.0984 0564  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:40:26.0109 0564  Udfs - ok
10:40:26.0125 0564  ultra - ok
10:40:26.0203 0564  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:40:26.0328 0564  Update - ok
10:40:26.0390 0564  [ B87E398A9B268ED7EFFEF18107D9B0C2 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:40:26.0531 0564  upnphost - ok
10:40:26.0546 0564  [ 6B763AA9276269B4A51D3F7515045160 ] UPS             C:\WINDOWS\System32\ups.exe
10:40:26.0671 0564  UPS - ok
10:40:26.0734 0564  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
10:40:26.0734 0564  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
10:40:26.0734 0564  USBAAPL - detected UnsignedFile.Multi.Generic (1)
10:40:26.0796 0564  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
10:40:26.0921 0564  usbaudio - ok
10:40:26.0984 0564  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:40:27.0125 0564  usbccgp - ok
10:40:27.0171 0564  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:40:27.0312 0564  usbehci - ok
10:40:27.0375 0564  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:40:27.0500 0564  usbhub - ok
10:40:27.0531 0564  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:40:27.0671 0564  usbprint - ok
10:40:27.0734 0564  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:40:27.0859 0564  usbscan - ok
10:40:27.0906 0564  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:40:28.0046 0564  USBSTOR - ok
10:40:28.0062 0564  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:40:28.0171 0564  usbuhci - ok
10:40:28.0187 0564  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:40:28.0312 0564  VgaSave - ok
10:40:28.0312 0564  ViaIde - ok
10:40:28.0421 0564  [ C8487A076C1EFB7612D1DBB0B3CDABDD ] Vmodem          C:\WINDOWS\system32\DRIVERS\vmodem.sys
10:40:28.0500 0564  Vmodem ( UnsignedFile.Multi.Generic ) - warning
10:40:28.0500 0564  Vmodem - detected UnsignedFile.Multi.Generic (1)
10:40:28.0531 0564  [ E3EED80ADEA08F324A3722AB81E136D0 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:40:28.0656 0564  VolSnap - ok
10:40:28.0718 0564  [ 431B10698D6906649A6C551F1F652823 ] Vpctcom         C:\WINDOWS\system32\DRIVERS\vpctcom.sys
10:40:28.0796 0564  Vpctcom ( UnsignedFile.Multi.Generic ) - warning
10:40:28.0796 0564  Vpctcom - detected UnsignedFile.Multi.Generic (1)
10:40:28.0890 0564  [ 757131F176E3A7423286078B080BF9A2 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:40:29.0046 0564  VSS - ok
10:40:29.0078 0564  [ 4BB2F5DE8A23D32A007DB2DB9F5A0E96 ] Vvoice          C:\WINDOWS\system32\DRIVERS\vvoice.sys
10:40:29.0093 0564  Vvoice ( UnsignedFile.Multi.Generic ) - warning
10:40:29.0093 0564  Vvoice - detected UnsignedFile.Multi.Generic (1)
10:40:29.0109 0564  [ 565E206FD5444ADC9EFD8C0325DAC882 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:40:29.0250 0564  W32Time - ok
10:40:29.0265 0564  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:40:29.0406 0564  Wanarp - ok
10:40:29.0500 0564  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
10:40:29.0531 0564  Wdf01000 - ok
10:40:29.0531 0564  WDICA - ok
10:40:29.0578 0564  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:40:29.0718 0564  wdmaud - ok
10:40:29.0765 0564  [ 18D3FAE7E2B76E213DA806C13AB2D87C ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:40:29.0906 0564  WebClient - ok
10:40:30.0031 0564  [ 347F3474960367180E1855BAADF6ECF4 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:40:30.0171 0564  winmgmt - ok
10:40:30.0218 0564  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:40:30.0312 0564  WmdmPmSN - ok
10:40:30.0406 0564  [ 219A80D33B424A7C0740536B50A1E5D2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:40:30.0531 0564  WmiApSrv - ok
10:40:30.0640 0564  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
10:40:30.0750 0564  WMPNetworkSvc - ok
10:40:30.0796 0564  [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:40:30.0843 0564  WpdUsb - ok
10:40:30.0984 0564  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:40:31.0046 0564  WPFFontCache_v0400 - ok
10:40:31.0109 0564  [ 7860BB84EC2542FA526A074B94C7B0A7 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:40:31.0234 0564  wscsvc - ok
10:40:31.0296 0564  [ 86DAF128A3FC857669FD0FD44672C971 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:40:31.0437 0564  wuauserv - ok
10:40:31.0500 0564  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:40:31.0546 0564  WudfPf - ok
10:40:31.0593 0564  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:40:31.0609 0564  WudfRd - ok
10:40:31.0640 0564  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:40:31.0671 0564  WudfSvc - ok
10:40:31.0750 0564  [ 88B3D466D059C7CC95B20175F656E776 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:40:31.0937 0564  WZCSVC - ok
10:40:31.0984 0564  [ A3FD2742E0AA6B637454B1B72220CBFA ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:40:32.0125 0564  xmlprov - ok
10:40:32.0203 0564  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
10:40:32.0250 0564  {6080A529-897E-4629-A488-ABA0C29B635E} - ok
10:40:32.0281 0564  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
10:40:32.0312 0564  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
10:40:32.0328 0564  ================ Scan global ===============================
10:40:32.0390 0564  [ E9E224F07CA540E57BA08B0F852204BF ] C:\WINDOWS\system32\basesrv.dll
10:40:32.0468 0564  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
10:40:32.0484 0564  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
10:40:32.0515 0564  [ 1427365EFF6F4758DDC88388045E8400 ] C:\WINDOWS\system32\services.exe
10:40:32.0531 0564  [Global] - ok
10:40:32.0531 0564  ================ Scan MBR ==================================
10:40:32.0562 0564  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:40:32.0875 0564  \Device\Harddisk0\DR0 - ok
10:40:32.0875 0564  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:40:32.0937 0564  \Device\Harddisk1\DR1 - ok
10:40:32.0937 0564  ================ Scan VBR ==================================
10:40:32.0937 0564  [ 6E380D5300E63432228349AA332BEC9B ] \Device\Harddisk0\DR0\Partition1
10:40:32.0937 0564  \Device\Harddisk0\DR0\Partition1 - ok
10:40:32.0953 0564  [ 550F4186680D8F3398BC332872B5C0CB ] \Device\Harddisk1\DR1\Partition1
10:40:32.0953 0564  \Device\Harddisk1\DR1\Partition1 - ok
10:40:32.0953 0564  [ 540975B5C07D3433DCE41BB94A3078C5 ] \Device\Harddisk1\DR1\Partition2
10:40:32.0968 0564  \Device\Harddisk1\DR1\Partition2 - ok
10:40:32.0968 0564  ================ Scan active images ========================
10:40:32.0968 0564  [ D72A21424CA66C7A745BD995ECA6A710 ] C:\WINDOWS\system32\drivers\SMBios.sys
10:40:32.0968 0564  C:\WINDOWS\system32\drivers\SMBios.sys - ok
10:40:32.0984 0564  [ 40C589797CB66DA0C1FE305F3BFCFDAF ] C:\WINDOWS\system32\drivers\intelppm.sys
10:40:32.0984 0564  C:\WINDOWS\system32\drivers\intelppm.sys - ok
10:40:32.0984 0564  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
10:40:32.0984 0564  C:\WINDOWS\system32\drivers\videoprt.sys - ok
10:40:33.0000 0564  [ 1406D6EF4436AEE970EFE13193123965 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
10:40:33.0000 0564  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
10:40:33.0000 0564  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
10:40:33.0000 0564  C:\WINDOWS\system32\drivers\usbport.sys - ok
10:40:33.0015 0564  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
10:40:33.0015 0564  C:\WINDOWS\system32\drivers\usbehci.sys - ok
10:40:33.0015 0564  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
10:40:33.0015 0564  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
10:40:33.0031 0564  [ 829696409B58694B97F9DCAA4053C559 ] C:\WINDOWS\system32\drivers\modem.sys
10:40:33.0031 0564  C:\WINDOWS\system32\drivers\modem.sys - ok
10:40:33.0031 0564  [ 1219AC397BB4BA5B41346016C4C9C29C ] C:\WINDOWS\system32\drivers\ptserial.sys
10:40:33.0031 0564  C:\WINDOWS\system32\drivers\ptserial.sys - ok
10:40:33.0046 0564  [ D507C1400284176573224903819FFDA3 ] C:\WINDOWS\system32\drivers\RTL8139.sys
10:40:33.0046 0564  C:\WINDOWS\system32\drivers\RTL8139.sys - ok
10:40:33.0062 0564  [ 9354FAA5F4084CCB31A868BFA4BC2ED0 ] C:\WINDOWS\system32\drivers\i8042prt.sys
10:40:33.0062 0564  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
10:40:33.0062 0564  [ 9C1C146FA88A622FE5A7BC526E2E1289 ] C:\WINDOWS\system32\drivers\kbdclass.sys
10:40:33.0062 0564  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
10:40:33.0078 0564  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
10:40:33.0078 0564  C:\WINDOWS\system32\drivers\fdc.sys - ok
10:40:33.0078 0564  [ CF89293B8D37CBC287B13A079AFD7C5C ] C:\WINDOWS\system32\drivers\serial.sys
10:40:33.0078 0564  C:\WINDOWS\system32\drivers\serial.sys - ok
10:40:33.0093 0564  [ 88FFA60E94CA89C489DB4C6A38994EBF ] C:\WINDOWS\system32\drivers\parport.sys
10:40:33.0093 0564  C:\WINDOWS\system32\drivers\parport.sys - ok
10:40:33.0109 0564  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
10:40:33.0109 0564  C:\WINDOWS\system32\drivers\serenum.sys - ok
10:40:33.0109 0564  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
10:40:33.0109 0564  C:\WINDOWS\system32\drivers\imapi.sys - ok
10:40:33.0125 0564  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
10:40:33.0125 0564  C:\WINDOWS\system32\drivers\cdrom.sys - ok
10:40:33.0125 0564  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
10:40:33.0125 0564  C:\WINDOWS\system32\drivers\ks.sys - ok
10:40:33.0140 0564  [ 1AAFCAEED86CD38DB3C501610F28F131 ] C:\WINDOWS\system32\drivers\redbook.sys
10:40:33.0140 0564  C:\WINDOWS\system32\drivers\redbook.sys - ok
10:40:33.0140 0564  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
10:40:33.0140 0564  C:\WINDOWS\system32\drivers\drmk.sys - ok
10:40:33.0156 0564  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
10:40:33.0156 0564  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
10:40:33.0171 0564  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
10:40:33.0171 0564  C:\WINDOWS\system32\drivers\portcls.sys - ok
10:40:33.0171 0564  [ FBBCB95F677CBAA924140B6EA2D9A97B ] C:\WINDOWS\system32\drivers\ALCXSENS.SYS
10:40:33.0171 0564  C:\WINDOWS\system32\drivers\ALCXSENS.SYS - ok
10:40:33.0187 0564  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
10:40:33.0187 0564  C:\WINDOWS\system32\drivers\ALCXWDM.SYS - ok
10:40:33.0187 0564  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
10:40:33.0187 0564  C:\WINDOWS\system32\drivers\audstub.sys - ok
10:40:33.0203 0564  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] C:\WINDOWS\system32\drivers\rootmdm.sys
10:40:33.0203 0564  C:\WINDOWS\system32\drivers\rootmdm.sys - ok
10:40:33.0203 0564  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
10:40:33.0218 0564  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
10:40:33.0218 0564  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
10:40:33.0218 0564  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
10:40:33.0234 0564  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
10:40:33.0234 0564  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
10:40:33.0234 0564  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
10:40:33.0234 0564  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
10:40:33.0250 0564  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
10:40:33.0250 0564  C:\WINDOWS\system32\drivers\tdi.sys - ok
10:40:33.0250 0564  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
10:40:33.0250 0564  C:\WINDOWS\system32\drivers\raspptp.sys - ok
10:40:33.0265 0564  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
10:40:33.0265 0564  C:\WINDOWS\system32\drivers\psched.sys - ok
10:40:33.0265 0564  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
10:40:33.0265 0564  C:\WINDOWS\system32\drivers\msgpc.sys - ok
10:40:33.0281 0564  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
10:40:33.0281 0564  C:\WINDOWS\system32\drivers\ptilink.sys - ok
10:40:33.0281 0564  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
10:40:33.0281 0564  C:\WINDOWS\system32\drivers\raspti.sys - ok
10:40:33.0296 0564  [ C4F4FCD5AE48BDD31648981DDF8EF993 ] C:\WINDOWS\system32\drivers\RimSerial.sys
10:40:33.0296 0564  C:\WINDOWS\system32\drivers\RimSerial.sys - ok
10:40:33.0312 0564  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
10:40:33.0312 0564  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
10:40:33.0312 0564  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
10:40:33.0312 0564  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
10:40:33.0328 0564  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
10:40:33.0328 0564  C:\WINDOWS\system32\drivers\termdd.sys - ok
10:40:33.0328 0564  [ A08EAF51779F54ED303650D1D42ECD90 ] C:\WINDOWS\system32\drivers\mouclass.sys
10:40:33.0328 0564  C:\WINDOWS\system32\drivers\mouclass.sys - ok
10:40:33.0343 0564  [ C80D292B0B9CBC59AF1D194EE5D85918 ] C:\WINDOWS\system32\drivers\serscan.sys
10:40:33.0343 0564  C:\WINDOWS\system32\drivers\serscan.sys - ok
10:40:33.0343 0564  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
10:40:33.0343 0564  C:\WINDOWS\system32\drivers\swenum.sys - ok
10:40:33.0359 0564  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
10:40:33.0359 0564  C:\WINDOWS\system32\drivers\update.sys - ok
10:40:33.0375 0564  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
10:40:33.0375 0564  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
10:40:33.0375 0564  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
10:40:33.0375 0564  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
10:40:33.0390 0564  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] C:\WINDOWS\system32\drivers\ialmkchw.sys
10:40:33.0390 0564  C:\WINDOWS\system32\drivers\ialmkchw.sys - ok
10:40:33.0390 0564  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] C:\WINDOWS\system32\drivers\ialmsbw.sys
10:40:33.0390 0564  C:\WINDOWS\system32\drivers\ialmsbw.sys - ok
10:40:33.0406 0564  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
10:40:33.0406 0564  C:\WINDOWS\system32\drivers\usbd.sys - ok
10:40:33.0406 0564  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
10:40:33.0406 0564  C:\WINDOWS\system32\drivers\usbhub.sys - ok
10:40:33.0421 0564  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:40:33.0421 0564  C:\WINDOWS\system32\drivers\MODEMCSA.sys - ok
10:40:33.0437 0564  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
10:40:33.0437 0564  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
10:40:33.0437 0564  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
10:40:33.0437 0564  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
10:40:33.0453 0564  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
10:40:33.0453 0564  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
10:40:33.0453 0564  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
10:40:33.0453 0564  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
10:40:33.0468 0564  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
10:40:33.0468 0564  C:\WINDOWS\system32\drivers\null.sys - ok
10:40:33.0484 0564  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
10:40:33.0484 0564  C:\WINDOWS\system32\drivers\hidparse.sys - ok
10:40:33.0484 0564  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
10:40:33.0484 0564  C:\WINDOWS\system32\drivers\hidclass.sys - ok
10:40:33.0500 0564  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
10:40:33.0500 0564  C:\WINDOWS\system32\drivers\hidusb.sys - ok
10:40:33.0500 0564  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
10:40:33.0500 0564  C:\WINDOWS\system32\drivers\beep.sys - ok
10:40:33.0515 0564  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
10:40:33.0515 0564  C:\WINDOWS\system32\drivers\vga.sys - ok
10:40:33.0515 0564  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
10:40:33.0515 0564  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
10:40:33.0531 0564  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
10:40:33.0531 0564  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
10:40:33.0531 0564  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
10:40:33.0531 0564  C:\WINDOWS\system32\drivers\msfs.sys - ok
10:40:33.0546 0564  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
10:40:33.0546 0564  C:\WINDOWS\system32\drivers\npfs.sys - ok
10:40:33.0546 0564  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
10:40:33.0546 0564  C:\WINDOWS\system32\drivers\rasacd.sys - ok
10:40:33.0562 0564  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
10:40:33.0562 0564  C:\WINDOWS\system32\drivers\ipsec.sys - ok
10:40:33.0578 0564  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
10:40:33.0578 0564  C:\WINDOWS\system32\drivers\tcpip.sys - ok
10:40:33.0578 0564  [ 84BEAF4A13A36CB9BB0663DF9089CEA2 ] C:\WINDOWS\system32\drivers\rt2870.sys
10:40:33.0578 0564  C:\WINDOWS\system32\drivers\rt2870.sys - ok
10:40:33.0593 0564  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
10:40:33.0593 0564  C:\WINDOWS\system32\drivers\netbt.sys - ok
10:40:33.0593 0564  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
10:40:33.0593 0564  C:\WINDOWS\system32\drivers\ipnat.sys - ok
10:40:33.0609 0564  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
10:40:33.0609 0564  C:\WINDOWS\system32\drivers\wanarp.sys - ok
10:40:33.0625 0564  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
10:40:33.0625 0564  C:\WINDOWS\system32\drivers\afd.sys - ok
10:40:33.0625 0564  [ BB04BB4D7FE1A38BDC61F0A174198E69 ] C:\WINDOWS\system32\drivers\mouhid.sys
10:40:33.0625 0564  C:\WINDOWS\system32\drivers\mouhid.sys - ok
10:40:33.0640 0564  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
10:40:33.0640 0564  C:\WINDOWS\system32\drivers\netbios.sys - ok
10:40:33.0640 0564  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
10:40:33.0640 0564  C:\WINDOWS\system32\drivers\rdbss.sys - ok
10:40:33.0656 0564  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
10:40:33.0656 0564  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
10:40:33.0656 0564  [ 9B6AF9E7E172249AFC4AF5576B506233 ] C:\WINDOWS\system32\drivers\fips.sys
10:40:33.0671 0564  C:\WINDOWS\system32\drivers\fips.sys - ok
10:40:33.0671 0564  [ 51940F4846936F417C830EC940250011 ] C:\WINDOWS\system32\smss.exe
10:40:33.0671 0564  C:\WINDOWS\system32\smss.exe - ok
10:40:33.0687 0564  [ F9386153E3A63394ABB782A5A46DEAB0 ] C:\WINDOWS\system32\ntdll.dll
10:40:33.0687 0564  C:\WINDOWS\system32\ntdll.dll - ok
10:40:33.0687 0564  [ 55A4C39909A063D9B4681E2C8703CAB3 ] C:\WINDOWS\system32\autochk.exe
10:40:33.0687 0564  C:\WINDOWS\system32\autochk.exe - ok
10:40:33.0703 0564  [ 6B8B7B206FA0C50B4CF99EEE2AC14BC7 ] C:\WINDOWS\system32\sfcfiles.dll
10:40:33.0703 0564  C:\WINDOWS\system32\sfcfiles.dll - ok
10:40:33.0703 0564  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
10:40:33.0703 0564  C:\WINDOWS\system32\drivers\cdfs.sys - ok
10:40:33.0718 0564  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
10:40:33.0718 0564  C:\WINDOWS\system32\drivers\wmilib.sys - ok
10:40:33.0718 0564  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
10:40:33.0718 0564  C:\WINDOWS\system32\drivers\atapi.sys - ok
10:40:33.0734 0564  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
10:40:33.0734 0564  C:\WINDOWS\system32\drivers\dxapi.sys - ok
10:40:33.0750 0564  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
10:40:33.0750 0564  C:\WINDOWS\system32\watchdog.sys - ok
10:40:33.0750 0564  [ 8FF6B2D61FF19A2C95C0BE64FD27FB17 ] C:\WINDOWS\system32\win32k.sys
10:40:33.0750 0564  C:\WINDOWS\system32\win32k.sys - ok
10:40:33.0765 0564  [ E9E224F07CA540E57BA08B0F852204BF ] C:\WINDOWS\system32\basesrv.dll
10:40:33.0765 0564  C:\WINDOWS\system32\basesrv.dll - ok
10:40:33.0765 0564  [ F291C0F10AB4572ED383948436FBAC32 ] C:\WINDOWS\system32\csrsrv.dll
10:40:33.0765 0564  C:\WINDOWS\system32\csrsrv.dll - ok
10:40:33.0765 0564  [ F18D8DC1895DE3FFFAE84F3B0A763BA6 ] C:\WINDOWS\system32\csrss.exe
10:40:33.0765 0564  C:\WINDOWS\system32\csrss.exe - ok
10:40:33.0781 0564  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
10:40:33.0781 0564  C:\WINDOWS\system32\winsrv.dll - ok
10:40:33.0796 0564  [ 312F1BB1D1F3A9FFF9DD9AA3BD610A18 ] C:\WINDOWS\system32\gdi32.dll
10:40:33.0796 0564  C:\WINDOWS\system32\gdi32.dll - ok
10:40:33.0796 0564  [ 5F3BAC70388FB63977FAA9AE6BF3D2E7 ] C:\WINDOWS\system32\kernel32.dll
10:40:33.0796 0564  C:\WINDOWS\system32\kernel32.dll - ok
10:40:33.0812 0564  [ F95655E872967AE2CD4C19D8914BABB7 ] C:\WINDOWS\system32\user32.dll
10:40:33.0812 0564  C:\WINDOWS\system32\user32.dll - ok
10:40:33.0812 0564  [ 1E3AFE918888D6A61440F95FC24C067D ] C:\WINDOWS\system32\lpk.dll
10:40:33.0812 0564  C:\WINDOWS\system32\lpk.dll - ok
10:40:33.0828 0564  [ C706E8892942989071FF425A930E229B ] C:\WINDOWS\system32\usp10.dll
10:40:33.0828 0564  C:\WINDOWS\system32\usp10.dll - ok
10:40:33.0828 0564  [ 68F9C48199AED6BBA3C557790E50AE13 ] C:\WINDOWS\system32\advapi32.dll
10:40:33.0828 0564  C:\WINDOWS\system32\advapi32.dll - ok
10:40:33.0843 0564  [ 74FCDB04E512862B36EE0FF72E6C9831 ] C:\WINDOWS\system32\rpcrt4.dll
10:40:33.0843 0564  C:\WINDOWS\system32\rpcrt4.dll - ok
10:40:33.0843 0564  [ 5276F901CBA7434B1FC32BAA352A50BA ] C:\WINDOWS\system32\secur32.dll
10:40:33.0843 0564  C:\WINDOWS\system32\secur32.dll - ok
10:40:33.0859 0564  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
10:40:33.0859 0564  C:\WINDOWS\system32\drivers\dxg.sys - ok
10:40:33.0875 0564  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
10:40:33.0875 0564  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
10:40:33.0875 0564  [ 542810C1CA3D19AD07440D2970D4C5EE ] C:\WINDOWS\system32\ialmdnt5.dll
10:40:33.0875 0564  C:\WINDOWS\system32\ialmdnt5.dll - ok
10:40:33.0890 0564  [ 33A1A0567ECE151CA55F8C44D1A8FEA7 ] C:\WINDOWS\system32\ialmrnt5.dll
10:40:33.0890 0564  C:\WINDOWS\system32\ialmrnt5.dll - ok
10:40:33.0890 0564  [ CFDB88E24F5B1ACCFED780F744FB77C5 ] C:\WINDOWS\system32\vga.dll
10:40:33.0890 0564  C:\WINDOWS\system32\vga.dll - ok
10:40:33.0906 0564  [ 588CCD82467DFBEFF54308292127E2F5 ] C:\WINDOWS\system32\ialmdev5.dll
10:40:33.0906 0564  C:\WINDOWS\system32\ialmdev5.dll - ok
10:40:33.0921 0564  [ 9B9A9D9AF199ACAD2379991BF40EA2EC ] C:\WINDOWS\system32\ialmdd5.dll
10:40:33.0921 0564  C:\WINDOWS\system32\ialmdd5.dll - ok
10:40:33.0921 0564  [ BCEDF9DCCBC807108CE34C9834074C34 ] C:\WINDOWS\system32\winlogon.exe
10:40:33.0921 0564  C:\WINDOWS\system32\winlogon.exe - ok
10:40:33.0937 0564  [ F10F2D036A5ACA2B7E9F36A5E886A9E1 ] C:\WINDOWS\system32\authz.dll
10:40:33.0937 0564  C:\WINDOWS\system32\authz.dll - ok
10:40:33.0937 0564  [ 5BFFB45FD985BDECFD16C3E37B9C0222 ] C:\WINDOWS\system32\msvcrt.dll
10:40:33.0937 0564  C:\WINDOWS\system32\msvcrt.dll - ok
10:40:33.0953 0564  [ 1089441935F1BF762118F7E3635B4506 ] C:\WINDOWS\system32\crypt32.dll
10:40:33.0953 0564  C:\WINDOWS\system32\crypt32.dll - ok
10:40:33.0953 0564  [ 503ED54006286DF13B4CCD950A533AA9 ] C:\WINDOWS\system32\msasn1.dll
10:40:33.0953 0564  C:\WINDOWS\system32\msasn1.dll - ok
10:40:33.0968 0564  [ 9FCBDDF2E3DC4E7655A5A2BBD91EC52C ] C:\WINDOWS\system32\nddeapi.dll
10:40:33.0968 0564  C:\WINDOWS\system32\nddeapi.dll - ok
10:40:33.0968 0564  [ FAA6D9880D4E9C45E6A84C95C9D89922 ] C:\WINDOWS\system32\profmap.dll
10:40:33.0984 0564  C:\WINDOWS\system32\profmap.dll - ok
10:40:33.0984 0564  [ 79903A5B957435B7043BC23FA602D72B ] C:\WINDOWS\system32\netapi32.dll
10:40:33.0984 0564  C:\WINDOWS\system32\netapi32.dll - ok
10:40:34.0000 0564  [ 128647955AAD65FC3D4DB0BDF0164862 ] C:\WINDOWS\system32\userenv.dll
10:40:34.0000 0564  C:\WINDOWS\system32\userenv.dll - ok
10:40:34.0000 0564  [ 85D4369308B0442F23A68D6CD683606B ] C:\WINDOWS\system32\psapi.dll
10:40:34.0000 0564  C:\WINDOWS\system32\psapi.dll - ok
10:40:34.0015 0564  [ B876ADED7A94DBBD503A168C049B4D68 ] C:\WINDOWS\system32\regapi.dll
10:40:34.0015 0564  C:\WINDOWS\system32\regapi.dll - ok
10:40:34.0015 0564  [ C477C84D3B16FF02623399968FB4FDA4 ] C:\WINDOWS\system32\setupapi.dll
10:40:34.0015 0564  C:\WINDOWS\system32\setupapi.dll - ok
10:40:34.0031 0564  [ 5272C559873B0643AB8F5C13497C9232 ] C:\WINDOWS\system32\version.dll
10:40:34.0031 0564  C:\WINDOWS\system32\version.dll - ok
10:40:34.0031 0564  [ 1CC2253AD432F83DDAD32C5CA67AB2B1 ] C:\WINDOWS\system32\winsta.dll
10:40:34.0031 0564  C:\WINDOWS\system32\winsta.dll - ok
10:40:34.0046 0564  [ 18FEFE7823BCD06F417565B2655ED8B5 ] C:\WINDOWS\system32\wintrust.dll
10:40:34.0046 0564  C:\WINDOWS\system32\wintrust.dll - ok
10:40:34.0046 0564  [ 63076B13E10466BC6F75EC433B1A5FC0 ] C:\WINDOWS\system32\imagehlp.dll
10:40:34.0046 0564  C:\WINDOWS\system32\imagehlp.dll - ok
10:40:34.0062 0564  [ AA70E22162B4DFE15D5FB055582D5AC3 ] C:\WINDOWS\system32\ws2help.dll
10:40:34.0062 0564  C:\WINDOWS\system32\ws2help.dll - ok
10:40:34.0062 0564  [ 8A2B77E2A2F2AD328EE3A2ED91F08EBB ] C:\WINDOWS\system32\ws2_32.dll
10:40:34.0062 0564  C:\WINDOWS\system32\ws2_32.dll - ok
10:40:34.0078 0564  [ 437820B0DB7A11FB58660CE6C40A05F6 ] C:\WINDOWS\system32\imm32.dll
10:40:34.0078 0564  C:\WINDOWS\system32\imm32.dll - ok
10:40:34.0093 0564  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
10:40:34.0093 0564  C:\WINDOWS\system32\kbdus.dll - ok
10:40:34.0093 0564  [ AA814CEE49A923E8F876F9EDF2A869EA ] C:\WINDOWS\system32\kbda1.dll
10:40:34.0093 0564  C:\WINDOWS\system32\kbda1.dll - ok
10:40:34.0109 0564  [ 41B6A95F3CB698A2BF41012597635714 ] C:\WINDOWS\system32\msgina.dll
10:40:34.0109 0564  C:\WINDOWS\system32\msgina.dll - ok
10:40:34.0109 0564  [ 4CE119126654421A38204B0D41E85284 ] C:\WINDOWS\system32\comctl32.dll
10:40:34.0109 0564  C:\WINDOWS\system32\comctl32.dll - ok
10:40:34.0125 0564  [ 90FB6443B92FB82E75BBA9549C3CACD1 ] C:\WINDOWS\system32\odbc32.dll
10:40:34.0125 0564  C:\WINDOWS\system32\odbc32.dll - ok
10:40:34.0125 0564  [ 2AECE6BFFDC90185B565CBB686D4D443 ] C:\WINDOWS\system32\comdlg32.dll
10:40:34.0125 0564  C:\WINDOWS\system32\comdlg32.dll - ok
10:40:34.0140 0564  [ 22BDB0E7EA45F6639F1C74DF46894248 ] C:\WINDOWS\system32\shell32.dll
10:40:34.0140 0564  C:\WINDOWS\system32\shell32.dll - ok
10:40:34.0140 0564  [ 3DBF019670C1A241B7986DF607934683 ] C:\WINDOWS\system32\shlwapi.dll
10:40:34.0140 0564  C:\WINDOWS\system32\shlwapi.dll - ok
10:40:34.0156 0564  [ 2ABAD25DC572EE0D5179620399C0C4D2 ] C:\WINDOWS\system32\sxs.dll
10:40:34.0156 0564  C:\WINDOWS\system32\sxs.dll - ok
10:40:34.0171 0564  [ 3ADB36C4A9D1DBCFE38C9D96B364898A ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
10:40:34.0171 0564  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
10:40:34.0171 0564  [ DECC864AB156C61FEEE6748B2D37F0E9 ] C:\WINDOWS\system32\odbcint.dll
10:40:34.0171 0564  C:\WINDOWS\system32\odbcint.dll - ok
10:40:34.0187 0564  [ 6A5E5E928FB466B95FC9CC2C313D810D ] C:\WINDOWS\system32\shsvcs.dll
10:40:34.0187 0564  C:\WINDOWS\system32\shsvcs.dll - ok
10:40:34.0203 0564  [ BFFB94B922D2FA05B3E7E3C9A5EF0A51 ] C:\WINDOWS\system32\sfc.dll
10:40:34.0203 0564  C:\WINDOWS\system32\sfc.dll - ok
10:40:34.0203 0564  [ 8C38F871CDC7DD6347E57BD36F46211C ] C:\WINDOWS\system32\ole32.dll
10:40:34.0203 0564  C:\WINDOWS\system32\ole32.dll - ok
10:40:34.0218 0564  [ D416813B170CA0AB236CF732F410D0E4 ] C:\WINDOWS\system32\sfc_os.dll
10:40:34.0218 0564  C:\WINDOWS\system32\sfc_os.dll - ok
10:40:34.0218 0564  [ 3F2ABB5DBF4FCE5606AF50A606FEDB78 ] C:\WINDOWS\system32\apphelp.dll
10:40:34.0218 0564  C:\WINDOWS\system32\apphelp.dll - ok
10:40:34.0250 0564  [ 3E3DDBB8C8ACF833D1424AEB5568BCF7 ] C:\WINDOWS\system32\lsasrv.dll
10:40:34.0250 0564  C:\WINDOWS\system32\lsasrv.dll - ok
10:40:34.0250 0564  [ 99AE1390A271B02D752178DF9E8442A3 ] C:\WINDOWS\system32\lsass.exe
10:40:34.0250 0564  C:\WINDOWS\system32\lsass.exe - ok
10:40:34.0250 0564  [ 1427365EFF6F4758DDC88388045E8400 ] C:\WINDOWS\system32\services.exe
10:40:34.0250 0564  C:\WINDOWS\system32\services.exe - ok
10:40:34.0250 0564  [ 54840C7F66C0B44DA0F77F2AF6B5D253 ] C:\WINDOWS\system32\ncobjapi.dll
10:40:34.0250 0564  C:\WINDOWS\system32\ncobjapi.dll - ok
10:40:34.0265 0564  [ ACB5DB763A608698E06AE65B0301F206 ] C:\WINDOWS\system32\msvcp60.dll
10:40:34.0265 0564  C:\WINDOWS\system32\msvcp60.dll - ok
10:40:34.0265 0564  [ 31E9FC47867A09F006DCEBB5A4E99884 ] C:\WINDOWS\system32\scesrv.dll
10:40:34.0265 0564  C:\WINDOWS\system32\scesrv.dll - ok
10:40:34.0281 0564  [ CCDFFD86AB4106B8E93BBEB9A2730015 ] C:\WINDOWS\system32\mpr.dll
10:40:34.0281 0564  C:\WINDOWS\system32\mpr.dll - ok
10:40:34.0281 0564  [ 965D0C1EEC37FCF0F1BAA8AEA6079675 ] C:\WINDOWS\system32\ntdsapi.dll
10:40:34.0281 0564  C:\WINDOWS\system32\ntdsapi.dll - ok
10:40:34.0296 0564  [ ED3810A9AFD14DB2CB5DA54888405261 ] C:\WINDOWS\system32\umpnpmgr.dll
10:40:34.0296 0564  C:\WINDOWS\system32\umpnpmgr.dll - ok
10:40:34.0296 0564  [ 5A78B3938B324005896E4B18664329A5 ] C:\WINDOWS\system32\dnsapi.dll
10:40:34.0296 0564  C:\WINDOWS\system32\dnsapi.dll - ok
10:40:34.0312 0564  [ 0CC3A0B3A162AD2BF70AC4B72773319D ] C:\WINDOWS\system32\shimeng.dll
10:40:34.0312 0564  C:\WINDOWS\system32\shimeng.dll - ok
10:40:34.0328 0564  [ 87D90558DF50817F2A05BFA5E939834A ] C:\WINDOWS\AppPatch\acadproc.dll
10:40:34.0328 0564  C:\WINDOWS\AppPatch\acadproc.dll - ok
10:40:34.0328 0564  [ B2C906E5E30B9A0E492E03EAB1919A31 ] C:\WINDOWS\system32\wldap32.dll
10:40:34.0328 0564  C:\WINDOWS\system32\wldap32.dll - ok
10:40:34.0343 0564  [ 644BAEB01B6D42F7A754407724F08B35 ] C:\WINDOWS\system32\samlib.dll
10:40:34.0343 0564  C:\WINDOWS\system32\samlib.dll - ok
10:40:34.0343 0564  [ 4DC8A1CB3FA167321E2E6F235B78E564 ] C:\WINDOWS\system32\samsrv.dll
10:40:34.0343 0564  C:\WINDOWS\system32\samsrv.dll - ok
10:40:34.0359 0564  [ CBBB4A64CF9B6CFDD39CF3DAFD9E0E2F ] C:\WINDOWS\system32\cryptdll.dll
10:40:34.0359 0564  C:\WINDOWS\system32\cryptdll.dll - ok
10:40:34.0359 0564  [ 17A5019F9BBD549E20D6F6B1B5C2F123 ] C:\WINDOWS\AppPatch\acgenral.dll
10:40:34.0359 0564  C:\WINDOWS\AppPatch\acgenral.dll - ok
10:40:34.0375 0564  [ E33B643520DFF4E659971718DAECB45C ] C:\WINDOWS\system32\winmm.dll
10:40:34.0375 0564  C:\WINDOWS\system32\winmm.dll - ok
10:40:34.0375 0564  [ D0CBB9962781F5FCE7FE4937A59FECEF ] C:\WINDOWS\system32\oleaut32.dll
10:40:34.0375 0564  C:\WINDOWS\system32\oleaut32.dll - ok
10:40:34.0390 0564  [ 22E128CD655383AEACB30504F0296C74 ] C:\WINDOWS\system32\msacm32.dll
10:40:34.0390 0564  C:\WINDOWS\system32\msacm32.dll - ok
10:40:34.0406 0564  [ EE7DC4592A72125DA11B8A023C0CADE2 ] C:\WINDOWS\system32\uxtheme.dll
10:40:34.0406 0564  C:\WINDOWS\system32\uxtheme.dll - ok
10:40:34.0406 0564  [ 4AE474345490D2F27660BD823940D946 ] C:\WINDOWS\system32\serwvdrv.dll
10:40:34.0406 0564  C:\WINDOWS\system32\serwvdrv.dll - ok
10:40:34.0421 0564  [ ADEE020A5AFAC37D4D36537F406CD038 ] C:\WINDOWS\system32\umdmxfrm.dll
10:40:34.0421 0564  C:\WINDOWS\system32\umdmxfrm.dll - ok
10:40:34.0421 0564  [ 03438079CC38BD29BD5521A3887F30AC ] C:\WINDOWS\system32\msapsspc.dll
10:40:34.0421 0564  C:\WINDOWS\system32\msapsspc.dll - ok
10:40:34.0437 0564  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
10:40:34.0437 0564  C:\WINDOWS\system32\msvcrt40.dll - ok
10:40:34.0437 0564  [ 507B04B07B7FB4F97624998779386967 ] C:\WINDOWS\system32\schannel.dll
10:40:34.0437 0564  C:\WINDOWS\system32\schannel.dll - ok
10:40:34.0453 0564  [ 0C383082AE03F411A8E462363D543F75 ] C:\WINDOWS\system32\digest.dll
10:40:34.0453 0564  C:\WINDOWS\system32\digest.dll - ok
10:40:34.0453 0564  [ 1694732EB77DB2F544BF53208413C5BB ] C:\WINDOWS\system32\msnsspc.dll
10:40:34.0453 0564  C:\WINDOWS\system32\msnsspc.dll - ok
10:40:34.0468 0564  [ B013AC0207373EBCBFE7A4A9671512FA ] C:\WINDOWS\system32\msctfime.ime
10:40:34.0468 0564  C:\WINDOWS\system32\msctfime.ime - ok
10:40:34.0484 0564  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
10:40:34.0484 0564  C:\WINDOWS\system32\msprivs.dll - ok
10:40:34.0484 0564  [ 707B8D6700A52A6FADB6171F42D54EA3 ] C:\WINDOWS\system32\kerberos.dll
10:40:34.0484 0564  C:\WINDOWS\system32\kerberos.dll - ok
10:40:34.0500 0564  [ 002DC92C14855F49F3650490F52DCCD3 ] C:\WINDOWS\system32\msv1_0.dll
10:40:34.0500 0564  C:\WINDOWS\system32\msv1_0.dll - ok
10:40:34.0500 0564  [ 39921BEF0CA7463435D9564777B7B7F4 ] C:\WINDOWS\system32\iphlpapi.dll
10:40:34.0500 0564  C:\WINDOWS\system32\iphlpapi.dll - ok
10:40:34.0515 0564  [ 108DFCB9BA32C9E6FC7343EA0924050E ] C:\WINDOWS\system32\netlogon.dll
10:40:34.0515 0564  C:\WINDOWS\system32\netlogon.dll - ok
10:40:34.0515 0564  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
10:40:34.0515 0564  C:\WINDOWS\system32\atmfd.dll - ok
10:40:34.0531 0564  [ 565E206FD5444ADC9EFD8C0325DAC882 ] C:\WINDOWS\system32\w32time.dll
10:40:34.0531 0564  C:\WINDOWS\system32\w32time.dll - ok
10:40:34.0531 0564  [ D3BEC69CE1A9C4310C18481F755352E3 ] C:\WINDOWS\system32\wdigest.dll
10:40:34.0531 0564  C:\WINDOWS\system32\wdigest.dll - ok
10:40:34.0546 0564  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
10:40:34.0546 0564  C:\WINDOWS\system32\rsaenh.dll - ok
10:40:34.0546 0564  [ DC4F1E3E02281463FC6BF4F9B53EBAAB ] C:\WINDOWS\system32\winscard.dll
10:40:34.0546 0564  C:\WINDOWS\system32\winscard.dll - ok
10:40:34.0562 0564  [ 2D0A2217F49DC555A621E1C863F475BE ] C:\WINDOWS\system32\wtsapi32.dll
10:40:34.0562 0564  C:\WINDOWS\system32\wtsapi32.dll - ok
10:40:34.0562 0564  [ 11873CCA8F378E6183F32B3746429ECA ] C:\WINDOWS\system32\scecli.dll
10:40:34.0562 0564  C:\WINDOWS\system32\scecli.dll - ok
10:40:34.0578 0564  [ 6B1139CA38DB1678487678C44874B80F ] C:\WINDOWS\system32\svchost.exe
10:40:34.0578 0564  C:\WINDOWS\system32\svchost.exe - ok
10:40:34.0593 0564  [ 1C2E67324846BB27EF59B1356E2D7022 ] C:\WINDOWS\system32\ntmarta.dll
10:40:34.0593 0564  C:\WINDOWS\system32\ntmarta.dll - ok
10:40:34.0593 0564  [ 271830BCE6D77085E72D571F60EAF85A ] C:\WINDOWS\system32\rpcss.dll
10:40:34.0593 0564  C:\WINDOWS\system32\rpcss.dll - ok
10:40:34.0609 0564  [ 190B907AA5E1FC41A0A6C94F21399718 ] C:\WINDOWS\system32\xpsp2res.dll
10:40:34.0609 0564  C:\WINDOWS\system32\xpsp2res.dll - ok
10:40:34.0609 0564  [ 5BA1E23C1163900A9BFA3E580BE67D20 ] C:\WINDOWS\system32\eventlog.dll
10:40:34.0609 0564  C:\WINDOWS\system32\eventlog.dll - ok
10:40:34.0625 0564  [ 291B944E825F8AA629A7A41716C2EC24 ] C:\WINDOWS\system32\mswsock.dll
10:40:34.0625 0564  C:\WINDOWS\system32\mswsock.dll - ok
10:40:34.0625 0564  [ AD1152394C4D25CB8E9D8640A830C6DD ] C:\WINDOWS\system32\hnetcfg.dll
10:40:34.0625 0564  C:\WINDOWS\system32\hnetcfg.dll - ok
10:40:34.0640 0564  [ A4C362C52D21EF754B2DD05A30F4A343 ] C:\WINDOWS\system32\wshtcpip.dll
10:40:34.0640 0564  C:\WINDOWS\system32\wshtcpip.dll - ok
10:40:34.0656 0564  [ 36FF3865AFAFE87CA3BD8B2725C76627 ] C:\WINDOWS\system32\winrnr.dll
10:40:34.0656 0564  C:\WINDOWS\system32\winrnr.dll - ok
10:40:34.0656 0564  [ CE4EF4B10EE1E9B74947FD0FD89BA933 ] C:\WINDOWS\system32\wshbth.dll
10:40:34.0656 0564  C:\WINDOWS\system32\wshbth.dll - ok
10:40:34.0671 0564  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
10:40:34.0671 0564  C:\Program Files\Bonjour\mdnsNSP.dll - ok
10:40:34.0671 0564  [ E47CDA6CAC0DE23B76691CEEB6339768 ] C:\WINDOWS\system32\rasadhlp.dll
10:40:34.0671 0564  C:\WINDOWS\system32\rasadhlp.dll - ok
10:40:34.0687 0564  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
10:40:34.0687 0564  C:\WINDOWS\system32\WudfSvc.dll - ok
10:40:34.0687 0564  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
10:40:34.0687 0564  C:\WINDOWS\system32\WudfPlatform.dll - ok
10:40:34.0703 0564  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
10:40:34.0703 0564  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
10:40:34.0703 0564  [ 36FCAC4FA28B462CA867742DEA59B0D0 ] C:\WINDOWS\system32\drivers\pnarp.sys
10:40:34.0703 0564  C:\WINDOWS\system32\drivers\pnarp.sys - ok
10:40:34.0718 0564  [ D8AC00388262B1A4878A7EE12F31D376 ] C:\WINDOWS\system32\drivers\purendis.sys
10:40:34.0718 0564  C:\WINDOWS\system32\drivers\purendis.sys - ok
10:40:34.0734 0564  [ 43152852C8F5CE63B1D3466184E7E644 ] C:\WINDOWS\system32\dhcpcsvc.dll
10:40:34.0734 0564  C:\WINDOWS\system32\dhcpcsvc.dll - ok
10:40:34.0734 0564  [ E0ADCB569D9FC9A3861D05C02DC22BBF ] C:\WINDOWS\system32\dnsrslvr.dll
10:40:34.0734 0564  C:\WINDOWS\system32\dnsrslvr.dll - ok
10:40:34.0750 0564  [ CC63093B849D045246706E08A3342ED0 ] C:\WINDOWS\system32\lmhsvc.dll
10:40:34.0750 0564  C:\WINDOWS\system32\lmhsvc.dll - ok
10:40:34.0750 0564  [ 88B3D466D059C7CC95B20175F656E776 ] C:\WINDOWS\system32\wzcsvc.dll
10:40:34.0750 0564  C:\WINDOWS\system32\wzcsvc.dll - ok
10:40:34.0765 0564  [ BBC7E99F439348C105C0ACD07B0AA2A1 ] C:\WINDOWS\system32\rtutils.dll
10:40:34.0765 0564  C:\WINDOWS\system32\rtutils.dll - ok
10:40:34.0765 0564  [ 0CF947705ABC1D336B0EC1590F464073 ] C:\WINDOWS\system32\eapolqec.dll
10:40:34.0765 0564  C:\WINDOWS\system32\eapolqec.dll - ok
10:40:34.0781 0564  [ 7695FE41FA655E938B0538B9EF2CC7A6 ] C:\WINDOWS\system32\wmi.dll
10:40:34.0781 0564  C:\WINDOWS\system32\wmi.dll - ok
10:40:34.0781 0564  [ 4C16F9CF69EC53C68516F2F152B09A34 ] C:\WINDOWS\system32\atl.dll
10:40:34.0781 0564  C:\WINDOWS\system32\atl.dll - ok
10:40:34.0796 0564  [ 2F96C5F55A0710DEAA9E35C26DFF77E6 ] C:\WINDOWS\system32\dot3api.dll
10:40:34.0796 0564  C:\WINDOWS\system32\dot3api.dll - ok
10:40:34.0796 0564  [ A26135BA9ED4B9221331C3A88E3F2EBC ] C:\WINDOWS\system32\qutil.dll
10:40:34.0796 0564  C:\WINDOWS\system32\qutil.dll - ok
10:40:34.0812 0564  [ 01AAA3648AC4DB73227D13565F6539F5 ] C:\WINDOWS\system32\esent.dll
10:40:34.0812 0564  C:\WINDOWS\system32\esent.dll - ok
10:40:34.0812 0564  [ 51038C9C00955D4CE93DD296263B49E4 ] C:\WINDOWS\system32\clbcatq.dll
10:40:34.0812 0564  C:\WINDOWS\system32\clbcatq.dll - ok
10:40:34.0828 0564  [ 7B4C3C0E471B3C07831513E7C8AD87F9 ] C:\WINDOWS\system32\comres.dll
10:40:34.0828 0564  C:\WINDOWS\system32\comres.dll - ok
10:40:34.0828 0564  [ E03ED363668318226DB3A3C528955CAB ] C:\WINDOWS\system32\rastls.dll
10:40:34.0828 0564  C:\WINDOWS\system32\rastls.dll - ok
10:40:34.0843 0564  [ 87854ACE9A403FFF4502F72D1E894B9B ] C:\WINDOWS\system32\cryptui.dll
10:40:34.0843 0564  C:\WINDOWS\system32\cryptui.dll - ok
10:40:34.0859 0564  [ 69E00A37500F812BB385265DE8FA1549 ] C:\WINDOWS\system32\wininet.dll
10:40:34.0859 0564  C:\WINDOWS\system32\wininet.dll - ok
10:40:34.0859 0564  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
10:40:34.0859 0564  C:\WINDOWS\system32\normaliz.dll - ok
10:40:34.0875 0564  [ 2538B091EC9607DA70EE1C5ACD3743BA ] C:\WINDOWS\system32\urlmon.dll
10:40:34.0875 0564  C:\WINDOWS\system32\urlmon.dll - ok
10:40:34.0875 0564  [ 897D9F1381C50966BA0E8C8A6C9A5B7B ] C:\WINDOWS\system32\iertutil.dll
10:40:34.0875 0564  C:\WINDOWS\system32\iertutil.dll - ok
10:40:34.0890 0564  [ 98BAD4813332BD7B1A921CF024FD1D97 ] C:\WINDOWS\system32\mprapi.dll
10:40:34.0890 0564  C:\WINDOWS\system32\mprapi.dll - ok
10:40:34.0890 0564  [ C994CAD70FF2C9ED7313DC9EC6740D53 ] C:\WINDOWS\system32\activeds.dll
10:40:34.0890 0564  C:\WINDOWS\system32\activeds.dll - ok
10:40:34.0906 0564  [ 3745A06C35A3A110E221B05AEA34CFF7 ] C:\WINDOWS\system32\adsldpc.dll
10:40:34.0906 0564  C:\WINDOWS\system32\adsldpc.dll - ok
10:40:34.0906 0564  [ 4B218516A3433D60068E56FD46F21C2E ] C:\WINDOWS\system32\rasapi32.dll
10:40:34.0906 0564  C:\WINDOWS\system32\rasapi32.dll - ok
10:40:34.0921 0564  [ 7BE7EAFD086D108B53E6471A355846C9 ] C:\WINDOWS\system32\rasman.dll
10:40:34.0921 0564  C:\WINDOWS\system32\rasman.dll - ok
10:40:34.0937 0564  [ 0DECDC6AB0F4E28F3891A44EE73EE2AF ] C:\WINDOWS\system32\tapi32.dll
10:40:34.0937 0564  C:\WINDOWS\system32\tapi32.dll - ok
10:40:34.0937 0564  [ A848613AB1489D73C5CCE8593FDB5C70 ] C:\WINDOWS\system32\riched20.dll
10:40:34.0937 0564  C:\WINDOWS\system32\riched20.dll - ok
10:40:34.0953 0564  [ B7046BD5F31DBE6A2AEE12116234FDB2 ] C:\WINDOWS\system32\logonui.exe
10:40:34.0953 0564  C:\WINDOWS\system32\logonui.exe - ok
10:40:34.0953 0564  [ A520DE26AE44B7A6AF2CA1247721547E ] C:\WINDOWS\system32\raschap.dll
10:40:34.0968 0564  C:\WINDOWS\system32\raschap.dll - ok
10:40:34.0968 0564  [ 5D5088EC9F5E59205EA713F7DDA4F93A ] C:\WINDOWS\system32\cscdll.dll
10:40:34.0968 0564  C:\WINDOWS\system32\cscdll.dll - ok
10:40:34.0984 0564  [ 8F97E67ECB9F450F3E0FF626641DA365 ] C:\WINDOWS\system32\schedsvc.dll
10:40:34.0984 0564  C:\WINDOWS\system32\schedsvc.dll - ok
10:40:34.0984 0564  [ 559BD4A2E088235F11C585A7171F50A2 ] C:\WINDOWS\system32\dimsntfy.dll
10:40:34.0984 0564  C:\WINDOWS\system32\dimsntfy.dll - ok
10:40:35.0000 0564  [ A1D9029B903E75354EF3BD230F50909B ] C:\WINDOWS\system32\wlnotify.dll
10:40:35.0000 0564  C:\WINDOWS\system32\wlnotify.dll - ok
10:40:35.0000 0564  [ 3944F838A74C96C8D28E4EC765CF56FC ] C:\WINDOWS\system32\duser.dll
10:40:35.0000 0564  C:\WINDOWS\system32\duser.dll - ok
10:40:35.0015 0564  [ E0A5E3B5FCF2467E1D662DD19EEC4C12 ] C:\WINDOWS\system32\msidle.dll
10:40:35.0015 0564  C:\WINDOWS\system32\msidle.dll - ok
10:40:35.0015 0564  [ 99982EA998DC375D8133B4FCD13C7B1B ] C:\WINDOWS\system32\winspool.drv
10:40:35.0015 0564  C:\WINDOWS\system32\winspool.drv - ok
10:40:35.0031 0564  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
10:40:35.0031 0564  C:\WINDOWS\system32\spoolsv.exe - ok
10:40:35.0031 0564  [ 2E1D9DC86EDD12BDFC90E6D24AD821D1 ] C:\WINDOWS\system32\rundll32.exe
10:40:35.0031 0564  C:\WINDOWS\system32\rundll32.exe - ok
10:40:35.0046 0564  [ B6BD7855495F21224D2929FE43D22828 ] C:\WINDOWS\system32\WMADMOE0.dll
10:40:35.0046 0564  C:\WINDOWS\system32\WMADMOE0.dll - ok
10:40:35.0046 0564  [ 62F1AA8277ED78ED3DFB5D9F58B6B31C ] C:\WINDOWS\system32\audiosrv.dll
10:40:35.0046 0564  C:\WINDOWS\system32\audiosrv.dll - ok
10:40:35.0062 0564  [ 9E79D743CBCF217F9A6BE5DFA3AB4252 ] C:\WINDOWS\system32\wkssvc.dll
10:40:35.0062 0564  C:\WINDOWS\system32\wkssvc.dll - ok
10:40:35.0078 0564  [ B00E6DFFCAFB3A6014C82F6DB8CF3002 ] C:\WINDOWS\system32\msimg32.dll
10:40:35.0078 0564  C:\WINDOWS\system32\msimg32.dll - ok
10:40:35.0078 0564  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
10:40:35.0078 0564  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
10:40:35.0093 0564  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
10:40:35.0093 0564  C:\WINDOWS\system32\oleacc.dll - ok
10:40:35.0093 0564  [ 9B4E98433632E31CF7C562ACC3DF080D ] C:\WINDOWS\system32\shgina.dll
10:40:35.0093 0564  C:\WINDOWS\system32\shgina.dll - ok
10:40:35.0109 0564  [ 18D3FAE7E2B76E213DA806C13AB2D87C ] C:\WINDOWS\system32\webclnt.dll
10:40:35.0109 0564  C:\WINDOWS\system32\webclnt.dll - ok
10:40:35.0109 0564  [ B3239C7D0AB1346AFA76076EE76778D3 ] C:\WINDOWS\system32\drivers\parvdm.sys
10:40:35.0109 0564  C:\WINDOWS\system32\drivers\parvdm.sys - ok
10:40:35.0125 0564  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:40:35.0125 0564  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
10:40:35.0140 0564  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
10:40:35.0140 0564  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
10:40:35.0156 0564  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
10:40:35.0156 0564  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
10:40:35.0156 0564  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
10:40:35.0156 0564  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
10:40:35.0171 0564  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
10:40:35.0171 0564  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
10:40:35.0187 0564  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
10:40:35.0187 0564  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
10:40:35.0187 0564  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
10:40:35.0187 0564  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
10:40:35.0203 0564  [ 9753A63758E59FBBD8C04C3BB43F21B3 ] C:\WINDOWS\system32\wsock32.dll
10:40:35.0203 0564  C:\WINDOWS\system32\wsock32.dll - ok
10:40:35.0203 0564  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
10:40:35.0203 0564  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
10:40:35.0218 0564  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
10:40:35.0218 0564  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
10:40:35.0234 0564  [ 8686C4FA97821AED1CD971B7A630FD71 ] C:\WINDOWS\system32\mlang.dll
10:40:35.0234 0564  C:\WINDOWS\system32\mlang.dll - ok
10:40:35.0234 0564  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
10:40:35.0234 0564  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
10:40:35.0250 0564  [ F948A98331A896A7DCC52E5E84C5F797 ] C:\WINDOWS\system32\xmlprovi.dll
10:40:35.0250 0564  C:\WINDOWS\system32\xmlprovi.dll - ok
10:40:35.0250 0564  [ 5C9AE536D5AE2BFE48022CC1968B4B9C ] C:\WINDOWS\system32\wzcsapi.dll
10:40:35.0250 0564  C:\WINDOWS\system32\wzcsapi.dll - ok
10:40:35.0265 0564  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
10:40:35.0265 0564  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
10:40:35.0265 0564  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
10:40:35.0265 0564  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
10:40:35.0281 0564  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
10:40:35.0281 0564  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
10:40:35.0296 0564  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
10:40:35.0296 0564  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
10:40:35.0296 0564  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
10:40:35.0296 0564  C:\WINDOWS\system32\dnssd.dll - ok
10:40:35.0312 0564  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
10:40:35.0312 0564  C:\Program Files\Bonjour\mDNSResponder.exe - ok
10:40:35.0312 0564  [ B2B94DB65227B0FE579E8DB3C9595E27 ] C:\WINDOWS\system32\qmgr.dll
10:40:35.0312 0564  C:\WINDOWS\system32\qmgr.dll - ok
10:40:35.0328 0564  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
10:40:35.0328 0564  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
10:40:35.0328 0564  [ DC4CD0AAD9A26C4FB63D75FB54FDFDA7 ] C:\WINDOWS\system32\powrprof.dll
10:40:35.0328 0564  C:\WINDOWS\system32\powrprof.dll - ok
10:40:35.0343 0564  [ F2C4C3A9FED5E46CE0F804EDB6C6E7BB ] C:\WINDOWS\system32\shfolder.dll
10:40:35.0343 0564  C:\WINDOWS\system32\shfolder.dll - ok
10:40:35.0359 0564  [ 3029B7463BC2DB3E9087B5562286B277 ] C:\WINDOWS\system32\winhttp.dll
10:40:35.0359 0564  C:\WINDOWS\system32\winhttp.dll - ok
10:40:35.0359 0564  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:40:35.0359 0564  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:40:35.0375 0564  [ 020CADC9A5352A7AB5E1C8AD7AB6EE13 ] C:\WINDOWS\system32\bthserv.dll
10:40:35.0375 0564  C:\WINDOWS\system32\bthserv.dll - ok
10:40:35.0375 0564  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
10:40:35.0375 0564  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
10:40:35.0390 0564  [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
10:40:35.0390 0564  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
10:40:35.0406 0564  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
10:40:35.0406 0564  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
10:40:35.0406 0564  [ 06A4ECA228EA636F4A1F6CE7542B6923 ] C:\WINDOWS\system32\netman.dll
10:40:35.0406 0564  C:\WINDOWS\system32\netman.dll - ok
10:40:35.0421 0564  [ 5F6C10BD4E418CD527CCA540F02D51A4 ] C:\WINDOWS\system32\netshell.dll
10:40:35.0421 0564  C:\WINDOWS\system32\netshell.dll - ok
10:40:35.0421 0564  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
10:40:35.0421 0564  C:\WINDOWS\system32\mscoree.dll - ok
10:40:35.0437 0564  [ E77D047EA564BC25305B0B6F0D9B331C ] C:\WINDOWS\system32\credui.dll
10:40:35.0437 0564  C:\WINDOWS\system32\credui.dll - ok
10:40:35.0437 0564  [ 3D477E7D2E69C148F5287528720B2565 ] C:\WINDOWS\system32\dot3dlg.dll
10:40:35.0437 0564  C:\WINDOWS\system32\dot3dlg.dll - ok
10:40:35.0453 0564  [ 211CC80EF6258182687BF88FF18D5F70 ] C:\WINDOWS\system32\onex.dll
10:40:35.0453 0564  C:\WINDOWS\system32\onex.dll - ok
10:40:35.0453 0564  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:40:35.0453 0564  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:40:35.0468 0564  [ A82F6371E4F095B77945CFAAB933C641 ] C:\WINDOWS\system32\eappcfg.dll
10:40:35.0468 0564  C:\WINDOWS\system32\eappcfg.dll - ok
10:40:35.0484 0564  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
10:40:35.0484 0564  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
10:40:35.0484 0564  [ 83F04D5C2A10845BCA3CDDA9864F450D ] C:\WINDOWS\system32\eappprxy.dll
10:40:35.0484 0564  C:\WINDOWS\system32\eappprxy.dll - ok
10:40:35.0500 0564  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
10:40:35.0500 0564  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
10:40:35.0500 0564  [ DE99DF7D8DD1E84F053CB27106DBE301 ] C:\WINDOWS\system32\cryptsvc.dll
10:40:35.0500 0564  C:\WINDOWS\system32\cryptsvc.dll - ok
10:40:35.0515 0564  [ 398FC4779E659949A2D3A6913279C0CD ] C:\WINDOWS\system32\certcli.dll
10:40:35.0515 0564  C:\WINDOWS\system32\certcli.dll - ok
10:40:35.0515 0564  [ 085452A002B8B5A950F2F4AE956A0E2A ] C:\WINDOWS\system32\ersvc.dll
10:40:35.0515 0564  C:\WINDOWS\system32\ersvc.dll - ok
10:40:35.0531 0564  [ 584A7EDA1F7DC89E22BB046878A5E350 ] C:\WINDOWS\system32\es.dll
10:40:35.0531 0564  C:\WINDOWS\system32\es.dll - ok
10:40:35.0531 0564  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
10:40:35.0531 0564  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
10:40:35.0546 0564  [ 9E6E5A60F318078E933BDA5CC0EC5574 ] C:\WINDOWS\system32\msi.dll
10:40:35.0546 0564  C:\WINDOWS\system32\msi.dll - ok
10:40:35.0546 0564  [ 8AF2CF2942F7351BA55FAABD02EB5EBF ] C:\WINDOWS\system32\dbghelp.dll
10:40:35.0546 0564  C:\WINDOWS\system32\dbghelp.dll - ok
10:40:35.0562 0564  [ B591E761161D1EF547D76EF236EAA6A5 ] C:\Program Files\Java\jre7\bin\jqs.exe
10:40:35.0562 0564  C:\Program Files\Java\jre7\bin\jqs.exe - ok
10:40:35.0578 0564  [ 7BADB9F996095DF9BF9199D976850A43 ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
10:40:35.0578 0564  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
10:40:35.0578 0564  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
10:40:35.0578 0564  C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
10:40:35.0593 0564  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
10:40:35.0593 0564  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
10:40:35.0593 0564  [ 6AB069E45E2F2D6B20B06733B16E5C81 ] C:\WINDOWS\system32\pdh.dll
10:40:35.0593 0564  C:\WINDOWS\system32\pdh.dll - ok
10:40:35.0609 0564  [ 9F9F0443ED0CA5A065006B86BD73C8E8 ] C:\WINDOWS\system32\odbcbcp.dll
10:40:35.0609 0564  C:\WINDOWS\system32\odbcbcp.dll - ok
10:40:35.0625 0564  [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
10:40:35.0625 0564  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
10:40:35.0625 0564  [ 23144A1C86483871370BEAD46CB37E68 ] C:\WINDOWS\system32\srvsvc.dll
10:40:35.0625 0564  C:\WINDOWS\system32\srvsvc.dll - ok
10:40:35.0640 0564  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
10:40:35.0640 0564  C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
10:40:35.0640 0564  [ 5B51A216A430A4E6FA25B88BD5F1AB35 ] C:\WINDOWS\system32\netmsg.dll
10:40:35.0640 0564  C:\WINDOWS\system32\netmsg.dll - ok
10:40:35.0656 0564  [ 643362BEA2D97B4DF45893B4E5FB1E86 ] C:\WINDOWS\system32\perfos.dll
10:40:35.0656 0564  C:\WINDOWS\system32\perfos.dll - ok
10:40:35.0656 0564  [ 007B6D58BF6D755B2448390ECC1F4FA8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1025\mdmui.dll
10:40:35.0656 0564  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1025\mdmui.dll - ok
10:40:35.0671 0564  [ B8771100425F6D20A01DE4577BD76A88 ] C:\WINDOWS\system32\ipsecsvc.dll
10:40:35.0671 0564  C:\WINDOWS\system32\ipsecsvc.dll - ok
10:40:35.0687 0564  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
10:40:35.0687 0564  C:\WINDOWS\system32\drivers\srv.sys - ok
10:40:35.0687 0564  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
10:40:35.0687 0564  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
10:40:35.0703 0564  [ 8F299FF1B11535FDFB1E6AD3ED711D55 ] C:\WINDOWS\system32\oakley.dll
10:40:35.0703 0564  C:\WINDOWS\system32\oakley.dll - ok
10:40:35.0703 0564  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
10:40:35.0703 0564  C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
10:40:35.0718 0564  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
10:40:35.0718 0564  C:\WINDOWS\system32\msvcr100.dll - ok
10:40:35.0718 0564  [ CADC635E8699070F53B9A240A953FA91 ] C:\WINDOWS\system32\perfdisk.dll
10:40:35.0718 0564  C:\WINDOWS\system32\perfdisk.dll - ok
10:40:35.0734 0564  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
10:40:35.0734 0564  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
10:40:35.0750 0564  [ 06B820819335FE0F4D767D5FBA7338E0 ] C:\WINDOWS\system32\winipsec.dll
10:40:35.0750 0564  C:\WINDOWS\system32\winipsec.dll - ok
10:40:35.0750 0564  [ 71B5A4EB244D6677808CA42EC9E9298A ] C:\WINDOWS\system32\pstorsvc.dll
10:40:35.0750 0564  C:\WINDOWS\system32\pstorsvc.dll - ok
10:40:35.0765 0564  [ 64E9F81FA4BE8AE7F5684E0E0658F7DF ] C:\WINDOWS\system32\psbase.dll
10:40:35.0765 0564  C:\WINDOWS\system32\psbase.dll - ok
10:40:35.0765 0564  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
10:40:35.0765 0564  C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
10:40:35.0781 0564  [ 2C64AD00BE1F745535BCAA9E0B90ED55 ] C:\WINDOWS\system32\spoolss.dll
10:40:35.0781 0564  C:\WINDOWS\system32\spoolss.dll - ok
10:40:35.0781 0564  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
10:40:35.0781 0564  C:\WINDOWS\system32\dssenh.dll - ok
10:40:35.0796 0564  [ E32817F1107E510B904F22A4924563E8 ] C:\WINDOWS\system32\localspl.dll
10:40:35.0796 0564  C:\WINDOWS\system32\localspl.dll - ok
10:40:35.0812 0564  [ CF27E66E77A1E85902A45F54D0472ED0 ] C:\WINDOWS\system32\msxml3.dll
10:40:35.0812 0564  C:\WINDOWS\system32\msxml3.dll - ok
10:40:35.0812 0564  [ 8C6CBCFB5A40D33E802103F5BFC210B3 ] C:\WINDOWS\system32\cnbjmon.dll
10:40:35.0812 0564  C:\WINDOWS\system32\cnbjmon.dll - ok
10:40:35.0828 0564  [ FCECA7F90E5EB601BE5FD8ADFF2A19C7 ] C:\WINDOWS\system32\seclogon.dll
10:40:35.0828 0564  C:\WINDOWS\system32\seclogon.dll - ok
10:40:35.0828 0564  [ 3740B83AEC21D981065D7E819BD7E878 ] C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:40:35.0828 0564  C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
10:40:35.0843 0564  [ FABB04E47EA91FA05AACF03C8BB7AF16 ] C:\WINDOWS\system32\sens.dll
10:40:35.0843 0564  C:\WINDOWS\system32\sens.dll - ok
10:40:35.0843 0564  [ 386DCE5FA19E48826BC1D0CB1A1BF4D2 ] C:\WINDOWS\system32\hpinksts6612LM.dll
10:40:35.0843 0564  C:\WINDOWS\system32\hpinksts6612LM.dll - ok
10:40:35.0859 0564  [ 269B25B393AD3F8F29464EA392458076 ] C:\WINDOWS\system32\HPDiscoPM6612.dll
10:40:35.0859 0564  C:\WINDOWS\system32\HPDiscoPM6612.dll - ok
10:40:35.0875 0564  [ 9D3C36EB44A862814DA7E937BC6EDC7C ] C:\WINDOWS\system32\wsnmp32.dll
10:40:35.0875 0564  C:\WINDOWS\system32\wsnmp32.dll - ok
10:40:35.0875 0564  [ 2030AF1F7504A82E31C892D14BE55D6F ] C:\WINDOWS\system32\hpzlnt10.dll
10:40:35.0875 0564  C:\WINDOWS\system32\hpzlnt10.dll - ok
10:40:35.0890 0564  [ 95647F820CBC025676D7B407E2BCFBE6 ] C:\WINDOWS\system32\mdimon.dll
10:40:35.0890 0564  C:\WINDOWS\system32\mdimon.dll - ok
10:40:35.0890 0564  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
10:40:35.0890 0564  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
10:40:35.0906 0564  [ 6A010C755D11D4953457936A7B4B97CC ] C:\WINDOWS\system32\fxsmon.dll
10:40:35.0906 0564  C:\WINDOWS\system32\fxsmon.dll - ok
10:40:35.0906 0564  [ E2FE766E1ED76AB3766B416B42B613E8 ] C:\WINDOWS\system32\fxsevent.dll
10:40:35.0906 0564  C:\WINDOWS\system32\fxsevent.dll - ok
10:40:35.0921 0564  [ CA5D51B6CFC1A923B545A156ADEB444D ] C:\WINDOWS\system32\mstask.dll
10:40:35.0921 0564  C:\WINDOWS\system32\mstask.dll - ok
10:40:35.0921 0564  [ 6375793BD11943503B34C2CB98A5CF39 ] C:\WINDOWS\system32\pjlmon.dll
10:40:35.0921 0564  C:\WINDOWS\system32\pjlmon.dll - ok
10:40:35.0937 0564  [ 2C6786656869093C521337D6AC813BC6 ] C:\WINDOWS\system32\Primomonnt.dll
10:40:35.0937 0564  C:\WINDOWS\system32\Primomonnt.dll - ok
10:40:35.0953 0564  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
10:40:35.0953 0564  C:\WINDOWS\system32\msonpmon.dll - ok
10:40:35.0953 0564  [ 1405C64A691263E69B10055CE293D1F3 ] C:\WINDOWS\system32\tcpmon.dll
10:40:35.0953 0564  C:\WINDOWS\system32\tcpmon.dll - ok
10:40:35.0968 0564  [ 64EA7BFCD3C90B7A42EDC9BA77576FD5 ] C:\WINDOWS\system32\usbmon.dll
10:40:35.0968 0564  C:\WINDOWS\system32\usbmon.dll - ok
10:40:35.0968 0564  [ 4424AE65F7AF8181AC99FE46BC2700C9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
10:40:35.0968 0564  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
10:40:35.0984 0564  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
10:40:35.0984 0564  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
10:40:36.0000 0564  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
10:40:36.0000 0564  C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
10:40:36.0000 0564  [ E8E232A5A4CC0B050C00D67F6785B33C ] C:\WINDOWS\system32\win32spl.dll
10:40:36.0000 0564  C:\WINDOWS\system32\win32spl.dll - ok
10:40:36.0015 0564  [ C8EF89381957EEA579C31C9A7AD96705 ] C:\WINDOWS\system32\netrap.dll
10:40:36.0015 0564  C:\WINDOWS\system32\netrap.dll - ok
10:40:36.0015 0564  [ 4AC6DC75CEEE6D246A89F2462B1C20E5 ] C:\WINDOWS\system32\inetpp.dll
10:40:36.0015 0564  C:\WINDOWS\system32\inetpp.dll - ok
10:40:36.0031 0564  [ 61160A7ED02FCE3AFF5A98C376EB3A24 ] C:\WINDOWS\system32\qmgrprxy.dll
10:40:36.0031 0564  C:\WINDOWS\system32\qmgrprxy.dll - ok
10:40:36.0031 0564  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
10:40:36.0031 0564  C:\Program Files\Skype\Updater\Updater.exe - ok
10:40:36.0046 0564  [ 0C486E769D9F0BD558EDF1028D5B3A97 ] C:\WINDOWS\system32\srsvc.dll
10:40:36.0046 0564  C:\WINDOWS\system32\srsvc.dll - ok
10:40:36.0046 0564  [ 809BEDF8A22571AA4FB4441C3DD8A9DE ] C:\WINDOWS\system32\mpnotify.exe
10:40:36.0046 0564  C:\WINDOWS\system32\mpnotify.exe - ok
10:40:36.0062 0564  [ 1171249B20075E2A5FF1EE09B96E505E ] C:\WINDOWS\system32\tapisrv.dll
10:40:36.0062 0564  C:\WINDOWS\system32\tapisrv.dll - ok
10:40:36.0078 0564  [ 2CD5C528EB34C1DB277A49B31BDAC41F ] C:\WINDOWS\system32\wiaservc.dll
10:40:36.0078 0564  C:\WINDOWS\system32\wiaservc.dll - ok
10:40:36.0078 0564  [ 19A7077983BD43F59D4A403CD002A8F6 ] C:\WINDOWS\system32\cfgmgr32.dll
10:40:36.0078 0564  C:\WINDOWS\system32\cfgmgr32.dll - ok
10:40:36.0093 0564  [ A9D6AC4FF6803B700579EC00A2D96422 ] C:\WINDOWS\system32\mscms.dll
10:40:36.0093 0564  C:\WINDOWS\system32\mscms.dll - ok
10:40:36.0093 0564  [ 011B5FC678EC357E8653C8C6EE4F3D10 ] C:\WINDOWS\system32\fxssvc.exe
10:40:36.0093 0564  C:\WINDOWS\system32\fxssvc.exe - ok
10:40:36.0109 0564  [ A4B93780AF1876BB0195B1BC3688C5CB ] C:\WINDOWS\system32\trkwks.dll
10:40:36.0109 0564  C:\WINDOWS\system32\trkwks.dll - ok
10:40:36.0109 0564  [ 347F3474960367180E1855BAADF6ECF4 ] C:\WINDOWS\system32\wbem\wmisvc.dll
10:40:36.0109 0564  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
10:40:36.0125 0564  [ 627945209B2596C9FFC690B4BD05A471 ] C:\WINDOWS\system32\vssapi.dll
10:40:36.0125 0564  C:\WINDOWS\system32\vssapi.dll - ok
10:40:36.0125 0564  [ 86DAF128A3FC857669FD0FD44672C971 ] C:\WINDOWS\system32\wuauserv.dll
10:40:36.0125 0564  C:\WINDOWS\system32\wuauserv.dll - ok
10:40:36.0140 0564  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
10:40:36.0140 0564  C:\WINDOWS\system32\wuaueng.dll - ok
10:40:36.0156 0564  [ 65082B7D858A1BE4EF2A633A39591054 ] C:\WINDOWS\system32\fxstiff.dll
10:40:36.0156 0564  C:\WINDOWS\system32\fxstiff.dll - ok
10:40:36.0156 0564  [ E507C9D06954560E58E868A66D1A99E7 ] C:\WINDOWS\system32\fxsapi.dll
10:40:36.0156 0564  C:\WINDOWS\system32\fxsapi.dll - ok
10:40:36.0171 0564  [ D0931DDC25FA5C472CB7DF56D9F4D04D ] C:\WINDOWS\system32\HPWia1_DJ4620.dll
10:40:36.0171 0564  C:\WINDOWS\system32\HPWia1_DJ4620.dll - ok
10:40:36.0171 0564  [ CD569FA91EC6F59D045C19D0D3850F44 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
10:40:36.0171 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe - ok
10:40:36.0187 0564  [ 4827A27AC1989A043B3CFA6629EAE4FE ] C:\WINDOWS\system32\HPScanTRDrv_DJ4620.dll
10:40:36.0187 0564  C:\WINDOWS\system32\HPScanTRDrv_DJ4620.dll - ok
10:40:36.0187 0564  [ 383B0C5059F8039D2D203E3603127CF3 ] C:\WINDOWS\system32\fxst30.dll
10:40:36.0187 0564  C:\WINDOWS\system32\fxst30.dll - ok
10:40:36.0203 0564  [ C92A9006C5A75752BC19BFDB94D69FEA ] C:\WINDOWS\system32\fxsroute.dll
10:40:36.0203 0564  C:\WINDOWS\system32\fxsroute.dll - ok
10:40:36.0218 0564  [ 7B1F5511A6D48FA7D3CD90C273AFB610 ] C:\WINDOWS\system32\cabinet.dll
10:40:36.0218 0564  C:\WINDOWS\system32\cabinet.dll - ok
10:40:36.0218 0564  [ 45935952D4AA05CA2AA305A292C97FD1 ] C:\WINDOWS\system32\mspatcha.dll
10:40:36.0218 0564  C:\WINDOWS\system32\mspatcha.dll - ok
10:40:36.0234 0564  [ F160073B9B9D95F65B6D467E88A52F00 ] C:\WINDOWS\system32\browser.dll
10:40:36.0234 0564  C:\WINDOWS\system32\browser.dll - ok
10:40:36.0234 0564  [ 640B99F3E13B64AEA873CE2DA4E06FF7 ] C:\WINDOWS\system32\cscui.dll
10:40:36.0234 0564  C:\WINDOWS\system32\cscui.dll - ok
10:40:36.0250 0564  [ E3BC92B8FC48DBE4BC71F7A65A146D65 ] C:\WINDOWS\system32\unimdm.tsp
10:40:36.0250 0564  C:\WINDOWS\system32\unimdm.tsp - ok
10:40:36.0250 0564  [ C34A3E61D0B41A08FCBBBB0884596CEF ] C:\WINDOWS\system32\uniplat.dll
10:40:36.0250 0564  C:\WINDOWS\system32\uniplat.dll - ok
10:40:36.0265 0564  [ A638009585C388E3B1843E04157EB599 ] C:\WINDOWS\system32\comsvcs.dll
10:40:36.0265 0564  C:\WINDOWS\system32\comsvcs.dll - ok
10:40:36.0265 0564  [ 1F49A5C3FDFE615AB2AEAAF11F6A756B ] C:\WINDOWS\system32\dpcdll.dll
10:40:36.0265 0564  C:\WINDOWS\system32\dpcdll.dll - ok
10:40:36.0281 0564  [ DE2660483ABC47DE86BA398EAA936BB2 ] C:\WINDOWS\system32\colbact.dll
10:40:36.0281 0564  C:\WINDOWS\system32\colbact.dll - ok
10:40:36.0281 0564  [ DE7F58A9892062E94BF3DDF040835A8C ] C:\WINDOWS\system32\mtxclu.dll
10:40:36.0281 0564  C:\WINDOWS\system32\mtxclu.dll - ok
10:40:36.0296 0564  [ FF1ACD292F95E208EE77DA849032A0BF ] C:\WINDOWS\system32\wdmaud.drv
10:40:36.0296 0564  C:\WINDOWS\system32\wdmaud.drv - ok
10:40:36.0296 0564  [ 7636F2C6F67C606B6DF84176AFC72D8C ] C:\WINDOWS\system32\clusapi.dll
10:40:36.0296 0564  C:\WINDOWS\system32\clusapi.dll - ok
10:40:36.0312 0564  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
10:40:36.0312 0564  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
10:40:36.0328 0564  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
10:40:36.0328 0564  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
10:40:36.0328 0564  [ B939B71A342C1B2DBC25B7DECE736F5F ] C:\WINDOWS\system32\resutils.dll
10:40:36.0328 0564  C:\WINDOWS\system32\resutils.dll - ok
10:40:36.0343 0564  [ 0EA399CCF61DEF3F8A60849E5457AE1D ] C:\WINDOWS\system32\actxprxy.dll
10:40:36.0343 0564  C:\WINDOWS\system32\actxprxy.dll - ok
10:40:36.0343 0564  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
10:40:36.0343 0564  C:\WINDOWS\system32\drivers\splitter.sys - ok
10:40:36.0359 0564  [ 10BF9C213C8DACA33E0ADA8FC7A26C4A ] C:\WINDOWS\system32\unimdmat.dll
10:40:36.0359 0564  C:\WINDOWS\system32\unimdmat.dll - ok
10:40:36.0359 0564  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
10:40:36.0359 0564  C:\WINDOWS\system32\drivers\aec.sys - ok
10:40:36.0375 0564  [ A09B328F34B9BBD19B52DD2FD3A9BB8A ] C:\WINDOWS\system32\modemui.dll
10:40:36.0375 0564  C:\WINDOWS\system32\modemui.dll - ok
10:40:36.0390 0564  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
10:40:36.0390 0564  C:\WINDOWS\system32\drivers\swmidi.sys - ok
10:40:36.0390 0564  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
10:40:36.0390 0564  C:\WINDOWS\system32\drivers\dmusic.sys - ok
10:40:36.0406 0564  [ C2A6642A3C96D332C41CF6954FE32A16 ] C:\WINDOWS\system32\kmddsp.tsp
10:40:36.0406 0564  C:\WINDOWS\system32\kmddsp.tsp - ok
10:40:36.0406 0564  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
10:40:36.0406 0564  C:\WINDOWS\system32\wups.dll - ok
10:40:36.0421 0564  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
10:40:36.0421 0564  C:\WINDOWS\system32\drivers\kmixer.sys - ok
10:40:36.0421 0564  [ FB37D77100C585249FEEC421338BC92E ] C:\WINDOWS\system32\ndptsp.tsp
10:40:36.0421 0564  C:\WINDOWS\system32\ndptsp.tsp - ok
10:40:36.0437 0564  [ 91789748170E81C3E4963A3858DCCED9 ] C:\WINDOWS\system32\ipconf.tsp
10:40:36.0437 0564  C:\WINDOWS\system32\ipconf.tsp - ok
10:40:36.0453 0564  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
10:40:36.0453 0564  C:\WINDOWS\system32\wups2.dll - ok
10:40:36.0453 0564  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
10:40:36.0453 0564  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
10:40:36.0468 0564  [ EB25D1ABAA9C07CFEA0D26F282ADD42E ] C:\WINDOWS\system32\h323.tsp
10:40:36.0468 0564  C:\WINDOWS\system32\h323.tsp - ok
10:40:36.0468 0564  [ FDE713C1AC34FD99C5B2F979FB2AC71E ] C:\WINDOWS\system32\msacm32.drv
10:40:36.0468 0564  C:\WINDOWS\system32\msacm32.drv - ok
10:40:36.0484 0564  [ E1B23CA348F652512D076D6283D360B3 ] C:\WINDOWS\system32\hidphone.tsp
10:40:36.0484 0564  C:\WINDOWS\system32\hidphone.tsp - ok
10:40:36.0484 0564  [ 49A876E86C85BDEF28EA58E9B35FCF6E ] C:\WINDOWS\system32\hid.dll
10:40:36.0484 0564  C:\WINDOWS\system32\hid.dll - ok
10:40:36.0500 0564  [ 1E2732AB57708FC057D625A8ECE0808A ] C:\WINDOWS\system32\midimap.dll
10:40:36.0500 0564  C:\WINDOWS\system32\midimap.dll - ok
10:40:36.0515 0564  [ F02A533F517EB38333CB12A9E8963773 ] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
10:40:36.0515 0564  C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
10:40:36.0515 0564  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
10:40:36.0515 0564  C:\WINDOWS\system32\wuauclt.exe - ok
10:40:36.0515 0564  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\goopdate.dll
10:40:36.0515 0564  C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\goopdate.dll - ok
10:40:36.0531 0564  [ BC7CB447DD690B55E9FB7D0815164215 ] C:\WINDOWS\system32\cryptnet.dll
10:40:36.0531 0564  C:\WINDOWS\system32\cryptnet.dll - ok
10:40:36.0546 0564  [ BCF6BF6AF8E1892A3623DF32D25EE690 ] C:\WINDOWS\system32\sensapi.dll
10:40:36.0546 0564  C:\WINDOWS\system32\sensapi.dll - ok
10:40:36.0546 0564  [ 75C1CA5B61414748CE9BCF3C7A52C39F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
10:40:36.0546 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll - ok
10:40:36.0562 0564  [ B2B4E4722CAAFE109BEC13773BCB75B0 ] C:\WINDOWS\system32\userinit.exe
10:40:36.0562 0564  C:\WINDOWS\system32\userinit.exe - ok
10:40:36.0562 0564  [ E08281DCDE69DD9E5EBBF9B3F0454D42 ] C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
10:40:36.0562 0564  C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe - ok
10:40:36.0578 0564  [ 9A7F1691F76E019C11481B6355125072 ] C:\Program Files\real\RealUpgrade\realupgrade.exe
10:40:36.0578 0564  C:\Program Files\real\RealUpgrade\realupgrade.exe - ok
10:40:36.0593 0564  [ CA3445DCE9EB70A2CA2504E0AF5C543F ] C:\WINDOWS\explorer.exe
10:40:36.0593 0564  C:\WINDOWS\explorer.exe - ok
10:40:36.0593 0564  [ B7D0F1FA8926F0D58B7A000E5DAB4B3E ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
10:40:36.0593 0564  C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
10:40:36.0609 0564  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
10:40:36.0609 0564  C:\WINDOWS\system32\msvcp100.dll - ok
10:40:36.0609 0564  [ 8F9D6B4AB86A39319078814ABBDD40BC ] C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll
10:40:36.0609 0564  C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll - ok
10:40:36.0625 0564  [ 47188B0092466FD476E23DEA70CC1D4F ] C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll
10:40:36.0625 0564  C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll - ok
10:40:36.0640 0564  [ 3E7F6ED9C02FDB53A0F73D4CB2DE3232 ] C:\WINDOWS\system32\browseui.dll
10:40:36.0640 0564  C:\WINDOWS\system32\browseui.dll - ok
10:40:36.0640 0564  [ DB8BF33FA3E29F66E4025493A3370516 ] C:\WINDOWS\system32\shdocvw.dll
10:40:36.0640 0564  C:\WINDOWS\system32\shdocvw.dll - ok
10:40:36.0656 0564  [ 1F174A1BF0B7718ECB8D1821AD1D3166 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll
10:40:36.0656 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll - ok
10:40:36.0656 0564  [ C4E4C037245CD2A2610EE58F46614712 ] C:\WINDOWS\system32\ipnathlp.dll
10:40:36.0656 0564  C:\WINDOWS\system32\ipnathlp.dll - ok
10:40:36.0671 0564  [ 44A777A8C3EB329D748897C3D796A549 ] C:\WINDOWS\system32\ieframe.dll
10:40:36.0671 0564  C:\WINDOWS\system32\ieframe.dll - ok
10:40:36.0671 0564  [ 54E18ADDC60A2054CF99B2E847A6D378 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll
10:40:36.0671 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll - ok
10:40:36.0687 0564  [ F65E6E98A9DC48A14F1BB50D1FB0A3EC ] C:\WINDOWS\system32\desk.cpl
10:40:36.0687 0564  C:\WINDOWS\system32\desk.cpl - ok
10:40:36.0703 0564  [ 48E55E09CFD258472F94A0E354918F75 ] C:\WINDOWS\system32\themeui.dll
10:40:36.0703 0564  C:\WINDOWS\system32\themeui.dll - ok
10:40:36.0703 0564  [ 69A949F88C37DDD5FD150D661E5989E2 ] C:\WINDOWS\system32\cmd.exe
10:40:36.0703 0564  C:\WINDOWS\system32\cmd.exe - ok
10:40:36.0718 0564  [ 6BCBED73231F5D30B92DEE591B6679E9 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
10:40:36.0718 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll - ok
10:40:36.0718 0564  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
10:40:36.0718 0564  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
10:40:36.0734 0564  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
10:40:36.0734 0564  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
10:40:36.0750 0564  [ B80933A7E3D63277A23F9882BF839DB5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
10:40:36.0750 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll - ok
10:40:36.0765 0564  [ 807D6E637C0C580E5C4B16F4CCABD080 ] C:\WINDOWS\system32\wlanapi.dll
10:40:36.0765 0564  C:\WINDOWS\system32\wlanapi.dll - ok
10:40:36.0765 0564  [ DE35EFF35C9EB0B381709CF979537E2A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll
10:40:36.0765 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll - ok
10:40:36.0781 0564  [ 332AEC27F14DB0094D658FCCFEF09D5F ] C:\WINDOWS\system32\wbem\wbemprox.dll
10:40:36.0781 0564  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
10:40:36.0781 0564  [ 0EA7ED364F997AD4A559F25D290C756D ] C:\WINDOWS\system32\wbem\wbemcomn.dll
10:40:36.0781 0564  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
10:40:36.0796 0564  [ BE1C4F771A1BEAE2DF180011264DE0D9 ] C:\WINDOWS\system32\wbem\wbemcore.dll
10:40:36.0796 0564  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
10:40:36.0796 0564  [ 4695AB95C0128EE425D936F5D4A92CE0 ] C:\WINDOWS\system32\wbem\esscli.dll
10:40:36.0796 0564  C:\WINDOWS\system32\wbem\esscli.dll - ok
10:40:36.0812 0564  [ E436F823E5D5A429BCC35C9C56A3E5C9 ] C:\WINDOWS\system32\wbem\fastprox.dll
10:40:36.0812 0564  C:\WINDOWS\system32\wbem\fastprox.dll - ok
10:40:36.0812 0564  [ 7560A5FC446B2C02E31B65CBD2A7FA7B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
10:40:36.0812 0564  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
10:40:36.0828 0564  [ 7DBC1E2449C1C063B6B68CB1FBBF6BA0 ] C:\WINDOWS\system32\wbem\wmiutils.dll
10:40:36.0828 0564  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
10:40:36.0828 0564  [ 0FC21D9EE35320232F2EA71D134B4EAC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
10:40:36.0843 0564  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
10:40:36.0843 0564  [ BD0CD9754C6FB9523EF0DC52A7D809FC ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
10:40:36.0843 0564  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
10:40:36.0859 0564  [ 94318B05AEE17E1D6E3A86C71B06EA4F ] C:\WINDOWS\system32\wbem\wbemess.dll
10:40:36.0859 0564  C:\WINDOWS\system32\wbem\wbemess.dll - ok
10:40:36.0859 0564  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
10:40:36.0859 0564  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
10:40:36.0875 0564  [ 90668DA1B44BC2FD3CFFFE5291A69E68 ] C:\WINDOWS\system32\wbem\cimwin32.dll
10:40:36.0875 0564  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
10:40:36.0875 0564  [ 09B3FB7EEB1DAC19220D6548CEBD2C72 ] C:\WINDOWS\system32\wbem\framedyn.dll
10:40:36.0875 0564  C:\WINDOWS\system32\wbem\framedyn.dll - ok
10:40:36.0890 0564  [ 147355AC4A57006EF588FB0298452B32 ] C:\WINDOWS\system32\netcfgx.dll
10:40:36.0890 0564  C:\WINDOWS\system32\netcfgx.dll - ok
10:40:36.0906 0564  [ 9F0F55A61BA52FD45E22C4377FA66CE6 ] C:\WINDOWS\system32\rasmans.dll
10:40:36.0906 0564  C:\WINDOWS\system32\rasmans.dll - ok
10:40:36.0906 0564  [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Program Files\Java\jre7\bin\awt.dll
10:40:36.0906 0564  C:\Program Files\Java\jre7\bin\awt.dll - ok
10:40:36.0921 0564  [ 966CD21542A62F9AB237D84C451CC137 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
10:40:36.0921 0564  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
10:40:36.0921 0564  [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Program Files\Java\jre7\bin\dcpr.dll
10:40:36.0921 0564  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
10:40:36.0937 0564  [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files\Java\jre7\bin\deploy.dll
10:40:36.0937 0564  C:\Program Files\Java\jre7\bin\deploy.dll - ok
10:40:36.0953 0564  [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
10:40:36.0953 0564  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
10:40:36.0953 0564  [ B98F28229D292B99FF449FF3647F31BA ] C:\Program Files\Java\jre7\bin\java.dll
10:40:36.0953 0564  C:\Program Files\Java\jre7\bin\java.dll - ok
10:40:36.0968 0564  [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Program Files\Java\jre7\bin\javaw.exe
10:40:36.0968 0564  C:\Program Files\Java\jre7\bin\javaw.exe - ok
10:40:36.0968 0564  [ 0384126B913AC2E090804C642302945E ] C:\Program Files\Java\jre7\bin\jp2native.dll
10:40:36.0968 0564  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
10:40:36.0984 0564  [ CB91CCFA95601066772A004550B55A85 ] C:\Program Files\Java\jre7\bin\jpeg.dll
10:40:36.0984 0564  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
10:40:37.0000 0564  [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Program Files\Java\jre7\bin\net.dll
10:40:37.0000 0564  C:\Program Files\Java\jre7\bin\net.dll - ok
10:40:37.0000 0564  [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Program Files\Java\jre7\bin\nio.dll
10:40:37.0000 0564  C:\Program Files\Java\jre7\bin\nio.dll - ok
10:40:37.0015 0564  [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Program Files\Java\jre7\bin\verify.dll
10:40:37.0015 0564  C:\Program Files\Java\jre7\bin\verify.dll - ok
10:40:37.0015 0564  [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Program Files\Java\jre7\bin\zip.dll
10:40:37.0015 0564  C:\Program Files\Java\jre7\bin\zip.dll - ok
10:40:37.0031 0564  [ 58E202572D3251BF2687BF841EA00CE0 ] C:\WINDOWS\system32\termsrv.dll
10:40:37.0031 0564  C:\WINDOWS\system32\termsrv.dll - ok
10:40:37.0031 0564  [ 2E90E1AE376CF8208DF68E229C1022DA ] C:\WINDOWS\system32\icaapi.dll
10:40:37.0031 0564  C:\WINDOWS\system32\icaapi.dll - ok
10:40:37.0046 0564  [ D16980EBB179012A8CDA7BD0326AAC23 ] C:\WINDOWS\system32\mstlsapi.dll
10:40:37.0046 0564  C:\WINDOWS\system32\mstlsapi.dll - ok
10:40:37.0046 0564  [ 7D5F3F8484D2D59981B104B873E431DA ] C:\WINDOWS\system32\rastapi.dll
10:40:37.0046 0564  C:\WINDOWS\system32\rastapi.dll - ok
10:40:37.0062 0564  [ 89482328ADEA23DF2B2B0D6DCE5A1A76 ] C:\WINDOWS\system32\alg.exe
10:40:37.0062 0564  C:\WINDOWS\system32\alg.exe - ok
10:40:37.0062 0564  [ ECFEF96E1A61AF331F8F3B4B2B32D726 ] C:\WINDOWS\system32\rasppp.dll
10:40:37.0062 0564  C:\WINDOWS\system32\rasppp.dll - ok
10:40:37.0078 0564  [ C621EF97B3F516E987317560019F0A33 ] C:\WINDOWS\system32\ntlsapi.dll
10:40:37.0078 0564  C:\WINDOWS\system32\ntlsapi.dll - ok
10:40:37.0078 0564  [ 7745327005EAFC90F02F0D113576157A ] C:\WINDOWS\system32\rasqec.dll
10:40:37.0078 0564  C:\WINDOWS\system32\rasqec.dll - ok
10:40:37.0093 0564  [ 39F14FB077C4BD732A042915D0ED0ADF ] C:\WINDOWS\system32\riched32.dll
10:40:37.0093 0564  C:\WINDOWS\system32\riched32.dll - ok
10:40:37.0109 0564  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
10:40:37.0109 0564  C:\WINDOWS\system32\msls31.dll - ok
10:40:37.0109 0564  [ E01A3A0B77F1C01F0C1289AC29114AEE ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll
10:40:37.0109 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll - ok
10:40:37.0125 0564  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Owner\LOCALS~1\Temp\DF756EB7-5524-430F-ADFA-E9AEB1D94B0D.exe
10:40:37.0125 0564  C:\DOCUME~1\Owner\LOCALS~1\Temp\DF756EB7-5524-430F-ADFA-E9AEB1D94B0D.exe - ok
10:40:37.0140 0564  [ 222D3B58C44C90404FB973BA23049C5E ] C:\WINDOWS\system32\msutb.dll
10:40:37.0140 0564  C:\WINDOWS\system32\msutb.dll - ok
10:40:37.0140 0564  [ D7E10332EFD1E3069849E3DCABAFFC39 ] C:\WINDOWS\system32\msctf.dll
10:40:37.0140 0564  C:\WINDOWS\system32\msctf.dll - ok
10:40:37.0156 0564  [ F3826CDBF19EC880750D77E0F06A7FA1 ] C:\WINDOWS\system32\linkinfo.dll
10:40:37.0156 0564  C:\WINDOWS\system32\linkinfo.dll - ok
10:40:37.0156 0564  [ 106E8B02AF1E4D7CF5293782B8AEE986 ] C:\WINDOWS\system32\ntshrui.dll
10:40:37.0156 0564  C:\WINDOWS\system32\ntshrui.dll - ok
10:40:37.0171 0564  [ 0E55E7748CAAF919113FC0E0E5A42251 ] C:\WINDOWS\system32\wbem\ncprov.dll
10:40:37.0171 0564  C:\WINDOWS\system32\wbem\ncprov.dll - ok
10:40:37.0171 0564  [ 1E8BFD9C1E124F066960251355EDEDE9 ] C:\WINDOWS\system32\verclsid.exe
10:40:37.0171 0564  C:\WINDOWS\system32\verclsid.exe - ok
10:40:37.0187 0564  [ FC5E6B8AD5E444468B3CC117B0CB704A ] C:\WINDOWS\system32\wbem\wbemcons.dll
10:40:37.0187 0564  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
10:40:37.0203 0564  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\96749082.sys
10:40:37.0203 0564  C:\WINDOWS\system32\drivers\96749082.sys - ok
10:40:37.0203 0564  [ 095B56D71D4C6AF017712B0E59C66166 ] C:\WINDOWS\system32\igfxtray.exe
10:40:37.0203 0564  C:\WINDOWS\system32\igfxtray.exe - ok
10:40:37.0218 0564  [ EE2AC08BE7024A781DF6F40870ED748D ] C:\WINDOWS\system32\hkcmd.exe
10:40:37.0218 0564  C:\WINDOWS\system32\hkcmd.exe - ok
10:40:37.0218 0564  [ 6DB4E2CFE0011E3CF247928AB7B42DA5 ] C:\WINDOWS\system32\PV92Tray.exe
10:40:37.0218 0564  C:\WINDOWS\system32\PV92Tray.exe - ok
10:40:37.0234 0564  [ 3F4AA8725BC5223C950690F5E8D20E47 ] C:\WINDOWS\system32\hccutils.dll
10:40:37.0234 0564  C:\WINDOWS\system32\hccutils.dll - ok
10:40:37.0234 0564  [ F5F1A8CDD473D55F9BF6FE23F715B0FA ] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
10:40:37.0234 0564  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - ok
10:40:37.0250 0564  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
10:40:37.0250 0564  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
10:40:37.0265 0564  [ FF352BA8B9DA8FA5CD06CA2B8EAD765E ] C:\WINDOWS\SOUNDMAN.EXE
10:40:37.0265 0564  C:\WINDOWS\SOUNDMAN.EXE - ok
10:40:37.0265 0564  [ 6FF1042E4F74B5D411BAB65E82B44D12 ] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
10:40:37.0265 0564  C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe - ok
10:40:37.0265 0564  [ C70B8080C67E6DC91F2EFCE5F9145C0A ] C:\WINDOWS\system32\dsound.dll
10:40:37.0281 0564  C:\WINDOWS\system32\dsound.dll - ok
10:40:37.0281 0564  [ 507A2069320F189E9FE5FEA5DE8F243F ] C:\WINDOWS\system32\mfc42.dll
10:40:37.0281 0564  C:\WINDOWS\system32\mfc42.dll - ok
10:40:37.0296 0564  [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:40:37.0296 0564  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
10:40:37.0296 0564  [ C92D20A6E35E232004D83DC10A78878A ] C:\Program Files\Microsoft Office\Office12\USP10.DLL
10:40:37.0296 0564  C:\Program Files\Microsoft Office\Office12\USP10.DLL - ok
10:40:37.0312 0564  [ 68A8CBE8C5A3B110E383CD798503F87F ] C:\WINDOWS\system32\bthprops.cpl
10:40:37.0312 0564  C:\WINDOWS\system32\bthprops.cpl - ok
10:40:37.0312 0564  [ 6E95474CB9E22BC9768EFA176C6A0A29 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
10:40:37.0312 0564  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
10:40:37.0328 0564  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:40:37.0328 0564  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:40:37.0343 0564  [ A940874B1904F1C48D09F9196F9BC178 ] C:\Program Files\HP\hpcoretech\hpvcr70.dll
10:40:37.0343 0564  C:\Program Files\HP\hpcoretech\hpvcr70.dll - ok
10:40:37.0343 0564  [ 19E0B84C6F29CD1D9EBDD479D6AA895D ] C:\WINDOWS\system32\devmgr.dll
10:40:37.0343 0564  C:\WINDOWS\system32\devmgr.dll - ok
10:40:37.0359 0564  [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files\iTunes\iTunesHelper.exe
10:40:37.0359 0564  C:\Program Files\iTunes\iTunesHelper.exe - ok
10:40:37.0359 0564  [ 25D34222258DC12249438C9E33BBBBB1 ] C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
10:40:37.0359 0564  C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe - ok
10:40:37.0375 0564  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Program Files\real\realplayer\Update\realsched.exe
10:40:37.0375 0564  C:\Program Files\real\realplayer\Update\realsched.exe - ok
10:40:37.0375 0564  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
10:40:37.0375 0564  C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:40:37.0390 0564  [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files\iTunes\iTunesHelper.dll
10:40:37.0390 0564  C:\Program Files\iTunes\iTunesHelper.dll - ok
10:40:37.0406 0564  [ F6F76CEC392E35D5C28409013E1BE7A8 ] C:\WINDOWS\system32\igfxdev.dll
10:40:37.0406 0564  C:\WINDOWS\system32\igfxdev.dll - ok
10:40:37.0406 0564  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
10:40:37.0406 0564  C:\WINDOWS\system32\msxml4.dll - ok
10:40:37.0421 0564  [ D9FA72038B0DBCC1CB154394C1A379D0 ] C:\WINDOWS\system32\mfc42u.dll
10:40:37.0421 0564  C:\WINDOWS\system32\mfc42u.dll - ok
10:40:37.0421 0564  [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
10:40:37.0421 0564  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
10:40:37.0437 0564  [ 252F972131EB23596C20B82CA190DC5C ] C:\WINDOWS\system32\ctfmon.exe
10:40:37.0437 0564  C:\WINDOWS\system32\ctfmon.exe - ok
10:40:37.0437 0564  [ 11A669F45E55F6118D274C35BD195153 ] C:\WINDOWS\system32\mfc42loc.dll
10:40:37.0437 0564  C:\WINDOWS\system32\mfc42loc.dll - ok
10:40:37.0453 0564  [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
10:40:37.0453 0564  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
10:40:37.0468 0564  [ 9CA73F6442BF4936E9DA38C9DF613DF6 ] C:\Program Files\Linksys\Linksys Wireless Manager\lcid\1033\nmasrsrc.dll
10:40:37.0468 0564  C:\Program Files\Linksys\Linksys Wireless Manager\lcid\1033\nmasrsrc.dll - ok
10:40:37.0468 0564  [ 34E478788F9231FA854FC299873E3068 ] C:\WINDOWS\system32\ddraw.dll
10:40:37.0468 0564  C:\WINDOWS\system32\ddraw.dll - ok
10:40:37.0484 0564  [ 5B6CAC3413D122AC7C35165602E02416 ] C:\WINDOWS\system32\imapi.exe
10:40:37.0484 0564  C:\WINDOWS\system32\imapi.exe - ok
10:40:37.0484 0564  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
10:40:37.0484 0564  C:\WINDOWS\system32\webcheck.dll - ok
10:40:37.0500 0564  [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
10:40:37.0500 0564  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
10:40:37.0515 0564  [ 748169AF7B6E49443D841E31C1F74793 ] C:\WINDOWS\ime\sptip.dll
10:40:37.0515 0564  C:\WINDOWS\ime\sptip.dll - ok
10:40:37.0515 0564  [ EE5B38DD8B8EBBE8868B9EF00B815585 ] C:\Program Files\real\realplayer\Update\setu3270.dll
10:40:37.0515 0564  C:\Program Files\real\realplayer\Update\setu3270.dll - ok
10:40:37.0531 0564  [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
10:40:37.0531 0564  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
10:40:37.0531 0564  [ 17029D1561E0516CD505215504066845 ] C:\WINDOWS\system32\dciman32.dll
10:40:37.0531 0564  C:\WINDOWS\system32\dciman32.dll - ok
10:40:37.0546 0564  [ 6474AF152CD6025F781D7A5F2B8B6084 ] C:\WINDOWS\system32\igfxsrvc.dll
10:40:37.0546 0564  C:\WINDOWS\system32\igfxsrvc.dll - ok
10:40:37.0546 0564  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
10:40:37.0546 0564  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
10:40:37.0562 0564  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
10:40:37.0562 0564  C:\WINDOWS\system32\advpack.dll - ok
10:40:37.0578 0564  [ 1BD976DD77B31FE0F25708AD5C1351AE ] C:\Program Files\Linksys\Linksys Wireless Manager\x86\difxapi.dll
10:40:37.0578 0564  C:\Program Files\Linksys\Linksys Wireless Manager\x86\difxapi.dll - ok
10:40:37.0578 0564  [ C44BA99AFB3EF1BD329362C5DABD9D2E ] C:\WINDOWS\system32\igfxres.dll
10:40:37.0578 0564  C:\WINDOWS\system32\igfxres.dll - ok
10:40:37.0593 0564  [ 01243FA89FBEC041E873DE8386138440 ] C:\Program Files\real\realplayer\realplay.exe
10:40:37.0593 0564  C:\Program Files\real\realplayer\realplay.exe - ok
10:40:37.0593 0564  [ B959116DD8D52652000E95A9AA925FF2 ] C:\WINDOWS\system32\stobject.dll
10:40:37.0593 0564  C:\WINDOWS\system32\stobject.dll - ok
10:40:37.0609 0564  [ 130203D3313A0323DC333B941C3AA87A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll
10:40:37.0609 0564  C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll - ok
10:40:37.0625 0564  [ A86DEF0D39A03B36F61F2A8763711ED5 ] C:\WINDOWS\system32\batmeter.dll
10:40:37.0625 0564  C:\WINDOWS\system32\batmeter.dll - ok
10:40:37.0625 0564  [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
10:40:37.0625 0564  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
10:40:37.0640 0564  [ 5AAEF1814A9BB4EE428A7AB138306DF5 ] C:\WINDOWS\system32\security.dll
10:40:37.0640 0564  C:\WINDOWS\system32\security.dll - ok
10:40:37.0640 0564  [ 3C0CD32627DFAC63A513ED8AF1252E69 ] C:\WINDOWS\system32\igfxress.dll
10:40:37.0640 0564  C:\WINDOWS\system32\igfxress.dll - ok
10:40:37.0656 0564  [ C69659544CACB851AC0790F4A05FB9FA ] C:\WINDOWS\system32\upnpui.dll
10:40:37.0656 0564  C:\WINDOWS\system32\upnpui.dll - ok
10:40:37.0656 0564  [ DABB8CBCCE3F2E8333BE33BF98380726 ] C:\WINDOWS\system32\mydocs.dll
10:40:37.0656 0564  C:\WINDOWS\system32\mydocs.dll - ok
10:40:37.0671 0564  [ 4419A6AB33A0A715A3C7A3A0FF53CCC8 ] C:\WINDOWS\system32\upnp.dll
10:40:37.0671 0564  C:\WINDOWS\system32\upnp.dll - ok
10:40:37.0671 0564  [ E73C57C8EA8447C148BB65962F0B7346 ] C:\WINDOWS\system32\ssdpapi.dll
10:40:37.0671 0564  C:\WINDOWS\system32\ssdpapi.dll - ok
10:40:37.0687 0564  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
10:40:37.0687 0564  C:\WINDOWS\system32\drivers\http.sys - ok
10:40:37.0703 0564  [ 69327BEDF2B2C2BCE3C598E829FCB44A ] C:\WINDOWS\system32\igfxhk.dll
10:40:37.0703 0564  C:\WINDOWS\system32\igfxhk.dll - ok
10:40:37.0703 0564  [ E46B17060D3962A384AE484094614788 ] C:\Program Files\iPod\bin\iPodService.exe
10:40:37.0703 0564  C:\Program Files\iPod\bin\iPodService.exe - ok
10:40:37.0718 0564  [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
10:40:37.0718 0564  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
10:40:37.0718 0564  [ A7CB4B261EAC77F66ABBC3A6D67310D7 ] C:\WINDOWS\system32\ssdpsrv.dll
10:40:37.0718 0564  C:\WINDOWS\system32\ssdpsrv.dll - ok
10:40:37.0734 0564  [ 7350F92E0B8AD6C880BF7CB5B2D776EA ] C:\WINDOWS\system32\wbem\wmipcima.dll
10:40:37.0734 0564  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
10:40:37.0734 0564  [ 286AAA761254F247A09DF75A5ED4EF18 ] C:\Program Files\HP\hpcoretech\hpcmpmgr.dll
10:40:37.0734 0564  C:\Program Files\HP\hpcoretech\hpcmpmgr.dll - ok
10:40:37.0750 0564  [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
10:40:37.0750 0564  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
10:40:37.0765 0564  [ 691BAF41144EBDE972A66C5EB5210FC8 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
10:40:37.0765 0564  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
10:40:37.0765 0564  [ 665FBA44C65BAC9EE8AF9A5E37036640 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
10:40:37.0765 0564  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
10:40:37.0781 0564  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
10:40:37.0781 0564  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
10:40:37.0781 0564  [ CBFC83DF6DFD5A1FBD05A9E721E65776 ] C:\WINDOWS\system32\rasdlg.dll
10:40:37.0781 0564  C:\WINDOWS\system32\rasdlg.dll - ok
10:40:37.0796 0564  [ 020D5F7ABD814935C1BBD55D97F11DB8 ] C:\Program Files\real\realplayer\rpwa3260.dll
10:40:37.0796 0564  C:\Program Files\real\realplayer\rpwa3260.dll - ok
10:40:37.0796 0564  [ E01B1D5CF6EB31BBA419D90DDFA0FE74 ] C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
10:40:37.0796 0564  C:\Program Files\HP\hpcoretech\soln\HPOSM.exe - ok
10:40:37.0812 0564  [ 4EE955979020CB8B37B5904B4F181DA4 ] C:\WINDOWS\system32\xpsp3res.dll
10:40:37.0812 0564  C:\WINDOWS\system32\xpsp3res.dll - ok
10:40:37.0812 0564  [ CB41F8C8DE2D846CEA58CA82AC7D1687 ] C:\WINDOWS\system32\hpvaut32.dll
10:40:37.0812 0564  C:\WINDOWS\system32\hpvaut32.dll - ok
10:40:37.0828 0564  [ A940874B1904F1C48D09F9196F9BC178 ] C:\WINDOWS\system32\hpvcr70.dll
10:40:37.0828 0564  C:\WINDOWS\system32\hpvcr70.dll - ok
10:40:37.0843 0564  [ FB564FF2C5AEC5850176E59517400E41 ] C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
10:40:37.0843 0564  C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe - ok
10:40:37.0843 0564  [ 69539DC5EE4E99EA1D6757751D55374D ] C:\WINDOWS\system32\hpvcp70.dll
10:40:37.0843 0564  C:\WINDOWS\system32\hpvcp70.dll - ok
10:40:37.0859 0564  [ F36542F2EDC7BB0EE1A47157A7883EA6 ] C:\Program Files\HP\hpcoretech\comp\hpschedr.dll
10:40:37.0859 0564  C:\Program Files\HP\hpcoretech\comp\hpschedr.dll - ok
10:40:37.0859 0564  [ F6000997B69DD8C8300C774363C2A30C ] C:\WINDOWS\system32\fxsst.dll
10:40:37.0859 0564  C:\WINDOWS\system32\fxsst.dll - ok
10:40:37.0875 0564  ============================================================
10:40:37.0875 0564  Scan finished
10:40:37.0875 0564  ============================================================
10:40:37.0984 0508  Detected object count: 9
10:40:37.0984 0508  Actual detected object count: 9
10:41:07.0515 0508  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0515 0508  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0515 0508  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0515 0508  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0515 0508  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0515 0508  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0531 0508  Ptserial ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0531 0508  Ptserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0531 0508  SMBios ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0531 0508  SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0531 0508  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0531 0508  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0531 0508  Vmodem ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0531 0508  Vmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0531 0508  Vpctcom ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0531 0508  Vpctcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:07.0546 0508  Vvoice ( UnsignedFile.Multi.Generic ) - skipped by user
10:41:07.0546 0508  Vvoice ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:12.0203 1192  Deinitialize success
_______________________________________________

 

Thanks in advance

 

AJ



BC AdBot (Login to Remove)

 


#2 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 21 June 2013 - 01:50 PM

adwcleaner, OTL and FSS logs are here
 
# AdwCleaner v2.303 - Logfile created 06/20/2013 at 10:23:54
# Updated 08/06/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - ZAI
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Linkury
Folder Deleted : C:\Program Files\BrowserCompanion
Folder Deleted : C:\Program Files\Linkury
***** [Registry] *****
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Browser companion helper
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com
-\\ Google Chrome v27.0.1453.116
File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.2236] : homepage = "hxxp://www.plusnetwork.com/?sp=hp",
*************************
AdwCleaner[R1].txt - [4483 octets] - [20/06/2013 10:23:14]
AdwCleaner[S1].txt - [4396 octets] - [20/06/2013 10:23:54]
########## EOF - C:\AdwCleaner[S1].txt - [4456 octets] ##########
__________________________________________________________________________________________
 
OTL logfile created on: 20/06/2013 11:35:20 م - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000401 | Country: السعودية | Language: ARA | Date Format: dd/MM/yyyy
 
1.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 79.12% Memory free
3.31 Gb Paging File | 3.07 Gb Available in Paging File | 92.65% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 7.52 Gb Free Space | 20.18% Space Free | Partition Type: NTFS
Drive D: | 146.48 Gb Total Space | 5.22 Gb Free Space | 3.56% Space Free | Partition Type: NTFS
Drive E: | 151.60 Gb Total Space | 151.51 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
 
Computer Name: ZAI | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/06/20 23:34:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد\otl.exe
PRC - [2013/01/04 15:26:53 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/11/09 20:22:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2009/07/09 08:19:21 | 001,366,064 | R--- | M] (Cisco Systems, Inc.) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/04/14 21:29:54 | 001,031,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/01/09 13:54:06 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2003/04/18 14:45:28 | 000,128,000 | ---- | M] (PCtel Inc.) -- C:\WINDOWS\system32\PV92Tray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/01 01:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [On_Demand | Stopped] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/11/22 10:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/11/09 20:22:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys -- (RapportIaso)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\omwofevh.sys -- (omwofevh)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/06/20 21:50:18 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\TrueSight.sys -- (TrueSight)
DRV - [2010/05/05 10:57:51 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009/08/02 14:57:38 | 000,724,736 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/01/10 10:17:02 | 000,601,100 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/12/12 10:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/10/14 23:10:00 | 000,036,484 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios)
DRV - [2003/04/18 14:46:40 | 000,065,328 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2003/04/18 14:46:34 | 000,786,722 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2003/04/18 14:45:54 | 000,698,233 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2003/04/18 14:44:48 | 000,317,519 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptserial.sys -- (Ptserial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-861567501-2146946837-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/04 15:28:08 | 000,000,000 | ---D | M]
 
[2010/06/30 17:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/06/30 17:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit)  (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RocketLife Secure Plug-In Layer (Enabled) = C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Youtube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: ب\u062D\u062B Google = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: HP Smart Print = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi\2.1.0.240_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/06/20 22:17:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (HP Smart Print Helper) - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\Espresso.dll (Hewlett-Packard)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PV92TRAY] C:\WINDOWS\System32\PV92Tray.exe (PCtel Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-861567501-2146946837-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\LaunchEspresso.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print 2.0 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\LaunchEspresso.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1346614033312 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346614004328 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F748E222-21BB-4683-AD66-0E6E1A5CCD21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (الصفحة الرئيسية الحالية) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/03 16:28:03 | 000,000,619 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2010/05/03 12:06:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/20 21:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\سطح المكتب\RK_Quarantine
[2013/06/20 11:03:29 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/06/20 11:00:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/20 11:00:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/20 11:00:21 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/20 11:00:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/20 11:00:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/20 10:59:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\قائمة ابدأ\البرامج\أدوات إدارية
[2013/06/20 10:59:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/06/20 10:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/06/20 00:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
[2013/06/20 00:17:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
[2013/06/13 13:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\سطح المكتب\عقودالعمارة
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/20 23:38:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003UA.job
[2013/06/20 23:24:40 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5F3F0AD4-508E-4E6B-A883-05C848D2381B}.job
[2013/06/20 23:22:15 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/20 23:22:15 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/20 23:22:08 | 000,000,824 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/20 23:22:08 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2013/06/20 23:22:08 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/20 23:22:08 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/20 23:08:00 | 000,000,828 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/20 22:43:00 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2013/06/20 22:36:23 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System32\TrueSoft.dat
[2013/06/20 22:36:17 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\MTUM.job
[2013/06/20 22:36:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/20 22:17:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/20 21:56:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/06/20 21:50:18 | 000,015,616 | ---- | M] () -- C:\WINDOWS\System32\TrueSight.sys
[2013/06/20 20:40:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/06/20 20:15:15 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/20 19:38:00 | 000,000,870 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003Core.job
[2013/06/20 18:22:57 | 000,485,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/20 18:22:57 | 000,416,530 | ---- | M] () -- C:\WINDOWS\System32\perfh001.dat
[2013/06/20 18:22:57 | 000,081,384 | ---- | M] () -- C:\WINDOWS\System32\perfc001.dat
[2013/06/20 18:22:57 | 000,081,280 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/20 18:08:24 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/20 14:00:01 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/06/20 11:29:09 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/06/20 11:03:35 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/06/20 10:54:51 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/06/20 10:49:37 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2013/06/20 10:45:35 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/06/20 10:10:10 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/06/20 02:34:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Owner.job
[2013/06/20 01:37:06 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Owner.job
[2013/06/19 20:43:49 | 000,002,286 | ---- | M] () -- C:\Documents and Settings\Owner\سطح المكتب\Google Chrome.lnk
[2013/06/14 15:17:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/06/10 08:36:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/07 13:33:45 | 000,000,346 | ---- | M] () -- C:\Documents and Settings\Owner\سطح المكتب\HP أدوات تشخيص الطابعات من.url
[2013/06/06 23:30:01 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
[2013/05/24 18:11:15 | 000,212,992 | RHS- | M] () -- C:\WINDOWS\System32\WMADMOE0.dll
[2013/05/22 18:27:41 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\spider.sav
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/06/20 21:50:18 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\TrueSight.sys
[2013/06/20 11:29:09 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/06/20 11:03:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/06/20 11:03:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/06/20 11:00:21 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/20 11:00:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/20 11:00:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/20 11:00:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/20 11:00:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/06/20 10:54:38 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\Microsoft Security Essentials.lnk
[2013/06/12 02:29:01 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2013/06/12 02:29:00 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Owner.job
[2013/06/12 02:29:00 | 000,000,402 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Owner.job
[2013/06/07 13:33:45 | 000,000,346 | ---- | C] () -- C:\Documents and Settings\Owner\سطح المكتب\HP أدوات تشخيص الطابعات من.url
[2013/05/24 18:11:15 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\MTUM.job
[2013/05/24 18:11:13 | 000,212,992 | RHS- | C] () -- C:\WINDOWS\System32\WMADMOE0.dll
[2013/03/31 00:41:43 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/12/06 21:55:33 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/08/06 09:17:04 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2012/05/14 15:50:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/11 14:53:48 | 000,076,972 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/11/04 23:54:10 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2011/11/04 23:47:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2011/07/31 17:40:29 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2011/07/31 17:37:30 | 000,013,931 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/07/14 04:42:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011/07/14 04:03:56 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Owner\pool.bin
[2010/05/25 11:51:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2010/05/18 19:23:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2010/05/07 10:09:06 | 000,145,408 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2010/05/14 10:08:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/03/10 07:41:15 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 13:51:43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 21:29:44 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/02/25 09:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/05/19 14:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/05/19 13:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/05/19 14:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012/11/08 16:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2012/12/08 10:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2011/08/27 04:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/27 21:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/02 02:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2011/07/06 18:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mjusbsp
[2011/06/05 20:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PhotoScape
[2012/12/02 19:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PrimoPDF
[2012/05/10 15:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Research In Motion
[2012/12/08 10:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Visan
 
========== Purity Check ==========
 
 
< End of report >
________________________________________________________________________________________
 
OTL Extras logfile created on: 20/06/2013 11:35:20 م - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000401 | Country: السعودية | Language: ARA | Date Format: dd/MM/yyyy
 
1.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 79.12% Memory free
3.31 Gb Paging File | 3.07 Gb Available in Paging File | 92.65% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 7.52 Gb Free Space | 20.18% Space Free | Partition Type: NTFS
Drive D: | 146.48 Gb Total Space | 5.22 Gb Free Space | 3.56% Space Free | Partition Type: NTFS
Drive E: | 151.60 Gb Total Space | 151.51 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
 
Computer Name: ZAI | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:المساعدة عن بعد - Windows Messenger والصوت -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\HP\HP Deskjet 4620 series\Bin\FaxApplications.exe" = C:\Program Files\HP\HP Deskjet 4620 series\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Deskjet 4620 series FaxApplications -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 4620 series\Bin\DigitalWizards.exe" = C:\Program Files\HP\HP Deskjet 4620 series\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Deskjet 4620 series DigitalWizards -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 4620 series\Bin\SendAFax.exe" = C:\Program Files\HP\HP Deskjet 4620 series\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Deskjet 4620 series SendFaxAppExe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 4620 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 4620 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:إعداد جهاز HP‏ (HP Deskjet 4620 series) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:موصل الشبكة لـ HP (HP Deskjet 4620 series) -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{172A56D1-67C5-4D56-A9AA-A6B4A03573D8}" = Messages 3
"{193DD0DC-004A-4545-A301-E4A7335C8E41}" = 2400
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20A82CA6-9910-4FA3-9177-46D198633F14}" = برامج الجهاز الأساسية HP Deskjet 4620 series
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2EFE2CA6-547B-4D2D-A723-18E3EC355322}" = HP Deskjet 4620 series تعليمات
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B7-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3B245B20-5731-4ED8-B74B-FB53C48A32F2}" = HP Smart Print 2.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = دعم تطبيق Apple
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
"{4FB0FBF2-8F6B-4721-B811-29B1A376F23C}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5C1C6179-F5DF-405B-97DC-5E8B09452E81}" = خدمات عميل Microsoft Windows Rights Management مع Service Pack 2
"{5F4C495C-46D7-395B-9457-6C1804AB8140}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ara
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E67064-A144-42A6-BC85-12276B2D5D42}" = 2400_2500Help
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{786DAB23-4054-3FC1-9E1F-4ED0D18F2D7C}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ARA
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7E6369CA-0431-48E1-94DD-2EAED56BF8B5}" = دراسة تحسين المنتجات HP Deskjet 4620 series
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859102B3-D258-3946-9769-97FE9A91930D}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ARA
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8B957F8D-FBDE-4DB4-99E7-192487575050}" = 23_24_2500Tour
"{90120000-0010-0401-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Arabic) 12
"{90120000-0015-0401-0000-0000000FF1CE}" = Microsoft Office Access MUI (Arabic) 2007
"{90120000-0015-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0401-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Arabic) 2007
"{90120000-0016-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0401-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Arabic) 2007
"{90120000-0018-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0401-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Arabic) 2007
"{90120000-0019-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0401-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Arabic) 2007
"{90120000-001A-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0401-0000-0000000FF1CE}" = Microsoft Office Word MUI (Arabic) 2007
"{90120000-001B-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0401-0000-0000000FF1CE}" = Microsoft Office Proofing (Arabic) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0401-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Arabic) 2007
"{90120000-0044-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0401-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Arabic) 2007
"{90120000-006E-0401-0000-0000000FF1CE}_ENTERPRISE_{4A9F778A-44EE-4922-A976-FF4C84FC51B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0401-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Arabic) 2007
"{90120000-00A1-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0401-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
"{90120000-0114-0401-0000-0000000FF1CE}_ENTERPRISE_{EC74604A-5842-4FE1-8933-76D68C5FA677}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9709D7E4-607B-3337-B667-33C0241CCEFF}" = Microsoft .NET Framework 4 Client Profile ARA Language Pack
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AD84892-7664-479C-8F95-7A25B964B04D}" = 2400_2500trb
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A328C5CD-D500-43F0-9E83-C2F81ACD7A13}" = BlackBerry Device Software v6.0.0 for the BlackBerry 9700 smartphone
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}" = BlackBerry Desktop Software 7.1
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{EC905264-BCFE-423B-9C42-C3A106266790}" = عميل Windows Rights Management للتوافق مع الإصدارات السابقة SP2
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FairStars Audio Converter_is1" = FairStars Audio Converter 1.55
"HP Photo & Imaging" = HP Image Zone 4.2
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"Installing HSP56 MicroModem Drivers" = HSP56 Modem Drivers
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Linksys Wireless Manager" = Linksys Wireless Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware النسخة 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ara" = حزمة اللغة لـ Microsoft .NET Framework 3.5 SP1 - ARA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ARA Language Pack" = حزمة اللغة العربية لـ Microsoft .NET Framework 4
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Network MagicUninstall" = Network Magic
"PhotoScape" = PhotoScape
"Power Mp3 Cutter(Mp3 Sound Cutter)_is1" = Power Mp3 Cutter(Mp3 Sound Cutter) 1.40
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"RealPlayer 16.0" = RealPlayer
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-725345543-861567501-2146946837-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19/06/2013 07:59:05 ص | Computer Name = ZAI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.2.223.0,
 P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
 
Error - 20/06/2013 03:54:29 ص | Computer Name = ZAI | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.2.223.0,
 P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
 
Error - 20/06/2013 11:03:54 ص | Computer Name = ZAI | Source = Application Hang | ID = 1002
Description = ‏‏التطبيق المتوقف iexplore.exe, الإصدار 8.0.6001.18702, توقف الوحدة
 النمطية hungapp, الإصدار 0.0.0.0, العنوان المتوقف 0x00000000.
 
Error - 20/06/2013 11:04:07 ص | Computer Name = ZAI | Source = Application Hang | ID = 1001
Description = ‏‏الحزمة الخطأ 1180947459.
 
Error - 20/06/2013 12:17:05 م | Computer Name = ZAI | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown
 
Error - 20/06/2013 12:44:33 م | Computer Name = ZAI | Source = Application Error | ID = 1000
Description = ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية
 المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
 
Error - 20/06/2013 01:15:21 م | Computer Name = ZAI | Source = Application Error | ID = 1004
Description = ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية
 المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
 
Error - 20/06/2013 01:35:15 م | Computer Name = ZAI | Source = Application Error | ID = 1001
Description = ‏‏الحزمة الخطأ 1416948713.
 
Error - 20/06/2013 02:50:40 م | Computer Name = ZAI | Source = Application Error | ID = 1000
Description = ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية
 المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
 
Error - 20/06/2013 02:50:49 م | Computer Name = ZAI | Source = Application Error | ID = 1001
Description = ‏‏الحزمة الخطأ 1416948713.
 
[ OSession Events ]
Error - 25/02/2012 02:58:34 ص | Computer Name = ZAI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 663874
 seconds with 2700 seconds of active time.  This session ended with a crash.
 
Error - 01/04/2012 03:28:51 م | Computer Name = ZAI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 264 seconds with 240 seconds of active time.  This session ended with a crash.
 
Error - 01/04/2013 03:03:15 م | Computer Name = ZAI | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 97 seconds with 60 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 16/06/2013 10:01:04 ص | Computer Name = ZAI | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 20/06/2013 03:07:09 ص | Computer Name = ZAI | Source = NetBT | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the Interface
 with IP address 192.168.1.2.  The machine with the IP address 192.168.1.7 did not
 allow the name to be claimed by  this machine.
 
Error - 20/06/2013 03:12:20 ص | Computer Name = ZAI | Source = NetBT | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the Interface
 with IP address 192.168.1.2.  The machine with the IP address 192.168.1.7 did not
 allow the name to be claimed by  this machine.
 
Error - 20/06/2013 03:37:39 ص | Computer Name = ZAI | Source = sr | ID = 1
Description = ‏‏صادف عامل تصفية System Restore الخطأ '0xC0000243' غير المتوقع أثناء
 معالجة الملف '47708134.sys' على وحدة التخزين 'HarddiskVolume1'.  لقد توقف عن مراقبة
 وحدة التخزين.
 
Error - 20/06/2013 03:38:49 ص | Computer Name = ZAI | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   IntelIde
 
Error - 20/06/2013 03:59:52 ص | Computer Name = ZAI | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 20/06/2013 11:12:29 ص | Computer Name = ZAI | Source = Windows Update Agent | ID = 20
Description = ‏‏فشل التثبيت: فشل Windows في تثبيت التحديث التالي بسبب الخطأ 0x80070643:
 Microsoft .NET Framework 3.0: حزمة اللغة للإصدار x86 رقم (KB928416).
 
Error - 20/06/2013 02:41:06 م | Computer Name = ZAI | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 20/06/2013 02:50:51 م | Computer Name = ZAI | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 20/06/2013 03:04:51 م | Computer Name = ZAI | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly.  It has done
 this 1 time(s).
 
 
< End of report >
______________________________________________________________________________________
 
Farbar Service Scanner Version: 16-06-2013
Ran by Owner (administrator) on 20-06-2013 at 23:59:22
Running from "C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0126976 ____A (Microsoft Corporation) 43152852C8F5CE63B1D3466184E7E644
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2006-03-02 15:00] - [2009-04-20 20:17] - 0045568 ____A (Microsoft Corporation) E0ADCB569D9FC9A3861D05C02DC22BBF
C:\WINDOWS\system32\ipnathlp.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0331264 ____A (Microsoft Corporation) C4E4C037245CD2A2610EE58F46614712
C:\WINDOWS\system32\netman.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0197632 ____A (Microsoft Corporation) 06A4ECA228EA636F4A1F6CE7542B6923
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-05-03 12:02] - [2008-04-14 21:29] - 0144896 ____A (Microsoft Corporation) 347F3474960367180E1855BAADF6ECF4
C:\WINDOWS\system32\srsvc.dll
[2010-05-03 12:03] - [2008-04-14 21:29] - 0170496 ____A (Microsoft Corporation) 0C486E769D9F0BD558EDF1028D5B3A97
C:\WINDOWS\system32\Drivers\sr.sys
[2010-05-03 12:03] - [2008-04-14 21:13] - 0073344 ____A (Microsoft Corporation) B57E685C65D8A5CB53DFC0DB97E3A590
C:\WINDOWS\system32\wscsvc.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0080896 ____A (Microsoft Corporation) 7860BB84EC2542FA526A074B94C7B0A7
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-05-03 12:02] - [2008-04-14 21:29] - 0144896 ____A (Microsoft Corporation) 347F3474960367180E1855BAADF6ECF4
C:\WINDOWS\system32\wuauserv.dll
[2010-05-03 12:04] - [2008-04-14 21:29] - 0006656 ____A (Microsoft Corporation) 86DAF128A3FC857669FD0FD44672C971
C:\WINDOWS\system32\qmgr.dll
[2010-05-03 12:04] - [2008-04-14 21:29] - 0409088 ____A (Microsoft Corporation) B2B94DB65227B0FE579E8DB3C9595E27
C:\WINDOWS\system32\es.dll
[2006-03-02 15:00] - [2008-07-07 23:27] - 0253952 ____A (Microsoft Corporation) 584A7EDA1F7DC89E22BB046878A5E350
C:\WINDOWS\system32\cryptsvc.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0062464 ____A (Microsoft Corporation) DE99DF7D8DD1E84F053CB27106DBE301
C:\WINDOWS\system32\svchost.exe
[2006-03-02 15:00] - [2008-04-14 21:30] - 0014336 ____A (Microsoft Corporation) 6B1139CA38DB1678487678C44874B80F
C:\WINDOWS\system32\rpcss.dll
[2006-03-02 15:00] - [2009-02-09 13:51] - 0401408 ____A (Microsoft Corporation) 271830BCE6D77085E72D571F60EAF85A
C:\WINDOWS\system32\services.exe
[2006-03-02 15:00] - [2009-02-09 14:21] - 0110592 ____A (Microsoft Corporation) 1427365EFF6F4758DDC88388045E8400
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(8) Tcpip(4)
0x09000000050000000100000002000000030000000400000006000000070000000800000009000000
IpSec Tag value is correct.
**** End of log ****

Edited by bloopie, 21 June 2013 - 07:50 PM.
Topic moved from Aii to logs forum due to OTL log. ~bloopie


#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 22 June 2013 - 02:55 PM





Hello jaber.a

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 23 June 2013 - 04:08 AM

Hello Gringo from Puerto Rico:

 

Those are the logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-06-2013
Ran by Owner (administrator) on 23-06-2013 11:51:55
Running from C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: 0401
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(PCtel Inc.) C:\WINDOWS\system32\PV92Tray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Cisco Systems, Inc.) C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PV92TRAY] PV92Tray.exe [x]
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [Linksys Wireless Manager] "C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033 [1366064 2009-07-09] (Cisco Systems, Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe"  -osboot [295072 2013-01-04] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation)
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart Print Helper - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\Espresso.dll (Hewlett-Packard)
Toolbar: HKCU -&عنوان - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: ربط تنفيذ محدد موقع المعلومات (URL) - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll [8448512 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Google Update) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HP Smart Print) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi\2.1.0.240_0
CHR Extension: (RealDownloader) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

S3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S4 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3290304 2012-11-22] (Skype Technologies S.A.)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 ALCXSENS; C:\Windows\System32\drivers\ALCXSENS.SYS [391424 2003-12-12] (Sensaura Ltd)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [601100 2004-01-10] (Realtek Semiconductor Corp.)
S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2010-05-05] (Windows ® 2000 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-01-19] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-01-19] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-03-20] (HP)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [90907 2003-04-15] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [25392 2009-07-07] (Cisco Systems, Inc.)
R3 Ptserial; C:\Windows\System32\DRIVERS\ptserial.sys [317519 2003-04-18] (PCTEL, INC.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [724736 2009-08-02] (Ralink Technology, Corp.)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 SMBios; C:\Windows\System32\DRIVERS\SMBios.sys [36484 2003-10-14] (Intel Corporation)
U3 TrueSight; C:\WINDOWS\system32\TrueSight.sys [15616 2013-06-20] ()
R0 Vmodem; C:\Windows\System32\DRIVERS\vmodem.sys [698233 2003-04-18] (PCTEL, INC.)
R0 Vpctcom; C:\Windows\System32\DRIVERS\vpctcom.sys [786722 2003-04-18] (PCtel, Inc.)
R0 Vvoice; C:\Windows\System32\DRIVERS\vvoice.sys [65328 2003-04-18] (PCtel, Inc.)
R3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 omwofevh; \??\C:\WINDOWS\system32\drivers\omwofevh.sys [x]
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S3 RapportIaso; \??\c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [x]
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr;
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-23 11:47 - 2013-06-23 11:47 - 00000000 ____D C:\FRST
2013-06-21 20:46 - 2013-06-21 20:47 - 00001082 ____A C:\AdwCleaner[S3].txt
2013-06-21 18:34 - 2013-06-21 18:34 - 00299633 ____A C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
2013-06-21 18:34 - 2013-06-21 18:34 - 00209856 ____A C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
2013-06-21 14:00 - 2013-06-21 14:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-06-21 13:51 - 2013-06-21 13:51 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-21 13:51 - 2013-06-21 13:51 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-21 13:51 - 2013-06-21 13:51 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-21 00:21 - 2013-06-21 00:21 - 00000000 ____D C:\Program Files\ESET
2013-06-21 00:04 - 2013-06-21 00:04 - 00320802 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-06-21 00:01 - 2013-06-21 00:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\addpcs
2013-06-20 22:23 - 2013-06-20 22:23 - 00017597 ____A C:\ComboFix.txt
2013-06-20 22:01 - 2013-06-20 22:01 - 00001021 ____A C:\AdwCleaner[S2].txt
2013-06-20 22:00 - 2013-06-20 22:00 - 00000962 ____A C:\AdwCleaner[R2].txt
2013-06-20 21:50 - 2013-06-20 21:50 - 00015616 ____A C:\Windows\System32\TrueSight.sys
2013-06-20 18:14 - 2013-06-20 18:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2808679$
2013-06-20 18:09 - 2013-06-20 18:14 - 00010760 ____A C:\Windows\KB2808679.log
2013-06-20 11:29 - 2013-06-23 01:35 - 00000384 ___AH C:\Windows\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-06-20 11:03 - 2013-06-20 11:03 - 00000000 RASHD C:\cmdcons
2013-06-20 11:03 - 2013-06-20 10:49 - 00000211 ____A C:\Boot.bak
2013-06-20 11:03 - 2004-08-03 23:00 - 00260272 _RASH C:\cmldr
2013-06-20 11:00 - 2013-06-20 22:23 - 00000000 ___AD C:\Qoobox
2013-06-20 11:00 - 2011-06-26 09:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-20 11:00 - 2010-11-07 20:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-20 11:00 - 2009-04-20 07:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-20 11:00 - 2000-08-31 03:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-20 10:59 - 2013-06-20 22:18 - 00000000 ____D C:\Windows\erdnt
2013-06-20 10:23 - 2013-06-20 10:24 - 00004525 ____A C:\AdwCleaner[S1].txt
2013-06-20 10:23 - 2013-06-20 10:23 - 00004483 ____A C:\AdwCleaner[R1].txt
2013-06-20 00:21 - 2013-06-20 21:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-06-12 15:48 - 2013-06-12 15:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-12 15:47 - 2013-06-12 15:48 - 00010920 ____A C:\Windows\KB2838727-IE8.log
2013-06-12 15:37 - 2013-06-12 15:49 - 00013766 ____A C:\Windows\KB2839229.log
2013-06-12 02:29 - 2013-06-23 02:37 - 00000402 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Owner.job
2013-06-12 02:29 - 2013-06-22 00:38 - 00000406 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Owner.job
2013-06-12 02:29 - 2013-06-21 20:48 - 00000412 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job
2013-05-24 18:11 - 2013-06-21 20:48 - 00000306 ____A C:\Windows\Tasks\MTUM.job
2013-05-24 18:11 - 2013-05-24 18:11 - 00212992 _RASH C:\Windows\System32\WMADMOE0.dll

==================== One Month Modified Files and Folders ========

2013-06-23 11:48 - 2011-08-05 03:39 - 00000422 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{5F3F0AD4-508E-4E6B-A883-05C848D2381B}.job
2013-06-23 11:47 - 2013-06-23 11:47 - 00000000 ____D C:\FRST
2013-06-23 11:43 - 2012-12-08 10:34 - 00000490 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-06-23 11:38 - 2011-06-27 16:48 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003UA.job
2013-06-23 11:08 - 2011-09-24 18:28 - 00000828 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-23 10:10 - 2012-12-06 21:56 - 00000472 ____A C:\Windows\Tasks\At1.job
2013-06-23 06:33 - 2010-05-03 12:24 - 00032658 ____A C:\Windows\SchedLgU.Txt
2013-06-23 04:30 - 2010-05-03 12:04 - 01353918 ____A C:\Windows\WindowsUpdate.log
2013-06-23 02:37 - 2013-06-12 02:29 - 00000402 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Owner.job
2013-06-23 01:35 - 2013-06-20 11:29 - 00000384 ___AH C:\Windows\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-06-22 21:56 - 2012-12-06 21:56 - 00000472 ____A C:\Windows\Tasks\At3.job
2013-06-22 20:40 - 2012-12-06 21:56 - 00000472 ____A C:\Windows\Tasks\At2.job
2013-06-22 20:08 - 2011-09-24 18:28 - 00000824 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-22 19:38 - 2011-06-27 16:48 - 00000870 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003Core.job
2013-06-22 14:00 - 2012-12-06 21:56 - 00000472 ____A C:\Windows\Tasks\At4.job
2013-06-22 03:03 - 2010-05-03 14:49 - 00194937 ____A C:\Windows\setupact.log
2013-06-22 00:38 - 2013-06-12 02:29 - 00000406 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Owner.job
2013-06-21 20:48 - 2013-06-12 02:29 - 00000412 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job
2013-06-21 20:48 - 2013-05-24 18:11 - 00000306 ____A C:\Windows\Tasks\MTUM.job
2013-06-21 20:48 - 2013-04-07 23:30 - 00000300 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-21 20:48 - 2013-01-04 15:29 - 00000278 ____A C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-21 20:48 - 2010-05-18 19:42 - 00000278 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-21 20:48 - 2010-05-03 15:10 - 00001536 ____A C:\Windows\System32\TrueSoft.dat
2013-06-21 20:48 - 2010-05-03 14:53 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-21 20:48 - 2010-05-03 14:53 - 00000048 ____A C:\Windows\wiaservc.log
2013-06-21 20:48 - 2010-05-03 12:24 - 00000062 __ASH C:\Documents and Settings\Owner\Local Settings\desktop.ini
2013-06-21 20:48 - 2010-05-03 12:24 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-06-21 20:48 - 2010-05-03 12:24 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-21 20:48 - 2010-05-03 12:09 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-06-21 20:47 - 2013-06-21 20:46 - 00001082 ____A C:\AdwCleaner[S3].txt
2013-06-21 20:47 - 2010-05-03 12:24 - 00000178 ___SH C:\Documents and Settings\Owner\ntuser.ini
2013-06-21 19:55 - 2012-12-13 12:32 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-21 19:53 - 2010-05-20 22:38 - 00000000 ____D C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter)
2013-06-21 19:53 - 2010-05-03 12:24 - 00000000 ____D C:\Documents and Settings\Owner\سطح المكتب
2013-06-21 18:34 - 2013-06-21 18:34 - 00299633 ____A C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
2013-06-21 18:34 - 2013-06-21 18:34 - 00209856 ____A C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
2013-06-21 15:17 - 2013-01-04 15:29 - 00000286 ____A C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-21 15:17 - 2010-05-18 19:42 - 00000286 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-21 14:00 - 2013-06-21 14:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-06-21 14:00 - 2011-06-27 18:45 - 00001945 ___AC C:\Windows\epplauncher.mif
2013-06-21 13:59 - 2006-03-02 15:00 - 00002422 ____A C:\Windows\System32\wpa.dbl
2013-06-21 13:51 - 2013-06-21 13:51 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-21 13:51 - 2013-06-21 13:51 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-21 13:51 - 2013-06-21 13:51 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-21 13:51 - 2012-11-09 20:23 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-21 13:51 - 2010-07-01 22:05 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-21 13:47 - 2010-05-03 14:50 - 00000000 ____D C:\Documents and Settings\All Users\سطح المكتب
2013-06-21 13:46 - 2011-06-27 18:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-06-21 13:46 - 2010-05-20 16:00 - 00000000 ____D C:\Program Files\Adobe
2013-06-21 13:42 - 2010-05-20 15:57 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
2013-06-21 00:21 - 2013-06-21 00:21 - 00000000 ____D C:\Program Files\ESET
2013-06-21 00:21 - 2011-06-27 17:37 - 00595121 ____A C:\Windows\setupapi.log
2013-06-21 00:04 - 2013-06-21 00:04 - 00320802 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-06-21 00:01 - 2013-06-21 00:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\addpcs
2013-06-20 23:22 - 2013-04-07 23:30 - 00000308 ____A C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-06-20 22:23 - 2013-06-20 22:23 - 00017597 ____A C:\ComboFix.txt
2013-06-20 22:23 - 2013-06-20 11:00 - 00000000 ___AD C:\Qoobox
2013-06-20 22:18 - 2013-06-20 10:59 - 00000000 ____D C:\Windows\erdnt
2013-06-20 22:18 - 2006-03-02 15:00 - 00000227 ____A C:\Windows\system.ini
2013-06-20 22:17 - 2006-03-02 15:00 - 00000027 ____A C:\Windows\System32\Drivers\etc\hosts.old
2013-06-20 22:01 - 2013-06-20 22:01 - 00001021 ____A C:\AdwCleaner[S2].txt
2013-06-20 22:00 - 2013-06-20 22:00 - 00000962 ____A C:\AdwCleaner[R2].txt
2013-06-20 21:50 - 2013-06-20 21:50 - 00015616 ____A C:\Windows\System32\TrueSight.sys
2013-06-20 21:34 - 2010-05-03 14:50 - 00000000 ___RD C:\Documents and Settings\All Users\قائمة ابدأ
2013-06-20 21:17 - 2013-06-20 00:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-06-20 18:28 - 2010-05-14 10:08 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-20 18:22 - 2010-05-03 14:51 - 01040876 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-20 18:14 - 2013-06-20 18:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2808679$
2013-06-20 18:14 - 2013-06-20 18:09 - 00010760 ____A C:\Windows\KB2808679.log
2013-06-20 18:14 - 2010-05-03 15:00 - 00300768 ____A C:\Windows\updspapi.log
2013-06-20 18:14 - 2010-05-03 14:51 - 01763435 ____A C:\Windows\FaxSetup.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00935758 ____A C:\Windows\ocgen.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00675669 ____A C:\Windows\tsoc.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00577867 ____A C:\Windows\comsetup.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00358050 ____A C:\Windows\ntdtcsetup.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00261484 ____A C:\Windows\iis6.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00088301 ____A C:\Windows\msgsocm.log
2013-06-20 18:14 - 2010-05-03 14:51 - 00001374 ____A C:\Windows\imsins.log
2013-06-20 18:13 - 2010-05-05 13:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-06-20 11:24 - 2012-12-06 21:56 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\HpUpdate
2013-06-20 11:03 - 2013-06-20 11:03 - 00000000 RASHD C:\cmdcons
2013-06-20 11:03 - 2010-05-03 14:48 - 00000327 _RASH C:\boot.ini
2013-06-20 10:49 - 2013-06-20 11:03 - 00000211 ____A C:\Boot.bak
2013-06-20 10:49 - 2006-03-02 15:00 - 00000670 ____A C:\Windows\win.ini
2013-06-20 10:45 - 2010-05-03 14:51 - 00001917 ____A C:\Windows\imsins.BAK
2013-06-20 10:24 - 2013-06-20 10:23 - 00004525 ____A C:\AdwCleaner[S1].txt
2013-06-20 10:23 - 2013-06-20 10:23 - 00004483 ____A C:\AdwCleaner[R1].txt
2013-06-19 14:57 - 2010-05-25 06:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-12 15:49 - 2013-06-12 15:37 - 00013766 ____A C:\Windows\KB2839229.log
2013-06-12 15:48 - 2013-06-12 15:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-12 15:48 - 2013-06-12 15:47 - 00010920 ____A C:\Windows\KB2838727-IE8.log
2013-06-12 15:48 - 2010-05-06 17:21 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 08:36 - 2011-08-27 04:52 - 00000284 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job
2013-06-06 23:30 - 2013-04-07 23:30 - 00000326 ____A C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
2013-05-25 13:40 - 2010-05-03 12:03 - 00000000 ____D C:\Windows\System32\Restore
2013-05-24 18:11 - 2013-05-24 18:11 - 00212992 _RASH C:\Windows\System32\WMADMOE0.dll

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 15:00] - [2008-04-14 21:29] - 1031168 ____A (Microsoft Corporation) ca3445dce9eb70a2ca2504e0af5c543f

C:\Windows\System32\winlogon.exe
[2006-03-02 15:00] - [2008-04-14 21:30] - 0506880 ____A (Microsoft Corporation) bcedf9dccbc807108ce34c9834074c34

C:\Windows\System32\svchost.exe
[2006-03-02 15:00] - [2008-04-14 21:30] - 0014336 ____A (Microsoft Corporation) 6b1139ca38db1678487678c44874b80f

C:\Windows\System32\services.exe
[2006-03-02 15:00] - [2009-02-09 14:21] - 0110592 ____A (Microsoft Corporation) 1427365eff6f4758ddc88388045e8400

C:\Windows\System32\User32.dll
[2006-03-02 15:00] - [2008-04-14 21:29] - 0578048 ____A (Microsoft Corporation) f95655e872967ae2cd4c19d8914babb7

C:\Windows\System32\userinit.exe
[2006-03-02 15:00] - [2008-04-14 21:30] - 0026112 ____A (Microsoft Corporation) b2b4e4722caafe109bec13773bcb75b0

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 15:00] - [2008-04-14 21:06] - 0052352 ____A (Microsoft Corporation) e3eed80adea08f324a3722ab81e136d0

==================== End Of Log ============================

______________________________________________________________________________________________

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-06-2013
Ran by Owner at 2013-06-23 11:52:58
Running from C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

23_24_2500Tour (Version: 43.0.217.000)
2400 (Version: 43.0.217.000)
2400_2500Help (Version: 43.0.217.000)
2400_2500trb (Version: 43.0.217.000)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
AiO_Scan (Version: 43.0.217.000)
AiOSoftware (Version: 43.0.217.000)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41)
BlackBerry Device Software Updater (Version: 6.0.1.37)
BlackBerry Device Software v5.0.0 for the BlackBerry 8900 smartphone (Version: 5.0.0.681 (Platform 5.2.0.67))
BlackBerry Device Software v6.0.0 for the BlackBerry 9700 smartphone (Version: 6.0.0.546 (Platform 6.6.0.207))
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 43.1.5.000)
Cisco Network Magic (Version: 5.5.09195.0)
Copy (Version: 43.1.5.000)
CreativeProjects (Version: 43.1.5.000)
CreativeProjectsTemplates (Version: 43.1.5.000)
CueTour (Version: 43.1.5.000)
Destinations (Version: 43.1.5.000)
Director (Version: 43.1.5.000)
DocProc (Version: 4.0.0.0)
DocumentViewer (Version: 43.0.217.000)
ESET Online Scanner v3
FairStars Audio Converter 1.55
Fax (Version: 43.0.217.000)
Google Chrome (HKCU Version: 27.0.1453.116)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Deskjet 4620 series تعليمات (Version: 6.0.0)
HP Diagnostic Assistant (Version: 1.0.0.0)
HP Image Zone 4.2 (Version: 4.2)
HP Photo Creations (Version: 1.0.0.11502)
HP Product Detection (Version: 11.14.0001)
HP Product Detection (Version: 11.14.0004)
HP PSC & OfficeJet 4.2
HP Smart Print 2.0 (Version: 2.0.0.231)
HP Update (Version: 5.003.000.004)
HPDiagnosticAlert (Version: 1.00.0000)
HPSystemDiagnostics (Version: 1.5.0.0)
HSP56 Modem Drivers
I.R.I.S. OCR (Version: 12.3.4.0)
InstantShare (Version: 4.0.0.40)
InstantShareAlert (Version: 1.00.0000)
Intel® Extreme Graphics Driver
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
K-Lite Mega Codec Pack 5.9.0 (Version: 5.9.0)
Linksys Wireless Manager (Version: 4.9.9189.0)
Malwarebytes Anti-Malware النسخة 1.75.0.1300 (Version: 1.75.0.1300)
Messages 3 (Version: 1.00.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ARA (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ARA (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Language Pack SP1 - ara (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ARA Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Arabic) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Software Update for Web Folders  (Arabic) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
neroxml (Version: 1.0.0)
Network Magic (Version: 5.5.9195.0)
Overland (Version: 2.1.5)
PhotoGallery (Version: 43.1.5.000)
PhotoScape
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
PrintScreen (Version: 43.1.5.000)
ProductContext (Version: 43.0.217.000)
Pure Networks Platform (Version: 11.2.09195.1)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 43.1.5.000)
QuickTime (Version: 7.73.80.64)
Readme (Version: 43.0.217.000)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek AC'97 Audio
RealUpgrade 1.1 (Version: 1.1.0)
Scan (Version: 4.1.0.0)
Segoe UI (Version: 14.0.4327.805)
SkinsHP1 (Version: 43.1.5.000)
Skype Click to Call (Version: 6.4.11328)
Skype™ 5.10 (Version: 5.10.116)
swMSM (Version: 12.0.0.1)
TrayApp (Version: 43.1.5.000)
Unload (Version: 4.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 43.1.5.000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.175805)
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
‏‏إصلاح السريع لـ Windows Media Player 11 (KB939683)
برامج الجهاز الأساسية HP Deskjet 4620 series (Version: 26.0.784.0)
برنامج إصلاح (Hotfix) لـ Windows XP (KB2443685)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB2633952)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB2756822)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB2779562)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB952287)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB961118)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB979306)‎ (Version: 1)
برنامج إصلاح (Hotfix) لـ Windows XP (KB981793)‎ (Version: 1)
تحديث الأمان لـ Microsoft Windows ‏(KB2564958)
‏‏تحديث الأمان لـ Windows Media Player (KB2378111)
‏‏تحديث الأمان لـ Windows Media Player (KB952069)
‏‏تحديث الأمان لـ Windows Media Player (KB954155)
‏‏تحديث الأمان لـ Windows Media Player (KB968816)
‏‏تحديث الأمان لـ Windows Media Player (KB973540)
‏‏تحديث الأمان لـ Windows Media Player (KB975558)
‏‏تحديث الأمان لـ Windows Media Player (KB978695)
‏‏تحديث الأمان لـ Windows Media Player (KB979402)
‏‏تحديث الأمان لـ Windows Media Player 11 (KB954154)
‏‏تحديث الأمان لـ Windows XP (KB941569)
تحديث أمان لـ Windows Internet Explorer 8 (KB2510531)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2530548)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2544521)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2559049)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2675157)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2722913)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2744842)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2761465)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2792100)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2797052)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2799329)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2809289)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2817183)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2829530)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2838727)‎ (Version: 1)
تحديث أمان لـ Windows Internet Explorer 8 (KB2847204)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2079403)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2115168)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2121546)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2160329)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2229593)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2286198)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2296011)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2347290)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2360937)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2387149)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2393802)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2412687)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2419632)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2423089)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2440591)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2443105)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2476490)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2476687)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2478960)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2478971)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2479943)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2481109)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2483185)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2485663)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2491683)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2503665)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2506212)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2506223)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2507618)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2507938)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2508272)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2508429)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2509553)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2524375)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2535512)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2536276)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2536276-v2)‎ (Version: 2)
تحديث أمان لـ Windows XP (KB2544893)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2544893-v2)‎ (Version: 2)
تحديث أمان لـ Windows XP (KB2555917)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2562937)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2566454)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2567680)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2570222)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2570947)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2584146)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2585542)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2592799)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2598479)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2603381)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2618451)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2619339)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2620712)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2621440)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2624667)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2631813)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2646524)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2653956)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2655992)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2659262)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2661637)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2676562)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2686509)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2691442)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2695962)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2698365)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2705219)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2707511)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2712808)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2719985)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2723135)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2724197)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2727528)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2731847)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2753842)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2753842-v2)‎ (Version: 2)
تحديث أمان لـ Windows XP (KB2757638)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2758857)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2761226)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2770660)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2778344)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2779030)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2780091)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2799494)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2802968)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2807986)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2808735)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2813170)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2813345)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2820197)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2820917)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2829361)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB2839229)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB923561)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB923789)‎
تحديث أمان لـ Windows XP (KB946648)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB950760)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB950762)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB950974)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB951066)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB951376-v2)‎ (Version: 2)
تحديث أمان لـ Windows XP (KB951748)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB952004)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB952954)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB954459)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB955069)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB956572)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB956744)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB956802)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB956803)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB956844)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB958644)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB958869)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB959426)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB960225)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB960803)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB960859)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB961501)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB969059)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB969947)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB970238)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB970430)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB971468)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB971657)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB971961)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB972270)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB973354)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB973507)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB973869)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB973904)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB974112)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB974318)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB974392)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB974571)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975025)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975467)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975560)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975561)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975562)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB975713)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB977816)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB977914)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978037)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978262)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978338)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978542)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978601)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB978706)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB979309)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB979482)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB979559)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB979683)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB979687)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB980195)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB980218)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB980232)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB980436)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB981322)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB981349)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB981852)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB981997)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB982132)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB982214)‎ (Version: 1)
تحديث أمان لـ Windows XP (KB982665)‎ (Version: 1)
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
تحديث لـ Microsoft Windows رقم (KB971513)
تحديث لـ Windows Internet Explorer 8 (KB2447568)‎ (Version: 1)
تحديث لـ Windows Internet Explorer 8 (KB2598845)‎ (Version: 1)
تحديث لـ Windows Internet Explorer 8 (KB2632503)‎ (Version: 1)
تحديث لـ Windows XP (KB2345886)‎ (Version: 1)
تحديث لـ Windows XP (KB2467659)‎ (Version: 1)
تحديث لـ Windows XP (KB2492386)‎ (Version: 1)
تحديث لـ Windows XP (KB2541763)‎ (Version: 1)
تحديث لـ Windows XP (KB2641690)‎ (Version: 1)
تحديث لـ Windows XP (KB2661254-v2)‎ (Version: 2)
تحديث لـ Windows XP (KB2718704)‎ (Version: 1)
تحديث لـ Windows XP (KB2736233)‎ (Version: 1)
تحديث لـ Windows XP (KB2749655)‎ (Version: 1)
تحديث لـ Windows XP (KB2808679)‎ (Version: 1)
تحديث لـ Windows XP (KB898461)‎ (Version: 1)
تحديث لـ Windows XP (KB951978)‎ (Version: 1)
تحديث لـ Windows XP (KB955759)‎ (Version: 1)
تحديث لـ Windows XP (KB961503)‎ (Version: 1)
تحديث لـ Windows XP (KB967715)‎ (Version: 1)
تحديث لـ Windows XP (KB968389)‎ (Version: 1)
تحديث لـ Windows XP (KB971029)‎ (Version: 1)
تحديث لـ Windows XP (KB971737)‎ (Version: 1)
تحديث لـ Windows XP (KB973687)‎ (Version: 1)
تحديث لـ Windows XP (KB973815)‎ (Version: 1)
تحديث لـ Windows XP (KB980182)‎ (Version: 1)
حزمة اللغة العربية لـ Microsoft .NET Framework 4 (Version: 4.0.30319)
حزمة اللغة لـ Microsoft .NET Framework 3.5 SP1 - ARA
حزمة موفر خدمة تشفير البطاقة الذكية الأساسية من Microsoft
خدمات عميل Microsoft Windows Rights Management مع Service Pack 2 (Version: 5.2.95)
دراسة تحسين المنتجات HP Deskjet 4620 series (Version: 26.0.784.0)
دعم تطبيق Apple (Version: 2.3.3)
عميل Windows Rights Management للتوافق مع الإصدارات السابقة SP2 (Version: 5.2.95)

==================== Restore Points  =========================

25-05-2013 10:40:32 نقطة اختبار النظام
27-05-2013 15:14:00 نقطة اختبار النظام
28-05-2013 15:28:49 نقطة اختبار النظام
29-05-2013 15:37:22 نقطة اختبار النظام
30-05-2013 15:43:30 نقطة اختبار النظام
31-05-2013 15:56:29 نقطة اختبار النظام
01-06-2013 16:18:32 نقطة اختبار النظام
02-06-2013 16:55:05 نقطة اختبار النظام
03-06-2013 17:47:14 نقطة اختبار النظام
04-06-2013 18:42:57 نقطة اختبار النظام
05-06-2013 19:58:16 نقطة اختبار النظام
06-06-2013 20:54:19 نقطة اختبار النظام
07-06-2013 20:55:15 نقطة اختبار النظام
08-06-2013 21:52:07 نقطة اختبار النظام
09-06-2013 22:33:49 نقطة اختبار النظام
10-06-2013 22:45:52 نقطة اختبار النظام
11-06-2013 23:23:42 نقطة اختبار النظام
12-06-2013 12:47:21 Software Distribution Service 3.0
13-06-2013 12:50:45 نقطة اختبار النظام
14-06-2013 13:45:06 نقطة اختبار النظام
15-06-2013 14:03:38 نقطة اختبار النظام
16-06-2013 14:41:21 نقطة اختبار النظام
19-06-2013 13:01:48 نقطة اختبار النظام
20-06-2013 08:30:21 Software Distribution Service 3.0
20-06-2013 15:11:52 Software Distribution Service 3.0
20-06-2013 18:34:07 Removed Acrobat.com
21-06-2013 10:50:28 Removed Java 7 Update 9
21-06-2013 10:51:04 Installed Java 7 Update 25
21-06-2013 10:53:19 تم تثبيته Microsoft Fix it 50267
22-06-2013 11:48:54 نقطة اختبار النظام

==================== Scheduled Tasks ========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2013 01:44:45 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070005, P2 mpupdateengine, P3 am fe, P4 11.1.4406.0, P5 mpsigstub.exe, P6 4.2.223.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (06/22/2013 06:45:31 PM) (Source: Application Error) (User: )
Description: ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
جاري معالجة حدث خاص بالوسائط لـ [nmsrvc.exe!ws!]

Error: (06/21/2013 02:00:27 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (06/21/2013 00:41:21 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientsetup.exe4.2.223.00x8004ff81morrobootstraper__cinstallflow__internalrun - geteppinstallactionmorrobootstraper__cflow__processflowactionresult0security essentialsNILNILNIL

Error: (06/21/2013 00:41:17 AM) (Source: MsiInstaller) (User: ZAI)
Description: Product: Microsoft Security Client -- Error 1920. Service 'Microsoft Antimalware Service' (MsMpSvc) failed to start.  Verify that you have sufficient privileges to start system services.

Error: (06/20/2013 09:50:49 PM) (Source: Application Error) (User: )
Description: ‏‏الحزمة الخطأ 1416948713.
‏‏لم ينتج عن تبادل مفتاح Wep إعداد اتصال آمن بعد مصادقة ‎802.1x.  تم وضع علامة على الإعداد الحالي تشير إلى الفشل وسيتم قطع الاتصال اللاسلكي.

Error: (06/20/2013 09:50:40 PM) (Source: Application Error) (User: )
Description: ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
جاري معالجة حدث خاص بالوسائط لـ [nmsrvc.exe!ws!]

Error: (06/20/2013 08:35:15 PM) (Source: Application Error) (User: )
Description: ‏‏الحزمة الخطأ 1416948713.
‏‏لم ينتج عن تبادل مفتاح Wep إعداد اتصال آمن بعد مصادقة ‎802.1x.  تم وضع علامة على الإعداد الحالي تشير إلى الفشل وسيتم قطع الاتصال اللاسلكي.

Error: (06/20/2013 08:15:21 PM) (Source: Application Error) (User: )
Description: ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
‏‏حدث خطأ أثناء إنشاء PEAP-TLV الناتج استجابة لـ PEAP-TLV المتلقى (nmsrvc.exe!ld!)

Error: (06/20/2013 07:44:33 PM) (Source: Application Error) (User: )
Description: ‏‏التطبيق المسبب للخطأ nmsrvc.exe, الإصدار 11.2.9170.0, الوحدة النمطية المسببة للخطأ nmcore.dll, الإصدار 11.2.9195.1, العنوان الخطأ 0x001de1c6.
جاري معالجة حدث خاص بالوسائط لـ [nmsrvc.exe!ws!]

System errors:
=============
Error: (06/22/2013 06:55:00 PM) (Source: Service Control Manager) (User: )
Description: The Pure Networks Platform Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 07:57:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (06/21/2013 02:07:40 PM) (Source: Service Control Manager) (User: )
Description: The Skype C2C Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 02:07:24 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: ‏‏أعد تشغيل الخدمة.

Error: (06/21/2013 02:07:18 PM) (Source: Service Control Manager) (User: )
Description: The Skype Updater service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 02:04:36 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: ‏‏أعد تشغيل الخدمة.

Error: (06/21/2013 02:04:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 02:04:01 PM) (Source: Service Control Manager) (User: )
Description: The Skype C2C Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 02:03:42 PM) (Source: Service Control Manager) (User: )
Description: The Terminal Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/21/2013 02:03:42 PM) (Source: Service Control Manager) (User: )
Description: The DCOM Server Process Launcher service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: ‏‏أعد تمهيد الجهاز.

Microsoft Office Sessions:
=========================
Error: (04/01/2013 10:03:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 97 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/01/2012 10:28:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 264 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/25/2012 09:58:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 663874 seconds with 2700 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 2030.73 MB
Available physical RAM: 1215.77 MB
Total Pagefile: 3391.99 MB
Available Pagefile: 2757.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:37.26 GB) (Free:7.41 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (New Volume) (Fixed) (Total:146.48 GB) (Free:5.22 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:151.6 GB) (Free:151.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: E1D9E1D9)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 40B2B050)
Partition 1: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=152 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 23 June 2013 - 05:40 AM

Hello jaber.a



I need you to download this script I have made for you --> Attached File  fixlist.txt   352bytes   2 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 23 June 2013 - 10:27 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-06-2013
Ran by Owner at 2013-06-23 15:43:03 Run:1
Running from C:\Documents and Settings\Owner\سطح المكتب\مجلد جديد
Boot Mode: Normal

==============================================

"C:\Program Files\Windows Defender" => Not Found
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.

=========  Dir /b /a:l "C:\Program Files" /s =========

File Not Found

========= End of CMD: =========

omwofevh => Service deleted successfully.
C:\Windows\Tasks\At1.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.
C:\Windows\Tasks\At3.job => Moved successfully.
C:\Windows\Tasks\At4.job => Moved successfully.

The system needs a manual reboot.

==== End of Fixlog ====



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 23 June 2013 - 06:39 PM

how are things doing?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 23 June 2013 - 07:41 PM

It seems that I'm still not able to run microsoft security essentials and still get directed to blank pages in IE

 

 

 

AJ



#9 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 23 June 2013 - 08:01 PM

Ironically, I just got directed to a page titled iHaveNet.com with google.com in the address bar. And when a try to search for iHavenet.com in google the search suggestion turns to strange characters. Those strange characters appered to me also on this reply when writing down iHavenet.com (uncapitalized). 

 

I started to think that my machine is possesed :devil:

 

 

 

AJ



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 23 June 2013 - 10:02 PM


Hello jaber.a

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 24 June 2013 - 04:17 AM

Here is the log

 

ComboFix 13-06-24.01 - Owner 06/24/2013  11:57:29.3.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1256.966.1025.18.2031.1547 [GMT 3:00]
Running from: c:\documents and settings\Owner\سطح المكتب\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-24 to 2013-06-24  )))))))))))))))))))))))))))))))
.
.
2013-06-24 00:33 . 2013-06-24 00:33 -------- d-----w- c:\program files\Microsoft Security Client
2013-06-23 08:47 . 2013-06-23 12:43 -------- d-----w- C:\FRST
2013-06-21 10:51 . 2013-06-21 10:51 -------- d-----w- c:\program files\Common Files\Java
2013-06-21 10:51 . 2013-06-21 10:51 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-21 10:51 . 2013-06-21 10:51 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-20 21:21 . 2013-06-20 21:21 -------- d-----w- c:\program files\ESET
2013-06-20 21:01 . 2013-06-20 21:01 -------- d-----w- c:\documents and settings\Owner\Application Data\addpcs
2013-06-20 18:50 . 2013-06-20 18:50 15616 ----a-w- c:\windows\system32\TrueSight.sys
2013-06-19 21:21 . 2013-06-20 18:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-21 10:51 . 2012-11-09 17:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-21 10:51 . 2010-07-01 19:05 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-07 22:27 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:27 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:27 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-05-03 05:38 . 2006-03-02 12:00 2151424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:38 . 2004-08-04 00:48 2030080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-02 15:28 . 2010-05-05 10:23 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-12 14:00 . 2006-03-02 12:00 1876224 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 11:50 . 2010-05-25 03:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 22:53 . 2006-03-02 12:00 74752 ----a-w- c:\windows\system32\cryptdlg.dll
2013-03-26 22:53 . 2006-03-02 12:00 600576 ----a-w- c:\windows\system32\crypt32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-04-07 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-04-07 114688]
"PV92TRAY"="PV92Tray.exe" [2003-04-18 128000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"SoundMan"="SOUNDMAN.EXE" [2004-01-09 65536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-07-09 1366064]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-01-04 295072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^قائمة ابدأ^البرامج^بدء التشغيل^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Owner\قائمة ابدأ\البرامج\بدء التشغيل\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^قائمة ابدأ^البرامج^بدء التشغيل^مراقبة تنبيهات الحبر - HP Deskjet 4620 series (الشبكة).lnk]
path=c:\documents and settings\Owner\قائمة ابدأ\البرامج\بدء التشغيل\مراقبة تنبيهات الحبر - HP Deskjet 4620 series (الشبكة).lnk
backup=c:\windows\pss\مراقبة تنبيهات الحبر - HP Deskjet 4620 series (الشبكة).lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-05-11 10:37 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2010-02-26 23:43 50520 -c--a-w- c:\documents and settings\Owner\Application Data\mjusbsp\cdloader2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-27 13:48 136176 ----atw- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-03-24 10:13 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 09:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 18:30 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2009-07-07 11:48 647216 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTVOICE]
2003-04-18 11:44 176128 ----a-w- c:\windows\system32\pctspk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 00:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2013-01-17 13:08 267792 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 04:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-01-04 12:26 295072 ----a-w- c:\program files\real\realplayer\Update\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service
.
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [29/11/2012 08:31 م 38608]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [22/11/2012 10:29 ص 3290304]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 01:28 م 160944]
S3 Blackberry Device Manager;BlackBerry Device Manager;c:\program files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [18/01/2013 05:10 م 577536]
S3 RapportIaso;RapportIaso;\??\c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys --> c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPFILTER
*NewlyCreated* - MSMPSVC
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 14:57]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-24 15:28]
.
2013-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-24 15:28]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-27 13:48]
.
2013-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-861567501-2146946837-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-27 13:48]
.
2013-06-24 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\documents and settings\All Users\Application Data\HP Photo Creations\Communicator.exe [2012-12-08 07:36]
.
2013-06-22 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 08:11]
.
2013-06-23 c:\windows\Tasks\MTUM.job
- c:\windows\system32\WMADMOE0.dll [2013-05-24 15:11]
.
2013-06-06 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29 17:33]
.
2013-06-23 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 17:31]
.
2013-06-20 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 17:31]
.
2013-06-23 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 12:30]
.
2013-06-23 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 12:30]
.
2013-06-23 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 12:30]
.
2013-06-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-861567501-2146946837-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 12:30]
.
2013-06-23 c:\windows\Tasks\ReclaimerUpdateFiles_Owner.job
- c:\documents and settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-11 20:28]
.
2013-06-23 c:\windows\Tasks\ReclaimerUpdateXML_Owner.job
- c:\documents and settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-11 20:28]
.
2013-06-23 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job
- c:\documents and settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-11 20:28]
.
2013-06-24 c:\windows\Tasks\User_Feed_Synchronization-{5F3F0AD4-508E-4E6B-A883-05C848D2381B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 01:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-24 12:06
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
- - - - - - - > 'explorer.exe'(3720)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-06-24  12:08:52
ComboFix-quarantined-files.txt  2013-06-24 09:08
ComboFix2.txt  2013-06-20 19:23
ComboFix3.txt  2013-06-20 08:16
.
Pre-Run: 7,844,020,224 bytes free
Post-Run: 8,013,180,928 bytes free
.
- - End Of File - - 96B28F7D0BF83E5A1E504C8337B3FE28
8F558EB6672622401DA993E1E865C861
 

It seems that I'm still not able to run microsoft security essentials and still get directed to blank pages in IE



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 24 June 2013 - 10:28 AM


Hello jaber.a

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 24 June 2013 - 12:34 PM

Here is TDSS log

 

 

19:43:08.0234 1572  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:43:08.0859 1572  ============================================================
19:43:08.0859 1572  Current date / time: 2013/06/24 19:43:08.0859
19:43:08.0859 1572  SystemInfo:
19:43:08.0859 1572 
19:43:08.0859 1572  OS Version: 5.1.2600 ServicePack: 3.0
19:43:08.0859 1572  Product type: Workstation
19:43:08.0859 1572  ComputerName: ZAI
19:43:08.0859 1572  UserName: Owner
19:43:08.0859 1572  Windows directory: C:\WINDOWS
19:43:08.0859 1572  System windows directory: C:\WINDOWS
19:43:08.0859 1572  Processor architecture: Intel x86
19:43:08.0859 1572  Number of processors: 2
19:43:08.0859 1572  Page size: 0x1000
19:43:08.0859 1572  Boot type: Normal boot
19:43:08.0859 1572  ============================================================
19:43:10.0765 1572  BG loaded
19:43:11.0515 1572  Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:43:11.0625 1572  ============================================================
19:43:11.0625 1572  \Device\Harddisk0\DR0:
19:43:11.0718 1572  MBR partitions:
19:43:11.0781 1572  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
19:43:11.0781 1572  ============================================================
19:43:18.0718 1572  C: <-> \Device\Harddisk0\DR0\Partition1
19:43:18.0734 1572  ============================================================
19:43:18.0734 1572  Initialize success
19:43:18.0734 1572  ============================================================
19:44:46.0000 2968  ============================================================
19:44:46.0000 2968  Scan started
19:44:46.0000 2968  Mode: Manual; SigCheck; TDLFS;
19:44:46.0000 2968  ============================================================
19:44:46.0265 2968  ================ Scan system memory ========================
19:44:46.0265 2968  System memory - ok
19:44:46.0265 2968  ================ Scan services =============================
19:44:46.0390 2968  Abiosdsk - ok
19:44:46.0406 2968  abp480n5 - ok
19:44:46.0484 2968  [ 29DD2C058BDC1D4AB75D9E5E2ED81907 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:44:48.0859 2968  ACPI - ok
19:44:48.0890 2968  [ 3837D7349B1749D55D8EC6C5B490B8A8 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:44:49.0078 2968  ACPIEC - ok
19:44:49.0093 2968  adpu160m - ok
19:44:49.0125 2968  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:44:49.0265 2968  aec - ok
19:44:49.0328 2968  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:44:49.0406 2968  AFD - ok
19:44:49.0421 2968  Aha154x - ok
19:44:49.0421 2968  aic78u2 - ok
19:44:49.0437 2968  aic78xx - ok
19:44:49.0515 2968  [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS        C:\WINDOWS\system32\drivers\ALCXSENS.SYS
19:44:49.0687 2968  ALCXSENS - ok
19:44:49.0765 2968  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] ALCXWDM         C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:44:49.0859 2968  ALCXWDM - ok
19:44:49.0906 2968  [ 45C1E500444DEED9C4E961222C4ACB5E ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:44:50.0046 2968  Alerter - ok
19:44:50.0078 2968  [ 89482328ADEA23DF2B2B0D6DCE5A1A76 ] ALG             C:\WINDOWS\System32\alg.exe
19:44:50.0218 2968  ALG - ok
19:44:50.0218 2968  AliIde - ok
19:44:50.0234 2968  amsint - ok
19:44:50.0359 2968  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:44:50.0390 2968  Apple Mobile Device - ok
19:44:50.0406 2968  AppMgmt - ok
19:44:50.0406 2968  asc - ok
19:44:50.0421 2968  asc3350p - ok
19:44:50.0437 2968  asc3550 - ok
19:44:50.0578 2968  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:44:50.0593 2968  aspnet_state - ok
19:44:50.0671 2968  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:44:50.0828 2968  AsyncMac - ok
19:44:50.0859 2968  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:44:51.0015 2968  atapi - ok
19:44:51.0015 2968  Atdisk - ok
19:44:51.0046 2968  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:44:51.0187 2968  Atmarpc - ok
19:44:51.0250 2968  [ 62F1AA8277ED78ED3DFB5D9F58B6B31C ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:44:51.0375 2968  AudioSrv - ok
19:44:51.0437 2968  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:44:51.0578 2968  audstub - ok
19:44:51.0625 2968  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:44:51.0781 2968  Beep - ok
19:44:51.0859 2968  [ B2B94DB65227B0FE579E8DB3C9595E27 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:44:52.0046 2968  BITS - ok
19:44:52.0187 2968  [ 686045905787B68D829CE647A6DFAD2B ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
19:44:52.0234 2968  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - warning
19:44:52.0234 2968  Blackberry Device Manager - detected UnsignedFile.Multi.Generic (1)
19:44:52.0359 2968  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:44:52.0390 2968  Bonjour Service - ok
19:44:52.0437 2968  [ F160073B9B9D95F65B6D467E88A52F00 ] Browser         C:\WINDOWS\System32\browser.dll
19:44:52.0562 2968  Browser - ok
19:44:52.0625 2968  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:44:52.0765 2968  BthEnum - ok
19:44:52.0796 2968  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:44:52.0921 2968  BthPan - ok
19:44:53.0000 2968  [ C32A38535BD714CEDD0205AC8B65E195 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
19:44:53.0046 2968  BTHPORT - ok
19:44:53.0109 2968  [ 020CADC9A5352A7AB5E1C8AD7AB6EE13 ] BthServ         C:\WINDOWS\System32\bthserv.dll
19:44:53.0250 2968  BthServ - ok
19:44:53.0312 2968  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:44:53.0453 2968  BTHUSB - ok
19:44:53.0625 2968  catchme - ok
19:44:53.0703 2968  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:44:53.0843 2968  cbidf2k - ok
19:44:53.0859 2968  cd20xrnt - ok
19:44:53.0906 2968  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:44:54.0062 2968  Cdaudio - ok
19:44:54.0125 2968  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:44:54.0281 2968  Cdfs - ok
19:44:54.0296 2968  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:44:54.0437 2968  Cdrom - ok
19:44:54.0453 2968  Changer - ok
19:44:54.0515 2968  [ 91EECA88745E6FC10796E06006BAF6CE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:44:54.0640 2968  CiSvc - ok
19:44:54.0671 2968  [ 21E0DE7ED9C691E9E7BD25F58EE7F91B ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:44:54.0828 2968  ClipSrv - ok
19:44:54.0875 2968  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:54.0906 2968  clr_optimization_v2.0.50727_32 - ok
19:44:55.0031 2968  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:44:55.0062 2968  clr_optimization_v4.0.30319_32 - ok
19:44:55.0062 2968  CmdIde - ok
19:44:55.0078 2968  COMSysApp - ok
19:44:55.0109 2968  Cpqarray - ok
19:44:55.0156 2968  [ DE99DF7D8DD1E84F053CB27106DBE301 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:44:55.0312 2968  CryptSvc - ok
19:44:55.0328 2968  dac2w2k - ok
19:44:55.0343 2968  dac960nt - ok
19:44:55.0406 2968  [ 271830BCE6D77085E72D571F60EAF85A ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:44:55.0515 2968  DcomLaunch - ok
19:44:55.0578 2968  [ 43152852C8F5CE63B1D3466184E7E644 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:44:55.0718 2968  Dhcp - ok
19:44:55.0781 2968  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:44:55.0890 2968  Disk - ok
19:44:55.0906 2968  dmadmin - ok
19:44:55.0984 2968  [ 0F4F942D622B0D9FD4213431B729E993 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:44:56.0171 2968  dmboot - ok
19:44:56.0234 2968  [ 86EB492C80A43418685D88DA3D6CEDC7 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:44:56.0375 2968  dmio - ok
19:44:56.0421 2968  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:44:56.0546 2968  dmload - ok
19:44:56.0593 2968  [ F8B639DCA00D408BBC0906E6AB620279 ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:44:56.0734 2968  dmserver - ok
19:44:56.0765 2968  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:44:56.0921 2968  DMusic - ok
19:44:56.0984 2968  [ E0ADCB569D9FC9A3861D05C02DC22BBF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:44:57.0109 2968  Dnscache - ok
19:44:57.0156 2968  [ BBF4CD4A914D2B0F0AAF966DE000687D ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:44:57.0328 2968  Dot3svc - ok
19:44:57.0328 2968  dpti2o - ok
19:44:57.0375 2968  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:44:57.0515 2968  drmkaud - ok
19:44:57.0546 2968  [ 01A605DEDCC8D9723CC762B804AF6B36 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:44:57.0687 2968  EapHost - ok
19:44:57.0765 2968  [ 085452A002B8B5A950F2F4AE956A0E2A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:44:57.0906 2968  ERSvc - ok
19:44:57.0968 2968  [ 1427365EFF6F4758DDC88388045E8400 ] Eventlog        C:\WINDOWS\system32\services.exe
19:44:58.0000 2968  Eventlog - ok
19:44:58.0062 2968  [ 584A7EDA1F7DC89E22BB046878A5E350 ] EventSystem     C:\WINDOWS\system32\es.dll
19:44:58.0140 2968  EventSystem - ok
19:44:58.0171 2968  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:44:58.0312 2968  Fastfat - ok
19:44:58.0406 2968  [ 6A5E5E928FB466B95FC9CC2C313D810D ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:44:58.0484 2968  FastUserSwitchingCompatibility - ok
19:44:58.0546 2968  [ 011B5FC678EC357E8653C8C6EE4F3D10 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:44:58.0671 2968  Fax - ok
19:44:58.0703 2968  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
19:44:58.0859 2968  Fdc - ok
19:44:58.0906 2968  [ 9B6AF9E7E172249AFC4AF5576B506233 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:44:59.0062 2968  Fips - ok
19:44:59.0062 2968  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:44:59.0203 2968  Flpydisk - ok
19:44:59.0281 2968  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:44:59.0406 2968  FltMgr - ok
19:44:59.0515 2968  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:44:59.0531 2968  FontCache3.0.0.0 - ok
19:44:59.0562 2968  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:44:59.0703 2968  Fs_Rec - ok
19:44:59.0750 2968  [ 0F47404101E488D7D49E45A8AF4CDF90 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:44:59.0890 2968  Ftdisk - ok
19:44:59.0921 2968  [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv            C:\WINDOWS\gdrv.sys
19:45:01.0281 2968  gdrv - ok
19:45:01.0328 2968  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:45:01.0343 2968  GEARAspiWDM - ok
19:45:01.0406 2968  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:45:01.0531 2968  Gpc - ok
19:45:01.0625 2968  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:45:01.0640 2968  gupdate - ok
19:45:01.0656 2968  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:45:01.0671 2968  gupdatem - ok
19:45:01.0765 2968  [ 7BADB9F996095DF9BF9199D976850A43 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:45:01.0906 2968  helpsvc - ok
19:45:01.0906 2968  HidServ - ok
19:45:01.0984 2968  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:45:02.0109 2968  HidUsb - ok
19:45:02.0187 2968  [ BD539A6F8B0BB2FDB36C0C5AE501B629 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:45:02.0343 2968  hkmsvc - ok
19:45:02.0359 2968  hpn - ok
19:45:02.0421 2968  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:45:02.0562 2968  HPZid412 - ok
19:45:02.0593 2968  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:45:02.0625 2968  HPZipr12 - ok
19:45:02.0656 2968  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:45:02.0703 2968  HPZius12 - ok
19:45:02.0781 2968  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:45:02.0828 2968  HTTP - ok
19:45:02.0859 2968  [ 771F0AF6057426C881FA47D68D7C76C7 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:45:03.0000 2968  HTTPFilter - ok
19:45:03.0015 2968  i2omgmt - ok
19:45:03.0031 2968  i2omp - ok
19:45:03.0093 2968  [ 9354FAA5F4084CCB31A868BFA4BC2ED0 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:45:03.0234 2968  i8042prt - ok
19:45:03.0296 2968  [ 1406D6EF4436AEE970EFE13193123965 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:45:03.0562 2968  ialm - ok
19:45:03.0656 2968  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:45:03.0750 2968  idsvc - ok
19:45:03.0781 2968  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:45:03.0921 2968  Imapi - ok
19:45:03.0968 2968  [ 5B6CAC3413D122AC7C35165602E02416 ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:45:04.0109 2968  ImapiService - ok
19:45:04.0125 2968  ini910u - ok
19:45:04.0171 2968  [ 482068F766AE1B79C12DE149897CEC74 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
19:45:04.0296 2968  IntelIde - ok
19:45:04.0359 2968  [ 40C589797CB66DA0C1FE305F3BFCFDAF ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:45:04.0500 2968  intelppm - ok
19:45:04.0515 2968  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:45:04.0656 2968  Ip6Fw - ok
19:45:04.0687 2968  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:45:04.0859 2968  IpFilterDriver - ok
19:45:04.0875 2968  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:45:04.0984 2968  IpInIp - ok
19:45:05.0046 2968  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:45:05.0171 2968  IpNat - ok
19:45:05.0250 2968  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:45:05.0281 2968  iPod Service - ok
19:45:05.0312 2968  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:45:05.0437 2968  IPSec - ok
19:45:05.0468 2968  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:45:05.0609 2968  IRENUM - ok
19:45:05.0656 2968  [ 338AC2EBB3E3410B7E95185DA8E73A41 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:45:05.0781 2968  isapnp - ok
19:45:05.0937 2968  [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:45:05.0953 2968  JavaQuickStarterService - ok
19:45:06.0031 2968  [ 9C1C146FA88A622FE5A7BC526E2E1289 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:45:06.0171 2968  Kbdclass - ok
19:45:06.0187 2968  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:45:06.0328 2968  kmixer - ok
19:45:06.0375 2968  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:45:06.0484 2968  KSecDD - ok
19:45:06.0546 2968  [ 23144A1C86483871370BEAD46CB37E68 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:45:06.0671 2968  lanmanserver - ok
19:45:06.0718 2968  [ 9E79D743CBCF217F9A6BE5DFA3AB4252 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:45:06.0812 2968  lanmanworkstation - ok
19:45:06.0812 2968  lbrtfdc - ok
19:45:06.0890 2968  [ CC63093B849D045246706E08A3342ED0 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:45:07.0000 2968  LmHosts - ok
19:45:07.0125 2968  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:45:07.0203 2968  MDM ( UnsignedFile.Multi.Generic ) - warning
19:45:07.0203 2968  MDM - detected UnsignedFile.Multi.Generic (1)
19:45:07.0250 2968  [ D12F21ED0E0D90631B2E653F6840CB9C ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:45:07.0359 2968  Messenger - ok
19:45:07.0468 2968  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:45:07.0484 2968  Microsoft Office Groove Audit Service - ok
19:45:07.0546 2968  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:45:07.0687 2968  mnmdd - ok
19:45:07.0734 2968  [ 879A0067D316AE2430787491DE9CCDC0 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:45:07.0859 2968  mnmsrvc - ok
19:45:07.0921 2968  [ 829696409B58694B97F9DCAA4053C559 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:45:08.0062 2968  Modem - ok
19:45:08.0093 2968  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:45:08.0250 2968  MODEMCSA - ok
19:45:08.0281 2968  [ A08EAF51779F54ED303650D1D42ECD90 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:45:08.0390 2968  Mouclass - ok
19:45:08.0406 2968  [ BB04BB4D7FE1A38BDC61F0A174198E69 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:45:08.0546 2968  mouhid - ok
19:45:08.0578 2968  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:45:08.0687 2968  MountMgr - ok
19:45:08.0750 2968  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:45:08.0812 2968  MpFilter - ok
19:45:08.0812 2968  mraid35x - ok
19:45:08.0859 2968  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:45:09.0000 2968  MRxDAV - ok
19:45:09.0062 2968  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:45:09.0171 2968  MRxSmb - ok
19:45:09.0250 2968  [ A1D2E6DD4FC0C9A4208717B11E0CA79C ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:45:09.0390 2968  MSDTC - ok
19:45:09.0406 2968  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:45:09.0546 2968  Msfs - ok
19:45:09.0562 2968  MSIServer - ok
19:45:09.0625 2968  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:45:09.0750 2968  MSKSSRV - ok
19:45:09.0859 2968  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:45:09.0875 2968  MsMpSvc - ok
19:45:09.0890 2968  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:45:10.0031 2968  MSPCLOCK - ok
19:45:10.0046 2968  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:45:10.0187 2968  MSPQM - ok
19:45:10.0250 2968  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:45:10.0390 2968  mssmbios - ok
19:45:10.0453 2968  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:45:10.0546 2968  Mup - ok
19:45:10.0593 2968  [ 025F2AF826358E88B25D82C8017A5AA9 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:45:10.0765 2968  napagent - ok
19:45:10.0828 2968  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:45:10.0937 2968  NDIS - ok
19:45:11.0000 2968  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:45:11.0046 2968  NdisTapi - ok
19:45:11.0078 2968  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:45:11.0203 2968  Ndisuio - ok
19:45:11.0234 2968  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:45:11.0375 2968  NdisWan - ok
19:45:11.0406 2968  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:45:11.0515 2968  NDProxy - ok
19:45:11.0578 2968  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:45:11.0718 2968  NetBIOS - ok
19:45:11.0750 2968  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:45:11.0875 2968  NetBT - ok
19:45:11.0937 2968  [ 6DEF5A7A8887CC7FEF24EBBAFF74385C ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:45:12.0078 2968  NetDDE - ok
19:45:12.0078 2968  [ 6DEF5A7A8887CC7FEF24EBBAFF74385C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:45:12.0203 2968  NetDDEdsdm - ok
19:45:12.0250 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:45:12.0390 2968  Netlogon - ok
19:45:12.0453 2968  [ 06A4ECA228EA636F4A1F6CE7542B6923 ] Netman          C:\WINDOWS\System32\netman.dll
19:45:12.0578 2968  Netman - ok
19:45:12.0640 2968  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:45:12.0671 2968  NetTcpPortSharing - ok
19:45:12.0718 2968  [ 291B944E825F8AA629A7A41716C2EC24 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:45:12.0750 2968  Nla - ok
19:45:12.0890 2968  [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice       C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
19:45:12.0921 2968  nmservice - ok
19:45:12.0968 2968  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:45:13.0109 2968  Npfs - ok
19:45:13.0156 2968  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:45:13.0359 2968  Ntfs - ok
19:45:13.0375 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:45:13.0500 2968  NtLmSsp - ok
19:45:13.0562 2968  [ F3111AEB82E09867722BF0A92742B9F6 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:45:13.0796 2968  NtmsSvc - ok
19:45:13.0828 2968  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:45:13.0953 2968  Null - ok
19:45:14.0015 2968  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:45:14.0156 2968  NwlnkFlt - ok
19:45:14.0203 2968  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:45:14.0359 2968  NwlnkFwd - ok
19:45:14.0500 2968  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:45:14.0531 2968  odserv - ok
19:45:14.0593 2968  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:14.0609 2968  ose - ok
19:45:14.0687 2968  [ 88FFA60E94CA89C489DB4C6A38994EBF ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:45:14.0828 2968  Parport - ok
19:45:14.0859 2968  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:45:14.0984 2968  PartMgr - ok
19:45:15.0031 2968  [ B3239C7D0AB1346AFA76076EE76778D3 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:45:15.0171 2968  ParVdm - ok
19:45:15.0187 2968  [ 542690F2E4D5840202B0F13EA1BADA05 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:45:15.0296 2968  PCI - ok
19:45:15.0312 2968  PCIDump - ok
19:45:15.0390 2968  [ B928CA32FD2294EEDD7DF3BD9528D24C ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:45:15.0531 2968  PCIIde - ok
19:45:15.0578 2968  [ 5D631C4C0270A9982423DB089AFE7621 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:45:15.0718 2968  Pcmcia - ok
19:45:15.0734 2968  PDCOMP - ok
19:45:15.0734 2968  PDFRAME - ok
19:45:15.0750 2968  PDRELI - ok
19:45:15.0765 2968  PDRFRAME - ok
19:45:15.0765 2968  perc2 - ok
19:45:15.0781 2968  perc2hib - ok
19:45:15.0843 2968  [ 1427365EFF6F4758DDC88388045E8400 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:45:15.0875 2968  PlugPlay - ok
19:45:15.0921 2968  [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:45:15.0953 2968  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:45:15.0953 2968  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:45:16.0015 2968  [ 36FCAC4FA28B462CA867742DEA59B0D0 ] pnarp           C:\WINDOWS\system32\DRIVERS\pnarp.sys
19:45:16.0031 2968  pnarp - ok
19:45:16.0046 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:45:16.0171 2968  PolicyAgent - ok
19:45:16.0234 2968  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:45:16.0375 2968  PptpMiniport - ok
19:45:16.0375 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:45:16.0500 2968  ProtectedStorage - ok
19:45:16.0531 2968  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:45:16.0656 2968  PSched - ok
19:45:16.0687 2968  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:45:16.0843 2968  Ptilink - ok
19:45:16.0906 2968  [ 1219AC397BB4BA5B41346016C4C9C29C ] Ptserial        C:\WINDOWS\system32\DRIVERS\ptserial.sys
19:45:16.0937 2968  Ptserial ( UnsignedFile.Multi.Generic ) - warning
19:45:16.0937 2968  Ptserial - detected UnsignedFile.Multi.Generic (1)
19:45:16.0984 2968  [ D8AC00388262B1A4878A7EE12F31D376 ] purendis        C:\WINDOWS\system32\DRIVERS\purendis.sys
19:45:17.0000 2968  purendis - ok
19:45:17.0015 2968  ql1080 - ok
19:45:17.0015 2968  Ql10wnt - ok
19:45:17.0031 2968  ql12160 - ok
19:45:17.0046 2968  ql1240 - ok
19:45:17.0046 2968  ql1280 - ok
19:45:17.0171 2968  RapportIaso - ok
19:45:17.0203 2968  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:45:17.0359 2968  RasAcd - ok
19:45:17.0390 2968  [ A8B7E42255E670199ACE9C01DDA49846 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:45:17.0531 2968  RasAuto - ok
19:45:17.0546 2968  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:45:17.0687 2968  Rasl2tp - ok
19:45:17.0734 2968  [ 9F0F55A61BA52FD45E22C4377FA66CE6 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:45:17.0859 2968  RasMan - ok
19:45:17.0875 2968  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:45:18.0000 2968  RasPppoe - ok
19:45:18.0015 2968  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:45:18.0171 2968  Raspti - ok
19:45:18.0234 2968  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:45:18.0343 2968  Rdbss - ok
19:45:18.0359 2968  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:45:18.0515 2968  RDPCDD - ok
19:45:18.0578 2968  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:45:18.0656 2968  RDPWD - ok
19:45:18.0703 2968  [ 47B61AA3807EA393A970857B70ED72E0 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:45:18.0843 2968  RDSessMgr - ok
19:45:18.0953 2968  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:45:18.0968 2968  RealNetworks Downloader Resolver Service - ok
19:45:18.0984 2968  [ 1AAFCAEED86CD38DB3C501610F28F131 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:45:19.0109 2968  redbook - ok
19:45:19.0156 2968  [ CAB398502582FA3BEDB8C47B45373A0E ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:45:19.0296 2968  RemoteAccess - ok
19:45:19.0343 2968  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:45:19.0484 2968  RFCOMM - ok
19:45:19.0531 2968  [ BBCE96557881586683611C561FB06269 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
19:45:19.0656 2968  RimUsb - ok
19:45:19.0718 2968  [ C4F4FCD5AE48BDD31648981DDF8EF993 ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
19:45:19.0750 2968  RimVSerPort - ok
19:45:19.0812 2968  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
19:45:19.0953 2968  ROOTMODEM - ok
19:45:20.0000 2968  [ BB74202C4EB883082385CD366CFF7BDA ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:45:20.0125 2968  RpcLocator - ok
19:45:20.0171 2968  [ 271830BCE6D77085E72D571F60EAF85A ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:45:20.0250 2968  RpcSs - ok
19:45:20.0312 2968  [ FF74A30958DABC43813AC8E0283CFD87 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:45:21.0625 2968  RSVP - ok
19:45:21.0703 2968  [ 84BEAF4A13A36CB9BB0663DF9089CEA2 ] rt2870          C:\WINDOWS\system32\DRIVERS\rt2870.sys
19:45:21.0796 2968  rt2870 - ok
19:45:21.0843 2968  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:45:21.0953 2968  rtl8139 - ok
19:45:21.0968 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:45:22.0140 2968  SamSs - ok
19:45:22.0203 2968  [ 6DA4BBD3F1CE9041B9D881C8CAD572AD ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:45:22.0328 2968  SCardSvr - ok
19:45:22.0390 2968  [ 8F97E67ECB9F450F3E0FF626641DA365 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:45:22.0531 2968  Schedule - ok
19:45:22.0593 2968  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:45:22.0734 2968  Secdrv - ok
19:45:22.0765 2968  [ FCECA7F90E5EB601BE5FD8ADFF2A19C7 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:45:22.0906 2968  seclogon - ok
19:45:22.0921 2968  [ FABB04E47EA91FA05AACF03C8BB7AF16 ] SENS            C:\WINDOWS\system32\sens.dll
19:45:23.0062 2968  SENS - ok
19:45:23.0109 2968  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:45:23.0218 2968  serenum - ok
19:45:23.0234 2968  [ CF89293B8D37CBC287B13A079AFD7C5C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:45:23.0375 2968  Serial - ok
19:45:23.0406 2968  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:45:23.0562 2968  Sfloppy - ok
19:45:23.0656 2968  [ C4E4C037245CD2A2610EE58F46614712 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:45:23.0781 2968  SharedAccess - ok
19:45:23.0812 2968  [ 6A5E5E928FB466B95FC9CC2C313D810D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:45:23.0843 2968  ShellHWDetection - ok
19:45:23.0843 2968  Simbad - ok
19:45:24.0265 2968  [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:45:24.0390 2968  Skype C2C Service - ok
19:45:24.0484 2968  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:45:24.0515 2968  SkypeUpdate - ok
19:45:24.0578 2968  [ D72A21424CA66C7A745BD995ECA6A710 ] SMBios          C:\WINDOWS\system32\DRIVERS\SMBios.sys
19:45:24.0593 2968  SMBios ( UnsignedFile.Multi.Generic ) - warning
19:45:24.0593 2968  SMBios - detected UnsignedFile.Multi.Generic (1)
19:45:24.0609 2968  Sparrow - ok
19:45:24.0656 2968  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:45:24.0796 2968  splitter - ok
19:45:24.0843 2968  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:45:24.0937 2968  Spooler - ok
19:45:24.0953 2968  [ B57E685C65D8A5CB53DFC0DB97E3A590 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:45:25.0078 2968  sr - ok
19:45:25.0140 2968  [ 0C486E769D9F0BD558EDF1028D5B3A97 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:45:25.0265 2968  srservice - ok
19:45:25.0343 2968  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:45:25.0484 2968  Srv - ok
19:45:25.0562 2968  [ A7CB4B261EAC77F66ABBC3A6D67310D7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:45:25.0687 2968  SSDPSRV - ok
19:45:25.0734 2968  [ C80D292B0B9CBC59AF1D194EE5D85918 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
19:45:25.0890 2968  StillCam - ok
19:45:25.0968 2968  [ 2CD5C528EB34C1DB277A49B31BDAC41F ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:45:26.0156 2968  stisvc - ok
19:45:26.0171 2968  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:45:26.0296 2968  swenum - ok
19:45:26.0328 2968  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:45:26.0468 2968  swmidi - ok
19:45:26.0468 2968  SwPrv - ok
19:45:26.0500 2968  symc810 - ok
19:45:26.0500 2968  symc8xx - ok
19:45:26.0515 2968  sym_hi - ok
19:45:26.0531 2968  sym_u3 - ok
19:45:26.0546 2968  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:45:26.0687 2968  sysaudio - ok
19:45:26.0750 2968  [ A2D06F4F655CBB94ADE61F9F9B8D7DE7 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:45:26.0875 2968  SysmonLog - ok
19:45:26.0953 2968  [ 1171249B20075E2A5FF1EE09B96E505E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:45:27.0078 2968  TapiSrv - ok
19:45:27.0156 2968  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:45:27.0234 2968  Tcpip - ok
19:45:27.0265 2968  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:45:27.0437 2968  TDPIPE - ok
19:45:27.0453 2968  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:45:27.0609 2968  TDTCP - ok
19:45:27.0625 2968  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:45:27.0750 2968  TermDD - ok
19:45:27.0812 2968  [ 58E202572D3251BF2687BF841EA00CE0 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:45:28.0109 2968  TermService - ok
19:45:28.0156 2968  [ 6A5E5E928FB466B95FC9CC2C313D810D ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:45:28.0171 2968  Themes - ok
19:45:28.0187 2968  TosIde - ok
19:45:28.0281 2968  [ A4B93780AF1876BB0195B1BC3688C5CB ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:45:28.0390 2968  TrkWks - ok
19:45:28.0437 2968  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\TrueSight.sys
19:45:28.0468 2968  TrueSight ( UnsignedFile.Multi.Generic ) - warning
19:45:28.0468 2968  TrueSight - detected UnsignedFile.Multi.Generic (1)
19:45:28.0500 2968  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:45:28.0656 2968  Udfs - ok
19:45:28.0671 2968  ultra - ok
19:45:28.0750 2968  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:45:28.0875 2968  Update - ok
19:45:28.0937 2968  [ B87E398A9B268ED7EFFEF18107D9B0C2 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:45:29.0062 2968  upnphost - ok
19:45:29.0093 2968  [ 6B763AA9276269B4A51D3F7515045160 ] UPS             C:\WINDOWS\System32\ups.exe
19:45:29.0218 2968  UPS - ok
19:45:29.0281 2968  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
19:45:29.0296 2968  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
19:45:29.0296 2968  USBAAPL - detected UnsignedFile.Multi.Generic (1)
19:45:29.0359 2968  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:45:29.0484 2968  usbaudio - ok
19:45:29.0546 2968  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:45:29.0703 2968  usbccgp - ok
19:45:29.0765 2968  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:45:29.0890 2968  usbehci - ok
19:45:29.0953 2968  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:45:30.0078 2968  usbhub - ok
19:45:30.0109 2968  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:45:30.0234 2968  usbprint - ok
19:45:30.0296 2968  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:45:30.0421 2968  usbscan - ok
19:45:30.0453 2968  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:45:30.0578 2968  USBSTOR - ok
19:45:30.0625 2968  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:45:30.0734 2968  usbuhci - ok
19:45:30.0781 2968  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:45:30.0890 2968  VgaSave - ok
19:45:30.0906 2968  ViaIde - ok
19:45:30.0984 2968  [ C8487A076C1EFB7612D1DBB0B3CDABDD ] Vmodem          C:\WINDOWS\system32\DRIVERS\vmodem.sys
19:45:31.0031 2968  Vmodem ( UnsignedFile.Multi.Generic ) - warning
19:45:31.0031 2968  Vmodem - detected UnsignedFile.Multi.Generic (1)
19:45:31.0078 2968  [ E3EED80ADEA08F324A3722AB81E136D0 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:45:31.0187 2968  VolSnap - ok
19:45:31.0234 2968  [ 431B10698D6906649A6C551F1F652823 ] Vpctcom         C:\WINDOWS\system32\DRIVERS\vpctcom.sys
19:45:31.0328 2968  Vpctcom ( UnsignedFile.Multi.Generic ) - warning
19:45:31.0328 2968  Vpctcom - detected UnsignedFile.Multi.Generic (1)
19:45:31.0406 2968  [ 757131F176E3A7423286078B080BF9A2 ] VSS             C:\WINDOWS\System32\vssvc.exe
19:45:31.0546 2968  VSS - ok
19:45:31.0578 2968  [ 4BB2F5DE8A23D32A007DB2DB9F5A0E96 ] Vvoice          C:\WINDOWS\system32\DRIVERS\vvoice.sys
19:45:31.0593 2968  Vvoice ( UnsignedFile.Multi.Generic ) - warning
19:45:31.0593 2968  Vvoice - detected UnsignedFile.Multi.Generic (1)
19:45:31.0687 2968  [ 565E206FD5444ADC9EFD8C0325DAC882 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:45:31.0828 2968  W32Time - ok
19:45:31.0875 2968  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:45:32.0000 2968  Wanarp - ok
19:45:32.0093 2968  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
19:45:32.0125 2968  Wdf01000 - ok
19:45:32.0125 2968  WDICA - ok
19:45:32.0171 2968  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:45:32.0312 2968  wdmaud - ok
19:45:32.0375 2968  [ 18D3FAE7E2B76E213DA806C13AB2D87C ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:45:32.0515 2968  WebClient - ok
19:45:32.0656 2968  [ 347F3474960367180E1855BAADF6ECF4 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:45:32.0796 2968  winmgmt - ok
19:45:32.0843 2968  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:45:32.0953 2968  WmdmPmSN - ok
19:45:33.0015 2968  [ 219A80D33B424A7C0740536B50A1E5D2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:45:33.0156 2968  WmiApSrv - ok
19:45:33.0281 2968  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:45:33.0390 2968  WMPNetworkSvc - ok
19:45:33.0437 2968  [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:45:33.0484 2968  WpdUsb - ok
19:45:33.0625 2968  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:45:33.0734 2968  WPFFontCache_v0400 - ok
19:45:33.0781 2968  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:45:33.0937 2968  WS2IFSL - ok
19:45:34.0000 2968  [ 7860BB84EC2542FA526A074B94C7B0A7 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:45:34.0125 2968  wscsvc - ok
19:45:34.0156 2968  [ 86DAF128A3FC857669FD0FD44672C971 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:45:34.0281 2968  wuauserv - ok
19:45:34.0359 2968  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:45:34.0421 2968  WudfPf - ok
19:45:34.0453 2968  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:45:34.0500 2968  WudfRd - ok
19:45:34.0515 2968  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:45:34.0546 2968  WudfSvc - ok
19:45:34.0640 2968  [ 88B3D466D059C7CC95B20175F656E776 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:45:34.0812 2968  WZCSVC - ok
19:45:34.0843 2968  [ A3FD2742E0AA6B637454B1B72220CBFA ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:45:34.0984 2968  xmlprov - ok
19:45:35.0062 2968  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
19:45:35.0125 2968  {6080A529-897E-4629-A488-ABA0C29B635E} - ok
19:45:35.0156 2968  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
19:45:35.0187 2968  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
19:45:35.0187 2968  ================ Scan global ===============================
19:45:35.0234 2968  [ E9E224F07CA540E57BA08B0F852204BF ] C:\WINDOWS\system32\basesrv.dll
19:45:35.0312 2968  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
19:45:35.0343 2968  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
19:45:35.0359 2968  [ 1427365EFF6F4758DDC88388045E8400 ] C:\WINDOWS\system32\services.exe
19:45:35.0359 2968  [Global] - ok
19:45:35.0359 2968  ================ Scan MBR ==================================
19:45:35.0390 2968  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:45:35.0687 2968  \Device\Harddisk0\DR0 - ok
19:45:35.0687 2968  ================ Scan VBR ==================================
19:45:35.0687 2968  [ 6E380D5300E63432228349AA332BEC9B ] \Device\Harddisk0\DR0\Partition1
19:45:35.0687 2968  \Device\Harddisk0\DR0\Partition1 - ok
19:45:35.0687 2968  ================ Scan active images ========================
19:45:35.0703 2968  [ 40C589797CB66DA0C1FE305F3BFCFDAF ] C:\WINDOWS\system32\drivers\intelppm.sys
19:45:35.0703 2968  C:\WINDOWS\system32\drivers\intelppm.sys - ok
19:45:35.0703 2968  [ D72A21424CA66C7A745BD995ECA6A710 ] C:\WINDOWS\system32\drivers\SMBios.sys
19:45:35.0703 2968  C:\WINDOWS\system32\drivers\SMBios.sys - ok
19:45:35.0718 2968  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
19:45:35.0718 2968  C:\WINDOWS\system32\drivers\videoprt.sys - ok
19:45:35.0718 2968  [ 1406D6EF4436AEE970EFE13193123965 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
19:45:35.0718 2968  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
19:45:35.0734 2968  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
19:45:35.0734 2968  C:\WINDOWS\system32\drivers\usbport.sys - ok
19:45:35.0750 2968  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
19:45:35.0750 2968  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
19:45:35.0750 2968  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
19:45:35.0750 2968  C:\WINDOWS\system32\drivers\usbehci.sys - ok
19:45:35.0765 2968  [ 1219AC397BB4BA5B41346016C4C9C29C ] C:\WINDOWS\system32\drivers\ptserial.sys
19:45:35.0765 2968  C:\WINDOWS\system32\drivers\ptserial.sys - ok
19:45:35.0765 2968  [ 829696409B58694B97F9DCAA4053C559 ] C:\WINDOWS\system32\drivers\modem.sys
19:45:35.0765 2968  C:\WINDOWS\system32\drivers\modem.sys - ok
19:45:35.0781 2968  [ D507C1400284176573224903819FFDA3 ] C:\WINDOWS\system32\drivers\RTL8139.sys
19:45:35.0781 2968  C:\WINDOWS\system32\drivers\RTL8139.sys - ok
19:45:35.0796 2968  [ 9354FAA5F4084CCB31A868BFA4BC2ED0 ] C:\WINDOWS\system32\drivers\i8042prt.sys
19:45:35.0796 2968  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
19:45:35.0796 2968  [ 9C1C146FA88A622FE5A7BC526E2E1289 ] C:\WINDOWS\system32\drivers\kbdclass.sys
19:45:35.0796 2968  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
19:45:35.0812 2968  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
19:45:35.0812 2968  C:\WINDOWS\system32\drivers\fdc.sys - ok
19:45:35.0812 2968  [ CF89293B8D37CBC287B13A079AFD7C5C ] C:\WINDOWS\system32\drivers\serial.sys
19:45:35.0812 2968  C:\WINDOWS\system32\drivers\serial.sys - ok
19:45:35.0828 2968  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
19:45:35.0828 2968  C:\WINDOWS\system32\drivers\serenum.sys - ok
19:45:35.0828 2968  [ 88FFA60E94CA89C489DB4C6A38994EBF ] C:\WINDOWS\system32\drivers\parport.sys
19:45:35.0828 2968  C:\WINDOWS\system32\drivers\parport.sys - ok
19:45:35.0843 2968  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
19:45:35.0843 2968  C:\WINDOWS\system32\drivers\imapi.sys - ok
19:45:35.0843 2968  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
19:45:35.0843 2968  C:\WINDOWS\system32\drivers\cdrom.sys - ok
19:45:35.0859 2968  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
19:45:35.0859 2968  C:\WINDOWS\system32\drivers\ks.sys - ok
19:45:35.0875 2968  [ 1AAFCAEED86CD38DB3C501610F28F131 ] C:\WINDOWS\system32\drivers\redbook.sys
19:45:35.0875 2968  C:\WINDOWS\system32\drivers\redbook.sys - ok
19:45:35.0875 2968  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
19:45:35.0875 2968  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
19:45:35.0890 2968  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
19:45:35.0890 2968  C:\WINDOWS\system32\drivers\drmk.sys - ok
19:45:35.0890 2968  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
19:45:35.0890 2968  C:\WINDOWS\system32\drivers\portcls.sys - ok
19:45:35.0906 2968  [ FBBCB95F677CBAA924140B6EA2D9A97B ] C:\WINDOWS\system32\drivers\ALCXSENS.SYS
19:45:35.0906 2968  C:\WINDOWS\system32\drivers\ALCXSENS.SYS - ok
19:45:35.0921 2968  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:45:35.0921 2968  C:\WINDOWS\system32\drivers\ALCXWDM.SYS - ok
19:45:35.0921 2968  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
19:45:35.0921 2968  C:\WINDOWS\system32\drivers\audstub.sys - ok
19:45:35.0937 2968  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] C:\WINDOWS\system32\drivers\rootmdm.sys
19:45:35.0937 2968  C:\WINDOWS\system32\drivers\rootmdm.sys - ok
19:45:35.0937 2968  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
19:45:35.0937 2968  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
19:45:35.0953 2968  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
19:45:35.0953 2968  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
19:45:35.0953 2968  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
19:45:35.0953 2968  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
19:45:35.0968 2968  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
19:45:35.0968 2968  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
19:45:35.0984 2968  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
19:45:35.0984 2968  C:\WINDOWS\system32\drivers\tdi.sys - ok
19:45:35.0984 2968  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
19:45:35.0984 2968  C:\WINDOWS\system32\drivers\raspptp.sys - ok
19:45:36.0000 2968  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
19:45:36.0000 2968  C:\WINDOWS\system32\drivers\psched.sys - ok
19:45:36.0000 2968  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
19:45:36.0000 2968  C:\WINDOWS\system32\drivers\msgpc.sys - ok
19:45:36.0015 2968  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
19:45:36.0015 2968  C:\WINDOWS\system32\drivers\ptilink.sys - ok
19:45:36.0031 2968  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
19:45:36.0031 2968  C:\WINDOWS\system32\drivers\raspti.sys - ok
19:45:36.0031 2968  [ C4F4FCD5AE48BDD31648981DDF8EF993 ] C:\WINDOWS\system32\drivers\RimSerial.sys
19:45:36.0031 2968  C:\WINDOWS\system32\drivers\RimSerial.sys - ok
19:45:36.0046 2968  [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys
19:45:36.0046 2968  C:\WINDOWS\system32\drivers\wdf01000.sys - ok
19:45:36.0046 2968  [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys
19:45:36.0046 2968  C:\WINDOWS\system32\drivers\wdfldr.sys - ok
19:45:36.0062 2968  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
19:45:36.0062 2968  C:\WINDOWS\system32\drivers\termdd.sys - ok
19:45:36.0062 2968  [ A08EAF51779F54ED303650D1D42ECD90 ] C:\WINDOWS\system32\drivers\mouclass.sys
19:45:36.0062 2968  C:\WINDOWS\system32\drivers\mouclass.sys - ok
19:45:36.0078 2968  [ C80D292B0B9CBC59AF1D194EE5D85918 ] C:\WINDOWS\system32\drivers\serscan.sys
19:45:36.0078 2968  C:\WINDOWS\system32\drivers\serscan.sys - ok
19:45:36.0078 2968  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
19:45:36.0078 2968  C:\WINDOWS\system32\drivers\swenum.sys - ok
19:45:36.0093 2968  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
19:45:36.0093 2968  C:\WINDOWS\system32\drivers\update.sys - ok
19:45:36.0109 2968  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
19:45:36.0109 2968  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
19:45:36.0109 2968  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
19:45:36.0109 2968  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
19:45:36.0125 2968  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] C:\WINDOWS\system32\drivers\ialmkchw.sys
19:45:36.0125 2968  C:\WINDOWS\system32\drivers\ialmkchw.sys - ok
19:45:36.0125 2968  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] C:\WINDOWS\system32\drivers\ialmsbw.sys
19:45:36.0125 2968  C:\WINDOWS\system32\drivers\ialmsbw.sys - ok
19:45:36.0140 2968  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
19:45:36.0140 2968  C:\WINDOWS\system32\drivers\usbd.sys - ok
19:45:36.0140 2968  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
19:45:36.0140 2968  C:\WINDOWS\system32\drivers\usbhub.sys - ok
19:45:36.0156 2968  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:45:36.0156 2968  C:\WINDOWS\system32\drivers\MODEMCSA.sys - ok
19:45:36.0171 2968  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
19:45:36.0171 2968  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
19:45:36.0171 2968  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
19:45:36.0171 2968  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
19:45:36.0187 2968  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
19:45:36.0187 2968  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
19:45:36.0187 2968  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
19:45:36.0187 2968  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
19:45:36.0203 2968  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
19:45:36.0203 2968  C:\WINDOWS\system32\drivers\beep.sys - ok
19:45:36.0218 2968  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
19:45:36.0218 2968  C:\WINDOWS\system32\drivers\null.sys - ok
19:45:36.0218 2968  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
19:45:36.0218 2968  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
19:45:36.0234 2968  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
19:45:36.0234 2968  C:\WINDOWS\system32\drivers\msfs.sys - ok
19:45:36.0234 2968  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
19:45:36.0234 2968  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
19:45:36.0250 2968  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
19:45:36.0250 2968  C:\WINDOWS\system32\drivers\vga.sys - ok
19:45:36.0250 2968  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
19:45:36.0265 2968  C:\WINDOWS\system32\drivers\npfs.sys - ok
19:45:36.0265 2968  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
19:45:36.0265 2968  C:\WINDOWS\system32\drivers\rasacd.sys - ok
19:45:36.0281 2968  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
19:45:36.0281 2968  C:\WINDOWS\system32\drivers\ipsec.sys - ok
19:45:36.0281 2968  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
19:45:36.0281 2968  C:\WINDOWS\system32\drivers\tcpip.sys - ok
19:45:36.0296 2968  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
19:45:36.0296 2968  C:\WINDOWS\system32\drivers\ipnat.sys - ok
19:45:36.0296 2968  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
19:45:36.0296 2968  C:\WINDOWS\system32\drivers\netbt.sys - ok
19:45:36.0312 2968  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
19:45:36.0312 2968  C:\WINDOWS\system32\drivers\wanarp.sys - ok
19:45:36.0328 2968  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:45:36.0328 2968  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
19:45:36.0328 2968  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
19:45:36.0328 2968  C:\WINDOWS\system32\drivers\afd.sys - ok
19:45:36.0343 2968  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
19:45:36.0343 2968  C:\WINDOWS\system32\drivers\netbios.sys - ok
19:45:36.0343 2968  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
19:45:36.0343 2968  C:\WINDOWS\system32\drivers\rdbss.sys - ok
19:45:36.0359 2968  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
19:45:36.0359 2968  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
19:45:36.0359 2968  [ 9B6AF9E7E172249AFC4AF5576B506233 ] C:\WINDOWS\system32\drivers\fips.sys
19:45:36.0359 2968  C:\WINDOWS\system32\drivers\fips.sys - ok
19:45:36.0375 2968  [ 51940F4846936F417C830EC940250011 ] C:\WINDOWS\system32\smss.exe
19:45:36.0375 2968  C:\WINDOWS\system32\smss.exe - ok
19:45:36.0375 2968  [ DDF32DBE29ECC261B87C4CD6792EAE51 ] C:\WINDOWS\system32\ntdll.dll
19:45:36.0375 2968  C:\WINDOWS\system32\ntdll.dll - ok
19:45:36.0390 2968  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
19:45:36.0390 2968  C:\WINDOWS\system32\drivers\hidparse.sys - ok
19:45:36.0406 2968  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
19:45:36.0406 2968  C:\WINDOWS\system32\drivers\hidclass.sys - ok
19:45:36.0406 2968  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
19:45:36.0406 2968  C:\WINDOWS\system32\drivers\hidusb.sys - ok
19:45:36.0421 2968  [ 55A4C39909A063D9B4681E2C8703CAB3 ] C:\WINDOWS\system32\autochk.exe
19:45:36.0421 2968  C:\WINDOWS\system32\autochk.exe - ok
19:45:36.0421 2968  [ 6B8B7B206FA0C50B4CF99EEE2AC14BC7 ] C:\WINDOWS\system32\sfcfiles.dll
19:45:36.0421 2968  C:\WINDOWS\system32\sfcfiles.dll - ok
19:45:36.0437 2968  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
19:45:36.0437 2968  C:\WINDOWS\system32\drivers\cdfs.sys - ok
19:45:36.0437 2968  [ 84BEAF4A13A36CB9BB0663DF9089CEA2 ] C:\WINDOWS\system32\drivers\rt2870.sys
19:45:36.0437 2968  C:\WINDOWS\system32\drivers\rt2870.sys - ok
19:45:36.0453 2968  [ BB04BB4D7FE1A38BDC61F0A174198E69 ] C:\WINDOWS\system32\drivers\mouhid.sys
19:45:36.0453 2968  C:\WINDOWS\system32\drivers\mouhid.sys - ok
19:45:36.0468 2968  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
19:45:36.0468 2968  C:\WINDOWS\system32\drivers\wmilib.sys - ok
19:45:36.0468 2968  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
19:45:36.0468 2968  C:\WINDOWS\system32\drivers\atapi.sys - ok
19:45:36.0484 2968  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
19:45:36.0484 2968  C:\WINDOWS\system32\drivers\dxapi.sys - ok
19:45:36.0484 2968  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
19:45:36.0484 2968  C:\WINDOWS\system32\watchdog.sys - ok
19:45:36.0500 2968  [ 8FF6B2D61FF19A2C95C0BE64FD27FB17 ] C:\WINDOWS\system32\win32k.sys
19:45:36.0500 2968  C:\WINDOWS\system32\win32k.sys - ok
19:45:36.0500 2968  [ F291C0F10AB4572ED383948436FBAC32 ] C:\WINDOWS\system32\csrsrv.dll
19:45:36.0500 2968  C:\WINDOWS\system32\csrsrv.dll - ok
19:45:36.0515 2968  [ F18D8DC1895DE3FFFAE84F3B0A763BA6 ] C:\WINDOWS\system32\csrss.exe
19:45:36.0515 2968  C:\WINDOWS\system32\csrss.exe - ok
19:45:36.0531 2968  [ E9E224F07CA540E57BA08B0F852204BF ] C:\WINDOWS\system32\basesrv.dll
19:45:36.0531 2968  C:\WINDOWS\system32\basesrv.dll - ok
19:45:36.0531 2968  [ EDB529B7D26DA50B3BFBDB1BC9E250B4 ] C:\WINDOWS\system32\winsrv.dll
19:45:36.0531 2968  C:\WINDOWS\system32\winsrv.dll - ok
19:45:36.0546 2968  [ 312F1BB1D1F3A9FFF9DD9AA3BD610A18 ] C:\WINDOWS\system32\gdi32.dll
19:45:36.0546 2968  C:\WINDOWS\system32\gdi32.dll - ok
19:45:36.0546 2968  [ 5F3BAC70388FB63977FAA9AE6BF3D2E7 ] C:\WINDOWS\system32\kernel32.dll
19:45:36.0546 2968  C:\WINDOWS\system32\kernel32.dll - ok
19:45:36.0562 2968  [ F95655E872967AE2CD4C19D8914BABB7 ] C:\WINDOWS\system32\user32.dll
19:45:36.0562 2968  C:\WINDOWS\system32\user32.dll - ok
19:45:36.0562 2968  [ 1E3AFE918888D6A61440F95FC24C067D ] C:\WINDOWS\system32\lpk.dll
19:45:36.0562 2968  C:\WINDOWS\system32\lpk.dll - ok
19:45:36.0578 2968  [ C706E8892942989071FF425A930E229B ] C:\WINDOWS\system32\usp10.dll
19:45:36.0578 2968  C:\WINDOWS\system32\usp10.dll - ok
19:45:36.0578 2968  [ 68F9C48199AED6BBA3C557790E50AE13 ] C:\WINDOWS\system32\advapi32.dll
19:45:36.0578 2968  C:\WINDOWS\system32\advapi32.dll - ok
19:45:36.0593 2968  [ 74FCDB04E512862B36EE0FF72E6C9831 ] C:\WINDOWS\system32\rpcrt4.dll
19:45:36.0593 2968  C:\WINDOWS\system32\rpcrt4.dll - ok
19:45:36.0593 2968  [ 5276F901CBA7434B1FC32BAA352A50BA ] C:\WINDOWS\system32\secur32.dll
19:45:36.0593 2968  C:\WINDOWS\system32\secur32.dll - ok
19:45:36.0609 2968  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
19:45:36.0609 2968  C:\WINDOWS\system32\drivers\dxg.sys - ok
19:45:36.0625 2968  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
19:45:36.0625 2968  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
19:45:36.0625 2968  [ 542810C1CA3D19AD07440D2970D4C5EE ] C:\WINDOWS\system32\ialmdnt5.dll
19:45:36.0625 2968  C:\WINDOWS\system32\ialmdnt5.dll - ok
19:45:36.0640 2968  [ 33A1A0567ECE151CA55F8C44D1A8FEA7 ] C:\WINDOWS\system32\ialmrnt5.dll
19:45:36.0640 2968  C:\WINDOWS\system32\ialmrnt5.dll - ok
19:45:36.0640 2968  [ CFDB88E24F5B1ACCFED780F744FB77C5 ] C:\WINDOWS\system32\vga.dll
19:45:36.0640 2968  C:\WINDOWS\system32\vga.dll - ok
19:45:36.0656 2968  [ 588CCD82467DFBEFF54308292127E2F5 ] C:\WINDOWS\system32\ialmdev5.dll
19:45:36.0656 2968  C:\WINDOWS\system32\ialmdev5.dll - ok
19:45:36.0656 2968  [ 9B9A9D9AF199ACAD2379991BF40EA2EC ] C:\WINDOWS\system32\ialmdd5.dll
19:45:36.0656 2968  C:\WINDOWS\system32\ialmdd5.dll - ok
19:45:36.0671 2968  [ BCEDF9DCCBC807108CE34C9834074C34 ] C:\WINDOWS\system32\winlogon.exe
19:45:36.0671 2968  C:\WINDOWS\system32\winlogon.exe - ok
19:45:36.0671 2968  [ F10F2D036A5ACA2B7E9F36A5E886A9E1 ] C:\WINDOWS\system32\authz.dll
19:45:36.0671 2968  C:\WINDOWS\system32\authz.dll - ok
19:45:36.0687 2968  [ 5BFFB45FD985BDECFD16C3E37B9C0222 ] C:\WINDOWS\system32\msvcrt.dll
19:45:36.0687 2968  C:\WINDOWS\system32\msvcrt.dll - ok
19:45:36.0703 2968  [ 815DF00E0DD01A3087468D9F2FD30D58 ] C:\WINDOWS\system32\crypt32.dll
19:45:36.0703 2968  C:\WINDOWS\system32\crypt32.dll - ok
19:45:36.0703 2968  [ 503ED54006286DF13B4CCD950A533AA9 ] C:\WINDOWS\system32\msasn1.dll
19:45:36.0703 2968  C:\WINDOWS\system32\msasn1.dll - ok
19:45:36.0718 2968  [ 9FCBDDF2E3DC4E7655A5A2BBD91EC52C ] C:\WINDOWS\system32\nddeapi.dll
19:45:36.0718 2968  C:\WINDOWS\system32\nddeapi.dll - ok
19:45:36.0718 2968  [ FAA6D9880D4E9C45E6A84C95C9D89922 ] C:\WINDOWS\system32\profmap.dll
19:45:36.0718 2968  C:\WINDOWS\system32\profmap.dll - ok
19:45:36.0734 2968  [ 79903A5B957435B7043BC23FA602D72B ] C:\WINDOWS\system32\netapi32.dll
19:45:36.0734 2968  C:\WINDOWS\system32\netapi32.dll - ok
19:45:36.0750 2968  [ 128647955AAD65FC3D4DB0BDF0164862 ] C:\WINDOWS\system32\userenv.dll
19:45:36.0750 2968  C:\WINDOWS\system32\userenv.dll - ok
19:45:36.0750 2968  [ 85D4369308B0442F23A68D6CD683606B ] C:\WINDOWS\system32\psapi.dll
19:45:36.0750 2968  C:\WINDOWS\system32\psapi.dll - ok
19:45:36.0765 2968  [ B876ADED7A94DBBD503A168C049B4D68 ] C:\WINDOWS\system32\regapi.dll
19:45:36.0765 2968  C:\WINDOWS\system32\regapi.dll - ok
19:45:36.0765 2968  [ C477C84D3B16FF02623399968FB4FDA4 ] C:\WINDOWS\system32\setupapi.dll
19:45:36.0765 2968  C:\WINDOWS\system32\setupapi.dll - ok
19:45:36.0781 2968  [ 5272C559873B0643AB8F5C13497C9232 ] C:\WINDOWS\system32\version.dll
19:45:36.0781 2968  C:\WINDOWS\system32\version.dll - ok
19:45:36.0781 2968  [ 1CC2253AD432F83DDAD32C5CA67AB2B1 ] C:\WINDOWS\system32\winsta.dll
19:45:36.0781 2968  C:\WINDOWS\system32\winsta.dll - ok
19:45:36.0796 2968  [ 18FEFE7823BCD06F417565B2655ED8B5 ] C:\WINDOWS\system32\wintrust.dll
19:45:36.0796 2968  C:\WINDOWS\system32\wintrust.dll - ok
19:45:36.0812 2968  [ 63076B13E10466BC6F75EC433B1A5FC0 ] C:\WINDOWS\system32\imagehlp.dll
19:45:36.0812 2968  C:\WINDOWS\system32\imagehlp.dll - ok
19:45:36.0812 2968  [ 8A2B77E2A2F2AD328EE3A2ED91F08EBB ] C:\WINDOWS\system32\ws2_32.dll
19:45:36.0812 2968  C:\WINDOWS\system32\ws2_32.dll - ok
19:45:36.0828 2968  [ 437820B0DB7A11FB58660CE6C40A05F6 ] C:\WINDOWS\system32\imm32.dll
19:45:36.0828 2968  C:\WINDOWS\system32\imm32.dll - ok
19:45:36.0828 2968  [ AA70E22162B4DFE15D5FB055582D5AC3 ] C:\WINDOWS\system32\ws2help.dll
19:45:36.0828 2968  C:\WINDOWS\system32\ws2help.dll - ok
19:45:36.0843 2968  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
19:45:36.0843 2968  C:\WINDOWS\system32\kbdus.dll - ok
19:45:36.0843 2968  [ AA814CEE49A923E8F876F9EDF2A869EA ] C:\WINDOWS\system32\kbda1.dll
19:45:36.0843 2968  C:\WINDOWS\system32\kbda1.dll - ok
19:45:36.0859 2968  [ 41B6A95F3CB698A2BF41012597635714 ] C:\WINDOWS\system32\msgina.dll
19:45:36.0859 2968  C:\WINDOWS\system32\msgina.dll - ok
19:45:36.0859 2968  [ 4CE119126654421A38204B0D41E85284 ] C:\WINDOWS\system32\comctl32.dll
19:45:36.0859 2968  C:\WINDOWS\system32\comctl32.dll - ok
19:45:36.0875 2968  [ 90FB6443B92FB82E75BBA9549C3CACD1 ] C:\WINDOWS\system32\odbc32.dll
19:45:36.0875 2968  C:\WINDOWS\system32\odbc32.dll - ok
19:45:36.0890 2968  [ 2AECE6BFFDC90185B565CBB686D4D443 ] C:\WINDOWS\system32\comdlg32.dll
19:45:36.0890 2968  C:\WINDOWS\system32\comdlg32.dll - ok
19:45:36.0890 2968  [ 22BDB0E7EA45F6639F1C74DF46894248 ] C:\WINDOWS\system32\shell32.dll
19:45:36.0890 2968  C:\WINDOWS\system32\shell32.dll - ok
19:45:36.0906 2968  [ 3DBF019670C1A241B7986DF607934683 ] C:\WINDOWS\system32\shlwapi.dll
19:45:36.0906 2968  C:\WINDOWS\system32\shlwapi.dll - ok
19:45:36.0906 2968  [ 2ABAD25DC572EE0D5179620399C0C4D2 ] C:\WINDOWS\system32\sxs.dll
19:45:36.0906 2968  C:\WINDOWS\system32\sxs.dll - ok
19:45:36.0921 2968  [ 3ADB36C4A9D1DBCFE38C9D96B364898A ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
19:45:36.0921 2968  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
19:45:36.0921 2968  [ DECC864AB156C61FEEE6748B2D37F0E9 ] C:\WINDOWS\system32\odbcint.dll
19:45:36.0921 2968  C:\WINDOWS\system32\odbcint.dll - ok
19:45:36.0937 2968  [ 6A5E5E928FB466B95FC9CC2C313D810D ] C:\WINDOWS\system32\shsvcs.dll
19:45:36.0937 2968  C:\WINDOWS\system32\shsvcs.dll - ok
19:45:36.0953 2968  [ BFFB94B922D2FA05B3E7E3C9A5EF0A51 ] C:\WINDOWS\system32\sfc.dll
19:45:36.0953 2968  C:\WINDOWS\system32\sfc.dll - ok
19:45:36.0953 2968  [ D416813B170CA0AB236CF732F410D0E4 ] C:\WINDOWS\system32\sfc_os.dll
19:45:36.0953 2968  C:\WINDOWS\system32\sfc_os.dll - ok
19:45:36.0968 2968  [ 8C38F871CDC7DD6347E57BD36F46211C ] C:\WINDOWS\system32\ole32.dll
19:45:36.0968 2968  C:\WINDOWS\system32\ole32.dll - ok
19:45:36.0968 2968  [ 3F2ABB5DBF4FCE5606AF50A606FEDB78 ] C:\WINDOWS\system32\apphelp.dll
19:45:36.0968 2968  C:\WINDOWS\system32\apphelp.dll - ok
19:45:36.0984 2968  [ 99AE1390A271B02D752178DF9E8442A3 ] C:\WINDOWS\system32\lsass.exe
19:45:36.0984 2968  C:\WINDOWS\system32\lsass.exe - ok
19:45:36.0984 2968  [ 1427365EFF6F4758DDC88388045E8400 ] C:\WINDOWS\system32\services.exe
19:45:36.0984 2968  C:\WINDOWS\system32\services.exe - ok
19:45:37.0000 2968  [ 3E3DDBB8C8ACF833D1424AEB5568BCF7 ] C:\WINDOWS\system32\lsasrv.dll
19:45:37.0000 2968  C:\WINDOWS\system32\lsasrv.dll - ok
19:45:37.0000 2968  [ 54840C7F66C0B44DA0F77F2AF6B5D253 ] C:\WINDOWS\system32\ncobjapi.dll
19:45:37.0000 2968  C:\WINDOWS\system32\ncobjapi.dll - ok
19:45:37.0015 2968  [ ACB5DB763A608698E06AE65B0301F206 ] C:\WINDOWS\system32\msvcp60.dll
19:45:37.0015 2968  C:\WINDOWS\system32\msvcp60.dll - ok
19:45:37.0031 2968  [ 31E9FC47867A09F006DCEBB5A4E99884 ] C:\WINDOWS\system32\scesrv.dll
19:45:37.0031 2968  C:\WINDOWS\system32\scesrv.dll - ok
19:45:37.0031 2968  [ CCDFFD86AB4106B8E93BBEB9A2730015 ] C:\WINDOWS\system32\mpr.dll
19:45:37.0031 2968  C:\WINDOWS\system32\mpr.dll - ok
19:45:37.0046 2968  [ 965D0C1EEC37FCF0F1BAA8AEA6079675 ] C:\WINDOWS\system32\ntdsapi.dll
19:45:37.0046 2968  C:\WINDOWS\system32\ntdsapi.dll - ok
19:45:37.0046 2968  [ ED3810A9AFD14DB2CB5DA54888405261 ] C:\WINDOWS\system32\umpnpmgr.dll
19:45:37.0046 2968  C:\WINDOWS\system32\umpnpmgr.dll - ok
19:45:37.0062 2968  [ 5A78B3938B324005896E4B18664329A5 ] C:\WINDOWS\system32\dnsapi.dll
19:45:37.0062 2968  C:\WINDOWS\system32\dnsapi.dll - ok
19:45:37.0062 2968  [ 0CC3A0B3A162AD2BF70AC4B72773319D ] C:\WINDOWS\system32\shimeng.dll
19:45:37.0062 2968  C:\WINDOWS\system32\shimeng.dll - ok
19:45:37.0078 2968  [ 87D90558DF50817F2A05BFA5E939834A ] C:\WINDOWS\AppPatch\acadproc.dll
19:45:37.0078 2968  C:\WINDOWS\AppPatch\acadproc.dll - ok
19:45:37.0078 2968  [ B2C906E5E30B9A0E492E03EAB1919A31 ] C:\WINDOWS\system32\wldap32.dll
19:45:37.0078 2968  C:\WINDOWS\system32\wldap32.dll - ok
19:45:37.0093 2968  [ 644BAEB01B6D42F7A754407724F08B35 ] C:\WINDOWS\system32\samlib.dll
19:45:37.0093 2968  C:\WINDOWS\system32\samlib.dll - ok
19:45:37.0093 2968  [ 4DC8A1CB3FA167321E2E6F235B78E564 ] C:\WINDOWS\system32\samsrv.dll
19:45:37.0093 2968  C:\WINDOWS\system32\samsrv.dll - ok
19:45:37.0109 2968  [ CBBB4A64CF9B6CFDD39CF3DAFD9E0E2F ] C:\WINDOWS\system32\cryptdll.dll
19:45:37.0109 2968  C:\WINDOWS\system32\cryptdll.dll - ok
19:45:37.0109 2968  [ 17A5019F9BBD549E20D6F6B1B5C2F123 ] C:\WINDOWS\AppPatch\acgenral.dll
19:45:37.0109 2968  C:\WINDOWS\AppPatch\acgenral.dll - ok
19:45:37.0125 2968  [ E33B643520DFF4E659971718DAECB45C ] C:\WINDOWS\system32\winmm.dll
19:45:37.0125 2968  C:\WINDOWS\system32\winmm.dll - ok
19:45:37.0140 2968  [ D0CBB9962781F5FCE7FE4937A59FECEF ] C:\WINDOWS\system32\oleaut32.dll
19:45:37.0140 2968  C:\WINDOWS\system32\oleaut32.dll - ok
19:45:37.0140 2968  [ 22E128CD655383AEACB30504F0296C74 ] C:\WINDOWS\system32\msacm32.dll
19:45:37.0140 2968  C:\WINDOWS\system32\msacm32.dll - ok
19:45:37.0156 2968  [ EE7DC4592A72125DA11B8A023C0CADE2 ] C:\WINDOWS\system32\uxtheme.dll
19:45:37.0156 2968  C:\WINDOWS\system32\uxtheme.dll - ok
19:45:37.0156 2968  [ 4AE474345490D2F27660BD823940D946 ] C:\WINDOWS\system32\serwvdrv.dll
19:45:37.0156 2968  C:\WINDOWS\system32\serwvdrv.dll - ok
19:45:37.0171 2968  [ ADEE020A5AFAC37D4D36537F406CD038 ] C:\WINDOWS\system32\umdmxfrm.dll
19:45:37.0171 2968  C:\WINDOWS\system32\umdmxfrm.dll - ok
19:45:37.0171 2968  [ 03438079CC38BD29BD5521A3887F30AC ] C:\WINDOWS\system32\msapsspc.dll
19:45:37.0171 2968  C:\WINDOWS\system32\msapsspc.dll - ok
19:45:37.0187 2968  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
19:45:37.0187 2968  C:\WINDOWS\system32\msvcrt40.dll - ok
19:45:37.0203 2968  [ 507B04B07B7FB4F97624998779386967 ] C:\WINDOWS\system32\schannel.dll
19:45:37.0203 2968  C:\WINDOWS\system32\schannel.dll - ok
19:45:37.0203 2968  [ 0C383082AE03F411A8E462363D543F75 ] C:\WINDOWS\system32\digest.dll
19:45:37.0203 2968  C:\WINDOWS\system32\digest.dll - ok
19:45:37.0218 2968  [ 1694732EB77DB2F544BF53208413C5BB ] C:\WINDOWS\system32\msnsspc.dll
19:45:37.0218 2968  C:\WINDOWS\system32\msnsspc.dll - ok
19:45:37.0218 2968  [ B013AC0207373EBCBFE7A4A9671512FA ] C:\WINDOWS\system32\msctfime.ime
19:45:37.0218 2968  C:\WINDOWS\system32\msctfime.ime - ok
19:45:37.0234 2968  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
19:45:37.0234 2968  C:\WINDOWS\system32\msprivs.dll - ok
19:45:37.0234 2968  [ 707B8D6700A52A6FADB6171F42D54EA3 ] C:\WINDOWS\system32\kerberos.dll
19:45:37.0234 2968  C:\WINDOWS\system32\kerberos.dll - ok
19:45:37.0250 2968  [ 002DC92C14855F49F3650490F52DCCD3 ] C:\WINDOWS\system32\msv1_0.dll
19:45:37.0250 2968  C:\WINDOWS\system32\msv1_0.dll - ok
19:45:37.0265 2968  [ 39921BEF0CA7463435D9564777B7B7F4 ] C:\WINDOWS\system32\iphlpapi.dll
19:45:37.0265 2968  C:\WINDOWS\system32\iphlpapi.dll - ok
19:45:37.0265 2968  [ 108DFCB9BA32C9E6FC7343EA0924050E ] C:\WINDOWS\system32\netlogon.dll
19:45:37.0265 2968  C:\WINDOWS\system32\netlogon.dll - ok
19:45:37.0281 2968  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
19:45:37.0281 2968  C:\WINDOWS\system32\atmfd.dll - ok
19:45:37.0281 2968  [ 565E206FD5444ADC9EFD8C0325DAC882 ] C:\WINDOWS\system32\w32time.dll
19:45:37.0281 2968  C:\WINDOWS\system32\w32time.dll - ok
19:45:37.0296 2968  [ D3BEC69CE1A9C4310C18481F755352E3 ] C:\WINDOWS\system32\wdigest.dll
19:45:37.0296 2968  C:\WINDOWS\system32\wdigest.dll - ok
19:45:37.0312 2968  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
19:45:37.0312 2968  C:\WINDOWS\system32\rsaenh.dll - ok
19:45:37.0312 2968  [ DC4F1E3E02281463FC6BF4F9B53EBAAB ] C:\WINDOWS\system32\winscard.dll
19:45:37.0312 2968  C:\WINDOWS\system32\winscard.dll - ok
19:45:37.0328 2968  [ 2D0A2217F49DC555A621E1C863F475BE ] C:\WINDOWS\system32\wtsapi32.dll
19:45:37.0328 2968  C:\WINDOWS\system32\wtsapi32.dll - ok
19:45:37.0328 2968  [ 11873CCA8F378E6183F32B3746429ECA ] C:\WINDOWS\system32\scecli.dll
19:45:37.0328 2968  C:\WINDOWS\system32\scecli.dll - ok
19:45:37.0343 2968  [ 6B1139CA38DB1678487678C44874B80F ] C:\WINDOWS\system32\svchost.exe
19:45:37.0343 2968  C:\WINDOWS\system32\svchost.exe - ok
19:45:37.0343 2968  [ 1C2E67324846BB27EF59B1356E2D7022 ] C:\WINDOWS\system32\ntmarta.dll
19:45:37.0343 2968  C:\WINDOWS\system32\ntmarta.dll - ok
19:45:37.0359 2968  [ 271830BCE6D77085E72D571F60EAF85A ] C:\WINDOWS\system32\rpcss.dll
19:45:37.0359 2968  C:\WINDOWS\system32\rpcss.dll - ok
19:45:37.0359 2968  [ 190B907AA5E1FC41A0A6C94F21399718 ] C:\WINDOWS\system32\xpsp2res.dll
19:45:37.0359 2968  C:\WINDOWS\system32\xpsp2res.dll - ok
19:45:37.0375 2968  [ 5BA1E23C1163900A9BFA3E580BE67D20 ] C:\WINDOWS\system32\eventlog.dll
19:45:37.0375 2968  C:\WINDOWS\system32\eventlog.dll - ok
19:45:37.0375 2968  [ 291B944E825F8AA629A7A41716C2EC24 ] C:\WINDOWS\system32\mswsock.dll
19:45:37.0375 2968  C:\WINDOWS\system32\mswsock.dll - ok
19:45:37.0390 2968  [ AD1152394C4D25CB8E9D8640A830C6DD ] C:\WINDOWS\system32\hnetcfg.dll
19:45:37.0390 2968  C:\WINDOWS\system32\hnetcfg.dll - ok
19:45:37.0406 2968  [ A4C362C52D21EF754B2DD05A30F4A343 ] C:\WINDOWS\system32\wshtcpip.dll
19:45:37.0406 2968  C:\WINDOWS\system32\wshtcpip.dll - ok
19:45:37.0406 2968  [ 36FF3865AFAFE87CA3BD8B2725C76627 ] C:\WINDOWS\system32\winrnr.dll
19:45:37.0406 2968  C:\WINDOWS\system32\winrnr.dll - ok
19:45:37.0421 2968  [ CE4EF4B10EE1E9B74947FD0FD89BA933 ] C:\WINDOWS\system32\wshbth.dll
19:45:37.0421 2968  C:\WINDOWS\system32\wshbth.dll - ok
19:45:37.0421 2968  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:45:37.0421 2968  C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:45:37.0437 2968  [ E47CDA6CAC0DE23B76691CEEB6339768 ] C:\WINDOWS\system32\rasadhlp.dll
19:45:37.0437 2968  C:\WINDOWS\system32\rasadhlp.dll - ok
19:45:37.0437 2968  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
19:45:37.0437 2968  C:\WINDOWS\system32\WudfSvc.dll - ok
19:45:37.0453 2968  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
19:45:37.0453 2968  C:\WINDOWS\system32\WudfPlatform.dll - ok
19:45:37.0468 2968  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
19:45:37.0468 2968  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
19:45:37.0468 2968  [ 36FCAC4FA28B462CA867742DEA59B0D0 ] C:\WINDOWS\system32\drivers\pnarp.sys
19:45:37.0468 2968  C:\WINDOWS\system32\drivers\pnarp.sys - ok
19:45:37.0484 2968  [ D8AC00388262B1A4878A7EE12F31D376 ] C:\WINDOWS\system32\drivers\purendis.sys
19:45:37.0484 2968  C:\WINDOWS\system32\drivers\purendis.sys - ok
19:45:37.0484 2968  [ 43152852C8F5CE63B1D3466184E7E644 ] C:\WINDOWS\system32\dhcpcsvc.dll
19:45:37.0484 2968  C:\WINDOWS\system32\dhcpcsvc.dll - ok
19:45:37.0500 2968  [ E0ADCB569D9FC9A3861D05C02DC22BBF ] C:\WINDOWS\system32\dnsrslvr.dll
19:45:37.0500 2968  C:\WINDOWS\system32\dnsrslvr.dll - ok
19:45:37.0500 2968  [ CC63093B849D045246706E08A3342ED0 ] C:\WINDOWS\system32\lmhsvc.dll
19:45:37.0500 2968  C:\WINDOWS\system32\lmhsvc.dll - ok
19:45:37.0515 2968  [ 88B3D466D059C7CC95B20175F656E776 ] C:\WINDOWS\system32\wzcsvc.dll
19:45:37.0515 2968  C:\WINDOWS\system32\wzcsvc.dll - ok
19:45:37.0515 2968  [ BBC7E99F439348C105C0ACD07B0AA2A1 ] C:\WINDOWS\system32\rtutils.dll
19:45:37.0515 2968  C:\WINDOWS\system32\rtutils.dll - ok
19:45:37.0531 2968  [ 0CF947705ABC1D336B0EC1590F464073 ] C:\WINDOWS\system32\eapolqec.dll
19:45:37.0531 2968  C:\WINDOWS\system32\eapolqec.dll - ok
19:45:37.0546 2968  [ 7695FE41FA655E938B0538B9EF2CC7A6 ] C:\WINDOWS\system32\wmi.dll
19:45:37.0546 2968  C:\WINDOWS\system32\wmi.dll - ok
19:45:37.0546 2968  [ 4C16F9CF69EC53C68516F2F152B09A34 ] C:\WINDOWS\system32\atl.dll
19:45:37.0546 2968  C:\WINDOWS\system32\atl.dll - ok
19:45:37.0562 2968  [ A26135BA9ED4B9221331C3A88E3F2EBC ] C:\WINDOWS\system32\qutil.dll
19:45:37.0562 2968  C:\WINDOWS\system32\qutil.dll - ok
19:45:37.0562 2968  [ 2F96C5F55A0710DEAA9E35C26DFF77E6 ] C:\WINDOWS\system32\dot3api.dll
19:45:37.0562 2968  C:\WINDOWS\system32\dot3api.dll - ok
19:45:37.0578 2968  [ 01AAA3648AC4DB73227D13565F6539F5 ] C:\WINDOWS\system32\esent.dll
19:45:37.0578 2968  C:\WINDOWS\system32\esent.dll - ok
19:45:37.0578 2968  [ 51038C9C00955D4CE93DD296263B49E4 ] C:\WINDOWS\system32\clbcatq.dll
19:45:37.0578 2968  C:\WINDOWS\system32\clbcatq.dll - ok
19:45:37.0593 2968  [ 7B4C3C0E471B3C07831513E7C8AD87F9 ] C:\WINDOWS\system32\comres.dll
19:45:37.0593 2968  C:\WINDOWS\system32\comres.dll - ok
19:45:37.0593 2968  [ E03ED363668318226DB3A3C528955CAB ] C:\WINDOWS\system32\rastls.dll
19:45:37.0593 2968  C:\WINDOWS\system32\rastls.dll - ok
19:45:37.0609 2968  [ 87854ACE9A403FFF4502F72D1E894B9B ] C:\WINDOWS\system32\cryptui.dll
19:45:37.0609 2968  C:\WINDOWS\system32\cryptui.dll - ok
19:45:37.0609 2968  [ 69E00A37500F812BB385265DE8FA1549 ] C:\WINDOWS\system32\wininet.dll
19:45:37.0609 2968  C:\WINDOWS\system32\wininet.dll - ok
19:45:37.0625 2968  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
19:45:37.0625 2968  C:\WINDOWS\system32\normaliz.dll - ok
19:45:37.0640 2968  [ 2538B091EC9607DA70EE1C5ACD3743BA ] C:\WINDOWS\system32\urlmon.dll
19:45:37.0640 2968  C:\WINDOWS\system32\urlmon.dll - ok
19:45:37.0640 2968  [ 897D9F1381C50966BA0E8C8A6C9A5B7B ] C:\WINDOWS\system32\iertutil.dll
19:45:37.0640 2968  C:\WINDOWS\system32\iertutil.dll - ok
19:45:37.0656 2968  [ 98BAD4813332BD7B1A921CF024FD1D97 ] C:\WINDOWS\system32\mprapi.dll
19:45:37.0656 2968  C:\WINDOWS\system32\mprapi.dll - ok
19:45:37.0656 2968  [ C994CAD70FF2C9ED7313DC9EC6740D53 ] C:\WINDOWS\system32\activeds.dll
19:45:37.0656 2968  C:\WINDOWS\system32\activeds.dll - ok
19:45:37.0671 2968  [ 3745A06C35A3A110E221B05AEA34CFF7 ] C:\WINDOWS\system32\adsldpc.dll
19:45:37.0671 2968  C:\WINDOWS\system32\adsldpc.dll - ok
19:45:37.0671 2968  [ 4B218516A3433D60068E56FD46F21C2E ] C:\WINDOWS\system32\rasapi32.dll
19:45:37.0671 2968  C:\WINDOWS\system32\rasapi32.dll - ok
19:45:37.0687 2968  [ 7BE7EAFD086D108B53E6471A355846C9 ] C:\WINDOWS\system32\rasman.dll
19:45:37.0687 2968  C:\WINDOWS\system32\rasman.dll - ok
19:45:37.0687 2968  [ 0DECDC6AB0F4E28F3891A44EE73EE2AF ] C:\WINDOWS\system32\tapi32.dll
19:45:37.0687 2968  C:\WINDOWS\system32\tapi32.dll - ok
19:45:37.0718 2968  [ A848613AB1489D73C5CCE8593FDB5C70 ] C:\WINDOWS\system32\riched20.dll
19:45:37.0718 2968  C:\WINDOWS\system32\riched20.dll - ok
19:45:37.0734 2968  [ A520DE26AE44B7A6AF2CA1247721547E ] C:\WINDOWS\system32\raschap.dll
19:45:37.0734 2968  C:\WINDOWS\system32\raschap.dll - ok
19:45:37.0734 2968  [ B7046BD5F31DBE6A2AEE12116234FDB2 ] C:\WINDOWS\system32\logonui.exe
19:45:37.0734 2968  C:\WINDOWS\system32\logonui.exe - ok
19:45:37.0750 2968  [ 5D5088EC9F5E59205EA713F7DDA4F93A ] C:\WINDOWS\system32\cscdll.dll
19:45:37.0750 2968  C:\WINDOWS\system32\cscdll.dll - ok
19:45:37.0750 2968  [ 8F97E67ECB9F450F3E0FF626641DA365 ] C:\WINDOWS\system32\schedsvc.dll
19:45:37.0750 2968  C:\WINDOWS\system32\schedsvc.dll - ok
19:45:37.0765 2968  [ 559BD4A2E088235F11C585A7171F50A2 ] C:\WINDOWS\system32\dimsntfy.dll
19:45:37.0765 2968  C:\WINDOWS\system32\dimsntfy.dll - ok
19:45:37.0765 2968  [ A1D9029B903E75354EF3BD230F50909B ] C:\WINDOWS\system32\wlnotify.dll
19:45:37.0765 2968  C:\WINDOWS\system32\wlnotify.dll - ok
19:45:37.0781 2968  [ 3944F838A74C96C8D28E4EC765CF56FC ] C:\WINDOWS\system32\duser.dll
19:45:37.0781 2968  C:\WINDOWS\system32\duser.dll - ok
19:45:37.0781 2968  [ E0A5E3B5FCF2467E1D662DD19EEC4C12 ] C:\WINDOWS\system32\msidle.dll
19:45:37.0781 2968  C:\WINDOWS\system32\msidle.dll - ok
19:45:37.0796 2968  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
19:45:37.0796 2968  C:\WINDOWS\system32\spoolsv.exe - ok
19:45:37.0812 2968  [ 99982EA998DC375D8133B4FCD13C7B1B ] C:\WINDOWS\system32\winspool.drv
19:45:37.0812 2968  C:\WINDOWS\system32\winspool.drv - ok
19:45:37.0812 2968  [ 2E1D9DC86EDD12BDFC90E6D24AD821D1 ] C:\WINDOWS\system32\rundll32.exe
19:45:37.0812 2968  C:\WINDOWS\system32\rundll32.exe - ok
19:45:37.0828 2968  [ B6BD7855495F21224D2929FE43D22828 ] C:\WINDOWS\system32\WMADMOE0.dll
19:45:37.0828 2968  C:\WINDOWS\system32\WMADMOE0.dll - ok
19:45:37.0828 2968  [ 62F1AA8277ED78ED3DFB5D9F58B6B31C ] C:\WINDOWS\system32\audiosrv.dll
19:45:37.0828 2968  C:\WINDOWS\system32\audiosrv.dll - ok
19:45:37.0843 2968  [ B00E6DFFCAFB3A6014C82F6DB8CF3002 ] C:\WINDOWS\system32\msimg32.dll
19:45:37.0843 2968  C:\WINDOWS\system32\msimg32.dll - ok
19:45:37.0859 2968  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
19:45:37.0859 2968  C:\WINDOWS\system32\oleacc.dll - ok
19:45:37.0859 2968  [ 9E79D743CBCF217F9A6BE5DFA3AB4252 ] C:\WINDOWS\system32\wkssvc.dll
19:45:37.0859 2968  C:\WINDOWS\system32\wkssvc.dll - ok
19:45:37.0875 2968  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
19:45:37.0875 2968  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
19:45:37.0875 2968  [ 9B4E98433632E31CF7C562ACC3DF080D ] C:\WINDOWS\system32\shgina.dll
19:45:37.0875 2968  C:\WINDOWS\system32\shgina.dll - ok
19:45:37.0890 2968  [ 18D3FAE7E2B76E213DA806C13AB2D87C ] C:\WINDOWS\system32\webclnt.dll
19:45:37.0890 2968  C:\WINDOWS\system32\webclnt.dll - ok
19:45:37.0890 2968  [ B3239C7D0AB1346AFA76076EE76778D3 ] C:\WINDOWS\system32\drivers\parvdm.sys
19:45:37.0890 2968  C:\WINDOWS\system32\drivers\parvdm.sys - ok
19:45:37.0906 2968  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:45:37.0906 2968  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:45:37.0921 2968  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
19:45:37.0921 2968  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
19:45:37.0921 2968  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
19:45:37.0921 2968  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
19:45:37.0937 2968  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:45:37.0937 2968  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:45:37.0953 2968  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:45:37.0953 2968  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:45:37.0953 2968  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:45:37.0953 2968  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:45:37.0968 2968  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:45:37.0968 2968  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:45:37.0984 2968  [ 8686C4FA97821AED1CD971B7A630FD71 ] C:\WINDOWS\system32\mlang.dll
19:45:37.0984 2968  C:\WINDOWS\system32\mlang.dll - ok
19:45:37.0984 2968  [ 9753A63758E59FBBD8C04C3BB43F21B3 ] C:\WINDOWS\system32\wsock32.dll
19:45:37.0984 2968  C:\WINDOWS\system32\wsock32.dll - ok
19:45:38.0000 2968  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
19:45:38.0000 2968  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
19:45:38.0000 2968  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
19:45:38.0000 2968  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:45:38.0015 2968  [ F948A98331A896A7DCC52E5E84C5F797 ] C:\WINDOWS\system32\xmlprovi.dll
19:45:38.0015 2968  C:\WINDOWS\system32\xmlprovi.dll - ok
19:45:38.0031 2968  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
19:45:38.0031 2968  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:45:38.0031 2968  [ 5C9AE536D5AE2BFE48022CC1968B4B9C ] C:\WINDOWS\system32\wzcsapi.dll
19:45:38.0031 2968  C:\WINDOWS\system32\wzcsapi.dll - ok
19:45:38.0046 2968  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
19:45:38.0046 2968  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
19:45:38.0046 2968  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
19:45:38.0046 2968  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:45:38.0062 2968  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
19:45:38.0062 2968  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:45:38.0078 2968  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:45:38.0078 2968  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:45:38.0078 2968  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
19:45:38.0078 2968  C:\WINDOWS\system32\dnssd.dll - ok
19:45:38.0078 2968  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:45:38.0093 2968  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:45:38.0093 2968  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
19:45:38.0093 2968  C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:45:38.0109 2968  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
19:45:38.0109 2968  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:45:38.0109 2968  [ B2B94DB65227B0FE579E8DB3C9595E27 ] C:\WINDOWS\system32\qmgr.dll
19:45:38.0109 2968  C:\WINDOWS\system32\qmgr.dll - ok
19:45:38.0125 2968  [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:45:38.0125 2968  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:45:38.0125 2968  [ DC4CD0AAD9A26C4FB63D75FB54FDFDA7 ] C:\WINDOWS\system32\powrprof.dll
19:45:38.0125 2968  C:\WINDOWS\system32\powrprof.dll - ok
19:45:38.0140 2968  [ F2C4C3A9FED5E46CE0F804EDB6C6E7BB ] C:\WINDOWS\system32\shfolder.dll
19:45:38.0140 2968  C:\WINDOWS\system32\shfolder.dll - ok
19:45:38.0156 2968  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:45:38.0156 2968  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:45:38.0156 2968  [ 020CADC9A5352A7AB5E1C8AD7AB6EE13 ] C:\WINDOWS\system32\bthserv.dll
19:45:38.0156 2968  C:\WINDOWS\system32\bthserv.dll - ok
19:45:38.0171 2968  [ 3029B7463BC2DB3E9087B5562286B277 ] C:\WINDOWS\system32\winhttp.dll
19:45:38.0171 2968  C:\WINDOWS\system32\winhttp.dll - ok
19:45:38.0171 2968  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
19:45:38.0171 2968  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
19:45:38.0187 2968  [ 06A4ECA228EA636F4A1F6CE7542B6923 ] C:\WINDOWS\system32\netman.dll
19:45:38.0187 2968  C:\WINDOWS\system32\netman.dll - ok
19:45:38.0187 2968  [ 5F6C10BD4E418CD527CCA540F02D51A4 ] C:\WINDOWS\system32\netshell.dll
19:45:38.0187 2968  C:\WINDOWS\system32\netshell.dll - ok
19:45:38.0203 2968  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
19:45:38.0203 2968  C:\WINDOWS\system32\mscoree.dll - ok
19:45:38.0218 2968  [ DE99DF7D8DD1E84F053CB27106DBE301 ] C:\WINDOWS\system32\cryptsvc.dll
19:45:38.0218 2968  C:\WINDOWS\system32\cryptsvc.dll - ok
19:45:38.0218 2968  [ 398FC4779E659949A2D3A6913279C0CD ] C:\WINDOWS\system32\certcli.dll
19:45:38.0218 2968  C:\WINDOWS\system32\certcli.dll - ok
19:45:38.0234 2968  [ 085452A002B8B5A950F2F4AE956A0E2A ] C:\WINDOWS\system32\ersvc.dll
19:45:38.0234 2968  C:\WINDOWS\system32\ersvc.dll - ok
19:45:38.0234 2968  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
19:45:38.0234 2968  C:\WINDOWS\system32\drivers\http.sys - ok
19:45:38.0250 2968  [ 584A7EDA1F7DC89E22BB046878A5E350 ] C:\WINDOWS\system32\es.dll
19:45:38.0250 2968  C:\WINDOWS\system32\es.dll - ok
19:45:38.0250 2968  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
19:45:38.0250 2968  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:45:38.0265 2968  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
19:45:38.0265 2968  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:45:38.0281 2968  [ 7BADB9F996095DF9BF9199D976850A43 ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
19:45:38.0281 2968  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
19:45:38.0281 2968  [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] C:\Program Files\Java\jre7\bin\jqs.exe
19:45:38.0281 2968  C:\Program Files\Java\jre7\bin\jqs.exe - ok
19:45:38.0296 2968  [ E77D047EA564BC25305B0B6F0D9B331C ] C:\WINDOWS\system32\credui.dll
19:45:38.0296 2968  C:\WINDOWS\system32\credui.dll - ok
19:45:38.0296 2968  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
19:45:38.0296 2968  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
19:45:38.0312 2968  [ 3D477E7D2E69C148F5287528720B2565 ] C:\WINDOWS\system32\dot3dlg.dll
19:45:38.0312 2968  C:\WINDOWS\system32\dot3dlg.dll - ok
19:45:38.0312 2968  [ 211CC80EF6258182687BF88FF18D5F70 ] C:\WINDOWS\system32\onex.dll
19:45:38.0328 2968  C:\WINDOWS\system32\onex.dll - ok
19:45:38.0328 2968  [ A82F6371E4F095B77945CFAAB933C641 ] C:\WINDOWS\system32\eappcfg.dll
19:45:38.0328 2968  C:\WINDOWS\system32\eappcfg.dll - ok
19:45:38.0343 2968  [ 83F04D5C2A10845BCA3CDDA9864F450D ] C:\WINDOWS\system32\eappprxy.dll
19:45:38.0343 2968  C:\WINDOWS\system32\eappprxy.dll - ok
19:45:38.0343 2968  [ 6AB069E45E2F2D6B20B06733B16E5C81 ] C:\WINDOWS\system32\pdh.dll
19:45:38.0343 2968  C:\WINDOWS\system32\pdh.dll - ok
19:45:38.0359 2968  [ 9F9F0443ED0CA5A065006B86BD73C8E8 ] C:\WINDOWS\system32\odbcbcp.dll
19:45:38.0359 2968  C:\WINDOWS\system32\odbcbcp.dll - ok
19:45:38.0359 2968  [ 7CF1B716372B89568AE4C0FE769F5869 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:45:38.0359 2968  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - ok
19:45:38.0375 2968  [ 23144A1C86483871370BEAD46CB37E68 ] C:\WINDOWS\system32\srvsvc.dll
19:45:38.0375 2968  C:\WINDOWS\system32\srvsvc.dll - ok
19:45:38.0375 2968  [ 5B51A216A430A4E6FA25B88BD5F1AB35 ] C:\WINDOWS\system32\netmsg.dll
19:45:38.0375 2968  C:\WINDOWS\system32\netmsg.dll - ok
19:45:38.0390 2968  [ 643362BEA2D97B4DF45893B4E5FB1E86 ] C:\WINDOWS\system32\perfos.dll
19:45:38.0390 2968  C:\WINDOWS\system32\perfos.dll - ok
19:45:38.0406 2968  [ 007B6D58BF6D755B2448390ECC1F4FA8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1025\mdmui.dll
19:45:38.0406 2968  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1025\mdmui.dll - ok
19:45:38.0406 2968  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
19:45:38.0406 2968  C:\WINDOWS\system32\drivers\srv.sys - ok
19:45:38.0421 2968  [ B8771100425F6D20A01DE4577BD76A88 ] C:\WINDOWS\system32\ipsecsvc.dll
19:45:38.0421 2968  C:\WINDOWS\system32\ipsecsvc.dll - ok
19:45:38.0421 2968  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:45:38.0421 2968  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
19:45:38.0437 2968  [ 8F299FF1B11535FDFB1E6AD3ED711D55 ] C:\WINDOWS\system32\oakley.dll
19:45:38.0437 2968  C:\WINDOWS\system32\oakley.dll - ok
19:45:38.0453 2968  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
19:45:38.0453 2968  C:\WINDOWS\system32\msvcr100.dll - ok
19:45:38.0453 2968  [ 2C64AD00BE1F745535BCAA9E0B90ED55 ] C:\WINDOWS\system32\spoolss.dll
19:45:38.0453 2968  C:\WINDOWS\system32\spoolss.dll - ok
19:45:38.0468 2968  [ 06B820819335FE0F4D767D5FBA7338E0 ] C:\WINDOWS\system32\winipsec.dll
19:45:38.0468 2968  C:\WINDOWS\system32\winipsec.dll - ok
19:45:38.0468 2968  [ CADC635E8699070F53B9A240A953FA91 ] C:\WINDOWS\system32\perfdisk.dll
19:45:38.0468 2968  C:\WINDOWS\system32\perfdisk.dll - ok
19:45:38.0484 2968  [ 71B5A4EB244D6677808CA42EC9E9298A ] C:\WINDOWS\system32\pstorsvc.dll
19:45:38.0484 2968  C:\WINDOWS\system32\pstorsvc.dll - ok
19:45:38.0484 2968  [ 64E9F81FA4BE8AE7F5684E0E0658F7DF ] C:\WINDOWS\system32\psbase.dll
19:45:38.0484 2968  C:\WINDOWS\system32\psbase.dll - ok
19:45:38.0500 2968  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
19:45:38.0500 2968  C:\WINDOWS\system32\dssenh.dll - ok
19:45:38.0515 2968  [ E32817F1107E510B904F22A4924563E8 ] C:\WINDOWS\system32\localspl.dll
19:45:38.0515 2968  C:\WINDOWS\system32\localspl.dll - ok
19:45:38.0515 2968  [ FCECA7F90E5EB601BE5FD8ADFF2A19C7 ] C:\WINDOWS\system32\seclogon.dll
19:45:38.0515 2968  C:\WINDOWS\system32\seclogon.dll - ok
19:45:38.0531 2968  [ 3740B83AEC21D981065D7E819BD7E878 ] C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:45:38.0531 2968  C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
19:45:38.0531 2968  [ FABB04E47EA91FA05AACF03C8BB7AF16 ] C:\WINDOWS\system32\sens.dll
19:45:38.0531 2968  C:\WINDOWS\system32\sens.dll - ok
19:45:38.0546 2968  [ 8C6CBCFB5A40D33E802103F5BFC210B3 ] C:\WINDOWS\system32\cnbjmon.dll
19:45:38.0546 2968  C:\WINDOWS\system32\cnbjmon.dll - ok
19:45:38.0546 2968  [ 386DCE5FA19E48826BC1D0CB1A1BF4D2 ] C:\WINDOWS\system32\hpinksts6612LM.dll
19:45:38.0546 2968  C:\WINDOWS\system32\hpinksts6612LM.dll - ok
19:45:38.0562 2968  [ 269B25B393AD3F8F29464EA392458076 ] C:\WINDOWS\system32\HPDiscoPM6612.dll
19:45:38.0562 2968  C:\WINDOWS\system32\HPDiscoPM6612.dll - ok
19:45:38.0578 2968  [ 9D3C36EB44A862814DA7E937BC6EDC7C ] C:\WINDOWS\system32\wsnmp32.dll
19:45:38.0578 2968  C:\WINDOWS\system32\wsnmp32.dll - ok
19:45:38.0578 2968  [ 2030AF1F7504A82E31C892D14BE55D6F ] C:\WINDOWS\system32\hpzlnt10.dll
19:45:38.0578 2968  C:\WINDOWS\system32\hpzlnt10.dll - ok
19:45:38.0578 2968  [ 95647F820CBC025676D7B407E2BCFBE6 ] C:\WINDOWS\system32\mdimon.dll
19:45:38.0578 2968  C:\WINDOWS\system32\mdimon.dll - ok
19:45:38.0593 2968  [ 9E6E5A60F318078E933BDA5CC0EC5574 ] C:\WINDOWS\system32\msi.dll
19:45:38.0593 2968  C:\WINDOWS\system32\msi.dll - ok
19:45:38.0609 2968  [ 6A010C755D11D4953457936A7B4B97CC ] C:\WINDOWS\system32\fxsmon.dll
19:45:38.0609 2968  C:\WINDOWS\system32\fxsmon.dll - ok
19:45:38.0609 2968  [ E2FE766E1ED76AB3766B416B42B613E8 ] C:\WINDOWS\system32\fxsevent.dll
19:45:38.0609 2968  C:\WINDOWS\system32\fxsevent.dll - ok
19:45:38.0625 2968  [ 6375793BD11943503B34C2CB98A5CF39 ] C:\WINDOWS\system32\pjlmon.dll
19:45:38.0625 2968  C:\WINDOWS\system32\pjlmon.dll - ok
19:45:38.0625 2968  [ 61160A7ED02FCE3AFF5A98C376EB3A24 ] C:\WINDOWS\system32\qmgrprxy.dll
19:45:38.0625 2968  C:\WINDOWS\system32\qmgrprxy.dll - ok
19:45:38.0640 2968  [ 2C6786656869093C521337D6AC813BC6 ] C:\WINDOWS\system32\Primomonnt.dll
19:45:38.0640 2968  C:\WINDOWS\system32\Primomonnt.dll - ok
19:45:38.0640 2968  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
19:45:38.0640 2968  C:\Program Files\Skype\Updater\Updater.exe - ok
19:45:38.0656 2968  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
19:45:38.0656 2968  C:\WINDOWS\system32\msonpmon.dll - ok
19:45:38.0671 2968  [ 1405C64A691263E69B10055CE293D1F3 ] C:\WINDOWS\system32\tcpmon.dll
19:45:38.0671 2968  C:\WINDOWS\system32\tcpmon.dll - ok
19:45:38.0671 2968  [ 64EA7BFCD3C90B7A42EDC9BA77576FD5 ] C:\WINDOWS\system32\usbmon.dll
19:45:38.0671 2968  C:\WINDOWS\system32\usbmon.dll - ok
19:45:38.0687 2968  [ 4424AE65F7AF8181AC99FE46BC2700C9 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
19:45:38.0687 2968  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
19:45:38.0687 2968  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
19:45:38.0687 2968  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
19:45:38.0703 2968  [ 0C486E769D9F0BD558EDF1028D5B3A97 ] C:\WINDOWS\system32\srsvc.dll
19:45:38.0703 2968  C:\WINDOWS\system32\srsvc.dll - ok
19:45:38.0703 2968  [ A7CB4B261EAC77F66ABBC3A6D67310D7 ] C:\WINDOWS\system32\ssdpsrv.dll
19:45:38.0703 2968  C:\WINDOWS\system32\ssdpsrv.dll - ok
19:45:38.0734 2968  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
19:45:38.0734 2968  C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
19:45:38.0750 2968  [ 1171249B20075E2A5FF1EE09B96E505E ] C:\WINDOWS\system32\tapisrv.dll
19:45:38.0750 2968  C:\WINDOWS\system32\tapisrv.dll - ok
19:45:38.0750 2968  [ 2CD5C528EB34C1DB277A49B31BDAC41F ] C:\WINDOWS\system32\wiaservc.dll
19:45:38.0750 2968  C:\WINDOWS\system32\wiaservc.dll - ok
19:45:38.0765 2968  [ E8E232A5A4CC0B050C00D67F6785B33C ] C:\WINDOWS\system32\win32spl.dll
19:45:38.0765 2968  C:\WINDOWS\system32\win32spl.dll - ok
19:45:38.0765 2968  [ C8EF89381957EEA579C31C9A7AD96705 ] C:\WINDOWS\system32\netrap.dll
19:45:38.0765 2968  C:\WINDOWS\system32\netrap.dll - ok
19:45:38.0781 2968  [ A4B93780AF1876BB0195B1BC3688C5CB ] C:\WINDOWS\system32\trkwks.dll
19:45:38.0781 2968  C:\WINDOWS\system32\trkwks.dll - ok
19:45:38.0796 2968  [ B87E398A9B268ED7EFFEF18107D9B0C2 ] C:\WINDOWS\system32\upnphost.dll
19:45:38.0796 2968  C:\WINDOWS\system32\upnphost.dll - ok
19:45:38.0796 2968  [ 4AC6DC75CEEE6D246A89F2462B1C20E5 ] C:\WINDOWS\system32\inetpp.dll
19:45:38.0796 2968  C:\WINDOWS\system32\inetpp.dll - ok
19:45:38.0812 2968  [ 19A7077983BD43F59D4A403CD002A8F6 ] C:\WINDOWS\system32\cfgmgr32.dll
19:45:38.0812 2968  C:\WINDOWS\system32\cfgmgr32.dll - ok
19:45:38.0812 2968  [ E73C57C8EA8447C148BB65962F0B7346 ] C:\WINDOWS\system32\ssdpapi.dll
19:45:38.0812 2968  C:\WINDOWS\system32\ssdpapi.dll - ok
19:45:38.0828 2968  [ 347F3474960367180E1855BAADF6ECF4 ] C:\WINDOWS\system32\wbem\wmisvc.dll
19:45:38.0828 2968  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
19:45:38.0828 2968  [ A9D6AC4FF6803B700579EC00A2D96422 ] C:\WINDOWS\system32\mscms.dll
19:45:38.0828 2968  C:\WINDOWS\system32\mscms.dll - ok
19:45:38.0843 2968  [ 011B5FC678EC357E8653C8C6EE4F3D10 ] C:\WINDOWS\system32\fxssvc.exe
19:45:38.0843 2968  C:\WINDOWS\system32\fxssvc.exe - ok
19:45:38.0843 2968  [ 627945209B2596C9FFC690B4BD05A471 ] C:\WINDOWS\system32\vssapi.dll
19:45:38.0843 2968  C:\WINDOWS\system32\vssapi.dll - ok
19:45:38.0859 2968  [ 65082B7D858A1BE4EF2A633A39591054 ] C:\WINDOWS\system32\fxstiff.dll
19:45:38.0859 2968  C:\WINDOWS\system32\fxstiff.dll - ok
19:45:38.0859 2968  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
19:45:38.0859 2968  C:\WINDOWS\system32\wuaueng.dll - ok
19:45:38.0875 2968  [ 86DAF128A3FC857669FD0FD44672C971 ] C:\WINDOWS\system32\wuauserv.dll
19:45:38.0875 2968  C:\WINDOWS\system32\wuauserv.dll - ok
19:45:38.0875 2968  [ E507C9D06954560E58E868A66D1A99E7 ] C:\WINDOWS\system32\fxsapi.dll
19:45:38.0890 2968  C:\WINDOWS\system32\fxsapi.dll - ok
19:45:38.0890 2968  [ D0931DDC25FA5C472CB7DF56D9F4D04D ] C:\WINDOWS\system32\HPWia1_DJ4620.dll
19:45:38.0890 2968  C:\WINDOWS\system32\HPWia1_DJ4620.dll - ok
19:45:38.0906 2968  [ CD569FA91EC6F59D045C19D0D3850F44 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
19:45:38.0906 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe - ok
19:45:38.0906 2968  [ 383B0C5059F8039D2D203E3603127CF3 ] C:\WINDOWS\system32\fxst30.dll
19:45:38.0906 2968  C:\WINDOWS\system32\fxst30.dll - ok
19:45:38.0921 2968  [ 4827A27AC1989A043B3CFA6629EAE4FE ] C:\WINDOWS\system32\HPScanTRDrv_DJ4620.dll
19:45:38.0921 2968  C:\WINDOWS\system32\HPScanTRDrv_DJ4620.dll - ok
19:45:38.0937 2968  [ C92A9006C5A75752BC19BFDB94D69FEA ] C:\WINDOWS\system32\fxsroute.dll
19:45:38.0937 2968  C:\WINDOWS\system32\fxsroute.dll - ok
19:45:38.0937 2968  [ 44A777A8C3EB329D748897C3D796A549 ] C:\WINDOWS\system32\ieframe.dll
19:45:38.0937 2968  C:\WINDOWS\system32\ieframe.dll - ok
19:45:38.0953 2968  [ 7B1F5511A6D48FA7D3CD90C273AFB610 ] C:\WINDOWS\system32\cabinet.dll
19:45:38.0953 2968  C:\WINDOWS\system32\cabinet.dll - ok
19:45:38.0953 2968  [ 45935952D4AA05CA2AA305A292C97FD1 ] C:\WINDOWS\system32\mspatcha.dll
19:45:38.0953 2968  C:\WINDOWS\system32\mspatcha.dll - ok
19:45:38.0968 2968  [ E3BC92B8FC48DBE4BC71F7A65A146D65 ] C:\WINDOWS\system32\unimdm.tsp
19:45:38.0968 2968  C:\WINDOWS\system32\unimdm.tsp - ok
19:45:38.0968 2968  [ C34A3E61D0B41A08FCBBBB0884596CEF ] C:\WINDOWS\system32\uniplat.dll
19:45:38.0968 2968  C:\WINDOWS\system32\uniplat.dll - ok
19:45:38.0984 2968  [ A638009585C388E3B1843E04157EB599 ] C:\WINDOWS\system32\comsvcs.dll
19:45:38.0984 2968  C:\WINDOWS\system32\comsvcs.dll - ok
19:45:39.0000 2968  [ DE2660483ABC47DE86BA398EAA936BB2 ] C:\WINDOWS\system32\colbact.dll
19:45:39.0000 2968  C:\WINDOWS\system32\colbact.dll - ok
19:45:39.0000 2968  [ DE7F58A9892062E94BF3DDF040835A8C ] C:\WINDOWS\system32\mtxclu.dll
19:45:39.0000 2968  C:\WINDOWS\system32\mtxclu.dll - ok
19:45:39.0015 2968  [ 7636F2C6F67C606B6DF84176AFC72D8C ] C:\WINDOWS\system32\clusapi.dll
19:45:39.0015 2968  C:\WINDOWS\system32\clusapi.dll - ok
19:45:39.0015 2968  [ B939B71A342C1B2DBC25B7DECE736F5F ] C:\WINDOWS\system32\resutils.dll
19:45:39.0015 2968  C:\WINDOWS\system32\resutils.dll - ok
19:45:39.0031 2968  [ 10BF9C213C8DACA33E0ADA8FC7A26C4A ] C:\WINDOWS\system32\unimdmat.dll
19:45:39.0031 2968  C:\WINDOWS\system32\unimdmat.dll - ok
19:45:39.0031 2968  [ A09B328F34B9BBD19B52DD2FD3A9BB8A ] C:\WINDOWS\system32\modemui.dll
19:45:39.0031 2968  C:\WINDOWS\system32\modemui.dll - ok
19:45:39.0046 2968  [ 0EA399CCF61DEF3F8A60849E5457AE1D ] C:\WINDOWS\system32\actxprxy.dll
19:45:39.0046 2968  C:\WINDOWS\system32\actxprxy.dll - ok
19:45:39.0046 2968  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
19:45:39.0046 2968  C:\WINDOWS\system32\wups.dll - ok
19:45:39.0062 2968  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
19:45:39.0062 2968  C:\WINDOWS\system32\wups2.dll - ok
19:45:39.0078 2968  [ C2A6642A3C96D332C41CF6954FE32A16 ] C:\WINDOWS\system32\kmddsp.tsp
19:45:39.0078 2968  C:\WINDOWS\system32\kmddsp.tsp - ok
19:45:39.0078 2968  [ FB37D77100C585249FEEC421338BC92E ] C:\WINDOWS\system32\ndptsp.tsp
19:45:39.0078 2968  C:\WINDOWS\system32\ndptsp.tsp - ok
19:45:39.0078 2968  [ 91789748170E81C3E4963A3858DCCED9 ] C:\WINDOWS\system32\ipconf.tsp
19:45:39.0078 2968  C:\WINDOWS\system32\ipconf.tsp - ok
19:45:39.0093 2968  [ EB25D1ABAA9C07CFEA0D26F282ADD42E ] C:\WINDOWS\system32\h323.tsp
19:45:39.0093 2968  C:\WINDOWS\system32\h323.tsp - ok
19:45:39.0109 2968  [ E1B23CA348F652512D076D6283D360B3 ] C:\WINDOWS\system32\hidphone.tsp
19:45:39.0109 2968  C:\WINDOWS\system32\hidphone.tsp - ok
19:45:39.0109 2968  [ 49A876E86C85BDEF28EA58E9B35FCF6E ] C:\WINDOWS\system32\hid.dll
19:45:39.0109 2968  C:\WINDOWS\system32\hid.dll - ok
19:45:39.0125 2968  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
19:45:39.0125 2968  C:\WINDOWS\system32\wuauclt.exe - ok
19:45:39.0125 2968  [ BC7CB447DD690B55E9FB7D0815164215 ] C:\WINDOWS\system32\cryptnet.dll
19:45:39.0125 2968  C:\WINDOWS\system32\cryptnet.dll - ok
19:45:39.0140 2968  [ BCF6BF6AF8E1892A3623DF32D25EE690 ] C:\WINDOWS\system32\sensapi.dll
19:45:39.0140 2968  C:\WINDOWS\system32\sensapi.dll - ok
19:45:39.0140 2968  [ 75C1CA5B61414748CE9BCF3C7A52C39F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
19:45:39.0140 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll - ok
19:45:39.0156 2968  [ C4E4C037245CD2A2610EE58F46614712 ] C:\WINDOWS\system32\ipnathlp.dll
19:45:39.0156 2968  C:\WINDOWS\system32\ipnathlp.dll - ok
19:45:39.0171 2968  [ 1F174A1BF0B7718ECB8D1821AD1D3166 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll
19:45:39.0171 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll - ok
19:45:39.0171 2968  [ F160073B9B9D95F65B6D467E88A52F00 ] C:\WINDOWS\system32\browser.dll
19:45:39.0171 2968  C:\WINDOWS\system32\browser.dll - ok
19:45:39.0187 2968  [ 54E18ADDC60A2054CF99B2E847A6D378 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll
19:45:39.0187 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll - ok
19:45:39.0187 2968  [ 6BCBED73231F5D30B92DEE591B6679E9 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
19:45:39.0187 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll - ok
19:45:39.0203 2968  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
19:45:39.0203 2968  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
19:45:39.0218 2968  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
19:45:39.0218 2968  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
19:45:39.0234 2968  [ B80933A7E3D63277A23F9882BF839DB5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
19:45:39.0234 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll - ok
19:45:39.0234 2968  [ 807D6E637C0C580E5C4B16F4CCABD080 ] C:\WINDOWS\system32\wlanapi.dll
19:45:39.0234 2968  C:\WINDOWS\system32\wlanapi.dll - ok
19:45:39.0250 2968  [ DE35EFF35C9EB0B381709CF979537E2A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll
19:45:39.0250 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll - ok
19:45:39.0265 2968  [ 332AEC27F14DB0094D658FCCFEF09D5F ] C:\WINDOWS\system32\wbem\wbemprox.dll
19:45:39.0265 2968  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
19:45:39.0265 2968  [ 0EA7ED364F997AD4A559F25D290C756D ] C:\WINDOWS\system32\wbem\wbemcomn.dll
19:45:39.0265 2968  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
19:45:39.0281 2968  [ BE1C4F771A1BEAE2DF180011264DE0D9 ] C:\WINDOWS\system32\wbem\wbemcore.dll
19:45:39.0281 2968  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
19:45:39.0281 2968  [ 4695AB95C0128EE425D936F5D4A92CE0 ] C:\WINDOWS\system32\wbem\esscli.dll
19:45:39.0281 2968  C:\WINDOWS\system32\wbem\esscli.dll - ok
19:45:39.0296 2968  [ E436F823E5D5A429BCC35C9C56A3E5C9 ] C:\WINDOWS\system32\wbem\fastprox.dll
19:45:39.0296 2968  C:\WINDOWS\system32\wbem\fastprox.dll - ok
19:45:39.0312 2968  [ 7560A5FC446B2C02E31B65CBD2A7FA7B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
19:45:39.0312 2968  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
19:45:39.0312 2968  [ 7DBC1E2449C1C063B6B68CB1FBBF6BA0 ] C:\WINDOWS\system32\wbem\wmiutils.dll
19:45:39.0312 2968  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
19:45:39.0328 2968  [ 0FC21D9EE35320232F2EA71D134B4EAC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
19:45:39.0328 2968  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
19:45:39.0328 2968  [ BD0CD9754C6FB9523EF0DC52A7D809FC ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
19:45:39.0328 2968  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
19:45:39.0343 2968  [ 94318B05AEE17E1D6E3A86C71B06EA4F ] C:\WINDOWS\system32\wbem\wbemess.dll
19:45:39.0343 2968  C:\WINDOWS\system32\wbem\wbemess.dll - ok
19:45:39.0343 2968  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
19:45:39.0343 2968  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
19:45:39.0359 2968  [ 90668DA1B44BC2FD3CFFFE5291A69E68 ] C:\WINDOWS\system32\wbem\cimwin32.dll
19:45:39.0359 2968  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
19:45:39.0359 2968  [ 09B3FB7EEB1DAC19220D6548CEBD2C72 ] C:\WINDOWS\system32\wbem\framedyn.dll
19:45:39.0359 2968  C:\WINDOWS\system32\wbem\framedyn.dll - ok
19:45:39.0375 2968  [ 147355AC4A57006EF588FB0298452B32 ] C:\WINDOWS\system32\netcfgx.dll
19:45:39.0375 2968  C:\WINDOWS\system32\netcfgx.dll - ok
19:45:39.0390 2968  [ 9F0F55A61BA52FD45E22C4377FA66CE6 ] C:\WINDOWS\system32\rasmans.dll
19:45:39.0390 2968  C:\WINDOWS\system32\rasmans.dll - ok
19:45:39.0390 2968  [ 327E2663D0EED74150250DAC0B2F0BB7 ] C:\Program Files\Java\jre7\bin\awt.dll
19:45:39.0390 2968  C:\Program Files\Java\jre7\bin\awt.dll - ok
19:45:39.0406 2968  [ EF8B383B78C689E3709733DC32D00E30 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
19:45:39.0406 2968  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
19:45:39.0406 2968  [ 8A4EC001A4CBECD498A5B6EF62660B8D ] C:\Program Files\Java\jre7\bin\dcpr.dll
19:45:39.0406 2968  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
19:45:39.0421 2968  [ B4B9479282BB984ECF4B47A47D73FF85 ] C:\Program Files\Java\jre7\bin\deploy.dll
19:45:39.0421 2968  C:\Program Files\Java\jre7\bin\deploy.dll - ok
19:45:39.0421 2968  [ 91AD3759A90791F97C125DBCF3F6B70A ] C:\Program Files\Java\jre7\bin\fontmanager.dll
19:45:39.0437 2968  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
19:45:39.0437 2968  [ 88D4171DA8B349B4BA1DF170E44D0775 ] C:\Program Files\Java\jre7\bin\java.dll
19:45:39.0437 2968  C:\Program Files\Java\jre7\bin\java.dll - ok
19:45:39.0453 2968  [ CDE345C0035DC9CFB6960C542B0C2489 ] C:\Program Files\Java\jre7\bin\javaw.exe
19:45:39.0453 2968  C:\Program Files\Java\jre7\bin\javaw.exe - ok
19:45:39.0453 2968  [ B79B11F61F48BCC06512F32D66BA9907 ] C:\Program Files\Java\jre7\bin\jp2native.dll
19:45:39.0453 2968  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
19:45:39.0468 2968  [ 4F1BB3066C3009CD611B29FAB9F156B8 ] C:\Program Files\Java\jre7\bin\jpeg.dll
19:45:39.0468 2968  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
19:45:39.0484 2968  [ 73EF623D4CD238F297A4A4B0FBAE6147 ] C:\Program Files\Java\jre7\bin\net.dll
19:45:39.0484 2968  C:\Program Files\Java\jre7\bin\net.dll - ok
19:45:39.0484 2968  [ 32BA0D6E18354360224F1F16CC36AD3B ] C:\Program Files\Java\jre7\bin\nio.dll
19:45:39.0484 2968  C:\Program Files\Java\jre7\bin\nio.dll - ok
19:45:39.0500 2968  [ 072EB0B839C66230C0270FF456926398 ] C:\Program Files\Java\jre7\bin\verify.dll
19:45:39.0500 2968  C:\Program Files\Java\jre7\bin\verify.dll - ok
19:45:39.0515 2968  [ E86FEB7F883E356404A30BD55AF67AAB ] C:\Program Files\Java\jre7\bin\zip.dll
19:45:39.0515 2968  C:\Program Files\Java\jre7\bin\zip.dll - ok
19:45:39.0515 2968  [ 7D5F3F8484D2D59981B104B873E431DA ] C:\WINDOWS\system32\rastapi.dll
19:45:39.0515 2968  C:\WINDOWS\system32\rastapi.dll - ok
19:45:39.0531 2968  [ 89482328ADEA23DF2B2B0D6DCE5A1A76 ] C:\WINDOWS\system32\alg.exe
19:45:39.0531 2968  C:\WINDOWS\system32\alg.exe - ok
19:45:39.0531 2968  [ ECFEF96E1A61AF331F8F3B4B2B32D726 ] C:\WINDOWS\system32\rasppp.dll
19:45:39.0531 2968  C:\WINDOWS\system32\rasppp.dll - ok
19:45:39.0546 2968  [ C621EF97B3F516E987317560019F0A33 ] C:\WINDOWS\system32\ntlsapi.dll
19:45:39.0546 2968  C:\WINDOWS\system32\ntlsapi.dll - ok
19:45:39.0546 2968  [ 7745327005EAFC90F02F0D113576157A ] C:\WINDOWS\system32\rasqec.dll
19:45:39.0546 2968  C:\WINDOWS\system32\rasqec.dll - ok
19:45:39.0562 2968  [ E01A3A0B77F1C01F0C1289AC29114AEE ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll
19:45:39.0562 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll - ok
19:45:39.0562 2968  [ 58E202572D3251BF2687BF841EA00CE0 ] C:\WINDOWS\system32\termsrv.dll
19:45:39.0578 2968  C:\WINDOWS\system32\termsrv.dll - ok
19:45:39.0578 2968  [ 2E90E1AE376CF8208DF68E229C1022DA ] C:\WINDOWS\system32\icaapi.dll
19:45:39.0578 2968  C:\WINDOWS\system32\icaapi.dll - ok
19:45:39.0593 2968  [ D16980EBB179012A8CDA7BD0326AAC23 ] C:\WINDOWS\system32\mstlsapi.dll
19:45:39.0593 2968  C:\WINDOWS\system32\mstlsapi.dll - ok
19:45:39.0593 2968  [ 0E55E7748CAAF919113FC0E0E5A42251 ] C:\WINDOWS\system32\wbem\ncprov.dll
19:45:39.0593 2968  C:\WINDOWS\system32\wbem\ncprov.dll - ok
19:45:39.0609 2968  [ FC5E6B8AD5E444468B3CC117B0CB704A ] C:\WINDOWS\system32\wbem\wbemcons.dll
19:45:39.0609 2968  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
19:45:39.0609 2968  [ CF27E66E77A1E85902A45F54D0472ED0 ] C:\WINDOWS\system32\msxml3.dll
19:45:39.0609 2968  C:\WINDOWS\system32\msxml3.dll - ok
19:45:39.0625 2968  [ 5AAEF1814A9BB4EE428A7AB138306DF5 ] C:\WINDOWS\system32\security.dll
19:45:39.0625 2968  C:\WINDOWS\system32\security.dll - ok
19:45:39.0640 2968  [ 7350F92E0B8AD6C880BF7CB5B2D776EA ] C:\WINDOWS\system32\wbem\wmipcima.dll
19:45:39.0640 2968  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
19:45:39.0640 2968  [ 8511AC0250DA5F9A583B6FC784DEC285 ] C:\WINDOWS\system32\wbem\wmiadap.exe
19:45:39.0640 2968  C:\WINDOWS\system32\wbem\wmiadap.exe - ok
19:45:39.0656 2968  [ 2937777C4AA22504043C9FACEECAF0A6 ] C:\WINDOWS\system32\loadperf.dll
19:45:39.0656 2968  C:\WINDOWS\system32\loadperf.dll - ok
19:45:39.0656 2968  [ 809BEDF8A22571AA4FB4441C3DD8A9DE ] C:\WINDOWS\system32\mpnotify.exe
19:45:39.0656 2968  C:\WINDOWS\system32\mpnotify.exe - ok
19:45:39.0671 2968  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
19:45:39.0671 2968  C:\WINDOWS\system32\wuapi.dll - ok
19:45:39.0671 2968  [ 640B99F3E13B64AEA873CE2DA4E06FF7 ] C:\WINDOWS\system32\cscui.dll
19:45:39.0671 2968  C:\WINDOWS\system32\cscui.dll - ok
19:45:39.0687 2968  [ 1F49A5C3FDFE615AB2AEAAF11F6A756B ] C:\WINDOWS\system32\dpcdll.dll
19:45:39.0687 2968  C:\WINDOWS\system32\dpcdll.dll - ok
19:45:39.0687 2968  [ FF1ACD292F95E208EE77DA849032A0BF ] C:\WINDOWS\system32\wdmaud.drv
19:45:39.0687 2968  C:\WINDOWS\system32\wdmaud.drv - ok
19:45:39.0703 2968  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
19:45:39.0703 2968  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
19:45:39.0718 2968  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
19:45:39.0718 2968  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
19:45:39.0718 2968  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
19:45:39.0718 2968  C:\WINDOWS\system32\drivers\splitter.sys - ok
19:45:39.0734 2968  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
19:45:39.0734 2968  C:\WINDOWS\system32\drivers\aec.sys - ok
19:45:39.0734 2968  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
19:45:39.0734 2968  C:\WINDOWS\system32\drivers\swmidi.sys - ok
19:45:39.0750 2968  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
19:45:39.0750 2968  C:\WINDOWS\system32\drivers\dmusic.sys - ok
19:45:39.0750 2968  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
19:45:39.0750 2968  C:\WINDOWS\system32\drivers\kmixer.sys - ok
19:45:39.0765 2968  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
19:45:39.0765 2968  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
19:45:39.0781 2968  [ FDE713C1AC34FD99C5B2F979FB2AC71E ] C:\WINDOWS\system32\msacm32.drv
19:45:39.0781 2968  C:\WINDOWS\system32\msacm32.drv - ok
19:45:39.0781 2968  [ 1E2732AB57708FC057D625A8ECE0808A ] C:\WINDOWS\system32\midimap.dll
19:45:39.0781 2968  C:\WINDOWS\system32\midimap.dll - ok
19:45:39.0796 2968  [ B2B4E4722CAAFE109BEC13773BCB75B0 ] C:\WINDOWS\system32\userinit.exe
19:45:39.0796 2968  C:\WINDOWS\system32\userinit.exe - ok
19:45:39.0796 2968  [ E08281DCDE69DD9E5EBBF9B3F0454D42 ] C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
19:45:39.0796 2968  C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe - ok
19:45:39.0812 2968  [ 9A7F1691F76E019C11481B6355125072 ] C:\Program Files\real\RealUpgrade\realupgrade.exe
19:45:39.0812 2968  C:\Program Files\real\RealUpgrade\realupgrade.exe - ok
19:45:39.0828 2968  [ CA3445DCE9EB70A2CA2504E0AF5C543F ] C:\WINDOWS\explorer.exe
19:45:39.0828 2968  C:\WINDOWS\explorer.exe - ok
19:45:39.0828 2968  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
19:45:39.0828 2968  C:\WINDOWS\system32\msvcp100.dll - ok
19:45:39.0843 2968  [ B7D0F1FA8926F0D58B7A000E5DAB4B3E ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
19:45:39.0843 2968  C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
19:45:39.0843 2968  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
19:45:39.0843 2968  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
19:45:39.0859 2968  [ 3E7F6ED9C02FDB53A0F73D4CB2DE3232 ] C:\WINDOWS\system32\browseui.dll
19:45:39.0859 2968  C:\WINDOWS\system32\browseui.dll - ok
19:45:39.0859 2968  [ 8F9D6B4AB86A39319078814ABBDD40BC ] C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll
19:45:39.0859 2968  C:\Program Files\real\RealUpgrade\Common\hxmedpltfm.dll - ok
19:45:39.0875 2968  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
19:45:39.0875 2968  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
19:45:39.0875 2968  [ 47188B0092466FD476E23DEA70CC1D4F ] C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll
19:45:39.0875 2968  C:\Program Files\real\RealUpgrade\Plugins\upgrade.dll - ok
19:45:39.0890 2968  [ DB8BF33FA3E29F66E4025493A3370516 ] C:\WINDOWS\system32\shdocvw.dll
19:45:39.0890 2968  C:\WINDOWS\system32\shdocvw.dll - ok
19:45:39.0906 2968  [ 8AF2CF2942F7351BA55FAABD02EB5EBF ] C:\WINDOWS\system32\dbghelp.dll
19:45:39.0906 2968  C:\WINDOWS\system32\dbghelp.dll - ok
19:45:39.0906 2968  [ CA5D51B6CFC1A923B545A156ADEB444D ] C:\WINDOWS\system32\mstask.dll
19:45:39.0906 2968  C:\WINDOWS\system32\mstask.dll - ok
19:45:39.0921 2968  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
19:45:39.0921 2968  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
19:45:39.0921 2968  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
19:45:39.0921 2968  C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
19:45:39.0937 2968  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
19:45:39.0937 2968  C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
19:45:39.0953 2968  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
19:45:39.0953 2968  C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
19:45:39.0953 2968  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
19:45:39.0953 2968  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
19:45:39.0968 2968  [ F65E6E98A9DC48A14F1BB50D1FB0A3EC ] C:\WINDOWS\system32\desk.cpl
19:45:39.0968 2968  C:\WINDOWS\system32\desk.cpl - ok
19:45:39.0968 2968  [ 48E55E09CFD258472F94A0E354918F75 ] C:\WINDOWS\system32\themeui.dll
19:45:39.0984 2968  C:\WINDOWS\system32\themeui.dll - ok
19:45:39.0984 2968  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
19:45:40.0000 2968  C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
19:45:40.0000 2968  [ 69A949F88C37DDD5FD150D661E5989E2 ] C:\WINDOWS\system32\cmd.exe
19:45:40.0000 2968  C:\WINDOWS\system32\cmd.exe - ok
19:45:40.0015 2968  [ ED093DEF1F3CFA1FBE010B8DA06A4E20 ] C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe
19:45:40.0015 2968  C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe - ok
19:45:40.0015 2968  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Owner\LOCALS~1\temp\D9516C46-F4B1-40DF-A32D-49E4E3662559.exe
19:45:40.0015 2968  C:\DOCUME~1\Owner\LOCALS~1\temp\D9516C46-F4B1-40DF-A32D-49E4E3662559.exe - ok
19:45:40.0031 2968  [ 222D3B58C44C90404FB973BA23049C5E ] C:\WINDOWS\system32\msutb.dll
19:45:40.0031 2968  C:\WINDOWS\system32\msutb.dll - ok
19:45:40.0031 2968  [ D7E10332EFD1E3069849E3DCABAFFC39 ] C:\WINDOWS\system32\msctf.dll
19:45:40.0031 2968  C:\WINDOWS\system32\msctf.dll - ok
19:45:40.0046 2968  [ F3826CDBF19EC880750D77E0F06A7FA1 ] C:\WINDOWS\system32\linkinfo.dll
19:45:40.0046 2968  C:\WINDOWS\system32\linkinfo.dll - ok
19:45:40.0062 2968  [ 106E8B02AF1E4D7CF5293782B8AEE986 ] C:\WINDOWS\system32\ntshrui.dll
19:45:40.0062 2968  C:\WINDOWS\system32\ntshrui.dll - ok
19:45:40.0062 2968  [ 1E8BFD9C1E124F066960251355EDEDE9 ] C:\WINDOWS\system32\verclsid.exe
19:45:40.0062 2968  C:\WINDOWS\system32\verclsid.exe - ok
19:45:40.0078 2968  [ 095B56D71D4C6AF017712B0E59C66166 ] C:\WINDOWS\system32\igfxtray.exe
19:45:40.0078 2968  C:\WINDOWS\system32\igfxtray.exe - ok
19:45:40.0078 2968  [ EE2AC08BE7024A781DF6F40870ED748D ] C:\WINDOWS\system32\hkcmd.exe
19:45:40.0078 2968  C:\WINDOWS\system32\hkcmd.exe - ok
19:45:40.0093 2968  [ 6DB4E2CFE0011E3CF247928AB7B42DA5 ] C:\WINDOWS\system32\PV92Tray.exe
19:45:40.0093 2968  C:\WINDOWS\system32\PV92Tray.exe - ok
19:45:40.0093 2968  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\03342984.sys
19:45:40.0093 2968  C:\WINDOWS\system32\drivers\03342984.sys - ok
19:45:40.0109 2968  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
19:45:40.0109 2968  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
19:45:40.0109 2968  [ 3F4AA8725BC5223C950690F5E8D20E47 ] C:\WINDOWS\system32\hccutils.dll
19:45:40.0109 2968  C:\WINDOWS\system32\hccutils.dll - ok
19:45:40.0125 2968  [ 507A2069320F189E9FE5FEA5DE8F243F ] C:\WINDOWS\system32\mfc42.dll
19:45:40.0125 2968  C:\WINDOWS\system32\mfc42.dll - ok
19:45:40.0125 2968  [ F5F1A8CDD473D55F9BF6FE23F715B0FA ] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
19:45:40.0125 2968  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - ok
19:45:40.0140 2968  [ A940874B1904F1C48D09F9196F9BC178 ] C:\Program Files\HP\hpcoretech\hpvcr70.dll
19:45:40.0140 2968  C:\Program Files\HP\hpcoretech\hpvcr70.dll - ok
19:45:40.0156 2968  [ C92D20A6E35E232004D83DC10A78878A ] C:\Program Files\Microsoft Office\Office12\USP10.DLL
19:45:40.0156 2968  C:\Program Files\Microsoft Office\Office12\USP10.DLL - ok
19:45:40.0156 2968  [ 11A669F45E55F6118D274C35BD195153 ] C:\WINDOWS\system32\mfc42loc.dll
19:45:40.0156 2968  C:\WINDOWS\system32\mfc42loc.dll - ok
19:45:40.0171 2968  [ FF352BA8B9DA8FA5CD06CA2B8EAD765E ] C:\WINDOWS\SOUNDMAN.EXE
19:45:40.0171 2968  C:\WINDOWS\SOUNDMAN.EXE - ok
19:45:40.0171 2968  [ 6FF1042E4F74B5D411BAB65E82B44D12 ] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
19:45:40.0171 2968  C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe - ok
19:45:40.0187 2968  [ C70B8080C67E6DC91F2EFCE5F9145C0A ] C:\WINDOWS\system32\dsound.dll
19:45:40.0187 2968  C:\WINDOWS\system32\dsound.dll - ok
19:45:40.0187 2968  [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:45:40.0203 2968  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
19:45:40.0203 2968  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
19:45:40.0203 2968  C:\WINDOWS\system32\msxml4.dll - ok
19:45:40.0218 2968  [ 6E95474CB9E22BC9768EFA176C6A0A29 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
19:45:40.0218 2968  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
19:45:40.0218 2968  [ 68A8CBE8C5A3B110E383CD798503F87F ] C:\WINDOWS\system32\bthprops.cpl
19:45:40.0218 2968  C:\WINDOWS\system32\bthprops.cpl - ok
19:45:40.0234 2968  [ 19E0B84C6F29CD1D9EBDD479D6AA895D ] C:\WINDOWS\system32\devmgr.dll
19:45:40.0234 2968  C:\WINDOWS\system32\devmgr.dll - ok
19:45:40.0234 2968  [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files\iTunes\iTunesHelper.exe
19:45:40.0234 2968  C:\Program Files\iTunes\iTunesHelper.exe - ok
19:45:40.0250 2968  [ 9CA73F6442BF4936E9DA38C9DF613DF6 ] C:\Program Files\Linksys\Linksys Wireless Manager\lcid\1033\nmasrsrc.dll
19:45:40.0250 2968  C:\Program Files\Linksys\Linksys Wireless Manager\lcid\1033\nmasrsrc.dll - ok
19:45:40.0265 2968  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Program Files\real\realplayer\Update\realsched.exe
19:45:40.0265 2968  C:\Program Files\real\realplayer\Update\realsched.exe - ok
19:45:40.0265 2968  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:45:40.0265 2968  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:45:40.0281 2968  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
19:45:40.0281 2968  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
19:45:40.0281 2968  [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files\iTunes\iTunesHelper.dll
19:45:40.0281 2968  C:\Program Files\iTunes\iTunesHelper.dll - ok
19:45:40.0296 2968  [ F6F76CEC392E35D5C28409013E1BE7A8 ] C:\WINDOWS\system32\igfxdev.dll
19:45:40.0296 2968  C:\WINDOWS\system32\igfxdev.dll - ok
19:45:40.0312 2968  [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
19:45:40.0312 2968  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
19:45:40.0312 2968  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
19:45:40.0312 2968  C:\Program Files\Microsoft Security Client\msseces.exe - ok
19:45:40.0328 2968  [ 252F972131EB23596C20B82CA190DC5C ] C:\WINDOWS\system32\ctfmon.exe
19:45:40.0328 2968  C:\WINDOWS\system32\ctfmon.exe - ok
19:45:40.0328 2968  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
19:45:40.0328 2968  C:\WINDOWS\system32\webcheck.dll - ok
19:45:40.0343 2968  [ 5B6CAC3413D122AC7C35165602E02416 ] C:\WINDOWS\system32\imapi.exe
19:45:40.0343 2968  C:\WINDOWS\system32\imapi.exe - ok
19:45:40.0343 2968  [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
19:45:40.0343 2968  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
19:45:40.0359 2968  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
19:45:40.0359 2968  C:\WINDOWS\system32\advpack.dll - ok
19:45:40.0359 2968  [ 748169AF7B6E49443D841E31C1F74793 ] C:\WINDOWS\ime\sptip.dll
19:45:40.0359 2968  C:\WINDOWS\ime\sptip.dll - ok
19:45:40.0375 2968  [ EE5B38DD8B8EBBE8868B9EF00B815585 ] C:\Program Files\real\realplayer\Update\setu3270.dll
19:45:40.0375 2968  C:\Program Files\real\realplayer\Update\setu3270.dll - ok
19:45:40.0390 2968  [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
19:45:40.0390 2968  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
19:45:40.0390 2968  [ 34E478788F9231FA854FC299873E3068 ] C:\WINDOWS\system32\ddraw.dll
19:45:40.0390 2968  C:\WINDOWS\system32\ddraw.dll - ok
19:45:40.0406 2968  [ B959116DD8D52652000E95A9AA925FF2 ] C:\WINDOWS\system32\stobject.dll
19:45:40.0406 2968  C:\WINDOWS\system32\stobject.dll - ok
19:45:40.0406 2968  [ 17029D1561E0516CD505215504066845 ] C:\WINDOWS\system32\dciman32.dll
19:45:40.0406 2968  C:\WINDOWS\system32\dciman32.dll - ok
19:45:40.0421 2968  [ 286AAA761254F247A09DF75A5ED4EF18 ] C:\Program Files\HP\hpcoretech\hpcmpmgr.dll
19:45:40.0421 2968  C:\Program Files\HP\hpcoretech\hpcmpmgr.dll - ok
19:45:40.0421 2968  [ A86DEF0D39A03B36F61F2A8763711ED5 ] C:\WINDOWS\system32\batmeter.dll
19:45:40.0421 2968  C:\WINDOWS\system32\batmeter.dll - ok
19:45:40.0437 2968  [ 6474AF152CD6025F781D7A5F2B8B6084 ] C:\WINDOWS\system32\igfxsrvc.dll
19:45:40.0437 2968  C:\WINDOWS\system32\igfxsrvc.dll - ok
19:45:40.0453 2968  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
19:45:40.0453 2968  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
19:45:40.0453 2968  [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
19:45:40.0453 2968  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
19:45:40.0468 2968  [ 01243FA89FBEC041E873DE8386138440 ] C:\Program Files\real\realplayer\realplay.exe
19:45:40.0468 2968  C:\Program Files\real\realplayer\realplay.exe - ok
19:45:40.0468 2968  [ DABB8CBCCE3F2E8333BE33BF98380726 ] C:\WINDOWS\system32\mydocs.dll
19:45:40.0468 2968  C:\WINDOWS\system32\mydocs.dll - ok
19:45:40.0484 2968  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
19:45:40.0484 2968  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
19:45:40.0500 2968  [ C44BA99AFB3EF1BD329362C5DABD9D2E ] C:\WINDOWS\system32\igfxres.dll
19:45:40.0500 2968  C:\WINDOWS\system32\igfxres.dll - ok
19:45:40.0500 2968  [ C69659544CACB851AC0790F4A05FB9FA ] C:\WINDOWS\system32\upnpui.dll
19:45:40.0500 2968  C:\WINDOWS\system32\upnpui.dll - ok
19:45:40.0515 2968  [ 69327BEDF2B2C2BCE3C598E829FCB44A ] C:\WINDOWS\system32\igfxhk.dll
19:45:40.0515 2968  C:\WINDOWS\system32\igfxhk.dll - ok
19:45:40.0515 2968  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
19:45:40.0515 2968  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
19:45:40.0531 2968  [ 1BD976DD77B31FE0F25708AD5C1351AE ] C:\Program Files\Linksys\Linksys Wireless Manager\x86\difxapi.dll
19:45:40.0531 2968  C:\Program Files\Linksys\Linksys Wireless Manager\x86\difxapi.dll - ok
19:45:40.0531 2968  [ 4419A6AB33A0A715A3C7A3A0FF53CCC8 ] C:\WINDOWS\system32\upnp.dll
19:45:40.0531 2968  C:\WINDOWS\system32\upnp.dll - ok
19:45:40.0546 2968  [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
19:45:40.0546 2968  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
19:45:40.0562 2968  [ 130203D3313A0323DC333B941C3AA87A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll
19:45:40.0562 2968  C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll - ok
19:45:40.0562 2968  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
19:45:40.0562 2968  C:\WINDOWS\system32\msls31.dll - ok
19:45:40.0578 2968  [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
19:45:40.0578 2968  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
19:45:40.0578 2968  [ 3C0CD32627DFAC63A513ED8AF1252E69 ] C:\WINDOWS\system32\igfxress.dll
19:45:40.0578 2968  C:\WINDOWS\system32\igfxress.dll - ok
19:45:40.0593 2968  [ E01B1D5CF6EB31BBA419D90DDFA0FE74 ] C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
19:45:40.0593 2968  C:\Program Files\HP\hpcoretech\soln\HPOSM.exe - ok
19:45:40.0593 2968  [ CB41F8C8DE2D846CEA58CA82AC7D1687 ] C:\WINDOWS\system32\hpvaut32.dll
19:45:40.0593 2968  C:\WINDOWS\system32\hpvaut32.dll - ok
19:45:40.0609 2968  [ A940874B1904F1C48D09F9196F9BC178 ] C:\WINDOWS\system32\hpvcr70.dll
19:45:40.0609 2968  C:\WINDOWS\system32\hpvcr70.dll - ok
19:45:40.0609 2968  [ E46B17060D3962A384AE484094614788 ] C:\Program Files\iPod\bin\iPodService.exe
19:45:40.0609 2968  C:\Program Files\iPod\bin\iPodService.exe - ok
19:45:40.0625 2968  [ 691BAF41144EBDE972A66C5EB5210FC8 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
19:45:40.0625 2968  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
19:45:40.0640 2968  [ 665FBA44C65BAC9EE8AF9A5E37036640 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
19:45:40.0640 2968  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
19:45:40.0640 2968  [ FB564FF2C5AEC5850176E59517400E41 ] C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
19:45:40.0640 2968  C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe - ok
19:45:40.0656 2968  [ CBFC83DF6DFD5A1FBD05A9E721E65776 ] C:\WINDOWS\system32\rasdlg.dll
19:45:40.0656 2968  C:\WINDOWS\system32\rasdlg.dll - ok
19:45:40.0656 2968  [ 69539DC5EE4E99EA1D6757751D55374D ] C:\WINDOWS\system32\hpvcp70.dll
19:45:40.0656 2968  C:\WINDOWS\system32\hpvcp70.dll - ok
19:45:40.0671 2968  [ 020D5F7ABD814935C1BBD55D97F11DB8 ] C:\Program Files\real\realplayer\rpwa3260.dll
19:45:40.0671 2968  C:\Program Files\real\realplayer\rpwa3260.dll - ok
19:45:40.0687 2968  [ F36542F2EDC7BB0EE1A47157A7883EA6 ] C:\Program Files\HP\hpcoretech\comp\hpschedr.dll
19:45:40.0687 2968  C:\Program Files\HP\hpcoretech\comp\hpschedr.dll - ok
19:45:40.0687 2968  [ F6000997B69DD8C8300C774363C2A30C ] C:\WINDOWS\system32\fxsst.dll
19:45:40.0687 2968  C:\WINDOWS\system32\fxsst.dll - ok
19:45:40.0703 2968  [ A72696390AD8216E59D5698CDC7C51C2 ] C:\WINDOWS\system32\drprov.dll
19:45:40.0703 2968  C:\WINDOWS\system32\drprov.dll - ok
19:45:40.0703 2968  [ 24CD45EED78C2EFD821EEADFD87642E2 ] C:\WINDOWS\system32\ntlanman.dll
19:45:40.0703 2968  C:\WINDOWS\system32\ntlanman.dll - ok
19:45:40.0718 2968  [ 15AE624FE50F05B44E77A12FE4B68F05 ] C:\WINDOWS\system32\netui0.dll
19:45:40.0718 2968  C:\WINDOWS\system32\netui0.dll - ok
19:45:40.0718 2968  [ B715F494A2724FA6FF0BEDE08656E1CC ] C:\WINDOWS\system32\netui1.dll
19:45:40.0718 2968  C:\WINDOWS\system32\netui1.dll - ok
19:45:40.0734 2968  [ 689BAED9EF7318509F9883473255C356 ] C:\WINDOWS\system32\davclnt.dll
19:45:40.0734 2968  C:\WINDOWS\system32\davclnt.dll - ok
19:45:40.0734 2968  ============================================================
19:45:40.0734 2968  Scan finished
19:45:40.0734 2968  ============================================================
19:45:40.0859 1396  Detected object count: 10
19:45:40.0859 1396  Actual detected object count: 10
19:48:53.0781 1396  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0781 1396  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0796 1396  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0796 1396  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0796 1396  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0796 1396  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0796 1396  Ptserial ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0796 1396  Ptserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0796 1396  SMBios ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0796 1396  SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0796 1396  TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0796 1396  TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0812 1396  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0812 1396  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0812 1396  Vmodem ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0812 1396  Vmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0812 1396  Vpctcom ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0812 1396  Vpctcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:53.0812 1396  Vvoice ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:53.0812 1396  Vvoice ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:49:16.0093 1256  Deinitialize success
 

I couldn't find a file with this name RKreport[2].txt. but I've included a log from another file.

let me know if it isn't the one u need

 

 

RogueKiller V8.6.1 [Jun 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Remove -- Date : 06/24/2013 19:55:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD400BB-00GFA0 +++++
--- User ---
[MBR] cc588e7b873de9e08c00f519ef2d3e6e
[BSP] 947ca6c8c699b65602b130c77344b791 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38154 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_06242013_195526.txt >>
RKreport[0]_S_06242013_195256.txt

 

till now I haven't got redircted to other pages in IE but I still could not run microsoft security essentials.



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:48 PM

Posted 24 June 2013 - 09:49 PM

Hello

I want you to uninstall MSE and reinstall it and see if it comes back to life


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 jaber.a

jaber.a
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:48 PM

Posted 25 June 2013 - 03:19 AM

Gringo,

 

Till now, resuscitation did not bring MSE back (Shock is advised :smash: )

 

 

AJ






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users