Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Involuntary Shutdown [Solved]

Started by Triskelion , Aug 06 2012 05:31 PM

This topic is locked

#16
Triskelion

Posted 14 August 2012 - 04:12 PM

Member

Topic Starter
Member
663 posts

I can't shut down his STUPID antivirus!!
Man I hate McAfee!

He's using McAfee Total Protection 2012

#17
CompCav

Posted 14 August 2012 - 04:19 PM

Member 5k

Expert
12,454 posts

Uninstall it then run this:

download the utility MCPR.exe (MCPR © McAfee, Inc)
Right-click the file MCPR.exe and select Run as administrator
once the process of deleting McAfee products is over (the removal process may take a minute), the McAfee Cleanup window appears.
click Yes to reboot your computer and to finish the removal process of McAfee products

We can reinstall later.

#18
Triskelion

Posted 15 August 2012 - 12:24 PM

Member

Topic Starter
Member
663 posts

Here is the CFLog:

ComboFix 12-08-14.05 - rhan125205 2012-08-15 11:36:29.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2015.1547 [GMT -6:00]
Running from: c:\documents and settings\rhan125205\Desktop\ComboFix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\drivers\afd.sys was found and disinfected
Restored copy from - The cat found it

.
((((((((((((((((((((((((( Files Created from 2012-07-15 to 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-14 23:38 . 2008-04-14 00:12 14336 ----a-w- c:\windows\system32\svchost.exe
2012-08-14 19:02 . 2012-08-14 19:03 -------- d-----w- C:\FRST
2012-08-10 01:32 . 2012-08-10 01:32 1409 ----a-w- c:\windows\QTFont.for
2012-08-09 17:08 . 2008-10-16 15:07 138496 -c--a-w- c:\windows\system32\dllcache\afd.sys
2012-08-09 17:08 . 2008-10-16 15:07 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2012-08-09 04:59 . 2012-08-09 04:59 -------- d-----w- C:\_OTL
2012-08-09 04:42 . 2012-08-09 04:42 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-08-09 04:41 . 2012-08-09 04:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2012-08-09 04:40 . 2012-08-09 21:53 -------- d-----w- c:\program files\Panda USB Vaccine
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-15 01:57 . 2012-06-15 01:36 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-15 01:57 . 2012-03-10 00:29 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
1999-06-25 17:55 . 2008-09-10 14:46 149504 ----a-w- c:\program files\UNWISE.EXE
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-09_17.43.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-15 17:57 . 2012-08-15 17:57 16384 c:\windows\Temp\Perflib_Perfdata_1dc.dat
+ 2007-04-22 19:43 . 2012-08-15 01:45 574476 c:\windows\system32\perfh009.dat
+ 2007-04-22 19:43 . 2012-08-15 01:45 114734 c:\windows\system32\perfc009.dat
+ 2011-06-06 18:55 . 2011-06-06 18:55 686464 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JP2KLib.dll
+ 2012-01-03 07:37 . 2012-01-03 07:37 320456 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearmhelper.exe
+ 2011-06-06 18:55 . 2011-06-06 18:55 937920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearm.exe
+ 2011-06-06 18:55 . 2011-06-06 18:55 5509512 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AGM.dll
+ 2012-08-15 18:15 . 2012-08-15 18:15 13123584 c:\windows\Installer\117740.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-02 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Map GRPS"="net use G: \\A100949\GRPS" [X]
"00THotkey"="c:\windows\system32\00THotkey.exe" [2006-07-05 258048]
"000StTHK"="000StTHK.exe" [2001-06-23 24576]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2007-04-10 159744]
"TOSDCR"="TOSDCR.EXE" [2005-12-13 57344]
"NDSTray.exe"="NDSTray.exe" [BU]
"DDWMon"="c:\program files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe" [2007-04-14 311296]
"TFNF5"="TFNF5.exe" [2006-04-10 622592]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-23 196608]
"atchk"="c:\program files\Intel\AMT\atchk.exe" [2007-04-10 404248]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-12 16125440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-13 8433664]
"nwiz"="nwiz.exe" [2007-06-13 1626112]
"NVRotateSysTray"="c:\windows\system32\nvsysrot.dll" [2007-06-13 49152]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"TFncKy"="TFncKy.exe" [BU]
"TMERzCtl.EXE"="c:\program files\TOSHIBA\TME3\TMERzCtl.EXE" [2006-04-26 90112]
"TMESRV.EXE"="c:\program files\TOSHIBA\TME3\TMESRV31.EXE" [2005-12-14 126976]
"DpUtil"="c:\program files\TOSHIBA\DualPointUtility\TEDTray.exe" [2005-06-29 155648]
"TPSODDCtl"="TPSODDCtl.exe" [2007-02-02 110592]
"TPSMain"="TPSMain.exe" [2006-07-26 315392]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2006-05-05 30208]
"IFXSPMGT"="c:\windows\system32\IFXSPMGT.exe" [2006-12-12 661024]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-10 385024]
"MSCRM"="c:\program files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe" [2010-09-19 58216]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-25 198160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"WMTFormatConversion"="c:\program files\Common Files\WMT\WMTFormatConversion.exe" [2012-05-20 52192]
.
c:\documents and settings\rhan125205\Start Menu\Programs\Startup\
PandaUSBVaccine.lnk - c:\program files\Panda USB Vaccine\USBVaccine.exe [2012-8-8 1287176]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2004-11-01 17:50 8704 ----a-w- c:\windows\system32\PCANotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-05-05 22:48 40448 ----a-w- c:\windows\system32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Afaria Client Generic Scheduler.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Afaria Client Generic Scheduler.lnk
backup=c:\windows\pss\Afaria Client Generic Scheduler.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 04:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2006-07-21 16:00 98304 ----a-r- c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-01-10 20:27 385024 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-02-02 19:48 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-03-25 19:52 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2010-01-07 20:38 158448 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony\\Reader\\Data\\bin\\eBook Library.exe"=
"c:\\Program Files\\Microsoft Dynamics CRM\\Client\\res\\web\\bin\\Microsoft.Crm.Application.Hoster.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"=
"c:\\Desjardins\\Accueil\\accueil.exe"=
"c:\\Desjardins\\RENTE\\MAX.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"\\??\\c:\\WINDOWS\\system32\\winlogon.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2007-03-22 2:07 PM 20992]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-03-09 4:23 PM 6528]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2006-12-12 39080]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [2008-01-24 2:45 PM 5888]
R2 CrmSqlStartupSvc;CrmSqlStartupSvc;c:\program files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe [2010-09-19 6:02 AM 23912]
R2 FdRedir;FdRedir;c:\program files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-05-05 5:00 PM 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-05-05 4:59 PM 33024]
R2 MSSQL$CRM;SQL Server (CRM);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 6:29 AM 29178224]
R2 smihlp;SMI helper driver;c:\program files\Protector Suite QL\smihlp.sys [2006-05-05 4:33 PM 3456]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2007-03-26 1:22 PM 105856]
R2 Tmesrv;Tmesrv3;c:\program files\TOSHIBA\TME3\TMESRV31.exe [2008-01-24 2:45 PM 126976]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [2007-02-19 1:15 PM 134016]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [2007-07-16 1489688]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-04-22 2:20 PM 36608]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 5:52 PM 135664]
S2 LMIRescue_77e8d014-e780-4195-af98-cc8585ca6a01;LogMeIn Rescue (77e8d014-e780-4195-af98-cc8585ca6a01);"c:\windows\LMIC.tmp\LMI_Rescue_srv.exe" -service -sid 77e8d014-e780-4195-af98-cc8585ca6a01 --> c:\windows\LMIC.tmp\LMI_Rescue_srv.exe [?]
S2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [2003-07-23 3:44 AM 18848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 7:57 PM 257224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 5:52 PM 135664]
S3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe --> c:\progra~1\mcafee\msc\mcawfwk.exe [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
PCDRSRVC
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 01:57]
.
2012-06-02 c:\windows\Tasks\Afaria.job
- c:\nodesys\MAJ\SFL_ChS_CentresFinanciers.xec [2008-05-30 18:46]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 23:51]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 23:51]
.
2011-04-02 c:\windows\Tasks\Security Platform Backup Schedule.job
- c:\program files\Infineon\Security Platform Software\SpBackupWz.exe [2006-11-13 05:56]
.
2012-08-15 c:\windows\Tasks\User_Feed_Synchronization-{B04F67C6-07AC-4498-B692-D587CE7560AA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - c:\program files\TurboTax 2011\ic2011pp.dll
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-McAfeeUpdaterUI - c:\program files\McAfee\Common Framework\udaterui.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-McPvTray_exe - c:\program files\McAfee\MAT\McPvTray.exe
MSConfigStartUp-mcui_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-ShStatEXE - c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,4e,9b,b2,a7,4d,45,4f,89,d6,75,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,4e,9b,b2,a7,4d,45,4f,89,d6,75,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(752)
c:\windows\system32\vrlogon.dll
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\windows\system32\biologon.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\program files\Protector Suite QL\mysafe.dll
c:\program files\Protector Suite QL\crypto.dll
.
- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll
.
- - - - - - - > 'explorer.exe'(3344)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\program files\TOSHIBA\TME3\TMEEJMD.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Protector Suite QL\mysafe.dll
c:\program files\Protector Suite QL\infra.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Intel\AMT\atchksrv.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\AMT\LMS.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\ZuneBusEnum.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
c:\windows\system32\TFNF5.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
c:\program files\TOSHIBA\TME3\TMEEJME.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\TPSMain.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\system32\TPSBattM.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2012-08-15 12:21:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-15 18:21
ComboFix2.txt 2012-08-09 17:51
.
Pre-Run: 8,622,170,112 bytes free
Post-Run: 9,670,987,776 bytes free
.
- - End Of File - - 48053BF065E309B2DF6BE23398C7E3B1

Update: I also now have internet use and things are looking better.

Edited by Triskelion, 15 August 2012 - 12:30 PM.

#19
CompCav

Posted 15 August 2012 - 01:20 PM

Member 5k

Expert
12,454 posts

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

#20
Triskelion

Posted 15 August 2012 - 01:35 PM

Member

Topic Starter
Member
663 posts

Here is the TDSSKille report:

13:30:17.0062 2592 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

13:30:17.0765 2592 ============================================================

13:30:17.0765 2592 Current date / time: 2012/08/15 13:30:17.0765

13:30:17.0765 2592 SystemInfo:

13:30:17.0765 2592

13:30:17.0765 2592 OS Version: 5.1.2600 ServicePack: 3.0

13:30:17.0765 2592 Product type: Workstation

13:30:17.0765 2592 ComputerName: A101062

13:30:17.0765 2592 UserName: rhan125205

13:30:17.0765 2592 Windows directory: C:\WINDOWS

13:30:17.0765 2592 System windows directory: C:\WINDOWS

13:30:17.0765 2592 Processor architecture: Intel x86

13:30:17.0765 2592 Number of processors: 2

13:30:17.0765 2592 Page size: 0x1000

13:30:17.0765 2592 Boot type: Normal boot

13:30:17.0765 2592 ============================================================

13:30:18.0515 2592 BG loaded

13:30:18.0906 2592 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:30:18.0921 2592 ============================================================

13:30:18.0921 2592 \Device\Harddisk0\DR0:

13:30:18.0921 2592 MBR partitions:

13:30:18.0921 2592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD751727

13:30:18.0921 2592 ============================================================

13:30:18.0984 2592 Initialize success

13:30:18.0984 2592 ============================================================

13:30:49.0968 2616 ============================================================

13:30:49.0968 2616 Scan started

13:30:49.0968 2616 Mode: Manual; SigCheck; TDLFS;

13:30:49.0968 2616 ============================================================

13:30:50.0093 2616 ================ Scan services =============================

13:30:50.0109 2616 Abiosdsk - ok

13:30:50.0109 2616 abp480n5 - ok

13:30:50.0125 2616 ACPI - ok

13:30:50.0125 2616 ACPIEC - ok

13:30:50.0140 2616 AdobeFlashPlayerUpdateSvc - ok

13:30:50.0140 2616 adpu160m - ok

13:30:50.0140 2616 aec - ok

13:30:50.0140 2616 AegisP - ok

13:30:50.0156 2616 AFD - ok

13:30:50.0156 2616 AgereModemAudio - ok

13:30:50.0156 2616 AgereSoftModem - ok

13:30:50.0171 2616 Aha154x - ok

13:30:50.0171 2616 aic78u2 - ok

13:30:50.0171 2616 aic78xx - ok

13:30:50.0187 2616 Alerter - ok

13:30:50.0187 2616 ALG - ok

13:30:50.0187 2616 AliIde - ok

13:30:50.0203 2616 amsint - ok

13:30:50.0203 2616 ApfiltrService - ok

13:30:50.0203 2616 AppMgmt - ok

13:30:50.0218 2616 Arp1394 - ok

13:30:50.0218 2616 asc - ok

13:30:50.0218 2616 asc3350p - ok

13:30:50.0218 2616 asc3550 - ok

13:30:50.0234 2616 aspnet_state - ok

13:30:50.0250 2616 AsyncMac - ok

13:30:50.0250 2616 atapi - ok

13:30:50.0250 2616 atchksrv - ok

13:30:50.0250 2616 Atdisk - ok

13:30:50.0265 2616 Atmarpc - ok

13:30:50.0265 2616 AudioSrv - ok

13:30:50.0281 2616 audstub - ok

13:30:50.0281 2616 awecho - ok

13:30:50.0281 2616 awhost32 - ok

13:30:50.0296 2616 awlegacy - ok

13:30:50.0296 2616 AW_HOST - ok

13:30:50.0312 2616 Beep - ok

13:30:50.0312 2616 Browser - ok

13:30:50.0328 2616 catchme - ok

13:30:50.0328 2616 cbidf2k - ok

13:30:50.0328 2616 cd20xrnt - ok

13:30:50.0343 2616 Cdaudio - ok

13:30:50.0343 2616 Cdfs - ok

13:30:50.0359 2616 Cdrom - ok

13:30:50.0359 2616 CFSvcs - ok

13:30:50.0359 2616 Changer - ok

13:30:50.0375 2616 CiSvc - ok

13:30:50.0375 2616 ClipSrv - ok

13:30:50.0390 2616 clr_optimization_v2.0.50727_32 - ok

13:30:50.0406 2616 clr_optimization_v4.0.30319_32 - ok

13:30:50.0406 2616 CmBatt - ok

13:30:50.0406 2616 CmdIde - ok

13:30:50.0421 2616 Compbatt - ok

13:30:50.0421 2616 COMSysApp - ok

13:30:50.0421 2616 Cpqarray - ok

13:30:50.0437 2616 CrmSqlStartupSvc - ok

13:30:50.0437 2616 CryptSvc - ok

13:30:50.0453 2616 dac2w2k - ok

13:30:50.0453 2616 dac960nt - ok

13:30:50.0453 2616 DcomLaunch - ok

13:30:50.0453 2616 Dhcp - ok

13:30:50.0468 2616 Disk - ok

13:30:50.0468 2616 dmadmin - ok

13:30:50.0468 2616 dmboot - ok

13:30:50.0484 2616 dmio - ok

13:30:50.0484 2616 dmload - ok

13:30:50.0484 2616 dmserver - ok

13:30:50.0484 2616 DMusic - ok

13:30:50.0500 2616 Dnscache - ok

13:30:50.0500 2616 Dot3svc - ok

13:30:50.0500 2616 dpti2o - ok

13:30:50.0515 2616 drmkaud - ok

13:30:50.0515 2616 e1express - ok

13:30:50.0515 2616 EapHost - ok

13:30:50.0531 2616 ERSvc - ok

13:30:50.0531 2616 Eventlog - ok

13:30:50.0531 2616 EventSystem - ok

13:30:50.0546 2616 EvtEng - ok

13:30:50.0546 2616 Fastfat - ok

13:30:50.0546 2616 FastUserSwitchingCompatibility - ok

13:30:50.0562 2616 Fdc - ok

13:30:50.0562 2616 FdRedir - ok

13:30:50.0562 2616 FileDisk2 - ok

13:30:50.0562 2616 Fips - ok

13:30:50.0578 2616 Flpydisk - ok

13:30:50.0578 2616 FltMgr - ok

13:30:50.0578 2616 FontCache3.0.0.0 - ok

13:30:50.0593 2616 Fs_Rec - ok

13:30:50.0593 2616 Ftdisk - ok

13:30:50.0593 2616 Gernuwa - ok

13:30:50.0609 2616 Gpc - ok

13:30:50.0609 2616 gupdate - ok

13:30:50.0609 2616 gupdatem - ok

13:30:50.0625 2616 gusvc - ok

13:30:50.0625 2616 HDAudBus - ok

13:30:50.0625 2616 HECI - ok

13:30:50.0640 2616 helpsvc - ok

13:30:50.0640 2616 HidServ - ok

13:30:50.0640 2616 HidUsb - ok

13:30:50.0640 2616 hkmsvc - ok

13:30:50.0656 2616 hpn - ok

13:30:50.0656 2616 HTTP - ok

13:30:50.0656 2616 HTTPFilter - ok

13:30:50.0671 2616 i2omgmt - ok

13:30:50.0671 2616 i2omp - ok

13:30:50.0671 2616 i8042prt - ok

13:30:50.0687 2616 iaStor - ok

13:30:50.0687 2616 IDriverT - ok

13:30:50.0687 2616 idsvc - ok

13:30:50.0703 2616 IFXSpMgtSrv - ok

13:30:50.0703 2616 IFXTCS - ok

13:30:50.0703 2616 IFXTPM - ok

13:30:50.0718 2616 Imapi - ok

13:30:50.0718 2616 ImapiService - ok

13:30:50.0718 2616 ini910u - ok

13:30:50.0734 2616 IntcAzAudAddService - ok

13:30:50.0734 2616 IntelIde - ok

13:30:50.0750 2616 intelppm - ok

13:30:50.0750 2616 Ip6Fw - ok

13:30:50.0750 2616 IpFilterDriver - ok

13:30:50.0765 2616 IpInIp - ok

13:30:50.0765 2616 IpNat - ok

13:30:50.0765 2616 IPSec - ok

13:30:50.0765 2616 IRENUM - ok

13:30:50.0781 2616 isapnp - ok

13:30:50.0781 2616 JavaQuickStarterService - ok

13:30:50.0781 2616 Kbdclass - ok

13:30:50.0796 2616 kbdhid - ok

13:30:50.0796 2616 kmixer - ok

13:30:50.0796 2616 KSecDD - ok

13:30:50.0812 2616 lanmanserver - ok

13:30:50.0812 2616 lanmanworkstation - ok

13:30:50.0812 2616 lbrtfdc - ok

13:30:50.0828 2616 LmHosts - ok

13:30:50.0828 2616 LMIRescue_77e8d014-e780-4195-af98-cc8585ca6a01 - ok

13:30:50.0843 2616 LMS - ok

13:30:50.0843 2616 McAfeeFramework - ok

13:30:50.0843 2616 McAWFwk - ok

13:30:50.0859 2616 Messenger - ok

13:30:50.0859 2616 MLPTDR_Q - ok

13:30:50.0859 2616 mnmdd - ok

13:30:50.0875 2616 mnmsrvc - ok

13:30:50.0875 2616 Modem - ok

13:30:50.0875 2616 Mouclass - ok

13:30:50.0875 2616 mouhid - ok

13:30:50.0890 2616 MountMgr - ok

13:30:50.0890 2616 mraid35x - ok

13:30:50.0890 2616 MRxDAV - ok

13:30:50.0906 2616 MRxSmb - ok

13:30:50.0906 2616 MSDTC - ok

13:30:50.0921 2616 Msfs - ok

13:30:50.0921 2616 MSIServer - ok

13:30:50.0921 2616 MSKSSRV - ok

13:30:50.0937 2616 MSPCLOCK - ok

13:30:50.0937 2616 MSPQM - ok

13:30:50.0937 2616 mssmbios - ok

13:30:50.0953 2616 MSSQL$CRM - ok

13:30:50.0953 2616 MSSQLServerADHelper - ok

13:30:51.0000 2616 Mup - ok

13:30:51.0000 2616 napagent - ok

13:30:51.0015 2616 NDIS - ok

13:30:51.0015 2616 NdisTapi - ok

13:30:51.0015 2616 Ndisuio - ok

13:30:51.0031 2616 NdisWan - ok

13:30:51.0031 2616 NDProxy - ok

13:30:51.0031 2616 NetBIOS - ok

13:30:51.0046 2616 NetBT - ok

13:30:51.0046 2616 NetDDE - ok

13:30:51.0046 2616 NetDDEdsdm - ok

13:30:51.0046 2616 Netdevio - ok

13:30:51.0062 2616 Netlogon - ok

13:30:51.0062 2616 Netman - ok

13:30:51.0062 2616 NetTcpPortSharing - ok

13:30:51.0078 2616 NETw4x32 - ok

13:30:51.0078 2616 NIC1394 - ok

13:30:51.0078 2616 Nla - ok

13:30:51.0078 2616 Npfs - ok

13:30:51.0093 2616 Ntfs - ok

13:30:51.0093 2616 NtLmSsp - ok

13:30:51.0093 2616 NtmsSvc - ok

13:30:51.0093 2616 Null - ok

13:30:51.0109 2616 nv - ok

13:30:51.0109 2616 NVSvc - ok

13:30:51.0109 2616 NWCWorkstation - ok

13:30:51.0109 2616 NwlnkFlt - ok

13:30:51.0109 2616 NwlnkFwd - ok

13:30:51.0125 2616 NWRDR - ok

13:30:51.0125 2616 odserv - ok

13:30:51.0125 2616 ohci1394 - ok

13:30:51.0125 2616 ose - ok

13:30:51.0140 2616 Parport - ok

13:30:51.0140 2616 PartMgr - ok

13:30:51.0140 2616 ParVdm - ok

13:30:51.0156 2616 PCI - ok

13:30:51.0156 2616 PCIDump - ok

13:30:51.0156 2616 PCIIde - ok

13:30:51.0156 2616 Pcmcia - ok

13:30:51.0156 2616 PDCOMP - ok

13:30:51.0171 2616 PDFRAME - ok

13:30:51.0171 2616 PDRELI - ok

13:30:51.0171 2616 PDRFRAME - ok

13:30:51.0171 2616 perc2 - ok

13:30:51.0187 2616 perc2hib - ok

13:30:51.0187 2616 PersonalSecureDrive - ok

13:30:51.0187 2616 PersonalSecureDriveService - ok

13:30:51.0203 2616 PlugPlay - ok

13:30:51.0203 2616 PolicyAgent - ok

13:30:51.0203 2616 PptpMiniport - ok

13:30:51.0203 2616 ProtectedStorage - ok

13:30:51.0218 2616 PSched - ok

13:30:51.0218 2616 Ptilink - ok

13:30:51.0218 2616 ql1080 - ok

13:30:51.0218 2616 Ql10wnt - ok

13:30:51.0218 2616 ql12160 - ok

13:30:51.0234 2616 ql1240 - ok

13:30:51.0234 2616 ql1280 - ok

13:30:51.0234 2616 RasAcd - ok

13:30:51.0234 2616 RasAuto - ok

13:30:51.0250 2616 Rasl2tp - ok

13:30:51.0250 2616 RasMan - ok

13:30:51.0250 2616 RasPppoe - ok

13:30:51.0250 2616 Raspti - ok

13:30:51.0265 2616 Rdbss - ok

13:30:51.0265 2616 RDPCDD - ok

13:30:51.0265 2616 rdpdr - ok

13:30:51.0265 2616 RDPWD - ok

13:30:51.0281 2616 RDSessMgr - ok

13:30:51.0281 2616 redbook - ok

13:30:51.0281 2616 RegSrvc - ok

13:30:51.0281 2616 RemoteAccess - ok

13:30:51.0296 2616 RemoteRegistry - ok

13:30:51.0296 2616 RimUsb - ok

13:30:51.0296 2616 RimVSerPort - ok

13:30:51.0296 2616 ROOTMODEM - ok

13:30:51.0296 2616 RoxLiveShare9 - ok

13:30:51.0312 2616 RpcLocator - ok

13:30:51.0312 2616 RpcSs - ok

13:30:51.0312 2616 RSVP - ok

13:30:51.0312 2616 rtl8139 - ok

13:30:51.0328 2616 S24EventMonitor - ok

13:30:51.0328 2616 s24trans - ok

13:30:51.0328 2616 SamSs - ok

13:30:51.0328 2616 SCardSvr - ok

13:30:51.0328 2616 Schedule - ok

13:30:51.0343 2616 sdbus - ok

13:30:51.0343 2616 SeaPort - ok

13:30:51.0343 2616 Secdrv - ok

13:30:51.0343 2616 seclogon - ok

13:30:51.0359 2616 SENS - ok

13:30:51.0359 2616 serenum - ok

13:30:51.0359 2616 Serial - ok

13:30:51.0375 2616 sffdisk - ok

13:30:51.0375 2616 sffp_sd - ok

13:30:51.0390 2616 Sfloppy - ok

13:30:51.0390 2616 SharedAccess - ok

13:30:51.0390 2616 ShellHWDetection - ok

13:30:51.0390 2616 Simbad - ok

13:30:51.0390 2616 smihlp - ok

13:30:51.0406 2616 Sony SCSI Helper Service - ok

13:30:51.0406 2616 SONYPVU1 - ok

13:30:51.0406 2616 Sparrow - ok

13:30:51.0421 2616 splitter - ok

13:30:51.0421 2616 Spooler - ok

13:30:51.0421 2616 SQLBrowser - ok

13:30:51.0421 2616 SQLWriter - ok

13:30:51.0421 2616 sr - ok

13:30:51.0437 2616 srservice - ok

13:30:51.0437 2616 Srv - ok

13:30:51.0437 2616 SSDPSRV - ok

13:30:51.0437 2616 stisvc - ok

13:30:51.0453 2616 swenum - ok

13:30:51.0453 2616 swmidi - ok

13:30:51.0453 2616 SwPrv - ok

13:30:51.0453 2616 symc810 - ok

13:30:51.0468 2616 symc8xx - ok

13:30:51.0468 2616 SymEvent - ok

13:30:51.0468 2616 sym_hi - ok

13:30:51.0468 2616 sym_u3 - ok

13:30:51.0468 2616 sysaudio - ok

13:30:51.0484 2616 SysmonLog - ok

13:30:51.0484 2616 TapiSrv - ok

13:30:51.0484 2616 TBiosDrv - ok

13:30:51.0484 2616 Tcpip - ok

13:30:51.0500 2616 TcUsb - ok

13:30:51.0500 2616 tdcmdpst - ok

13:30:51.0500 2616 TDPIPE - ok

13:30:51.0500 2616 TDTCP - ok

13:30:51.0515 2616 tdudf - ok

13:30:51.0515 2616 TermDD - ok

13:30:51.0515 2616 TermService - ok

13:30:51.0515 2616 Themes - ok

13:30:51.0515 2616 Thpdrv - ok

13:30:51.0531 2616 Thpevm - ok

13:30:51.0531 2616 Thpsrv - ok

13:30:51.0531 2616 tifm21 - ok

13:30:51.0531 2616 TlntSvr - ok

13:30:51.0546 2616 TMEI3E - ok

13:30:51.0546 2616 Tmesrv - ok

13:30:51.0546 2616 TODDSrv - ok

13:30:51.0546 2616 TOSHIBA Bluetooth Service - ok

13:30:51.0562 2616 TosIde - ok

13:30:51.0562 2616 Tosrfcom - ok

13:30:51.0562 2616 tosrfec - ok

13:30:51.0562 2616 TrkWks - ok

13:30:51.0562 2616 trudf - ok

13:30:51.0578 2616 TrueSight - ok

13:30:51.0578 2616 TVALZ - ok

13:30:51.0578 2616 Udfs - ok

13:30:51.0593 2616 ultra - ok

13:30:51.0593 2616 UNS - ok

13:30:51.0593 2616 Update - ok

13:30:51.0593 2616 upnphost - ok

13:30:51.0609 2616 UPS - ok

13:30:51.0609 2616 usbccgp - ok

13:30:51.0609 2616 usbehci - ok

13:30:51.0609 2616 usbhub - ok

13:30:51.0625 2616 usbprint - ok

13:30:51.0625 2616 usbscan - ok

13:30:51.0625 2616 usbstor - ok

13:30:51.0625 2616 usbuhci - ok

13:30:51.0640 2616 VgaSave - ok

13:30:51.0640 2616 ViaIde - ok

13:30:51.0640 2616 VolSnap - ok

13:30:51.0640 2616 VSS - ok

13:30:51.0640 2616 W32Time - ok

13:30:51.0656 2616 Wanarp - ok

13:30:51.0656 2616 Wdf01000 - ok

13:30:51.0656 2616 WDICA - ok

13:30:51.0671 2616 wdmaud - ok

13:30:51.0671 2616 WebClient - ok

13:30:51.0671 2616 winmgmt - ok

13:30:51.0687 2616 WinRM - ok

13:30:51.0687 2616 WinUSB - ok

13:30:51.0687 2616 WmdmPmSN - ok

13:30:51.0703 2616 Wmi - ok

13:30:51.0703 2616 WmiApSrv - ok

13:30:51.0703 2616 WMPNetworkSvc - ok

13:30:51.0703 2616 WpdUsb - ok

13:30:51.0718 2616 WPFFontCache_v0400 - ok

13:30:51.0718 2616 WS2IFSL - ok

13:30:51.0718 2616 wscsvc - ok

13:30:51.0718 2616 WSearch - ok

13:30:51.0734 2616 wuauserv - ok

13:30:51.0734 2616 WudfPf - ok

13:30:51.0734 2616 WudfRd - ok

13:30:51.0734 2616 WudfSvc - ok

13:30:51.0750 2616 WZCSVC - ok

13:30:51.0750 2616 xmlprov - ok

13:30:51.0750 2616 zumbus - ok

13:30:51.0750 2616 ZuneBusEnum - ok

13:30:51.0750 2616 ZuneNetworkSvc - ok

13:30:51.0765 2616 ZuneWlanCfgSvc - ok

13:30:51.0765 2616 ================ Scan global ===============================

13:30:51.0765 2616 [Global] - ok

13:30:51.0765 2616 ================ Scan MBR ==================================

13:30:51.0781 2616 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0

13:30:52.0109 2616 \Device\Harddisk0\DR0 - ok

13:30:52.0109 2616 ================ Scan VBR ==================================

13:30:52.0109 2616 Boot (0x1200) (b4b5011c0cf34d8c17e25e1caed94441) \Device\Harddisk0\DR0\Partition1

13:30:52.0109 2616 \Device\Harddisk0\DR0\Partition1 - ok

13:30:52.0109 2616 ================ Scan active images ========================

13:30:52.0125 2616 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys

13:30:52.0125 2616 C:\WINDOWS\system32\drivers\videoprt.sys - ok

13:30:52.0125 2616 [ 0E583935D781BE505CC5D7E41BA10BA2 ] C:\WINDOWS\system32\drivers\nv4_mini.sys

13:30:52.0125 2616 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok

13:30:52.0125 2616 [ 71C32536B50136E9E439306A2E9296E2 ] C:\WINDOWS\system32\drivers\AW_HOST5.sys

13:30:52.0125 2616 C:\WINDOWS\system32\drivers\AW_HOST5.sys - ok

13:30:52.0125 2616 [ 66FED3EEABDCE17829EDF4C68702ED22 ] C:\WINDOWS\system32\drivers\HECI.sys

13:30:52.0125 2616 C:\WINDOWS\system32\drivers\HECI.sys - ok

13:30:52.0125 2616 [ 8942419786970ADB32B05BB7950AEE72 ] C:\WINDOWS\system32\drivers\e1e5132.sys

13:30:52.0125 2616 C:\WINDOWS\system32\drivers\e1e5132.sys - ok

13:30:52.0140 2616 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys

13:30:52.0140 2616 C:\WINDOWS\system32\drivers\usbport.sys - ok

13:30:52.0140 2616 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys

13:30:52.0140 2616 C:\WINDOWS\system32\drivers\usbuhci.sys - ok

13:30:52.0140 2616 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys

13:30:52.0140 2616 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok

13:30:52.0140 2616 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] C:\WINDOWS\system32\drivers\sdbus.sys

13:30:52.0140 2616 C:\WINDOWS\system32\drivers\sdbus.sys - ok

13:30:52.0140 2616 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] C:\WINDOWS\system32\drivers\tifm21.sys

13:30:52.0140 2616 C:\WINDOWS\system32\drivers\tifm21.sys - ok

13:30:52.0156 2616 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys

13:30:52.0156 2616 C:\WINDOWS\system32\drivers\usbehci.sys - ok

13:30:52.0156 2616 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys

13:30:52.0156 2616 C:\WINDOWS\system32\drivers\i8042prt.sys - ok

13:30:52.0156 2616 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys

13:30:52.0156 2616 C:\WINDOWS\system32\drivers\kbdclass.sys - ok

13:30:52.0156 2616 [ 3ED81E8B4709D13E5A38DB2D8E792B28 ] C:\WINDOWS\system32\drivers\Apfiltr.sys

13:30:52.0156 2616 C:\WINDOWS\system32\drivers\Apfiltr.sys - ok

13:30:52.0171 2616 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] C:\WINDOWS\system32\drivers\ifxtpm.sys

13:30:52.0171 2616 C:\WINDOWS\system32\drivers\ifxtpm.sys - ok

13:30:52.0171 2616 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys

13:30:52.0171 2616 C:\WINDOWS\system32\drivers\mouclass.sys - ok

13:30:52.0171 2616 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] C:\WINDOWS\system32\drivers\cdrom.sys

13:30:52.0171 2616 C:\WINDOWS\system32\drivers\cdrom.sys - ok

13:30:52.0171 2616 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys

13:30:52.0171 2616 C:\WINDOWS\system32\drivers\imapi.sys - ok

13:30:52.0171 2616 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys

13:30:52.0171 2616 C:\WINDOWS\system32\drivers\ks.sys - ok

13:30:52.0187 2616 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys

13:30:52.0187 2616 C:\WINDOWS\system32\drivers\serenum.sys - ok

13:30:52.0187 2616 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys

13:30:52.0187 2616 C:\WINDOWS\system32\drivers\serial.sys - ok

13:30:52.0187 2616 [ 2F8BFBDB5824C71F672779B4B8CF8B01 ] C:\WINDOWS\system32\drivers\tdcmdpst.sys

13:30:52.0187 2616 C:\WINDOWS\system32\drivers\tdcmdpst.sys - ok

13:30:52.0187 2616 [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\cmbatt.sys

13:30:52.0187 2616 C:\WINDOWS\system32\drivers\cmbatt.sys - ok

13:30:52.0187 2616 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys

13:30:52.0187 2616 C:\WINDOWS\system32\drivers\intelppm.sys - ok

13:30:52.0203 2616 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys

13:30:52.0203 2616 C:\WINDOWS\system32\drivers\redbook.sys - ok

13:30:52.0203 2616 [ 5C4103544612E5011EF46301B93D1AA6 ] C:\WINDOWS\system32\drivers\tosrfec.sys

13:30:52.0203 2616 C:\WINDOWS\system32\drivers\tosrfec.sys - ok

13:30:52.0203 2616 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys

13:30:52.0203 2616 C:\WINDOWS\system32\drivers\audstub.sys - ok

13:30:52.0203 2616 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys

13:30:52.0203 2616 C:\WINDOWS\system32\drivers\ndistapi.sys - ok

13:30:52.0203 2616 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys

13:30:52.0203 2616 C:\WINDOWS\system32\drivers\ndiswan.sys - ok

13:30:52.0218 2616 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys

13:30:52.0218 2616 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok

13:30:52.0218 2616 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys

13:30:52.0218 2616 C:\WINDOWS\system32\drivers\raspppoe.sys - ok

13:30:52.0218 2616 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys

13:30:52.0218 2616 C:\WINDOWS\system32\drivers\tdi.sys - ok

13:30:52.0218 2616 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys

13:30:52.0218 2616 C:\WINDOWS\system32\drivers\psched.sys - ok

13:30:52.0218 2616 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys

13:30:52.0218 2616 C:\WINDOWS\system32\drivers\raspptp.sys - ok

13:30:52.0234 2616 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys

13:30:52.0234 2616 C:\WINDOWS\system32\drivers\msgpc.sys - ok

13:30:52.0234 2616 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys

13:30:52.0234 2616 C:\WINDOWS\system32\drivers\ptilink.sys - ok

13:30:52.0234 2616 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys

13:30:52.0234 2616 C:\WINDOWS\system32\drivers\raspti.sys - ok

13:30:52.0234 2616 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys

13:30:52.0234 2616 C:\WINDOWS\system32\drivers\rdpdr.sys - ok

13:30:52.0250 2616 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\swenum.sys - ok

13:30:52.0250 2616 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\termdd.sys - ok

13:30:52.0250 2616 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\mssmbios.sys - ok

13:30:52.0250 2616 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\update.sys - ok

13:30:52.0250 2616 [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\wdf01000.sys - ok

13:30:52.0250 2616 [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys

13:30:52.0250 2616 C:\WINDOWS\system32\drivers\wdfldr.sys - ok

13:30:52.0265 2616 [ 6BFB54F73AAE470E9299E66CBC7BB632 ] C:\WINDOWS\system32\drivers\zumbus.sys

13:30:52.0265 2616 C:\WINDOWS\system32\drivers\zumbus.sys - ok

13:30:52.0265 2616 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys

13:30:52.0265 2616 C:\WINDOWS\system32\drivers\ndproxy.sys - ok

13:30:52.0265 2616 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys

13:30:52.0265 2616 C:\WINDOWS\system32\drivers\usbd.sys - ok

13:30:52.0265 2616 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys

13:30:52.0265 2616 C:\WINDOWS\system32\drivers\usbhub.sys - ok

13:30:52.0281 2616 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys

13:30:52.0281 2616 C:\WINDOWS\system32\drivers\drmk.sys - ok

13:30:52.0281 2616 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys

13:30:52.0281 2616 C:\WINDOWS\system32\drivers\portcls.sys - ok

13:30:52.0281 2616 [ 474D59C18652C8EF0151A9EFAE9EE619 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys

13:30:52.0281 2616 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok

13:30:52.0281 2616 [ CE91B158FA490CF4C4D487A4130F4660 ] C:\WINDOWS\system32\drivers\AGRSM.sys

13:30:52.0281 2616 C:\WINDOWS\system32\drivers\AGRSM.sys - ok

13:30:52.0296 2616 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys

13:30:52.0296 2616 C:\WINDOWS\system32\drivers\modem.sys - ok

13:30:52.0296 2616 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys

13:30:52.0296 2616 C:\WINDOWS\system32\drivers\fdc.sys - ok

13:30:52.0296 2616 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys

13:30:52.0296 2616 C:\WINDOWS\system32\drivers\flpydisk.sys - ok

13:30:52.0296 2616 [ 8CB51FE041C1A0FF93DCB2FA1CC56CCE ] C:\WINDOWS\system32\drivers\psd.sys

13:30:52.0296 2616 C:\WINDOWS\system32\drivers\psd.sys - ok

13:30:52.0312 2616 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys

13:30:52.0312 2616 C:\WINDOWS\system32\drivers\beep.sys - ok

13:30:52.0312 2616 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys

13:30:52.0312 2616 C:\WINDOWS\system32\drivers\cdaudio.sys - ok

13:30:52.0312 2616 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys

13:30:52.0312 2616 C:\WINDOWS\system32\drivers\fs_rec.sys - ok

13:30:52.0328 2616 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys

13:30:52.0328 2616 C:\WINDOWS\system32\drivers\hidparse.sys - ok

13:30:52.0328 2616 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys

13:30:52.0328 2616 C:\WINDOWS\system32\drivers\kbdhid.sys - ok

13:30:52.0328 2616 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys

13:30:52.0328 2616 C:\WINDOWS\system32\drivers\null.sys - ok

13:30:52.0328 2616 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys

13:30:52.0328 2616 C:\WINDOWS\system32\drivers\vga.sys - ok

13:30:52.0343 2616 [ 7305E36433AE7CE4A878CCC900BCF2A8 ] C:\WINDOWS\system32\drivers\awechomd.sys

13:30:52.0343 2616 C:\WINDOWS\system32\drivers\awechomd.sys - ok

13:30:52.0343 2616 [ 1464F3DAF223E7A204BAF1B556EE7769 ] C:\WINDOWS\system32\drivers\AWLEGACY.sys

13:30:52.0343 2616 C:\WINDOWS\system32\drivers\AWLEGACY.sys - ok

13:30:52.0343 2616 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys

13:30:52.0343 2616 C:\WINDOWS\system32\drivers\mnmdd.sys - ok

13:30:52.0359 2616 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys

13:30:52.0359 2616 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok

13:30:52.0359 2616 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys

13:30:52.0359 2616 C:\WINDOWS\system32\drivers\msfs.sys - ok

13:30:52.0375 2616 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys

13:30:52.0375 2616 C:\WINDOWS\system32\drivers\ipsec.sys - ok

13:30:52.0375 2616 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys

13:30:52.0375 2616 C:\WINDOWS\system32\drivers\npfs.sys - ok

13:30:52.0375 2616 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys

13:30:52.0375 2616 C:\WINDOWS\system32\drivers\rasacd.sys - ok

13:30:52.0375 2616 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys

13:30:52.0375 2616 C:\WINDOWS\system32\drivers\tcpip.sys - ok

13:30:52.0390 2616 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys

13:30:52.0390 2616 C:\WINDOWS\system32\drivers\ipnat.sys - ok

13:30:52.0390 2616 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys

13:30:52.0390 2616 C:\WINDOWS\system32\drivers\netbt.sys - ok

13:30:52.0390 2616 [ 38D7B715504DA4741DF35E3594FE2099 ] C:\WINDOWS\system32\drivers\afd.sys

13:30:52.0390 2616 C:\WINDOWS\system32\drivers\afd.sys - ok

13:30:52.0406 2616 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys

13:30:52.0406 2616 C:\WINDOWS\system32\drivers\netbios.sys - ok

13:30:52.0406 2616 [ 684BFB1E9ABB05D3F48C53F3CD16A3E6 ] C:\WINDOWS\system32\drivers\TMEI3E.sys

13:30:52.0406 2616 C:\WINDOWS\system32\drivers\TMEI3E.sys - ok

13:30:52.0406 2616 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys

13:30:52.0406 2616 C:\WINDOWS\system32\drivers\wanarp.sys - ok

13:30:52.0421 2616 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys

13:30:52.0421 2616 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok

13:30:52.0421 2616 [ 0EA4D8ED179B75F8AFA7998BA22285CA ] C:\WINDOWS\system32\drivers\mrxsmb.sys

13:30:52.0421 2616 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok

13:30:52.0421 2616 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys

13:30:52.0421 2616 C:\WINDOWS\system32\drivers\rdbss.sys - ok

13:30:52.0421 2616 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys

13:30:52.0421 2616 C:\WINDOWS\system32\drivers\fips.sys - ok

13:30:52.0437 2616 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll

13:30:52.0437 2616 C:\WINDOWS\system32\ntdll.dll - ok

13:30:52.0437 2616 [ 5F816C1F539266D2D4C78694239DA0B5 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\smss.exe

13:30:52.0437 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\smss.exe - ok

13:30:52.0437 2616 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\autochk.exe

13:30:52.0437 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\autochk.exe - ok

13:30:52.0437 2616 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys

13:30:52.0437 2616 C:\WINDOWS\system32\drivers\fastfat.sys - ok

13:30:52.0453 2616 [ FC6FE02F400308606A911640E72326B5 ] C:\WINDOWS\system32\drivers\tcusb.sys

13:30:52.0453 2616 C:\WINDOWS\system32\drivers\tcusb.sys - ok

13:30:52.0453 2616 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll

13:30:52.0453 2616 C:\WINDOWS\system32\sfcfiles.dll - ok

13:30:52.0453 2616 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys

13:30:52.0453 2616 C:\WINDOWS\system32\drivers\hidclass.sys - ok

13:30:52.0453 2616 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys

13:30:52.0453 2616 C:\WINDOWS\system32\drivers\hidusb.sys - ok

13:30:52.0453 2616 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys

13:30:52.0453 2616 C:\WINDOWS\system32\drivers\mouhid.sys - ok

13:30:52.0468 2616 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys

13:30:52.0468 2616 C:\WINDOWS\system32\drivers\cdfs.sys - ok

13:30:52.0468 2616 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] C:\WINDOWS\system32\drivers\iaStor.sys

13:30:52.0468 2616 C:\WINDOWS\system32\drivers\iaStor.sys - ok

13:30:52.0468 2616 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys

13:30:52.0468 2616 C:\WINDOWS\system32\drivers\dxapi.sys - ok

13:30:52.0468 2616 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys

13:30:52.0468 2616 C:\WINDOWS\system32\watchdog.sys - ok

13:30:52.0468 2616 [ 4F97E6BAAA847EA90EBBCD90A3FFA8E5 ] C:\WINDOWS\system32\win32k.sys

13:30:52.0468 2616 C:\WINDOWS\system32\win32k.sys - ok

13:30:52.0484 2616 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

13:30:52.0484 2616 C:\WINDOWS\system32\basesrv.dll - ok

13:30:52.0484 2616 [ 6100D350770A5595FBF4C96F3510BADC ] C:\WINDOWS\system32\csrsrv.dll

13:30:52.0484 2616 C:\WINDOWS\system32\csrsrv.dll - ok

13:30:52.0484 2616 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll

13:30:52.0484 2616 C:\WINDOWS\system32\winsrv.dll - ok

13:30:52.0484 2616 [ 44F275C64738EA2056E3D9580C23B60F ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\csrss.exe

13:30:52.0484 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\csrss.exe - ok

13:30:52.0484 2616 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll

13:30:52.0484 2616 C:\WINDOWS\system32\gdi32.dll - ok

13:30:52.0500 2616 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll

13:30:52.0500 2616 C:\WINDOWS\system32\kernel32.dll - ok

13:30:52.0500 2616 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll

13:30:52.0500 2616 C:\WINDOWS\system32\user32.dll - ok

13:30:52.0500 2616 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys

13:30:52.0500 2616 C:\WINDOWS\system32\drivers\dxg.sys - ok

13:30:52.0500 2616 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys

13:30:52.0500 2616 C:\WINDOWS\system32\drivers\dxgthk.sys - ok

13:30:52.0500 2616 [ B71C1D138FA43AA688650AC1DF0A883B ] C:\WINDOWS\system32\nv4_disp.dll

13:30:52.0500 2616 C:\WINDOWS\system32\nv4_disp.dll - ok

13:30:52.0515 2616 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll

13:30:52.0515 2616 C:\WINDOWS\system32\vga.dll - ok

13:30:52.0515 2616 [ ED0EF0A136DEC83DF69F04118870003E ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\winlogon.exe

13:30:52.0515 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\winlogon.exe - ok

13:30:52.0515 2616 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll

13:30:52.0515 2616 C:\WINDOWS\system32\advapi32.dll - ok

13:30:52.0515 2616 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll

13:30:52.0515 2616 C:\WINDOWS\system32\rpcrt4.dll - ok

13:30:52.0515 2616 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll

13:30:52.0515 2616 C:\WINDOWS\system32\secur32.dll - ok

13:30:52.0531 2616 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll

13:30:52.0531 2616 C:\WINDOWS\system32\authz.dll - ok

13:30:52.0531 2616 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll

13:30:52.0531 2616 C:\WINDOWS\system32\msvcrt.dll - ok

13:30:52.0531 2616 [ BDAAF79DD63F194434D31A74B9BB8B77 ] C:\WINDOWS\system32\crypt32.dll

13:30:52.0531 2616 C:\WINDOWS\system32\crypt32.dll - ok

13:30:52.0531 2616 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll

13:30:52.0531 2616 C:\WINDOWS\system32\msasn1.dll - ok

13:30:52.0531 2616 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll

13:30:52.0531 2616 C:\WINDOWS\system32\nddeapi.dll - ok

13:30:52.0546 2616 [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll

13:30:52.0546 2616 C:\WINDOWS\system32\netapi32.dll - ok

13:30:52.0546 2616 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll

13:30:52.0546 2616 C:\WINDOWS\system32\profmap.dll - ok

13:30:52.0546 2616 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll

13:30:52.0546 2616 C:\WINDOWS\system32\userenv.dll - ok

13:30:52.0546 2616 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll

13:30:52.0546 2616 C:\WINDOWS\system32\psapi.dll - ok

13:30:52.0562 2616 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll

13:30:52.0562 2616 C:\WINDOWS\system32\regapi.dll - ok

13:30:52.0562 2616 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll

13:30:52.0562 2616 C:\WINDOWS\system32\setupapi.dll - ok

13:30:52.0562 2616 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll

13:30:52.0562 2616 C:\WINDOWS\system32\version.dll - ok

13:30:52.0562 2616 [ CA648BD638245EB83F971FF71B031BEC ] C:\WINDOWS\system32\imagehlp.dll

13:30:52.0562 2616 C:\WINDOWS\system32\imagehlp.dll - ok

13:30:52.0562 2616 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll

13:30:52.0562 2616 C:\WINDOWS\system32\winsta.dll - ok

13:30:52.0578 2616 [ AEADC4FE32D6D60F36D9B9ACE5C642A2 ] C:\WINDOWS\system32\wintrust.dll

13:30:52.0578 2616 C:\WINDOWS\system32\wintrust.dll - ok

13:30:52.0578 2616 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll

13:30:52.0578 2616 C:\WINDOWS\system32\imm32.dll - ok

13:30:52.0578 2616 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll

13:30:52.0578 2616 C:\WINDOWS\system32\ws2help.dll - ok

13:30:52.0578 2616 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll

13:30:52.0578 2616 C:\WINDOWS\system32\ws2_32.dll - ok

13:30:52.0578 2616 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll

13:30:52.0578 2616 C:\WINDOWS\system32\kbdus.dll - ok

13:30:52.0593 2616 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll

13:30:52.0593 2616 C:\WINDOWS\system32\msgina.dll - ok

13:30:52.0593 2616 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll

13:30:52.0593 2616 C:\WINDOWS\system32\comctl32.dll - ok

13:30:52.0593 2616 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll

13:30:52.0593 2616 C:\WINDOWS\system32\odbc32.dll - ok

13:30:52.0593 2616 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll

13:30:52.0593 2616 C:\WINDOWS\system32\comdlg32.dll - ok

13:30:52.0593 2616 [ E86423AA9AA8C382AF02B94A058DC2AA ] C:\WINDOWS\system32\shell32.dll

13:30:52.0593 2616 C:\WINDOWS\system32\shell32.dll - ok

13:30:52.0609 2616 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll

13:30:52.0609 2616 C:\WINDOWS\system32\shlwapi.dll - ok

13:30:52.0609 2616 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll

13:30:52.0609 2616 C:\WINDOWS\system32\sxs.dll - ok

13:30:52.0609 2616 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

13:30:52.0609 2616 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

13:30:52.0609 2616 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll

13:30:52.0609 2616 C:\WINDOWS\system32\odbcint.dll - ok

13:30:52.0609 2616 [ 7A6A7900B5E322763430BA6FD9A31224 ] C:\WINDOWS\system32\ole32.dll

13:30:52.0609 2616 C:\WINDOWS\system32\ole32.dll - ok

13:30:52.0625 2616 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll

13:30:52.0625 2616 C:\WINDOWS\system32\sfc.dll - ok

13:30:52.0625 2616 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll

13:30:52.0625 2616 C:\WINDOWS\system32\sfc_os.dll - ok

13:30:52.0625 2616 [ 1926899BF9FFE2602B63074971700412 ] C:\WINDOWS\system32\shsvcs.dll

13:30:52.0625 2616 C:\WINDOWS\system32\shsvcs.dll - ok

13:30:52.0625 2616 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll

13:30:52.0625 2616 C:\WINDOWS\system32\apphelp.dll - ok

13:30:52.0625 2616 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll

13:30:52.0625 2616 C:\WINDOWS\system32\lsasrv.dll - ok

13:30:52.0640 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\lsass.exe

13:30:52.0640 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\lsass.exe - ok

13:30:52.0640 2616 [ 65DF52F5B8B6E9BBD183505225C37315 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\services.exe

13:30:52.0640 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\services.exe - ok

13:30:52.0640 2616 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll

13:30:52.0640 2616 C:\WINDOWS\system32\msvcp60.dll - ok

13:30:52.0640 2616 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll

13:30:52.0640 2616 C:\WINDOWS\system32\ncobjapi.dll - ok

13:30:52.0640 2616 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll

13:30:52.0640 2616 C:\WINDOWS\system32\scesrv.dll - ok

13:30:52.0656 2616 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll

13:30:52.0656 2616 C:\WINDOWS\system32\mpr.dll - ok

13:30:52.0656 2616 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll

13:30:52.0656 2616 C:\WINDOWS\system32\ntdsapi.dll - ok

13:30:52.0656 2616 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll

13:30:52.0656 2616 C:\WINDOWS\system32\umpnpmgr.dll - ok

13:30:52.0656 2616 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll

13:30:52.0656 2616 C:\WINDOWS\AppPatch\acadproc.dll - ok

13:30:52.0671 2616 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll

13:30:52.0671 2616 C:\WINDOWS\system32\dnsapi.dll - ok

13:30:52.0671 2616 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll

13:30:52.0671 2616 C:\WINDOWS\system32\shimeng.dll - ok

13:30:52.0671 2616 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll

13:30:52.0671 2616 C:\WINDOWS\system32\wldap32.dll - ok

13:30:52.0671 2616 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll

13:30:52.0671 2616 C:\WINDOWS\system32\samlib.dll - ok

13:30:52.0671 2616 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll

13:30:52.0671 2616 C:\WINDOWS\system32\samsrv.dll - ok

13:30:52.0687 2616 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll

13:30:52.0687 2616 C:\WINDOWS\AppPatch\acgenral.dll - ok

13:30:52.0687 2616 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll

13:30:52.0687 2616 C:\WINDOWS\system32\cryptdll.dll - ok

13:30:52.0687 2616 [ 387006CF9983000BAB76DD250D424045 ] C:\WINDOWS\system32\oleaut32.dll

13:30:52.0687 2616 C:\WINDOWS\system32\oleaut32.dll - ok

13:30:52.0687 2616 [ F1300D0B4C40754A01DF16F350F0EF60 ] C:\WINDOWS\system32\winmm.dll

13:30:52.0687 2616 C:\WINDOWS\system32\winmm.dll - ok

13:30:52.0687 2616 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll

13:30:52.0687 2616 C:\WINDOWS\system32\msacm32.dll - ok

13:30:52.0703 2616 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll

13:30:52.0703 2616 C:\WINDOWS\system32\uxtheme.dll - ok

13:30:52.0703 2616 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll

13:30:52.0703 2616 C:\WINDOWS\system32\msapsspc.dll - ok

13:30:52.0703 2616 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll

13:30:52.0703 2616 C:\WINDOWS\system32\msvcrt40.dll - ok

13:30:52.0703 2616 [ 30ACE70B3C0242F0D1AC3B4FA708710F ] C:\WINDOWS\system32\schannel.dll

13:30:52.0703 2616 C:\WINDOWS\system32\schannel.dll - ok

13:30:52.0703 2616 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll

13:30:52.0703 2616 C:\WINDOWS\system32\digest.dll - ok

13:30:52.0718 2616 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll

13:30:52.0718 2616 C:\WINDOWS\system32\msnsspc.dll - ok

13:30:52.0718 2616 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll

13:30:52.0718 2616 C:\WINDOWS\system32\kerberos.dll - ok

13:30:52.0718 2616 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime

13:30:52.0718 2616 C:\WINDOWS\system32\msctfime.ime - ok

13:30:52.0718 2616 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll

13:30:52.0718 2616 C:\WINDOWS\system32\msprivs.dll - ok

13:30:52.0734 2616 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll

13:30:52.0734 2616 C:\WINDOWS\system32\msv1_0.dll - ok

13:30:52.0734 2616 [ 85BD2E8BFB5D094CBD55B1D9D873447B ] C:\WINDOWS\system32\vrlogon.dll

13:30:52.0734 2616 C:\WINDOWS\system32\vrlogon.dll - ok

13:30:52.0734 2616 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll

13:30:52.0734 2616 C:\WINDOWS\system32\iphlpapi.dll - ok

13:30:52.0734 2616 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll

13:30:52.0734 2616 C:\WINDOWS\system32\netlogon.dll - ok

13:30:52.0734 2616 [ 33D9B7BB7BA323BAFE489DF033DAC824 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll

13:30:52.0734 2616 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll - ok

13:30:52.0750 2616 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll

13:30:52.0750 2616 C:\WINDOWS\system32\w32time.dll - ok

13:30:52.0750 2616 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll

13:30:52.0750 2616 C:\WINDOWS\system32\atmfd.dll - ok

13:30:52.0750 2616 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll

13:30:52.0750 2616 C:\WINDOWS\system32\rsaenh.dll - ok

13:30:52.0750 2616 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll

13:30:52.0750 2616 C:\WINDOWS\system32\wdigest.dll - ok

13:30:52.0750 2616 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll

13:30:52.0750 2616 C:\WINDOWS\system32\msvcr71.dll - ok

13:30:52.0765 2616 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll

13:30:52.0765 2616 C:\WINDOWS\system32\winscard.dll - ok

13:30:52.0765 2616 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll

13:30:52.0765 2616 C:\WINDOWS\system32\wtsapi32.dll - ok

13:30:52.0765 2616 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll

13:30:52.0765 2616 C:\WINDOWS\system32\scecli.dll - ok

13:30:52.0765 2616 [ BE4840AF6439DAEA859AD1BF68A340C7 ] C:\Program Files\Protector Suite QL\infra.dll

13:30:52.0765 2616 C:\Program Files\Protector Suite QL\infra.dll - ok

13:30:52.0765 2616 [ B484246BAC533B1BB08E36000E6D267E ] C:\WINDOWS\system32\psqlpwd.dll

13:30:52.0765 2616 C:\WINDOWS\system32\psqlpwd.dll - ok

13:30:52.0781 2616 [ 3314F3134AC59771A133A0CD3D343FFF ] C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys

13:30:52.0781 2616 C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys - ok

13:30:52.0781 2616 [ 7B33F094A7A42A0225C344F5B25B1B05 ] C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys

13:30:52.0781 2616 C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys - ok

13:30:52.0781 2616 [ 94EEDE27FD7D46707BE49127922695A7 ] C:\Program Files\Protector Suite QL\smihlp.sys

13:30:52.0781 2616 C:\Program Files\Protector Suite QL\smihlp.sys - ok

13:30:52.0781 2616 [ F56A9327C58FF985616C5E197472932C ] C:\WINDOWS\system32\drivers\tdudf.sys

13:30:52.0781 2616 C:\WINDOWS\system32\drivers\tdudf.sys - ok

13:30:52.0781 2616 [ 8E4EE0A26AC67426E20923E0E98823DF ] C:\Program Files\Protector Suite QL\homefus2.dll

13:30:52.0781 2616 C:\Program Files\Protector Suite QL\homefus2.dll - ok

13:30:52.0796 2616 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] C:\WINDOWS\system32\drivers\udfs.sys

13:30:52.0796 2616 C:\WINDOWS\system32\drivers\udfs.sys - ok

13:30:52.0796 2616 [ 3F9BA8878AA26D0831116733F9BC53FF ] C:\WINDOWS\system32\drivers\trudf.sys

13:30:52.0796 2616 C:\WINDOWS\system32\drivers\trudf.sys - ok

13:30:52.0796 2616 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\svchost.exe

13:30:52.0796 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\svchost.exe - ok

13:30:52.0796 2616 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll

13:30:52.0796 2616 C:\WINDOWS\system32\ntmarta.dll - ok

13:30:52.0796 2616 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll

13:30:52.0796 2616 C:\WINDOWS\system32\rpcss.dll - ok

13:30:52.0812 2616 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll

13:30:52.0812 2616 C:\WINDOWS\system32\xpsp2res.dll - ok

13:30:52.0812 2616 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll

13:30:52.0812 2616 C:\WINDOWS\system32\eventlog.dll - ok

13:30:52.0812 2616 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll

13:30:52.0812 2616 C:\WINDOWS\system32\mswsock.dll - ok

13:30:52.0812 2616 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll

13:30:52.0812 2616 C:\WINDOWS\system32\hnetcfg.dll - ok

13:30:52.0828 2616 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll

13:30:52.0828 2616 C:\WINDOWS\system32\wshtcpip.dll - ok

13:30:52.0828 2616 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll

13:30:52.0828 2616 C:\WINDOWS\system32\rasadhlp.dll - ok

13:30:52.0828 2616 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll

13:30:52.0828 2616 C:\WINDOWS\system32\winrnr.dll - ok

13:30:52.0828 2616 [ 708E6997420592E033CF01B60E6E4223 ] C:\WINDOWS\system32\WudfPlatform.dll

13:30:52.0828 2616 C:\WINDOWS\system32\WudfPlatform.dll - ok

13:30:52.0828 2616 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] C:\WINDOWS\system32\WudfSvc.dll

13:30:52.0828 2616 C:\WINDOWS\system32\WudfSvc.dll - ok

13:30:52.0843 2616 [ 375EB0B97E3950ADEF3633C27A82438B ] C:\WINDOWS\system32\drivers\AegisP.sys

13:30:52.0843 2616 C:\WINDOWS\system32\drivers\AegisP.sys - ok

13:30:52.0843 2616 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4 ] C:\WINDOWS\system32\drivers\s24trans.sys

13:30:52.0843 2616 C:\WINDOWS\system32\drivers\s24trans.sys - ok

13:30:52.0843 2616 [ 131D50F081D2E29EBD1365B21F6B9736 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\S24EvMon.exe

13:30:52.0843 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\S24EvMon.exe - ok

13:30:52.0843 2616 [ 11ADD8816D61A6025844EB5123EC92D3 ] C:\Program Files\Intel\Wireless\Bin\Libeay32.dll

13:30:52.0843 2616 C:\Program Files\Intel\Wireless\Bin\Libeay32.dll - ok

13:30:52.0843 2616 [ 03D99216594CA1061CC3E197EF7BEAC7 ] C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll

13:30:52.0843 2616 C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll - ok

13:30:52.0859 2616 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll

13:30:52.0859 2616 C:\WINDOWS\system32\wsock32.dll - ok

13:30:52.0859 2616 [ 9FD027A1F15521052F648A0DD282B298 ] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll

13:30:52.0859 2616 C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll - ok

13:30:52.0859 2616 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv

13:30:52.0859 2616 C:\WINDOWS\system32\winspool.drv - ok

13:30:52.0859 2616 [ BBF5780BEB99A84DE110DCF51C047420 ] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll

13:30:52.0859 2616 C:\Program Files\Intel\Wireless\Bin\IntStngs.dll - ok

13:30:52.0859 2616 [ B47AEE3FE8D6036B1F7B04C2417D639C ] C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll

13:30:52.0859 2616 C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll - ok

13:30:52.0875 2616 [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll

13:30:52.0875 2616 C:\WINDOWS\system32\oleacc.dll - ok

13:30:52.0875 2616 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll

13:30:52.0875 2616 C:\WINDOWS\system32\clbcatq.dll - ok

13:30:52.0875 2616 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll

13:30:52.0875 2616 C:\WINDOWS\system32\comres.dll - ok

13:30:52.0875 2616 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll

13:30:52.0875 2616 C:\WINDOWS\system32\netcfgx.dll - ok

13:30:52.0890 2616 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll

13:30:52.0890 2616 C:\WINDOWS\system32\clusapi.dll - ok

13:30:52.0890 2616 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys

13:30:52.0890 2616 C:\WINDOWS\system32\drivers\ndisuio.sys - ok

13:30:52.0890 2616 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] C:\WINDOWS\system32\drivers\Netdevio.sys

13:30:52.0890 2616 C:\WINDOWS\system32\drivers\Netdevio.sys - ok

13:30:52.0890 2616 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll

13:30:52.0890 2616 C:\WINDOWS\system32\dhcpcsvc.dll - ok

13:30:52.0890 2616 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll

13:30:52.0890 2616 C:\WINDOWS\system32\dnsrslvr.dll - ok

13:30:52.0906 2616 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll

13:30:52.0906 2616 C:\WINDOWS\system32\cscdll.dll - ok

13:30:52.0906 2616 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll

13:30:52.0906 2616 C:\WINDOWS\system32\dimsntfy.dll - ok

13:30:52.0906 2616 [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1 ] C:\WINDOWS\system32\msvcr70.dll

13:30:52.0906 2616 C:\WINDOWS\system32\msvcr70.dll - ok

13:30:52.0906 2616 [ 81DF52620010BD1689FE353EF8075AB7 ] C:\WINDOWS\system32\PCANotify.dll

13:30:52.0906 2616 C:\WINDOWS\system32\PCANotify.dll - ok

13:30:52.0906 2616 [ 26687D8E9FEED2EBAB77670C72007B48 ] C:\Program Files\Common Files\System\ado\msado15.dll

13:30:52.0906 2616 C:\Program Files\Common Files\System\ado\msado15.dll - ok

13:30:52.0921 2616 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll

13:30:52.0921 2616 C:\WINDOWS\system32\msdart.dll - ok

13:30:52.0921 2616 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll

13:30:52.0921 2616 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok

13:30:52.0921 2616 [ 8079C366F987682E705D81FAD42B6E65 ] C:\WINDOWS\system32\biologon.dll

13:30:52.0921 2616 C:\WINDOWS\system32\biologon.dll - ok

13:30:52.0921 2616 [ FB135F4A8D3FC3C144F2BA21FDEB964B ] C:\Program Files\Protector Suite QL\homepass.dll

13:30:52.0921 2616 C:\Program Files\Protector Suite QL\homepass.dll - ok

13:30:52.0937 2616 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll

13:30:52.0937 2616 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok

13:30:52.0937 2616 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll

13:30:52.0937 2616 C:\WINDOWS\system32\lmhsvc.dll - ok

13:30:52.0937 2616 [ 1ED4C96EC76C3DDFCABD7644DA23F4B6 ] C:\Program Files\Common Files\System\Ole DB\msdasql.dll

13:30:52.0937 2616 C:\Program Files\Common Files\System\Ole DB\msdasql.dll - ok

13:30:52.0937 2616 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll

13:30:52.0937 2616 C:\WINDOWS\system32\wzcsvc.dll - ok

13:30:52.0937 2616 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll

13:30:52.0937 2616 C:\WINDOWS\system32\rtutils.dll - ok

13:30:52.0953 2616 [ 73BAFFA0B02320690CDC606241078CE4 ] C:\Program Files\Common Files\System\Ole DB\msdatl3.dll

13:30:52.0953 2616 C:\Program Files\Common Files\System\Ole DB\msdatl3.dll - ok

13:30:52.0953 2616 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll

13:30:52.0953 2616 C:\WINDOWS\system32\wmi.dll - ok

13:30:52.0953 2616 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll

13:30:52.0953 2616 C:\WINDOWS\system32\eapolqec.dll - ok

13:30:52.0953 2616 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll

13:30:52.0953 2616 C:\WINDOWS\system32\atl.dll - ok

13:30:52.0953 2616 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll

13:30:52.0953 2616 C:\WINDOWS\system32\qutil.dll - ok

13:30:52.0968 2616 [ 8985FCECE06A74017E23DDD093E34D4E ] C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll

13:30:52.0968 2616 C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll - ok

13:30:52.0968 2616 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll

13:30:52.0968 2616 C:\WINDOWS\system32\comsvcs.dll - ok

13:30:52.0968 2616 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll

13:30:52.0968 2616 C:\WINDOWS\system32\dot3api.dll - ok

13:30:52.0968 2616 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll

13:30:52.0968 2616 C:\WINDOWS\system32\esent.dll - ok

13:30:52.0968 2616 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll

13:30:52.0968 2616 C:\WINDOWS\system32\colbact.dll - ok

13:30:52.0984 2616 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll

13:30:52.0984 2616 C:\WINDOWS\system32\mtxclu.dll - ok

13:30:52.0984 2616 [ E508525A23991CEBBAD04997692A6AB1 ] C:\Program Files\Protector Suite QL\bio.dll

13:30:52.0984 2616 C:\Program Files\Protector Suite QL\bio.dll - ok

13:30:52.0984 2616 [ 1B05DCC75FBB903A17E3E0DDAEA8D508 ] C:\WINDOWS\system32\odbcjt32.dll

13:30:52.0984 2616 C:\WINDOWS\system32\odbcjt32.dll - ok

13:30:52.0984 2616 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll

13:30:52.0984 2616 C:\WINDOWS\system32\resutils.dll - ok

13:30:52.0984 2616 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll

13:30:52.0984 2616 C:\WINDOWS\system32\msjet40.dll - ok

13:30:53.0000 2616 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll

13:30:53.0000 2616 C:\WINDOWS\system32\mswstr10.dll - ok

13:30:53.0000 2616 [ 038C7CE2A98EBEDEC4C35711CF61B6C6 ] C:\Program Files\Protector Suite QL\remote.dll

13:30:53.0000 2616 C:\Program Files\Protector Suite QL\remote.dll - ok

13:30:53.0000 2616 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll

13:30:53.0000 2616 C:\WINDOWS\system32\wlnotify.dll - ok

13:30:53.0000 2616 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll

13:30:53.0000 2616 C:\WINDOWS\system32\rastls.dll - ok

13:30:53.0000 2616 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll

13:30:53.0000 2616 C:\WINDOWS\system32\cryptui.dll - ok

13:30:53.0015 2616 [ 5CE275CDC5FFB77B1EC29DBDFE4B6689 ] C:\WINDOWS\system32\odbcji32.dll

13:30:53.0015 2616 C:\WINDOWS\system32\odbcji32.dll - ok

13:30:53.0015 2616 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll

13:30:53.0015 2616 C:\WINDOWS\system32\WgaLogon.dll - ok

13:30:53.0015 2616 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll

13:30:53.0015 2616 C:\WINDOWS\system32\msjint40.dll - ok

13:30:53.0015 2616 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll

13:30:53.0015 2616 C:\WINDOWS\system32\msjter40.dll - ok

13:30:53.0015 2616 [ 0AD792A78419867BF5D750853D80FA11 ] C:\WINDOWS\system32\msxml3.dll

13:30:53.0015 2616 C:\WINDOWS\system32\msxml3.dll - ok

13:30:53.0031 2616 [ 2C288AA87E4723AC9FF4D76A192EC3F8 ] C:\WINDOWS\system32\odbccp32.dll

13:30:53.0031 2616 C:\WINDOWS\system32\odbccp32.dll - ok

13:30:53.0031 2616 [ 306A2B05EA9846278113964DC6E2C940 ] C:\WINDOWS\system32\wininet.dll

13:30:53.0031 2616 C:\WINDOWS\system32\wininet.dll - ok

13:30:53.0031 2616 [ 142CEDECAE89E372EE347681C3FBB257 ] C:\Program Files\Common Files\System\msadc\msadce.dll

13:30:53.0031 2616 C:\Program Files\Common Files\System\msadc\msadce.dll - ok

13:30:53.0031 2616 [ 81E9041DAC0983AACE5C8920AF73D64E ] C:\Program Files\Common Files\System\msadc\msadcer.dll

13:30:53.0031 2616 C:\Program Files\Common Files\System\msadc\msadcer.dll - ok

13:30:53.0046 2616 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll

13:30:53.0046 2616 C:\WINDOWS\system32\normaliz.dll - ok

13:30:53.0046 2616 [ 30EE694430B9BD030858CCA88AF1875F ] C:\WINDOWS\system32\urlmon.dll

13:30:53.0046 2616 C:\WINDOWS\system32\urlmon.dll - ok

13:30:53.0046 2616 [ B8A72ABACA96B56FBE83AC2801586E50 ] C:\WINDOWS\system32\iertutil.dll

13:30:53.0046 2616 C:\WINDOWS\system32\iertutil.dll - ok

13:30:53.0046 2616 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll

13:30:53.0046 2616 C:\WINDOWS\system32\activeds.dll - ok

13:30:53.0046 2616 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll

13:30:53.0046 2616 C:\WINDOWS\system32\mprapi.dll - ok

13:30:53.0062 2616 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll

13:30:53.0062 2616 C:\WINDOWS\system32\adsldpc.dll - ok

13:30:53.0062 2616 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll

13:30:53.0062 2616 C:\WINDOWS\system32\rasapi32.dll - ok

13:30:53.0062 2616 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll

13:30:53.0062 2616 C:\WINDOWS\system32\rasman.dll - ok

13:30:53.0062 2616 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll

13:30:53.0062 2616 C:\WINDOWS\system32\tapi32.dll - ok

13:30:53.0062 2616 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll

13:30:53.0062 2616 C:\WINDOWS\system32\riched20.dll - ok

13:30:53.0078 2616 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll

13:30:53.0078 2616 C:\WINDOWS\system32\raschap.dll - ok

13:30:53.0078 2616 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll

13:30:53.0078 2616 C:\WINDOWS\system32\schedsvc.dll - ok

13:30:53.0078 2616 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll

13:30:53.0078 2616 C:\WINDOWS\system32\msidle.dll - ok

13:30:53.0078 2616 [ 60784F891563FB1B767F70117FC2428F ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\spoolsv.exe

13:30:53.0078 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\spoolsv.exe - ok

13:30:53.0078 2616 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll

13:30:53.0078 2616 C:\WINDOWS\system32\msvcp71.dll - ok

13:30:53.0093 2616 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll

13:30:53.0093 2616 C:\WINDOWS\system32\audiosrv.dll - ok

13:30:53.0093 2616 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll

13:30:53.0093 2616 C:\WINDOWS\system32\wkssvc.dll - ok

13:30:53.0093 2616 [ 06E587F41466569F32BEAAC7260E8AEC ] C:\WINDOWS\system32\nwprovau.dll

13:30:53.0093 2616 C:\WINDOWS\system32\nwprovau.dll - ok

13:30:53.0093 2616 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] C:\WINDOWS\system32\nwwks.dll

13:30:53.0093 2616 C:\WINDOWS\system32\nwwks.dll - ok

13:30:53.0093 2616 [ 36B9B950E3D2E100970A48D8BAD86740 ] C:\WINDOWS\system32\drivers\nwrdr.sys

13:30:53.0093 2616 C:\WINDOWS\system32\drivers\nwrdr.sys - ok

13:30:53.0109 2616 [ E77A74BF45361E04C1AB0E9E50C5F855 ] C:\WINDOWS\system32\nwapi32.dll

13:30:53.0109 2616 C:\WINDOWS\system32\nwapi32.dll - ok

13:30:53.0109 2616 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys

13:30:53.0109 2616 C:\WINDOWS\system32\drivers\mrxdav.sys - ok

13:30:53.0109 2616 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll

13:30:53.0109 2616 C:\WINDOWS\system32\webclnt.dll - ok

13:30:53.0109 2616 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys

13:30:53.0109 2616 C:\WINDOWS\system32\drivers\parport.sys - ok

13:30:53.0125 2616 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\agrsmsvc.exe

13:30:53.0125 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\agrsmsvc.exe - ok

13:30:53.0125 2616 [ EADDB2FE28A9D080ECD26C0FECF04EA2 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\atchksrv.exe

13:30:53.0125 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\atchksrv.exe - ok

13:30:53.0125 2616 [ 3CB0CC8879956C187E87E18634EE5164 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

13:30:53.0125 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - ok

13:30:53.0125 2616 [ 3B6C054AB0CB4EA03B184DC39E0EC28C ] C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll

13:30:53.0125 2616 C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll - ok

13:30:53.0125 2616 [ A2D80DC9F7ED1A244500B153CBFCA9E6 ] C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll

13:30:53.0125 2616 C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll - ok

13:30:53.0140 2616 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll

13:30:53.0140 2616 C:\WINDOWS\system32\rasdlg.dll - ok

13:30:53.0140 2616 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll

13:30:53.0140 2616 C:\WINDOWS\system32\mfc42.dll - ok

13:30:53.0140 2616 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll

13:30:53.0140 2616 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok

13:30:53.0140 2616 [ C5A75EB48E2344ABDC162BDA79E16841 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:30:53.0140 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

13:30:53.0140 2616 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll

13:30:53.0140 2616 C:\WINDOWS\system32\mscoree.dll - ok

13:30:53.0156 2616 [ 3B896938042E28113AAC45B5A90DF9A5 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe

13:30:53.0156 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft Dynamics CRM\Client\bin\CrmSqlStartupSvc.exe - ok

13:30:53.0156 2616 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll

13:30:53.0156 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok

13:30:53.0156 2616 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll

13:30:53.0156 2616 C:\WINDOWS\system32\cryptsvc.dll - ok

13:30:53.0156 2616 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll

13:30:53.0156 2616 C:\WINDOWS\system32\certcli.dll - ok

13:30:53.0156 2616 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll

13:30:53.0156 2616 C:\WINDOWS\system32\dmserver.dll - ok

13:30:53.0171 2616 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll

13:30:53.0171 2616 C:\WINDOWS\system32\ersvc.dll - ok

13:30:53.0171 2616 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll

13:30:53.0171 2616 C:\WINDOWS\system32\es.dll - ok

13:30:53.0171 2616 [ 4C6FA3FD55087B7C35707068723A1710 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\EvtEng.exe

13:30:53.0171 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\EvtEng.exe - ok

13:30:53.0171 2616 [ FC2E10BD1E84408AEFE7F52A5B574D4D ] C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll

13:30:53.0171 2616 C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll - ok

13:30:53.0171 2616 [ 13085FDD224995130B0A92E7E697F149 ] C:\Program Files\Intel\Wireless\Bin\DbEngine.dll

13:30:53.0171 2616 C:\Program Files\Intel\Wireless\Bin\DbEngine.dll - ok

13:30:53.0187 2616 [ 4BD5F133FD7DE5C508B313B73C74AB87 ] C:\Program Files\Intel\Wireless\Bin\MurocApi.dll

13:30:53.0187 2616 C:\Program Files\Intel\Wireless\Bin\MurocApi.dll - ok

13:30:53.0187 2616 [ B0D081E7CD1D60CF63317ADC6E8535C7 ] C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll

13:30:53.0187 2616 C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll - ok

13:30:53.0187 2616 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll

13:30:53.0187 2616 C:\WINDOWS\system32\icmp.dll - ok

13:30:53.0187 2616 [ 8F0DE4FEF8201E306F9938B0905AC96A ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\Update\GoogleUpdate.exe

13:30:53.0187 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\Update\GoogleUpdate.exe - ok

13:30:53.0203 2616 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Program Files\Google\Update\1.3.21.115\goopdate.dll

13:30:53.0203 2616 C:\Program Files\Google\Update\1.3.21.115\goopdate.dll - ok

13:30:53.0203 2616 [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll

13:30:53.0203 2616 C:\WINDOWS\system32\msi.dll - ok

13:30:53.0203 2616 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll

13:30:53.0203 2616 C:\WINDOWS\system32\dbghelp.dll - ok

13:30:53.0203 2616 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

13:30:53.0203 2616 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

13:30:53.0203 2616 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll

13:30:53.0203 2616 C:\WINDOWS\system32\hid.dll - ok

13:30:53.0218 2616 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll

13:30:53.0218 2616 C:\WINDOWS\system32\hidserv.dll - ok

13:30:53.0218 2616 [ DBF73668635D34C8206B5AA67C640C8D ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IFXSPMGT.exe

13:30:53.0218 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IFXSPMGT.exe - ok

13:30:53.0218 2616 [ 686B224B4987C22B153FBB545FEE9657 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll

13:30:53.0218 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll - ok

13:30:53.0218 2616 [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll

13:30:53.0218 2616 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok

13:30:53.0218 2616 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll

13:30:53.0218 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok

13:30:53.0234 2616 [ 8C53CCD787C381CD535D8DCCA12584D8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll

13:30:53.0234 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll - ok

13:30:53.0234 2616 [ DD079C8ADC44370FC4004563B812C8BF ] C:\WINDOWS\system32\IFXSPArc.dll

13:30:53.0234 2616 C:\WINDOWS\system32\IFXSPArc.dll - ok

13:30:53.0234 2616 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll

13:30:53.0234 2616 C:\WINDOWS\system32\mstask.dll - ok

13:30:53.0234 2616 [ 93F29E6964BAEF31E53D203992B0AFD4 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe

13:30:53.0234 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok

13:30:53.0234 2616 [ D8584C7FB9A1BA8480F9000C1CA1B415 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll

13:30:53.0234 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll - ok

13:30:53.0250 2616 [ 2FA8B03CB4C0BE92BF43C5EDE8B17846 ] C:\WINDOWS\system32\msxml6.dll

13:30:53.0250 2616 C:\WINDOWS\system32\msxml6.dll - ok

13:30:53.0250 2616 [ 1430DDAA246B2512DD966F78DF447803 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IFXTCS.exe

13:30:53.0250 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IFXTCS.exe - ok

13:30:53.0250 2616 [ 9DF5D68BC8DF74F4F874FA7A2E69E76B ] C:\WINDOWS\system32\IFXTPM.dll

13:30:53.0250 2616 C:\WINDOWS\system32\IFXTPM.dll - ok

13:30:53.0250 2616 [ E731921DB2E17DCD3DB472FAD5549C57 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Java\jre6\bin\jqs.exe

13:30:53.0250 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Java\jre6\bin\jqs.exe - ok

13:30:53.0250 2616 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll

13:30:53.0250 2616 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok

13:30:53.0265 2616 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll

13:30:53.0265 2616 C:\WINDOWS\system32\pdh.dll - ok

13:30:53.0265 2616 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll

13:30:53.0265 2616 C:\WINDOWS\system32\odbcbcp.dll - ok

13:30:53.0265 2616 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll

13:30:53.0265 2616 C:\WINDOWS\system32\netmsg.dll - ok

13:30:53.0265 2616 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll

13:30:53.0265 2616 C:\WINDOWS\system32\srvsvc.dll - ok

13:30:53.0281 2616 [ 8F9E3157F604E165F4E6BA491AF71C4C ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\LMS.exe

13:30:53.0281 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\LMS.exe - ok

13:30:53.0281 2616 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys

13:30:53.0281 2616 C:\WINDOWS\system32\drivers\srv.sys - ok

13:30:53.0281 2616 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll

13:30:53.0281 2616 C:\WINDOWS\system32\netman.dll - ok

13:30:53.0281 2616 [ D07C9575726797B0E9069E1108A1C483 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

13:30:53.0281 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok

13:30:53.0281 2616 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll

13:30:53.0281 2616 C:\WINDOWS\system32\netshell.dll - ok

13:30:53.0296 2616 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll

13:30:53.0296 2616 C:\WINDOWS\system32\perfos.dll - ok

13:30:53.0296 2616 [ 203D5ECB5CCDA683053CDA42DFF03573 ] C:\WINDOWS\system32\netfxperf.dll

13:30:53.0296 2616 C:\WINDOWS\system32\netfxperf.dll - ok

13:30:53.0296 2616 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

13:30:53.0296 2616 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

13:30:53.0296 2616 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll

13:30:53.0296 2616 C:\WINDOWS\system32\credui.dll - ok

13:30:53.0296 2616 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll

13:30:53.0296 2616 C:\WINDOWS\system32\dot3dlg.dll - ok

13:30:53.0312 2616 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll

13:30:53.0312 2616 C:\WINDOWS\system32\onex.dll - ok

13:30:53.0312 2616 [ 257147843B66B67CB72AE8197DD479CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll

13:30:53.0312 2616 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok

13:30:53.0312 2616 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll

13:30:53.0312 2616 C:\WINDOWS\system32\eappcfg.dll - ok

13:30:53.0312 2616 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll

13:30:53.0312 2616 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

13:30:53.0312 2616 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll

13:30:53.0312 2616 C:\WINDOWS\system32\wbem\wbemprox.dll - ok

13:30:53.0328 2616 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll

13:30:53.0328 2616 C:\WINDOWS\system32\eappprxy.dll - ok

13:30:53.0328 2616 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll

13:30:53.0328 2616 C:\WINDOWS\system32\wzcsapi.dll - ok

13:30:53.0328 2616 [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll

13:30:53.0328 2616 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok

13:30:53.0328 2616 [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\WINDOWS\system32\aspnet_counters.dll

13:30:53.0328 2616 C:\WINDOWS\system32\aspnet_counters.dll - ok

13:30:53.0343 2616 [ 056E6BFD6314BBB84D5DFB1CA529CD60 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

13:30:53.0343 2616 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - ok

13:30:53.0343 2616 [ F4E9693F449600A30088A0B16079F3CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll

13:30:53.0343 2616 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok

13:30:53.0343 2616 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

13:30:53.0343 2616 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok

13:30:53.0343 2616 [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll

13:30:53.0343 2616 C:\WINDOWS\system32\query.dll - ok

13:30:53.0343 2616 [ F1AA467825079B05D590D475432B4066 ] C:\WINDOWS\system32\msscntrs.dll

13:30:53.0343 2616 C:\WINDOWS\system32\msscntrs.dll - ok

13:30:53.0359 2616 [ D84DE2A7C95D07A5611E1363C0B6108B ] C:\WINDOWS\system32\sqlctr90.dll

13:30:53.0359 2616 C:\WINDOWS\system32\sqlctr90.dll - ok

13:30:53.0359 2616 [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll

13:30:53.0359 2616 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok

13:30:53.0375 2616 [ C5571DEA5DAB1D64DD0DB6904666370D ] C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL

13:30:53.0375 2616 C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL - ok

13:30:53.0375 2616 [ 03F46B4C5C39C956C15D4838D5743A39 ] C:\WINDOWS\system32\perfnw.dll

13:30:53.0375 2616 C:\WINDOWS\system32\perfnw.dll - ok

13:30:53.0375 2616 [ 5C88054458E044F1DEB77855F6137A25 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL

13:30:53.0375 2616 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL - ok

13:30:53.0375 2616 [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll

13:30:53.0375 2616 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll - ok

13:30:53.0390 2616 [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINDOWS\system32\perfnet.dll

13:30:53.0390 2616 C:\WINDOWS\system32\perfnet.dll - ok

13:30:53.0390 2616 [ 05CCEE4CAE7D1A5090033626DA91DB86 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll

13:30:53.0390 2616 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok

13:30:53.0390 2616 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll

13:30:53.0390 2616 C:\WINDOWS\system32\perfproc.dll - ok

13:30:53.0390 2616 [ 1A66C2723A0517D681E34FCD37E85937 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\nvsvc32.exe

13:30:53.0390 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\nvsvc32.exe - ok

13:30:53.0390 2616 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll

13:30:53.0390 2616 C:\WINDOWS\system32\powrprof.dll - ok

13:30:53.0406 2616 [ C7581E9078A6DB347DC52561A0FD148F ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll

13:30:53.0406 2616 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok

13:30:53.0406 2616 [ FB7B34C176E80B29B91DC34B49311F0B ] C:\WINDOWS\system32\nvcpl.dll

13:30:53.0406 2616 C:\WINDOWS\system32\nvcpl.dll - ok

13:30:53.0406 2616 [ 219E225E6663B478DA5DC396ACA75548 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IfxPsdSv.exe

13:30:53.0406 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\IfxPsdSv.exe - ok

13:30:53.0406 2616 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll

13:30:53.0406 2616 C:\WINDOWS\system32\ipsecsvc.dll - ok

13:30:53.0406 2616 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll

13:30:53.0406 2616 C:\WINDOWS\system32\oakley.dll - ok

13:30:53.0421 2616 [ 8AC155995F5D10FC0D3AD949A1A68075 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\RegSrvc.exe

13:30:53.0421 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\RegSrvc.exe - ok

13:30:53.0421 2616 [ F09654453EE685C2AD58ADA2BED46DC8 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll

13:30:53.0421 2616 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll - ok

13:30:53.0421 2616 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll

13:30:53.0421 2616 C:\WINDOWS\system32\winipsec.dll - ok

13:30:53.0421 2616 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll

13:30:53.0421 2616 C:\WINDOWS\system32\psbase.dll - ok

13:30:53.0421 2616 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll

13:30:53.0421 2616 C:\WINDOWS\system32\pstorsvc.dll - ok

13:30:53.0437 2616 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll

13:30:53.0437 2616 C:\WINDOWS\system32\regsvc.dll - ok

13:30:53.0437 2616 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll

13:30:53.0437 2616 C:\WINDOWS\system32\pschdprf.dll - ok

13:30:53.0437 2616 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll

13:30:53.0437 2616 C:\WINDOWS\system32\dssenh.dll - ok

13:30:53.0437 2616 [ D358E077A0A05D9B12DA22D137EE8464 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

13:30:53.0437 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok

13:30:53.0437 2616 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll

13:30:53.0437 2616 C:\WINDOWS\system32\traffic.dll - ok

13:30:53.0453 2616 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll

13:30:53.0453 2616 C:\WINDOWS\system32\sensapi.dll - ok

13:30:53.0453 2616 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll

13:30:53.0453 2616 C:\WINDOWS\system32\seclogon.dll - ok

13:30:53.0453 2616 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll

13:30:53.0453 2616 C:\WINDOWS\system32\sens.dll - ok

13:30:53.0453 2616 [ D2F4F32B59440011174B4F8137AF4E0C ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

13:30:53.0453 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok

13:30:53.0468 2616 [ 35EDE451AFFBC6DEFE12EC0B7CA6926B ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll

13:30:53.0468 2616 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll - ok

13:30:53.0468 2616 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll

13:30:53.0468 2616 C:\WINDOWS\system32\srsvc.dll - ok

13:30:53.0468 2616 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll

13:30:53.0468 2616 C:\WINDOWS\system32\termsrv.dll - ok

13:30:53.0468 2616 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll

13:30:53.0468 2616 C:\WINDOWS\system32\vssapi.dll - ok

13:30:53.0468 2616 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll

13:30:53.0468 2616 C:\WINDOWS\system32\wiaservc.dll - ok

13:30:53.0484 2616 [ 46EE6E904D78B291BF2C3EAB64D80402 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ThpSrv.exe

13:30:53.0484 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ThpSrv.exe - ok

13:30:53.0484 2616 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll

13:30:53.0484 2616 C:\WINDOWS\system32\icaapi.dll - ok

13:30:53.0484 2616 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll

13:30:53.0484 2616 C:\WINDOWS\system32\cfgmgr32.dll - ok

13:30:53.0484 2616 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll

13:30:53.0484 2616 C:\WINDOWS\system32\mstlsapi.dll - ok

13:30:53.0484 2616 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll

13:30:53.0484 2616 C:\WINDOWS\system32\mscms.dll - ok

13:30:53.0500 2616 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll

13:30:53.0500 2616 C:\WINDOWS\system32\rasctrs.dll - ok

13:30:53.0500 2616 [ F81374A6A5AA49BE486311CF318AE4A3 ] C:\WINDOWS\system32\nvapi.dll

13:30:53.0500 2616 C:\WINDOWS\system32\nvapi.dll - ok

13:30:53.0500 2616 [ 1251AFE77CE784D447E0D09DEAD08F1B ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMESRV31.exe

13:30:53.0500 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMESRV31.exe - ok

13:30:53.0500 2616 [ D540858E65BFA6FDED41AD2495ECE344 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TODDSrv.exe

13:30:53.0500 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TODDSrv.exe - ok

13:30:53.0500 2616 [ 56F98C171B263BBADFE01BA21F966833 ] C:\WINDOWS\TMEVALDD.dll

13:30:53.0500 2616 C:\WINDOWS\TMEVALDD.dll - ok

13:30:53.0515 2616 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe

13:30:53.0515 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe - ok

13:30:53.0515 2616 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll

13:30:53.0515 2616 C:\WINDOWS\system32\rsvpperf.dll - ok

13:30:53.0515 2616 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll

13:30:53.0515 2616 C:\WINDOWS\system32\trkwks.dll - ok

13:30:53.0515 2616 [ EA860D1EBB200815EDE5EC53B91C1163 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\UNS.exe

13:30:53.0515 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\UNS.exe - ok

13:30:53.0515 2616 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll

13:30:53.0515 2616 C:\WINDOWS\system32\spoolss.dll - ok

13:30:53.0531 2616 [ AA897735D5AB916297A6823A9B2D61B1 ] C:\WINDOWS\system32\localspl.dll

13:30:53.0531 2616 C:\WINDOWS\system32\localspl.dll - ok

13:30:53.0531 2616 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll

13:30:53.0531 2616 C:\WINDOWS\system32\security.dll - ok

13:30:53.0531 2616 [ 8C77ECF3C7DCBB926312B7ECED6ECA75 ] C:\WINDOWS\system32\winhttp.dll

13:30:53.0531 2616 C:\WINDOWS\system32\winhttp.dll - ok

13:30:53.0531 2616 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll

13:30:53.0531 2616 C:\WINDOWS\system32\cnbjmon.dll - ok

13:30:53.0531 2616 [ A0FBFD468B3FE21EE72FE3BF8F0C23ED ] C:\WINDOWS\system32\AUCPLMNT.DLL

13:30:53.0531 2616 C:\WINDOWS\system32\AUCPLMNT.DLL - ok

13:30:53.0546 2616 [ 953B419E9BE71C5602A85CAE732ACE53 ] C:\WINDOWS\system32\ZLhp1020.dll

13:30:53.0546 2616 C:\WINDOWS\system32\ZLhp1020.dll - ok

13:30:53.0546 2616 [ 65F8EA0D6858140BEDA30F42578EE37C ] C:\WINDOWS\system32\zlm.dll

13:30:53.0546 2616 C:\WINDOWS\system32\zlm.dll - ok

13:30:53.0546 2616 [ D3E43CE1C03975494818BE86CFF27CFC ] C:\WINDOWS\system32\MLMON__Q.DLL

13:30:53.0546 2616 C:\WINDOWS\system32\MLMON__Q.DLL - ok

13:30:53.0546 2616 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll

13:30:53.0546 2616 C:\WINDOWS\system32\wbem\wmisvc.dll - ok

13:30:53.0546 2616 [ 7778BDFA3F6F6FBA0E75B9594098F737 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchindexer.exe

13:30:53.0546 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchindexer.exe - ok

13:30:53.0562 2616 [ 05A449C44A3BDAB02EEB6EF958A24189 ] C:\WINDOWS\system32\MSPOOL_Q.DLL

13:30:53.0562 2616 C:\WINDOWS\system32\MSPOOL_Q.DLL - ok

13:30:53.0562 2616 [ D1E24D6331691F52BBAAF47850C6946A ] C:\WINDOWS\system32\awmon.dll

13:30:53.0562 2616 C:\WINDOWS\system32\awmon.dll - ok

13:30:53.0562 2616 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll

13:30:53.0562 2616 C:\WINDOWS\system32\pjlmon.dll - ok

13:30:53.0562 2616 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll

13:30:53.0562 2616 C:\WINDOWS\system32\tcpmon.dll - ok

13:30:53.0578 2616 [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll

13:30:53.0578 2616 C:\WINDOWS\system32\tquery.dll - ok

13:30:53.0578 2616 [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll

13:30:53.0578 2616 C:\WINDOWS\system32\tcpmib.dll - ok

13:30:53.0578 2616 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll

13:30:53.0578 2616 C:\WINDOWS\system32\mgmtapi.dll - ok

13:30:53.0578 2616 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll

13:30:53.0578 2616 C:\WINDOWS\system32\snmpapi.dll - ok

13:30:53.0578 2616 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll

13:30:53.0578 2616 C:\WINDOWS\system32\wsnmp32.dll - ok

13:30:53.0593 2616 [ E662722D5C50AD1C0E201499E405FD73 ] C:\WINDOWS\system32\TBTMon.dll

13:30:53.0593 2616 C:\WINDOWS\system32\TBTMon.dll - ok

13:30:53.0593 2616 [ DE955D6A5097DC306AF8C9F67E9A5F2D ] C:\WINDOWS\system32\TosBtHcrpAPI.dll

13:30:53.0593 2616 C:\WINDOWS\system32\TosBtHcrpAPI.dll - ok

13:30:53.0593 2616 [ E6E67F4B840FCD0BCA5E1DADB5B575BE ] C:\WINDOWS\system32\TosBtAPI.dll

13:30:53.0593 2616 C:\WINDOWS\system32\TosBtAPI.dll - ok

13:30:53.0593 2616 [ 24C78F9258B0052F7D0AA3ECA1FBD306 ] C:\WINDOWS\system32\TosBdAPI.dll

13:30:53.0593 2616 C:\WINDOWS\system32\TosBdAPI.dll - ok

13:30:53.0593 2616 [ 61FB95B6F2A8715282E05C92E4527C5A ] C:\WINDOWS\system32\tbtmon98Language.dll

13:30:53.0593 2616 C:\WINDOWS\system32\tbtmon98Language.dll - ok

13:30:53.0609 2616 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll

13:30:53.0609 2616 C:\WINDOWS\system32\usbmon.dll - ok

13:30:53.0609 2616 [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll

13:30:53.0609 2616 C:\WINDOWS\system32\propsys.dll - ok

13:30:53.0609 2616 [ BBCE4DEB3501B71E7EB1D8AF3A35B975 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL

13:30:53.0609 2616 C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL - ok

13:30:53.0609 2616 [ A0DF3F3AA3DC40FE160AAEFBB5187FD9 ] C:\WINDOWS\system32\IMF32.DLL

13:30:53.0609 2616 C:\WINDOWS\system32\IMF32.DLL - ok

13:30:53.0609 2616 [ 27B026CC7EE3B42745C3362603FBFC52 ] C:\WINDOWS\system32\ZTAG32.DLL

13:30:53.0609 2616 C:\WINDOWS\system32\ZTAG32.DLL - ok

13:30:53.0625 2616 [ FAE332DA4762C6779A3845810405924F ] C:\WINDOWS\system32\ZSPOOL.DLL

13:30:53.0625 2616 C:\WINDOWS\system32\ZSPOOL.DLL - ok

13:30:53.0625 2616 [ 1EAC5415A2FDBF940CC87A0E35E41E37 ] C:\WINDOWS\system32\MIMF32_Q.DLL

13:30:53.0625 2616 C:\WINDOWS\system32\MIMF32_Q.DLL - ok

13:30:53.0625 2616 [ 06FC73F0F460B8AE48DC764A1561AD44 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR_Q.DLL

13:30:53.0625 2616 C:\WINDOWS\system32\spool\prtprocs\w32x86\MIMFPR_Q.DLL - ok

13:30:53.0625 2616 [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll

13:30:53.0625 2616 C:\WINDOWS\system32\mssrch.dll - ok

13:30:53.0625 2616 [ 14ADC7FFC52A8FAD518F79BA4D698BD8 ] C:\WINDOWS\system32\MTAG32_Q.DLL

13:30:53.0625 2616 C:\WINDOWS\system32\MTAG32_Q.DLL - ok

13:30:53.0640 2616 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

13:30:53.0640 2616 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok

13:30:53.0640 2616 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

13:30:53.0640 2616 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok

13:30:53.0640 2616 [ CDD90FA1AF84F483C37CA60FB56DE5D2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL

13:30:53.0640 2616 C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL - ok

13:30:53.0640 2616 [ 0CC7DA54F5FED71160C3FC13E9F972FC ] C:\WINDOWS\system32\ZIMF.DLL

13:30:53.0640 2616 C:\WINDOWS\system32\ZIMF.DLL - ok

13:30:53.0640 2616 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll

13:30:53.0640 2616 C:\WINDOWS\system32\actxprxy.dll - ok

13:30:53.0656 2616 [ 7CA836648E40709797D9F3BFF56679EE ] C:\WINDOWS\system32\ZTAG.DLL

13:30:53.0656 2616 C:\WINDOWS\system32\ZTAG.DLL - ok

13:30:53.0656 2616 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll

13:30:53.0656 2616 C:\WINDOWS\system32\win32spl.dll - ok

13:30:53.0656 2616 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll

13:30:53.0656 2616 C:\WINDOWS\system32\netrap.dll - ok

13:30:53.0656 2616 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll

13:30:53.0656 2616 C:\WINDOWS\system32\inetpp.dll - ok

13:30:53.0656 2616 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll

13:30:53.0656 2616 C:\WINDOWS\system32\tapiperf.dll - ok

13:30:53.0671 2616 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll

13:30:53.0671 2616 C:\WINDOWS\system32\perfctrs.dll - ok

13:30:53.0671 2616 [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINDOWS\system32\perfts.dll

13:30:53.0671 2616 C:\WINDOWS\system32\perfts.dll - ok

13:30:53.0671 2616 [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\system32\utildll.dll

13:30:53.0671 2616 C:\WINDOWS\system32\utildll.dll - ok

13:30:53.0671 2616 [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINDOWS\system32\wbem\wmiaprpl.dll

13:30:53.0671 2616 C:\WINDOWS\system32\wbem\wmiaprpl.dll - ok

13:30:53.0687 2616 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll

13:30:53.0687 2616 C:\WINDOWS\system32\loadperf.dll - ok

13:30:53.0687 2616 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll

13:30:53.0687 2616 C:\WINDOWS\system32\wuauserv.dll - ok

13:30:53.0687 2616 [ E1246BDD6FB5F1705B178A6B4F8BDEA6 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ZuneBusEnum.exe

13:30:53.0687 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ZuneBusEnum.exe - ok

13:30:53.0687 2616 [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\system32\wuaueng.dll

13:30:53.0687 2616 C:\WINDOWS\system32\wuaueng.dll - ok

13:30:53.0687 2616 [ 6325125AA526F1F233468E8EAD98C34B ] C:\WINDOWS\system32\xmllite.dll

13:30:53.0687 2616 C:\WINDOWS\system32\xmllite.dll - ok

13:30:53.0703 2616 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui

13:30:53.0703 2616 C:\WINDOWS\system32\en-us\tquery.dll.mui - ok

13:30:53.0703 2616 [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll

13:30:53.0703 2616 C:\WINDOWS\system32\msscb.dll - ok

13:30:53.0703 2616 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll

13:30:53.0703 2616 C:\WINDOWS\system32\cabinet.dll - ok

13:30:53.0703 2616 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll

13:30:53.0703 2616 C:\WINDOWS\system32\mspatcha.dll - ok

13:30:53.0703 2616 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll

13:30:53.0703 2616 C:\WINDOWS\system32\wscsvc.dll - ok

13:30:53.0718 2616 [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll

13:30:53.0718 2616 C:\WINDOWS\system32\browser.dll - ok

13:30:53.0718 2616 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll

13:30:53.0718 2616 C:\WINDOWS\system32\ipnathlp.dll - ok

13:30:53.0718 2616 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll

13:30:53.0718 2616 C:\WINDOWS\system32\wbem\wbemcore.dll - ok

13:30:53.0718 2616 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll

13:30:53.0718 2616 C:\WINDOWS\system32\cryptnet.dll - ok

13:30:53.0718 2616 [ 178D531283EEB53DF93D6E984E75A83A ] C:\Program Files\TOSHIBA\TME3\TMEI3E.dll

13:30:53.0718 2616 C:\Program Files\TOSHIBA\TME3\TMEI3E.dll - ok

13:30:53.0734 2616 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll

13:30:53.0734 2616 C:\WINDOWS\system32\wbem\esscli.dll - ok

13:30:53.0734 2616 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll

13:30:53.0734 2616 C:\WINDOWS\system32\wbem\fastprox.dll - ok

13:30:53.0734 2616 [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\system32\wups.dll

13:30:53.0734 2616 C:\WINDOWS\system32\wups.dll - ok

13:30:53.0734 2616 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll

13:30:53.0734 2616 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok

13:30:53.0734 2616 [ 5BD1234E11B39C63BBA87022AF6D43C2 ] C:\WINDOWS\system32\wups2.dll

13:30:53.0734 2616 C:\WINDOWS\system32\wups2.dll - ok

13:30:53.0750 2616 [ 1755F4933644F656C7F30BFB81A8ECD0 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL

13:30:53.0750 2616 C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL - ok

13:30:53.0750 2616 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll

13:30:53.0750 2616 C:\WINDOWS\system32\wbem\wmiutils.dll - ok

13:30:53.0750 2616 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll

13:30:53.0750 2616 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok

13:30:53.0750 2616 [ 2EF237A6B7232F45A7DF000C54974BF1 ] C:\WINDOWS\system32\ieframe.dll

13:30:53.0750 2616 C:\WINDOWS\system32\ieframe.dll - ok

13:30:53.0750 2616 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll

13:30:53.0750 2616 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok

13:30:53.0765 2616 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll

13:30:53.0765 2616 C:\WINDOWS\system32\wbem\wbemess.dll - ok

13:30:53.0765 2616 [ 62BB79160F86CD962F312C68C6239BFD ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wuauclt.exe

13:30:53.0765 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wuauclt.exe - ok

13:30:53.0765 2616 [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll

13:30:53.0765 2616 C:\WINDOWS\system32\wuapi.dll - ok

13:30:53.0765 2616 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll

13:30:53.0765 2616 C:\WINDOWS\system32\wbem\ncprov.dll - ok

13:30:53.0765 2616 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll

13:30:53.0765 2616 C:\WINDOWS\system32\wbem\wbemcons.dll - ok

13:30:53.0781 2616 [ E0673F1106E62A68D2257E376079F821 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wbem\wmiapsrv.exe

13:30:53.0781 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wbem\wmiapsrv.exe - ok

13:30:53.0781 2616 [ 798A9E6828997EEF4517ADA8A2259831 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wbem\wmiprvse.exe

13:30:53.0781 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\wbem\wmiprvse.exe - ok

13:30:53.0781 2616 [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\system32\wbem\wmiapres.dll

13:30:53.0781 2616 C:\WINDOWS\system32\wbem\wmiapres.dll - ok

13:30:53.0781 2616 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65 ] C:\WINDOWS\system32\mssprxy.dll

13:30:53.0781 2616 C:\WINDOWS\system32\mssprxy.dll - ok

13:30:53.0796 2616 [ 8C515081584A38AA007909CD02020B3D ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\alg.exe

13:30:53.0796 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\alg.exe - ok

13:30:53.0796 2616 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll

13:30:53.0796 2616 C:\WINDOWS\system32\wbem\cimwin32.dll - ok

13:30:53.0796 2616 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll

13:30:53.0796 2616 C:\WINDOWS\system32\wbem\framedyn.dll - ok

13:30:53.0796 2616 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll

13:30:53.0796 2616 C:\WINDOWS\system32\wbem\wmiprov.dll - ok

13:30:53.0796 2616 [ 467F5F88D6AA569C49DDC070B19C9478 ] C:\Program Files\Java\jre6\bin\awt.dll

13:30:53.0796 2616 C:\Program Files\Java\jre6\bin\awt.dll - ok

13:30:53.0812 2616 [ B58618FFEEF35FED1ECA3638EBDBE63D ] C:\Program Files\Java\jre6\bin\client\jvm.dll

13:30:53.0812 2616 C:\Program Files\Java\jre6\bin\client\jvm.dll - ok

13:30:53.0812 2616 [ B5D6487EBE49FA7A79BB2B85EB0D3262 ] C:\Program Files\Java\jre6\bin\dcpr.dll

13:30:53.0812 2616 C:\Program Files\Java\jre6\bin\dcpr.dll - ok

13:30:53.0812 2616 [ E2910C45EFD812E9526166623A75FE44 ] C:\Program Files\Java\jre6\bin\deploy.dll

13:30:53.0812 2616 C:\Program Files\Java\jre6\bin\deploy.dll - ok

13:30:53.0812 2616 [ F6D655C4C333437FB2F2A312B7C9EC38 ] C:\Program Files\Java\jre6\bin\fontmanager.dll

13:30:53.0812 2616 C:\Program Files\Java\jre6\bin\fontmanager.dll - ok

13:30:53.0812 2616 [ 6ACF651064E816FEB9F3430E1294DFE2 ] C:\Program Files\Java\jre6\bin\hpi.dll

13:30:53.0812 2616 C:\Program Files\Java\jre6\bin\hpi.dll - ok

13:30:53.0828 2616 [ 398DB9EC819FF0F453BF346D59DEB1C5 ] C:\Program Files\Java\jre6\bin\java.dll

13:30:53.0828 2616 C:\Program Files\Java\jre6\bin\java.dll - ok

13:30:53.0828 2616 [ BAF5A550C038DFBCB9B3CE2A98F3B7D5 ] C:\Program Files\Java\jre6\bin\javaw.exe

13:30:53.0828 2616 C:\Program Files\Java\jre6\bin\javaw.exe - ok

13:30:53.0828 2616 [ 91914A46BB56849E24854CA66DF5874B ] C:\Program Files\Java\jre6\bin\jp2native.dll

13:30:53.0828 2616 C:\Program Files\Java\jre6\bin\jp2native.dll - ok

13:30:53.0828 2616 [ 51811C7ED7D21DD9C04398FC18FC41EE ] C:\Program Files\Java\jre6\bin\jpeg.dll

13:30:53.0828 2616 C:\Program Files\Java\jre6\bin\jpeg.dll - ok

13:30:53.0828 2616 [ 1874CF0E9BA16A2B55F7B5F17E20A304 ] C:\Program Files\Java\jre6\bin\net.dll

13:30:53.0828 2616 C:\Program Files\Java\jre6\bin\net.dll - ok

13:30:53.0843 2616 [ A405F1AB3DA3730F0E9264922F3399B3 ] C:\Program Files\Java\jre6\bin\nio.dll

13:30:53.0843 2616 C:\Program Files\Java\jre6\bin\nio.dll - ok

13:30:53.0843 2616 [ 2A470411AA01063BCE799C290C8C0395 ] C:\Program Files\Java\jre6\bin\regutils.dll

13:30:53.0843 2616 C:\Program Files\Java\jre6\bin\regutils.dll - ok

13:30:53.0843 2616 [ 1ECCE07142024DE7B505E2E646197058 ] C:\Program Files\Java\jre6\bin\verify.dll

13:30:53.0843 2616 C:\Program Files\Java\jre6\bin\verify.dll - ok

13:30:53.0843 2616 [ AF4C4532072BD5050BF7D40A0B390C98 ] C:\Program Files\Java\jre6\bin\zip.dll

13:30:53.0843 2616 C:\Program Files\Java\jre6\bin\zip.dll - ok

13:30:53.0843 2616 [ A7E06854EA2A20AEE8EC32BD8C754298 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\mpnotify.exe

13:30:53.0843 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\mpnotify.exe - ok

13:30:53.0859 2616 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll

13:30:53.0859 2616 C:\WINDOWS\system32\cscui.dll - ok

13:30:53.0859 2616 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll

13:30:53.0859 2616 C:\WINDOWS\system32\dpcdll.dll - ok

13:30:53.0859 2616 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys

13:30:53.0859 2616 C:\WINDOWS\system32\drivers\wdmaud.sys - ok

13:30:53.0859 2616 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv

13:30:53.0859 2616 C:\WINDOWS\system32\wdmaud.drv - ok

13:30:53.0859 2616 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys

13:30:53.0859 2616 C:\WINDOWS\system32\drivers\sysaudio.sys - ok

13:30:53.0875 2616 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys

13:30:53.0875 2616 C:\WINDOWS\system32\drivers\splitter.sys - ok

13:30:53.0875 2616 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys

13:30:53.0875 2616 C:\WINDOWS\system32\drivers\aec.sys - ok

13:30:53.0875 2616 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys

13:30:53.0875 2616 C:\WINDOWS\system32\drivers\swmidi.sys - ok

13:30:53.0875 2616 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys

13:30:53.0875 2616 C:\WINDOWS\system32\drivers\dmusic.sys - ok

13:30:53.0890 2616 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys

13:30:53.0890 2616 C:\WINDOWS\system32\drivers\kmixer.sys - ok

13:30:53.0890 2616 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys

13:30:53.0890 2616 C:\WINDOWS\system32\drivers\drmkaud.sys - ok

13:30:53.0890 2616 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\userinit.exe

13:30:53.0890 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\userinit.exe - ok

13:30:53.0890 2616 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv

13:30:53.0890 2616 C:\WINDOWS\system32\msacm32.drv - ok

13:30:53.0890 2616 [ B1296D52B0D2096EC4759EEEB806D759 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\WgaTray.exe

13:30:53.0890 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\WgaTray.exe - ok

13:30:53.0906 2616 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll

13:30:53.0906 2616 C:\WINDOWS\system32\midimap.dll - ok

13:30:53.0906 2616 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\explorer.exe

13:30:53.0906 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\explorer.exe - ok

13:30:53.0906 2616 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll

13:30:53.0906 2616 C:\WINDOWS\system32\browseui.dll - ok

13:30:53.0906 2616 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll

13:30:53.0906 2616 C:\WINDOWS\system32\shdocvw.dll - ok

13:30:53.0906 2616 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll

13:30:53.0906 2616 C:\WINDOWS\system32\licwmi.dll - ok

13:30:53.0921 2616 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll

13:30:53.0921 2616 C:\WINDOWS\system32\licdll.dll - ok

13:30:53.0921 2616 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl

13:30:53.0921 2616 C:\WINDOWS\system32\desk.cpl - ok

13:30:53.0921 2616 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll

13:30:53.0921 2616 C:\WINDOWS\system32\themeui.dll - ok

13:30:53.0921 2616 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll

13:30:53.0921 2616 C:\WINDOWS\system32\msimg32.dll - ok

13:30:53.0937 2616 [ 6D778E0F95447E6546553EEEA709D03C ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\cmd.exe

13:30:53.0937 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\cmd.exe - ok

13:30:53.0937 2616 [ 3BE18EEB1A93CC5F70F5A9C977B71A75 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\DOCUME~1\RHAN12~1\LOCALS~1\temp\7CB93913-CC0A-49B9-BDC4-D7933B0DA678.exe

13:30:53.0937 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\DOCUME~1\RHAN12~1\LOCALS~1\temp\7CB93913-CC0A-49B9-BDC4-D7933B0DA678.exe - ok

13:30:53.0937 2616 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll

13:30:53.0937 2616 C:\WINDOWS\system32\linkinfo.dll - ok

13:30:53.0937 2616 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll

13:30:53.0937 2616 C:\WINDOWS\system32\ntshrui.dll - ok

13:30:53.0937 2616 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll

13:30:53.0937 2616 C:\WINDOWS\system32\mlang.dll - ok

13:30:53.0953 2616 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\69401874.sys

13:30:53.0953 2616 C:\WINDOWS\system32\drivers\69401874.sys - ok

13:30:53.0953 2616 [ 0C0E8E9E0C57FF5D1B092A19081B7B44 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\00THotkey.exe

13:30:53.0953 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\00THotkey.exe - ok

13:30:53.0953 2616 [ CCB1A96002F0888DA70964781C742A82 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\000StTHK.exe

13:30:53.0953 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\000StTHK.exe - ok

13:30:53.0953 2616 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll

13:30:53.0953 2616 C:\WINDOWS\system32\upnp.dll - ok

13:30:53.0953 2616 [ 9B9663992B7AF05B8F0E9B8C5E4D73AD ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

13:30:53.0953 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe - ok

13:30:53.0968 2616 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll

13:30:53.0968 2616 C:\WINDOWS\system32\ssdpapi.dll - ok

13:30:53.0968 2616 [ EFC3E6B1739CFB9D879F15E11BC04333 ] C:\WINDOWS\system32\Volume.dll

13:30:53.0968 2616 C:\WINDOWS\system32\Volume.dll - ok

13:30:53.0968 2616 [ 5B1C4847271C32A6FD5C00880C436089 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TOSDCR.exe

13:30:53.0968 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TOSDCR.exe - ok

13:30:53.0968 2616 [ 9EC785EBD0966DDE6FED10FB59FCB186 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

13:30:53.0968 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\ConfigFree\NDSTray.exe - ok

13:30:53.0984 2616 [ 2BAB54632EAF98ED75D55E19C46955E4 ] C:\WINDOWS\system32\Thci.dll

13:30:53.0984 2616 C:\WINDOWS\system32\Thci.dll - ok

13:30:53.0984 2616 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys

13:30:53.0984 2616 C:\WINDOWS\system32\drivers\http.sys - ok

13:30:53.0984 2616 [ 5A4B93F78473F397C332A0BF6B8F093F ] C:\WINDOWS\system32\wbem\mofd.dll

13:30:53.0984 2616 C:\WINDOWS\system32\wbem\mofd.dll - ok

13:30:53.0984 2616 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll

13:30:53.0984 2616 C:\WINDOWS\system32\rasmans.dll - ok

13:30:53.0984 2616 [ A3F6908ACA6D4FDCBD224E8A9A43277B ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe

13:30:53.0984 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe - ok

13:30:54.0000 2616 [ 0544108FA6859BEF5F29137F2FBCBA22 ] C:\Program Files\TOSHIBA\ConfigFree\CFWAN.dll

13:30:54.0000 2616 C:\Program Files\TOSHIBA\ConfigFree\CFWAN.dll - ok

13:30:54.0000 2616 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll

13:30:54.0000 2616 C:\WINDOWS\system32\ssdpsrv.dll - ok

13:30:54.0000 2616 [ 2611F58AEC4BB39387162F749FE8A558 ] C:\WINDOWS\system32\Tsci.dll

13:30:54.0000 2616 C:\WINDOWS\system32\Tsci.dll - ok

13:30:54.0000 2616 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll

13:30:54.0000 2616 C:\WINDOWS\system32\tapisrv.dll - ok

13:30:54.0000 2616 [ 5542B73177470B626F368EA6997290E2 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TFNF5.exe

13:30:54.0000 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TFNF5.exe - ok

13:30:54.0015 2616 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll

13:30:54.0015 2616 C:\WINDOWS\system32\webcheck.dll - ok

13:30:54.0015 2616 [ 06AA87DF4849C507A6C3BA741F9165B4 ] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\usrpacket.dll

13:30:54.0015 2616 C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\usrpacket.dll - ok

13:30:54.0015 2616 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll

13:30:54.0015 2616 C:\WINDOWS\system32\stobject.dll - ok

13:30:54.0015 2616 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll

13:30:54.0015 2616 C:\WINDOWS\system32\batmeter.dll - ok

13:30:54.0015 2616 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll

13:30:54.0015 2616 C:\WINDOWS\system32\rastapi.dll - ok

13:30:54.0031 2616 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp

13:30:54.0031 2616 C:\WINDOWS\system32\unimdm.tsp - ok

13:30:54.0031 2616 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll

13:30:54.0031 2616 C:\WINDOWS\system32\oledlg.dll - ok

13:30:54.0031 2616 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll

13:30:54.0031 2616 C:\WINDOWS\system32\WPDShServiceObj.dll - ok

13:30:54.0031 2616 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll

13:30:54.0031 2616 C:\WINDOWS\system32\uniplat.dll - ok

13:30:54.0031 2616 [ 060090C882B05E15A21090FAC0C4ECA4 ] C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll

13:30:54.0031 2616 C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll - ok

13:30:54.0046 2616 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll

13:30:54.0046 2616 C:\WINDOWS\system32\unimdmat.dll - ok

13:30:54.0046 2616 [ 74ED6C7EDF2B5508B25B890454AC7B35 ] C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll

13:30:54.0046 2616 C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll - ok

13:30:54.0046 2616 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll

13:30:54.0046 2616 C:\WINDOWS\system32\modemui.dll - ok

13:30:54.0046 2616 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll

13:30:54.0046 2616 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok

13:30:54.0062 2616 [ BCE986B97974DFBB7302C9990F3511A8 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE

13:30:54.0062 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok

13:30:54.0062 2616 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp

13:30:54.0062 2616 C:\WINDOWS\system32\kmddsp.tsp - ok

13:30:54.0062 2616 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp

13:30:54.0062 2616 C:\WINDOWS\system32\ndptsp.tsp - ok

13:30:54.0062 2616 [ 5186927C4F740FB6D683BBB406DCC4D5 ] C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll

13:30:54.0062 2616 C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll - ok

13:30:54.0062 2616 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp

13:30:54.0062 2616 C:\WINDOWS\system32\ipconf.tsp - ok

13:30:54.0078 2616 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp

13:30:54.0078 2616 C:\WINDOWS\system32\h323.tsp - ok

13:30:54.0078 2616 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll

13:30:54.0078 2616 C:\WINDOWS\system32\PortableDeviceApi.dll - ok

13:30:54.0078 2616 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp

13:30:54.0078 2616 C:\WINDOWS\system32\hidphone.tsp - ok

13:30:54.0078 2616 [ F88259E28C954C73F1E7394BA6B55CDC ] C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll

13:30:54.0078 2616 C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll - ok

13:30:54.0078 2616 [ 74020E8D2C4F9E8262FD51C80A7D20CA ] C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll

13:30:54.0078 2616 C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll - ok

13:30:54.0093 2616 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll

13:30:54.0093 2616 C:\WINDOWS\system32\rasppp.dll - ok

13:30:54.0093 2616 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll

13:30:54.0093 2616 C:\WINDOWS\system32\ntlsapi.dll - ok

13:30:54.0093 2616 [ 8EBBF7E508EC363BD6933809D17A43A7 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Apoint2K\Apoint.exe

13:30:54.0093 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Apoint2K\Apoint.exe - ok

13:30:54.0093 2616 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll

13:30:54.0093 2616 C:\WINDOWS\system32\rasqec.dll - ok

13:30:54.0093 2616 [ 398AC7A90320B60BEBA0E6619BD6A614 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\atchk.exe

13:30:54.0093 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\AMT\atchk.exe - ok

13:30:54.0109 2616 [ 41C46804B7D467E7A6D18AB253A902E9 ] C:\WINDOWS\system32\Vxdif.dll

13:30:54.0109 2616 C:\WINDOWS\system32\Vxdif.dll - ok

13:30:54.0109 2616 [ BAA9E52EBFDC9C2C9DF73A643A51374A ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\RTHDCPL.exe

13:30:54.0109 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\RTHDCPL.exe - ok

13:30:54.0109 2616 [ 283D5F414EAD07310C01C84458C20546 ] C:\Program Files\Apoint2K\ApMain.dll

13:30:54.0109 2616 C:\Program Files\Apoint2K\ApMain.dll - ok

13:30:54.0109 2616 [ 037B1E7798960E0420003D05BB577EE6 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\rundll32.exe

13:30:54.0109 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\rundll32.exe - ok

13:30:54.0125 2616 [ A26D471230DD6BD321CC04815BD4C094 ] C:\Program Files\Apoint2K\ApCommon.dll

13:30:54.0125 2616 C:\Program Files\Apoint2K\ApCommon.dll - ok

13:30:54.0125 2616 [ 07703E373D6559BF4E1A52A3AEB2F121 ] C:\Program Files\TOSHIBA\ConfigFree\QCDPJ.dll

13:30:54.0125 2616 C:\Program Files\TOSHIBA\ConfigFree\QCDPJ.dll - ok

13:30:54.0125 2616 [ D1622B342DC8B66AD81FD4E5E9F8E6CE ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\nwiz.exe

13:30:54.0125 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\nwiz.exe - ok

13:30:54.0125 2616 [ 727A2AFE355EE3815C5DD6BA46154698 ] C:\Program Files\Apoint2K\ApDual.dll

13:30:54.0125 2616 C:\Program Files\Apoint2K\ApDual.dll - ok

13:30:54.0125 2616 [ 51E81B0235C595B12E08E170DE6BF2F5 ] C:\WINDOWS\system32\nvsysrot.dll

13:30:54.0125 2616 C:\WINDOWS\system32\nvsysrot.dll - ok

13:30:54.0140 2616 [ D51DAF9BF10BE465ADFBD434554BE21F ] C:\Program Files\Apoint2K\ApPad.dll

13:30:54.0140 2616 C:\Program Files\Apoint2K\ApPad.dll - ok

13:30:54.0140 2616 [ 0E81905F53B1A2A41558519CDCDC9C61 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

13:30:54.0140 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe - ok

13:30:54.0140 2616 [ 1DAC9BFC47B8864825748FE0163ECBC3 ] C:\Program Files\TOSHIBA\ConfigFree\VENAPI.dll

13:30:54.0140 2616 C:\Program Files\TOSHIBA\ConfigFree\VENAPI.dll - ok

13:30:54.0140 2616 [ F8A99D6F2C65C83D9E419164D427F1C6 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

13:30:54.0140 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Intel\Wireless\Bin\iFrmewrk.exe - ok

13:30:54.0140 2616 [ D56A57149AC7297DA0AF3DDD17B5AEB7 ] C:\Program Files\Apoint2K\EzCapt.dll

13:30:54.0140 2616 C:\Program Files\Apoint2K\EzCapt.dll - ok

13:30:54.0156 2616 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll

13:30:54.0156 2616 C:\WINDOWS\system32\httpapi.dll - ok

13:30:54.0156 2616 [ D616C423397C55E26699AB8171C99036 ] C:\Program Files\Apoint2K\EzLaunch.dll

13:30:54.0156 2616 C:\Program Files\Apoint2K\EzLaunch.dll - ok

13:30:54.0156 2616 [ 478703DDC3BE7CCC352C5414B6C4D305 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe

13:30:54.0156 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe - ok

13:30:54.0156 2616 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll

13:30:54.0156 2616 C:\WINDOWS\system32\w3ssl.dll - ok

13:30:54.0156 2616 [ 053848EED86AD99A71D8A00584F7F0EE ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMERzCtl.exe

13:30:54.0156 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMERzCtl.exe - ok

13:30:54.0171 2616 [ 0E05E8B1A28AE9CC4B464E5A2A25B0C4 ] C:\WINDOWS\system32\nview.dll

13:30:54.0171 2616 C:\WINDOWS\system32\nview.dll - ok

13:30:54.0171 2616 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll

13:30:54.0171 2616 C:\WINDOWS\system32\strmfilt.dll - ok

13:30:54.0171 2616 [ A63A8A270734D7C9D278D9AFACF7A912 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMEEJME.exe

13:30:54.0171 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\TME3\TMEEJME.exe - ok

13:30:54.0171 2616 [ EE04C2ECB4039274942EB53B3F10F4D2 ] C:\WINDOWS\system32\TCtrlCommon.dll

13:30:54.0171 2616 C:\WINDOWS\system32\TCtrlCommon.dll - ok

13:30:54.0187 2616 [ CC7A6E203B1B14717AC241E7DC3DA35D ] C:\Program Files\Apoint2K\ApStick.dll

13:30:54.0187 2616 C:\Program Files\Apoint2K\ApStick.dll - ok

13:30:54.0187 2616 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll

13:30:54.0187 2616 C:\WINDOWS\system32\riched32.dll - ok

13:30:54.0187 2616 [ 324EADAA1F7AB2059F93DD246F59412F ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe

13:30:54.0187 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe - ok

13:30:54.0187 2616 [ C2C5FC01707A27C29F11F1080A75B0EA ] C:\Program Files\TOSHIBA\TOSHIBA Controls\TBtnCommon.dll

13:30:54.0187 2616 C:\Program Files\TOSHIBA\TOSHIBA Controls\TBtnCommon.dll - ok

13:30:54.0187 2616 [ AFFFC7947B38DC24F70E3C49334106F8 ] C:\Program Files\TOSHIBA\TME3\TMEEJMD.dll

13:30:54.0187 2616 C:\Program Files\TOSHIBA\TME3\TMEEJMD.dll - ok

13:30:54.0203 2616 [ FD42B48B32E2BDC046BDF08EE9A1F78A ] C:\Program Files\Apoint2K\ApOthers.dll

13:30:54.0203 2616 C:\Program Files\Apoint2K\ApOthers.dll - ok

13:30:54.0203 2616 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll

13:30:54.0203 2616 C:\WINDOWS\system32\msvfw32.dll - ok

13:30:54.0203 2616 [ C7118203E4AD83F96246ACBA538F5A8E ] C:\Program Files\Apoint2K\ApMouse.dll

13:30:54.0203 2616 C:\Program Files\Apoint2K\ApMouse.dll - ok

13:30:54.0203 2616 [ 14BB715BB0752CF6D7E0404D0C9E56CF ] C:\Program Files\Apoint2K\EzAuto.dll

13:30:54.0203 2616 C:\Program Files\Apoint2K\EzAuto.dll - ok

13:30:54.0203 2616 [ 01375E1C6C876F2FFCA75F039002D50F ] C:\Program Files\TOSHIBA\DualPointUtility\TDpUI.dll

13:30:54.0203 2616 C:\Program Files\TOSHIBA\DualPointUtility\TDpUI.dll - ok

13:30:54.0218 2616 [ D4546BD02666A41541FF77C9BE71A8C0 ] C:\WINDOWS\system32\TFNF5.DLL

13:30:54.0218 2616 C:\WINDOWS\system32\TFNF5.DLL - ok

13:30:54.0218 2616 [ 512C4D67FB86D1BFB7AEBA30F4B82300 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSODDCtl.exe

13:30:54.0218 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSODDCtl.exe - ok

13:30:54.0218 2616 [ 7AE3E8717EA6B90513529C3F478EABCF ] C:\Program Files\TOSHIBA\TOSHIBA Controls\TCtrlIO.dll

13:30:54.0218 2616 C:\Program Files\TOSHIBA\TOSHIBA Controls\TCtrlIO.dll - ok

13:30:54.0218 2616 [ AEB5728C4559BEC11B93E56B15836157 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSMain.exe

13:30:54.0218 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSMain.exe - ok

13:30:54.0218 2616 [ ABBABB9718848FD74C2D156BDFEDBCD5 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\ltmoh\ltmoh.exe

13:30:54.0218 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\ltmoh\ltmoh.exe - ok

13:30:54.0234 2616 [ 78DE6C29BB0CBA81FB3CD9B436B8327A ] C:\WINDOWS\system32\TPSMainCtl.dll

13:30:54.0234 2616 C:\WINDOWS\system32\TPSMainCtl.dll - ok

13:30:54.0234 2616 [ B3CDFB192D1EB7F42DC9A7E179A424DD ] C:\Program Files\Apoint2K\ApString.dll

13:30:54.0234 2616 C:\Program Files\Apoint2K\ApString.dll - ok

13:30:54.0234 2616 [ F18DD279A5A209B82EC944CF59A6436E ] C:\Program Files\ltmoh\mohapi.dll

13:30:54.0234 2616 C:\Program Files\ltmoh\mohapi.dll - ok

13:30:54.0234 2616 [ 561782B0489E95C8207209A117D995F3 ] C:\WINDOWS\system32\CpuPerf.dll

13:30:54.0234 2616 C:\WINDOWS\system32\CpuPerf.dll - ok

13:30:54.0234 2616 [ D5329F8500DDCCDB0494BDBE99F41FEA ] C:\WINDOWS\system32\nvwddi.dll

13:30:54.0234 2616 C:\WINDOWS\system32\nvwddi.dll - ok

13:30:54.0250 2616 [ 4D7F0C286F6C543F12DC45F18CB3A971 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Protector Suite QL\launcher.exe

13:30:54.0250 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Protector Suite QL\launcher.exe - ok

13:30:54.0250 2616 [ A6BE31F0603EBBD55A289FA3954FC9AF ] C:\WINDOWS\system32\TPSTrace.dll

13:30:54.0250 2616 C:\WINDOWS\system32\TPSTrace.dll - ok

13:30:54.0250 2616 [ C30CD61F961FB498C68994F188CD70B5 ] C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll

13:30:54.0250 2616 C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll - ok

13:30:54.0250 2616 [ FD3DA8425624B98903407DF608CF2C11 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\net.exe

13:30:54.0250 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\net.exe - ok

13:30:54.0250 2616 [ CCA1B81492B40890E44B2B20A780EE1F ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Apoint2K\ApntEx.exe

13:30:54.0250 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Apoint2K\ApntEx.exe - ok

13:30:54.0265 2616 [ 379648A862E5F3C5A660750D4A3D9062 ] C:\WINDOWS\system32\IFXTSP.dll

13:30:54.0265 2616 C:\WINDOWS\system32\IFXTSP.dll - ok

13:30:54.0265 2616 [ 5A8816A1D6186A63D610829A56A8EFDB ] C:\WINDOWS\system32\TPwrReg.dll

13:30:54.0265 2616 C:\WINDOWS\system32\TPwrReg.dll - ok

13:30:54.0265 2616 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll

13:30:54.0265 2616 C:\WINDOWS\system32\dsound.dll - ok

13:30:54.0265 2616 [ 67ECEA13D85AC352E1919774A933AC7B ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Protector Suite QL\psqltray.exe

13:30:54.0265 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Protector Suite QL\psqltray.exe - ok

13:30:54.0265 2616 [ 25CD562A9F5A82F15CFB72FD3D2153D3 ] C:\WINDOWS\system32\TPeculiarity.dll

13:30:54.0265 2616 C:\WINDOWS\system32\TPeculiarity.dll - ok

13:30:54.0281 2616 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll

13:30:54.0281 2616 C:\WINDOWS\system32\drprov.dll - ok

13:30:54.0281 2616 [ 93DB1FF92B03D24738A71E6E4992DFD3 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Java\Java Update\jusched.exe

13:30:54.0281 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Java\Java Update\jusched.exe - ok

13:30:54.0281 2616 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx

13:30:54.0281 2616 C:\WINDOWS\system32\hhctrl.ocx - ok

13:30:54.0281 2616 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll

13:30:54.0281 2616 C:\WINDOWS\system32\ntlanman.dll - ok

13:30:54.0296 2616 [ F89DA660C511652EE511FE3AB2F04BFC ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\QuickTime\QTTask.exe

13:30:54.0296 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\QuickTime\QTTask.exe - ok

13:30:54.0296 2616 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll

13:30:54.0296 2616 C:\WINDOWS\system32\netui0.dll - ok

13:30:54.0296 2616 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll

13:30:54.0296 2616 C:\WINDOWS\system32\netui1.dll - ok

13:30:54.0296 2616 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll

13:30:54.0296 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll - ok

13:30:54.0296 2616 [ 793CA393E0BDFA9B4746E7672ABC4BE3 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe

13:30:54.0296 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe - ok

13:30:54.0312 2616 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll

13:30:54.0312 2616 C:\WINDOWS\system32\davclnt.dll - ok

13:30:54.0312 2616 [ 5676E75F98FF8E0F81DFF604A09288BB ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Real\Update_OB\realsched.exe

13:30:54.0312 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Real\Update_OB\realsched.exe - ok

13:30:54.0312 2616 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll

13:30:54.0312 2616 C:\WINDOWS\system32\mapi32.dll - ok

13:30:54.0312 2616 [ 148C7156B7989F556BF2C720B88535A3 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSBattM.exe

13:30:54.0312 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\TPSBattM.exe - ok

13:30:54.0312 2616 [ B63E5C7807334A3A8F731062F15462CC ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

13:30:54.0312 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

13:30:54.0328 2616 [ 2332F4863901E7A6799524F089DB4CD7 ] C:\WINDOWS\system32\TPwrCfg.dll

13:30:54.0328 2616 C:\WINDOWS\system32\TPwrCfg.dll - ok

13:30:54.0328 2616 [ 890816ABCF16ABDD94FC878CE7A8BD2E ] C:\Program Files\Protector Suite QL\psqltray.dll

13:30:54.0328 2616 C:\Program Files\Protector Suite QL\psqltray.dll - ok

13:30:54.0328 2616 [ B23527E30FCE331BCF6A6E3196CF27A5 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\WMT\WMTFormatConversion.exe

13:30:54.0328 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Common Files\WMT\WMTFormatConversion.exe - ok

13:30:54.0328 2616 [ 723B9400EAB64733E45AF35104E69700 ] C:\WINDOWS\system32\IFXTCSps.dll

13:30:54.0328 2616 C:\WINDOWS\system32\IFXTCSps.dll - ok

13:30:54.0328 2616 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

13:30:54.0328 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok

13:30:54.0343 2616 [ CB791EB5D5BDFE32B690506251D50628 ] C:\WINDOWS\system32\nvwimg.dll

13:30:54.0343 2616 C:\WINDOWS\system32\nvwimg.dll - ok

13:30:54.0343 2616 [ E460233208906ECC0E8F057B25562F13 ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll

13:30:54.0343 2616 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll - ok

13:30:54.0343 2616 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ctfmon.exe

13:30:54.0343 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\ctfmon.exe - ok

13:30:54.0343 2616 [ 15C00138A29E9966DEE32832E7D825A4 ] C:\WINDOWS\system32\nvshell.dll

13:30:54.0343 2616 C:\WINDOWS\system32\nvshell.dll - ok

13:30:54.0343 2616 [ 317C54DCAB9EE29CD4B9F55D197A90D1 ] C:\WINDOWS\system32\msisip.dll

13:30:54.0343 2616 C:\WINDOWS\system32\msisip.dll - ok

13:30:54.0359 2616 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll

13:30:54.0359 2616 C:\WINDOWS\system32\msctf.dll - ok

13:30:54.0359 2616 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll

13:30:54.0359 2616 C:\WINDOWS\system32\msutb.dll - ok

13:30:54.0359 2616 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll

13:30:54.0359 2616 C:\WINDOWS\system32\wshext.dll - ok

13:30:54.0359 2616 [ F79CEFE1E14BD7CE38561385F5542FFC ] C:\Program Files\Protector Suite QL\FDHome.dll

13:30:54.0359 2616 C:\Program Files\Protector Suite QL\FDHome.dll - ok

13:30:54.0375 2616 [ AB3668C159E1CFEA184F72650BD66807 ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

13:30:54.0375 2616 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll - ok

13:30:54.0375 2616 [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll

13:30:54.0375 2616 C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll - ok

13:30:54.0375 2616 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll

13:30:54.0375 2616 C:\WINDOWS\ime\sptip.dll - ok

13:30:54.0375 2616 [ 493CCC36C493D6C581692C8866E5131A ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\SpUpgrade.exe

13:30:54.0375 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\SpUpgrade.exe - ok

13:30:54.0375 2616 [ AFC858E7152F99575C54D6C6418A44AB ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll

13:30:54.0375 2616 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok

13:30:54.0390 2616 [ 47C202A1C980260DC0FCD014AD71DA74 ] C:\Program Files\Protector Suite QL\mysafe.dll

13:30:54.0390 2616 C:\Program Files\Protector Suite QL\mysafe.dll - ok

13:30:54.0390 2616 [ C0417E571BA2837EA3CBE17E728E17DD ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Panda USB Vaccine\USBVaccine.exe

13:30:54.0390 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Panda USB Vaccine\USBVaccine.exe - ok

13:30:54.0390 2616 [ A12051005653D8BDE7AA84F684EB007C ] C:\Program Files\Protector Suite QL\pwdbank.dll

13:30:54.0390 2616 C:\Program Files\Protector Suite QL\pwdbank.dll - ok

13:30:54.0390 2616 [ F60ECC9F91F2F9812770F8D550EF1966 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\PSDrt.exe

13:30:54.0390 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\PSDrt.exe - ok

13:30:54.0406 2616 [ 3C6FA2F4D58611579B21798E0568F548 ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

13:30:54.0406 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

13:30:54.0406 2616 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll

13:30:54.0406 2616 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok

13:30:54.0406 2616 [ 5531BA2EFAF29E649D386B4467D8A14F ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\SpTNA.exe

13:30:54.0406 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\Program Files\Infineon\Security Platform Software\SpTNA.exe - ok

13:30:54.0406 2616 [ 251327E4AD30CD1CFD03EE2D087522E1 ] C:\Program Files\Infineon\Security Platform Software\PsdRsUS.dll

13:30:54.0406 2616 C:\Program Files\Infineon\Security Platform Software\PsdRsUS.dll - ok

13:30:54.0406 2616 [ 6D1006D59C835D5169835AB03062C6F4 ] C:\Program Files\Protector Suite QL\crypto.dll

13:30:54.0406 2616 C:\Program Files\Protector Suite QL\crypto.dll - ok

13:30:54.0421 2616 [ 6C342323C65C58D4B2136DE4C0E3C403 ] C:\Program Files\Infineon\Security Platform Software\Psd.dll

13:30:54.0421 2616 C:\Program Files\Infineon\Security Platform Software\Psd.dll - ok

13:30:54.0421 2616 [ C4894B3B448B647BEDC9E916D181BDBE ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchprotocolhost.exe

13:30:54.0421 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchprotocolhost.exe - ok

13:30:54.0421 2616 [ D521DC8065518B2DA4938D329CB43B6B ] C:\Program Files\Infineon\Security Platform Software\IFXTRsUS.dll

13:30:54.0421 2616 C:\Program Files\Infineon\Security Platform Software\IFXTRsUS.dll - ok

13:30:54.0421 2616 [ EF9B6DEA49007AD5895D5511F757DDE1 ] C:\Program Files\Infineon\Security Platform Software\IfxSpURsUS.dll

13:30:54.0421 2616 C:\Program Files\Infineon\Security Platform Software\IfxSpURsUS.dll - ok

13:30:54.0421 2616 [ 4774D83BE60B7F47C612E25D6FE0F010 ] C:\WINDOWS\system32\msshooks.dll

13:30:54.0421 2616 C:\WINDOWS\system32\msshooks.dll - ok

13:30:54.0437 2616 [ 8DCBADA9DBB57CA4BDF99E232DF32048 ] C:\WINDOWS\system32\IfxSpMgt.dll

13:30:54.0437 2616 C:\WINDOWS\system32\IfxSpMgt.dll - ok

13:30:54.0437 2616 [ 6E914EEDD145C5ACCE56F4D5F3D606FC ] C:\WINDOWS\system32\mssph.dll

13:30:54.0437 2616 C:\WINDOWS\system32\mssph.dll - ok

13:30:54.0437 2616 [ D59A7119054D70FC745A1BF9C06DCC65 ] C:\WINDOWS\system32\oeph.dll

13:30:54.0437 2616 C:\WINDOWS\system32\oeph.dll - ok

13:30:54.0437 2616 [ 111E05B004DAE71F5EFD8DE23362AB11 ] C:\Program Files\Protector Suite QL\toshskin.dll

13:30:54.0437 2616 C:\Program Files\Protector Suite QL\toshskin.dll - ok

13:30:54.0437 2616 [ 79ED352549EB6D5B1A454916C37D2E85 ] C:\WINDOWS\system32\UncPH.dll

13:30:54.0437 2616 C:\WINDOWS\system32\UncPH.dll - ok

13:30:54.0453 2616 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll

13:30:54.0453 2616 C:\WINDOWS\system32\ksuser.dll - ok

13:30:54.0453 2616 [ E377649FEEB4AE85028D7B8A862B1831 ] C:\WINDOWS\system32\msfeeds.dll

13:30:54.0453 2616 C:\WINDOWS\system32\msfeeds.dll - ok

13:30:54.0453 2616 [ 70B51E25613F1EEE2572896CF381B0F0 ] C:\WINDOWS\system32\IFXTPMCP.dll

13:30:54.0453 2616 C:\WINDOWS\system32\IFXTPMCP.dll - ok

13:30:54.0453 2616 [ 87889A983C015080FA813D7E32910D1E ] \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchfilterhost.exe

13:30:54.0453 2616 \Device\Harddisk0\DP(1)0x7e00-0x1aea2e4e00+1\WINDOWS\system32\searchfilterhost.exe - ok

13:30:54.0453 2616 [ 49DFDB732E36EDE11B89C4759388EF2C ] C:\Program Files\Protector Suite QL\tpmkey.dll

13:30:54.0453 2616 C:\Program Files\Protector Suite QL\tpmkey.dll - ok

13:30:54.0468 2616 [ 2A1E06EE3A19542F5602AEEC4184CC21 ] C:\Program Files\Infineon\Security Platform Software\IfxTrsMs.dll

13:30:54.0468 2616 C:\Program Files\Infineon\Security Platform Software\IfxTrsMs.dll - ok

13:30:54.0468 2616 [ 9130CCE19B5DB3D2E31F9F789263FC4A ] C:\Program Files\Microsoft CAPICOM 2.1.0.2\Lib\X86\capicom.dll

13:30:54.0468 2616 C:\Program Files\Microsoft CAPICOM 2.1.0.2\Lib\X86\capicom.dll - ok

13:30:54.0468 2616 [ 4D8B6AFE50BAE7BD301967BB38675221 ] C:\WINDOWS\system32\mssign32.dll

13:30:54.0468 2616 C:\WINDOWS\system32\mssign32.dll - ok

13:30:54.0468 2616 [ 20FA028CB6506591A99C51432A3C0174 ] C:\WINDOWS\system32\langwrbk.dll

13:30:54.0468 2616 C:\WINDOWS\system32\langwrbk.dll - ok

13:30:54.0484 2616 [ B6932761058DC21BEAA7A1245B1B20E6 ] C:\WINDOWS\system32\infosoft.dll

13:30:54.0484 2616 C:\WINDOWS\system32\infosoft.dll - ok

13:30:54.0484 2616 ============================================================

13:30:54.0484 2616 Scan finished

13:30:54.0484 2616 ============================================================

13:30:54.0484 3980 Detected object count: 0

13:30:54.0484 3980 Actual detected object count: 0

#21
CompCav

Posted 15 August 2012 - 01:41 PM

Member 5k

Expert
12,454 posts

Download farbar service scanner to your desktop and then run it.

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply

Is the computer still performing well? Any issues?

#22
Triskelion

Posted 15 August 2012 - 01:45 PM

Member

Topic Starter
Member
663 posts

FFS.txt Log:

Farbar Service Scanner Version: 06-08-2012
Ran by rhan125205 (administrator) on 15-08-2012 at 13:43:13
Running from "C:\Documents and Settings\rhan125205\Local Settings\Temporary Internet Files\Content.IE5\EA3HONN9"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2012-08-09 11:08] - [2008-10-16 09:07] - 0138496 ____A (Microsoft Corporation) 38D7B715504DA4741DF35E3594FE2099

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) Tcpip(3)
0x0A000000040000000100000002000000030000000A0000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

Update:

Computer is doing noticably better. I can actually perform these steps on the infected computer rather than transfering programs and logs back and forth on a flash drive.

#23
CompCav

Posted 15 August 2012 - 02:18 PM

Member 5k

Expert
12,454 posts

Please download the attached registry fix file BITs.reg and save it to your desktop.

BITS.reg 4.54KB 184 downloads
Then right click on the file and select merge, accept any warnings and let it complete.

Reboot your computer and rerun Farbar Services Scanner and post the new log (FSS.txt) for me.

#24
Triskelion

Posted 15 August 2012 - 02:28 PM

Member

Topic Starter
Member
663 posts

New FSS.txt Log

Farbar Service Scanner Version: 06-08-2012
Ran by rhan125205 (administrator) on 15-08-2012 at 14:27:43
Running from "C:\Documents and Settings\rhan125205\Local Settings\Temporary Internet Files\Content.IE5\9PQPSEGL"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2012-08-09 11:08] - [2008-10-16 09:07] - 0138496 ____A (Microsoft Corporation) 38D7B715504DA4741DF35E3594FE2099

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) Tcpip(3)
0x0A000000040000000100000002000000030000000A0000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

#25
CompCav

Posted 15 August 2012 - 02:58 PM

Member 5k

Expert
12,454 posts

Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

Select the option YES, I accept the Terms of Use then click on:
When prompted allow Add-On/Active X to install.
Make sure that the option Scan archives is checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Now click on:
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close, make sure you copy the logfile first!
Now click on:
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 4.

Please post:

mbam log
eset log
security check log

Please give me an update on how your computer is doing!

#26
Triskelion

Posted 16 August 2012 - 11:19 AM

Member

Topic Starter
Member
663 posts

Hello CompCav;
Here are the logs you asked for...

MBAM:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
rhan125205 :: A101062 [administrator]

Protection: Disabled

2012-08-15 3:22:15 PM
mbam-log-2012-08-15 (15-22-15).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254197
Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Detected: 1
C:\Program Files\Common Files\WMT\WMTFormatConversion.exe (Trojan.Agent.SZ) -> 1036 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WMTFormatConversion (Trojan.Agent.SZ) -> Data: "C:\Program Files\Common Files\WMT\WMTFormatConversion.exe" /u -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files\Common Files\WMT\WMTFormatConversion.exe (Trojan.Agent.SZ) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\F4D55F3E000435DB0002FB71D151FC4E\F4D55F3E000435DB0002FB71D151FC4E.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

ESET:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=220a0759f3f86e4784b55470a66fb992
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-15 10:00:06
# local_time=2012-08-15 04:00:06 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=10396
# found=0
# cleaned=0
# scan_time=689
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=220a0759f3f86e4784b55470a66fb992
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-16 12:07:37
# local_time=2012-08-15 06:07:37 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=189516
# found=31
# cleaned=31
# scan_time=7607
C:\Documents and Settings\NetworkService\Local Settings\Application Data\WMEncSourcePluginWrapper\WMEncSourcePluginWrapper.exe Win32/Wapprox.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\[email protected] Win32/Conedex.E trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\[email protected] a variant of Win32/Sirefef.FA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\[email protected] a variant of Win32/Sirefef.FD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\F4D55F3E000435DB0002FB71D151FC4E.exe.vir a variant of Win32/Kryptik.AGCY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\n.vir a variant of Win32/Kryptik.AFWA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\pcusxg.exe.vir a variant of Win32/Kryptik.AHAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\Protector-xcvg.exe.vir Win32/Adware.WintionalityChecker.AD application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\sadtxy.dll.vir a variant of Win32/Medfos.AJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\WMEncSourcePluginWrapper.exe.vir Win32/Wapprox.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\Desktop\RK_Quarantine\YJf1hUh3.exe.vir a variant of Win32/Kryptik.AEVI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\My Documents\registryfix.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\rhan125205\My Documents\Calgary North\Setup.exe probably a variant of Win32/Adware.180Solutions application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\WMEncSourcePluginWrapper\WMEncSourcePluginWrapper.exe Win32/Wapprox.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\hamachi.dll.vir Win32/Sirefef.ER trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\afd.sys.vir Win32/Sirefef.DA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\All Users\Application Data\YJf1hUh3.exe a variant of Win32/Kryptik.AEVI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\NetworkService\Local Settings\Application Data\hwgqca.exe a variant of Win32/Kryptik.AHBJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\NetworkService\Local Settings\Application Data\mmrdfdqrw.exe a variant of Win32/Kryptik.AGCY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\NetworkService\Local Settings\Application Data\pcusxg.exe a variant of Win32/Kryptik.AHAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\NetworkService\Local Settings\Application Data\xromnop.dll a variant of Win32/TrojanProxy.Agent.NIR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\rhan125205\Application Data\Protector-xcvg.exe Win32/Adware.WintionalityChecker.AD application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_Documents and Settings\rhan125205\Local Settings\Application Data\pndxxi.exe a variant of Win32/Kryptik.AGCY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_WINDOWS\system32\fastsrch.dll a variant of Win32/Injector.PKW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\08082012_225951\C_WINDOWS\system32\krnlstat.dll Win32/PSW.Papras.CE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

SecCheck:

Results of screen317's Security Check version 0.99.44
Windows XP Service Pack 3 x86
Internet Explorer 4 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 23
Java™ SE Runtime Environment 6
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader X (10.1.4)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
ESET ESET Online Scanner OnlineCmdLineScanner.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 20% Defragment your hard drive soon!
````````````````````End of Log``````````````````````

UPDATE:

Things still seem to be humming along. There is a noticable improvement in performance and even some speed improvement.
You're doing a great job!

#27
CompCav

Posted 16 August 2012 - 11:38 AM

Member 5k

Expert
12,454 posts

Things still seem to be humming along. There is a noticable improvement in performance and even some speed improvement.
You're doing a great job!

Thanks we aim to please :thumbsup:

Now we have some updates and maintenance to do.

Step 1.

Clear the Java Cache by following the instructions here

Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Step 3.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Step 4.

Now we need to update Internet explorer to 8.0

Plase go to windows update:

Click Start >> Windows Update click Check for updates >> Check for updates

Select and install any updates a few at a time, including IE 8.0, (You may need to install IE 7.0 first) that you have that are critical, important, and recommended. Even if you do not use Internet Explorer it is an integral part for Windows and needs to be kept current for security purposes.

You may have to reboot several times but this is an important step in maintaining your security.

Once this is complete make sure you setup automatic updates using instructions found here

Step 5.

Open Disk Defragmenter by clicking the Start button

Click All Programs
Click Accessories
Click System Tools
Click Disk Defragmenter (Highlight C:)
Click Analyze

[*]Click Defragment [/list]

Step 6.

Please confirm you have completed the updates and defrag and give me an update on current computer operational issues.

#28
Triskelion

Posted 16 August 2012 - 11:49 AM

Member

Topic Starter
Member
663 posts

Which Java RE do I want?

Windows x86 Online
Windows x86 Offline
Windows x64

.. Figured it out

Edited by Triskelion, 16 August 2012 - 12:25 PM.

#29
CompCav

Posted 17 August 2012 - 01:55 PM

Member 5k

Expert
12,454 posts

What issues remain?

#30
Triskelion

Posted 23 August 2012 - 11:53 AM

Member

Topic Starter
Member
663 posts

Sorry CompCav. I was away for a bit.
Performed all the steps and it appears everything is good now with the laptop.

No apparent issues to report.
My friend is going to have a look at it tonight and let me know if he is still having any problems.
I will report back to you tomorrow.