Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win64/sirefef A and AO detected [Solved]


  • This topic is locked This topic is locked

#1
TessSteckleXam

TessSteckleXam

    Member

  • Member
  • PipPip
  • 11 posts
Hello and thank you in advance for any help given.
About a month ago I started getting IE pop-ups on my desktop while my computer was idle. Since I never use IE as my browser and only use Mozilla Firefox, I downloaded Avast and it detected various viruses including Win64/ Sirefef[A] and [AO]. Avast wasn't able to delete Sirefef and every 5 minutes it would state that Sirefef was detected in my recycler folder and stopped. I downloaded and used TDSSKILLER and it was able to get find things that Avast missed but still I'm infected with Sirefef. My firewall and automatic updates have been disabled and I'm getting pop-ups on websites that I've never had a problem with. I uninstalled Avast and installed Webroot Secure Anywhere which states that OTL.exe is infected and won't allow me to run it. Help!
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello TessSteckleXam and welcome to my office here at G2G! Posted Image

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Please disable or uninstall Webroot Secure Anywhere because it mess with our fixes. After we finish with the cleaning you can enable it again.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.

Step 4

Please don't forget to include these items in your reply:

  • OTL log
  • OTL Extras log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ComboFix 12-10-03.03 - Quest 10/03/2012 21:44:40.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1527.1074 [GMT -4:00]
Running from: c:\documents and settings\Quest\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Quest\Start Menu\Programs\Startup\3RVX.lnk
.
.
((((((((((((((((((((((((( Files Created from 2012-09-04 to 2012-10-04 )))))))))))))))))))))))))))))))
.
.
2012-10-04 01:24 . 2012-10-04 01:24 7021336 ----a-w- c:\documents and settings\Administrator\Application Data\wruninstall.exe
2012-10-03 03:13 . 2012-10-04 01:26 -------- d-----w- c:\documents and settings\Quest\Local Settings\Application Data\Webroot
2012-10-02 22:55 . 2012-10-04 01:24 -------- d-----w- c:\documents and settings\All Users\Application Data\WRData
2012-09-10 23:04 . 2012-09-10 23:04 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Avg2013
2012-09-10 22:58 . 2012-09-10 22:58 -------- d-----w- c:\documents and settings\Quest\Local Settings\Application Data\MFAData
2012-09-10 22:58 . 2012-09-10 22:58 -------- d-----w- c:\documents and settings\Quest\Local Settings\Application Data\Avg2013
2012-09-10 22:53 . 2012-09-10 22:53 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-09-10 22:53 . 2012-09-11 01:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-09-10 22:53 . 2012-09-10 22:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\MFAData
2012-09-10 22:53 . 2012-09-10 22:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Avg2013
2012-09-10 22:50 . 2012-09-10 22:50 -------- d-----w- c:\program files\Common Files\Java
2012-09-10 22:50 . 2012-09-10 22:49 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-10 22:50 . 2012-09-10 22:49 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-10 22:49 . 2012-09-10 22:49 -------- d-----w- c:\program files\Java
2012-09-10 09:06 . 2012-09-10 09:06 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-10 02:27 . 2012-09-10 02:27 -------- d-----w- c:\program files\AVAST Software
2012-09-10 02:27 . 2012-09-10 02:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-09-08 13:38 . 2012-09-08 13:38 -------- d-s---w- c:\documents and settings\Quest\UserData
2012-09-08 02:07 . 2012-09-08 02:07 -------- d--h--w- c:\windows\PIF
2012-09-07 07:31 . 2012-09-12 06:16 -------- d-s---w- c:\documents and settings\LocalService\UserData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 13:38 . 2012-07-30 03:06 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-21 13:38 . 2012-07-11 08:27 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-10 22:49 . 2012-07-11 07:40 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-10 22:49 . 2012-07-11 07:40 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 18:44 . 2012-05-30 21:33 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[-] 2004-08-12 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\asyncmac.sys
[-] 2004-08-12 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2004-08-12 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2004-08-12 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-12 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\kbdclass.sys
[-] 2004-08-12 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ndis.sys
[-] 2004-08-12 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
[-] 2004-08-12 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntfs.sys
[-] 2004-08-12 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2004-08-12 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2004-08-12 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2004-08-12 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\browser.dll
[-] 2004-08-12 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2004-08-12 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lsass.exe
[-] 2004-08-12 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2004-08-12 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netman.dll
[-] 2004-08-12 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll
[-] 2004-08-12 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\comres.dll
[-] 2004-08-12 13:56 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[-] 2004-08-12 13:56 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\qmgr.dll
[-] 2004-08-12 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2004-08-12 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\spoolsv.exe
[-] 2004-08-12 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
[-] 2004-08-12 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\spoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
[-] 2004-08-12 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2004-08-12 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipsec.sys
[-] 2004-08-12 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2004-08-12 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\comctl32.dll
[-] 2004-08-12 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2004-08-12 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2004-08-12 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-12 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
[-] 2004-08-12 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-12 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\imm32.dll
[-] 2004-08-12 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2004-08-12 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\linkinfo.dll
[-] 2004-08-12 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-12 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lpk.dll
[-] 2004-08-12 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2004-08-12 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msvcrt.dll
[-] 2004-08-12 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-12 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2004-08-12 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-12 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[7] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[7] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[-] 2004-08-12 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[-] 2004-08-12 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\powrprof.dll
[-] 2004-08-12 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2004-08-12 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[-] 2004-08-12 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2004-08-12 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sfc.dll
[-] 2004-08-12 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2004-08-12 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[-] 2004-08-12 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2004-08-12 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tapisrv.dll
[-] 2004-08-12 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-12 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\user32.dll
[-] 2004-08-12 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
[-] 2004-08-12 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[-] 2004-08-12 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2004-08-12 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2_32.dll
[-] 2004-08-12 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-12 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2help.dll
[-] 2004-08-12 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[-] 2004-08-12 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[-] 2004-08-12 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-12 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\regedit.exe
[-] 2004-08-12 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\regedit.exe
[-] 2004-08-12 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ole32.dll
[-] 2004-08-12 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\system32\ole32.dll
[-] 2004-08-12 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ole32.dll
.
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\usp10.dll
[-] 2004-08-12 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
[-] 2004-08-12 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\dllcache\usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll
[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ctfmon.exe
[-] 2004-08-12 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-12 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\shsvcs.dll
[-] 2004-08-12 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
[-] 2004-08-12 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
.
[-] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msimg32.dll
[-] 2004-08-12 . B5331F2B6F37C66C29C847F3B94FF900 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\msimg32.dll
[-] 2004-08-12 . B5331F2B6F37C66C29C847F3B94FF900 . 4608 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msimg32.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wscntfy.exe
[-] 2004-08-12 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-12 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\xmlprov.dll
[-] 2004-08-12 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-12 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msctfime.ime
[-] 2004-08-12 . D87041EAA67ECA4394F6D5D09C0C2885 . 177152 . . [5.1.2600.2180] . . c:\windows\system32\MSCTFIME.IME
[-] 2004-08-12 . D87041EAA67ECA4394F6D5D09C0C2885 . 177152 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[-] 2004-08-12 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2004-08-12 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sfcfiles.dll
[-] 2004-08-12 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-12 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipsec.sys
[-] 2004-08-12 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2004-08-12 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\regsvc.dll
[-] 2004-08-12 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2004-08-12 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\schedsvc.dll
[-] 2004-08-12 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-12 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ssdpsrv.dll
[-] 2004-08-12 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-12 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\termsrv.dll
[-] 2004-08-12 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[-] 2004-08-12 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hnetcfg.dll
[-] 2004-08-12 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-12 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2004-08-12 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\aec.sys
[-] 2004-08-04 02:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\dllcache\aec.sys
[-] 2004-08-04 02:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ip6fw.sys
[-] 2004-08-12 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2004-08-12 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\mfc40u.dll
[-] 2004-08-12 13:59 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
[-] 2004-08-12 13:59 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msgsvc.dll
[-] 2004-08-12 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-12 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ntmssvc.dll
[-] 2004-08-12 14:02 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-12 14:02 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\upnphost.dll
[-] 2004-08-12 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
[-] 2004-08-12 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dsound.dll
[-] 2004-08-12 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[-] 2004-08-12 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\d3d9.dll
[-] 2004-08-12 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[-] 2004-08-12 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ddraw.dll
[-] 2004-08-12 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[-] 2004-08-12 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\olepro32.dll
[-] 2004-08-12 14:03 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[-] 2004-08-12 14:03 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\perfctrs.dll
[-] 2004-08-12 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-12 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\version.dll
[-] 2004-08-12 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
[-] 2004-08-12 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 55794B97A7FAABD2910873C85274F409 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\iexplore.exe
[-] 2004-08-12 . E7484514C0464642BE7B4DC2689354C8 . 93184 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\iexplore.exe
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\w32time.dll
[-] 2004-08-12 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
[-] 2004-08-12 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wiaservc.dll
[-] 2004-08-12 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-12 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\midimap.dll
[-] 2004-08-12 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll
[-] 2004-08-12 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\rasadhlp.dll
[-] 2004-08-12 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-12 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wshtcpip.dll
[-] 2004-08-12 . A7F95A53EE055115DF03588997A47D4D . 19968 . . [5.1.2600.2180] . . c:\windows\system32\wshtcpip.dll
[-] 2004-08-12 . A7F95A53EE055115DF03588997A47D4D . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SAOB Monitor"="c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536448]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-06 5542168]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-06 390728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Uninstall Webroot RunOnce.lnk - c:\documents and settings\Administrator\Application Data\wruninstall.exe [2012-10-3 7021336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-11-13 05:24 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-04 05:06 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 13:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [1/17/2011 5:41 PM 752128]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys --> c:\windows\system32\drivers\WRkrn.sys [?]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [1/17/2011 5:41 PM 3246040]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [1/17/2011 5:41 PM 167968]
S2 WRSVC;WRSVC;"c:\program files\Webroot\WRSA.exe" -service --> c:\program files\Webroot\WRSA.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7/29/2012 11:06 PM 250288]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/30/2012 5:33 PM 114144]
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 13:38]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Quest\Application Data\Mozilla\Firefox\Profiles\092ecsk5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
.
------- File Associations -------
.
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-34194849.sys
MSConfigStartUp-asgdif - c:\program files\uninstall information\gdifi.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-03 21:50
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\|.|w*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
Completion time: 2012-10-03 21:52:20
ComboFix-quarantined-files.txt 2012-10-04 01:52
.
Pre-Run: 3,881,099,264 bytes free
Post-Run: 4,386,856,960 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DE4C46824DF5940250627BC7E59F9378
  • 0

#4
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
OTL logfile created on: 10/3/2012 10:04:30 PM - Run 3
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Documents and Settings\Quest\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.49 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 72.27% Memory free
3.35 Gb Paging File | 3.18 Gb Available in Paging File | 95.01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 4.11 Gb Free Space | 11.03% Space Free | Partition Type: NTFS
Drive D: | 586.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: IBM_STUDIO_PC | User Name: Quest | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/03 22:00:31 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Quest\Desktop\OTL.exe
PRC - [2012/09/10 18:49:45 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/01/17 17:41:23 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010/12/06 05:56:42 | 000,390,728 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010/12/06 05:56:38 | 000,804,528 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010/12/06 05:55:24 | 005,542,168 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010/11/16 04:52:28 | 002,536,448 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2008/10/13 23:44:44 | 000,159,232 | ---- | M] (matt.malensek.net) -- C:\Program Files\3RVX\3RVX.exe
PRC - [2004/08/12 09:57:20 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/03/02 04:16:58 | 000,114,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WaveLibMixer\3cac7b4f7d01bb8161aff071a7b8a032\WaveLibMixer.ni.dll
MOD - [2011/03/02 04:16:58 | 000,058,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreAudioApi\6a23d4f56f98cb6ebc8e37cd023ad140\CoreAudioApi.ni.dll
MOD - [2011/03/02 04:16:57 | 000,189,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MHook\433167efebc51acafa2f2a23735862c9\MHook.ni.dll
MOD - [2011/03/02 04:16:51 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2011/03/02 04:16:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\3RVX\f90d59b43abb04fe94d29e2567d49fa2\3RVX.ni.exe
MOD - [2011/03/02 04:16:48 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
MOD - [2011/03/02 04:14:41 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2011/03/02 04:14:34 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2011/03/02 04:14:17 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2011/03/02 04:12:46 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2011/03/02 04:12:30 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/21 09:38:15 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/10 18:49:45 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/07 14:44:03 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/01/17 17:41:23 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/12/06 05:56:38 | 000,804,528 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Running] -- System32\drivers\WRkrn.sys -- (WRkrn)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Quest\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2011/01/17 17:41:25 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2011/01/17 17:41:18 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm273.sys -- (tdrpman273)
DRV - [2011/01/17 17:41:16 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011/01/17 17:41:10 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.5.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 14:44:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/09/28 19:34:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Quest\Application Data\Mozilla\Extensions
[2012/10/03 21:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Quest\Application Data\Mozilla\Firefox\Profiles\092ecsk5.default\extensions
[2012/10/02 18:56:29 | 000,000,000 | ---D | M] (Webroot) -- C:\Documents and Settings\Quest\Application Data\Mozilla\Firefox\Profiles\092ecsk5.default\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}_deleted
[2012/07/17 23:27:48 | 000,000,000 | ---D | M] (We-Care Reminder) -- C:\Documents and Settings\Quest\Application Data\Mozilla\Firefox\Profiles\092ecsk5.default\extensions\[email protected]
[2012/05/30 17:33:36 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Quest\Application Data\Mozilla\Firefox\Profiles\092ecsk5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/05/30 17:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/07 14:44:04 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/30 18:09:29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/30 18:09:29 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/10/03 21:50:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Webroot Browser Helper Object) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll File not found
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll File not found
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Documents and Settings\All Users\Application Data\WRData\pkg\LPBar.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38CAD71C-B9C0-4B77-A99B-A15C6585D09D}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Quest\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Quest\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/28 18:14:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/02/28 08:00:00 | 000,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/03 22:00:30 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Quest\Desktop\OTL.exe
[2012/10/03 21:42:44 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/10/03 21:40:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/10/03 21:40:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/10/03 21:40:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/10/03 21:40:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/10/03 21:40:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Quest\My Documents\My Videos
[2012/10/03 21:40:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/10/03 21:40:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Quest\Start Menu\Programs\Administrative Tools
[2012/10/03 21:40:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/03 21:39:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/10/03 21:38:37 | 004,761,955 | R--- | C] (Swearware) -- C:\Documents and Settings\Quest\Desktop\ComboFix.exe
[2012/10/02 23:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Quest\Local Settings\Application Data\Webroot
[2012/10/02 18:55:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WRData
[2012/09/10 18:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Quest\Local Settings\Application Data\MFAData
[2012/09/10 18:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Quest\Local Settings\Application Data\Avg2013
[2012/09/10 18:53:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/09/10 18:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/09/10 18:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/10 18:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/09/10 05:06:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/09/09 22:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/09 22:27:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/09/08 09:38:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Quest\UserData
[2012/09/07 22:07:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012/09/07 02:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/09/07 02:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/03 22:00:31 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Quest\Desktop\OTL.exe
[2012/10/03 21:50:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/10/03 21:42:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/10/03 21:38:40 | 004,761,955 | R--- | M] (Swearware) -- C:\Documents and Settings\Quest\Desktop\ComboFix.exe
[2012/10/03 21:38:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/10/03 07:03:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/02 22:01:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/02 19:12:00 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/02 18:42:58 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/09/17 03:07:04 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Quest\My Documents\MBR.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/03 21:42:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/10/03 21:42:47 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/10/03 21:40:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/03 21:40:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/03 21:40:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/03 21:40:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/03 21:40:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/17 03:07:04 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Quest\My Documents\MBR.dat
[2012/07/29 23:01:07 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/07/29 23:00:57 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2011/10/17 19:23:01 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Quest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/09 16:05:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== ZeroAccess Check ==========

[2010/10/03 15:45:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/04/16 11:36:48 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 06:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/12 10:08:54 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/01/17 17:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2012/09/09 22:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/09/10 18:53:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/08/23 00:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/09/10 21:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/02 21:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/10/03 21:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WRData
[2011/11/23 23:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/17 17:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Acronis
[2012/07/30 04:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Big Fish Games
[2010/12/20 20:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Macro Recorder
[2011/12/02 21:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\OpenCandy
[2012/07/11 03:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Oracle
[2012/07/30 06:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Specialbit
[2012/07/30 04:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Quest\Application Data\Vogat Interactive

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004/08/12 09:57:20 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/12 09:57:20 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/02/06 07:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 20:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\erdnt\cache\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 13:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\system32\services.exe
[2009/02/06 06:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2004/08/12 10:05:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2004/08/12 10:06:49 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/12 10:06:49 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/12 10:08:07 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/12 10:08:07 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/12 10:09:30 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/12 10:09:30 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe

< %systemroot%\*. /mp /s >

< End of report >
  • 0

#5
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I'd like to thank you for working on my computer issues. I followed your instructions but I came across a few problems. 1 the combofix instructed me to download a system restore console and although you didn't mention it I accepted the request so that it would continue. 2 the OTL didn't produce an Xtra log file. So I don't screw this up any further I will await your instruction.
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi TessSteckleXam,

You did it all right. Please delete your version of TDSSKiller and to download new version as described in Step 1

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post aswMBR.txt in your next reply
  • Also, aswMBR will save additional file named MBR.dat. Attach it to your next reply
Step 3

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
Step 4


Please don't forget to include these items in your reply:


  • TDSSKiller log
  • aswMBR log
  • FSS log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#7
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
14:07:35.0828 2584 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:07:36.0125 2584 ============================================================
14:07:36.0125 2584 Current date / time: 2012/10/04 14:07:36.0125
14:07:36.0125 2584 SystemInfo:
14:07:36.0125 2584
14:07:36.0125 2584 OS Version: 5.1.2600 ServicePack: 2.0
14:07:36.0125 2584 Product type: Workstation
14:07:36.0125 2584 ComputerName: IBM_STUDIO_PC
14:07:36.0125 2584 UserName: Quest
14:07:36.0125 2584 Windows directory: C:\WINDOWS
14:07:36.0125 2584 System windows directory: C:\WINDOWS
14:07:36.0125 2584 Processor architecture: Intel x86
14:07:36.0125 2584 Number of processors: 2
14:07:36.0125 2584 Page size: 0x1000
14:07:36.0125 2584 Boot type: Normal boot
14:07:36.0125 2584 ============================================================
14:07:37.0703 2584 Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:07:37.0703 2584 ============================================================
14:07:37.0703 2584 \Device\Harddisk0\DR0:
14:07:37.0703 2584 MBR partitions:
14:07:37.0703 2584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
14:07:37.0703 2584 ============================================================
14:07:37.0734 2584 C: <-> \Device\Harddisk0\DR0\Partition1
14:07:37.0734 2584 ============================================================
14:07:37.0734 2584 Initialize success
14:07:37.0734 2584 ============================================================
14:09:25.0640 3284 Deinitialize success
  • 0

#8
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
14:11:35.0078 0532 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:11:35.0437 0532 ============================================================
14:11:35.0437 0532 Current date / time: 2012/10/04 14:11:35.0437
14:11:35.0437 0532 SystemInfo:
14:11:35.0437 0532
14:11:35.0437 0532 OS Version: 5.1.2600 ServicePack: 2.0
14:11:35.0437 0532 Product type: Workstation
14:11:35.0437 0532 ComputerName: IBM_STUDIO_PC
14:11:35.0437 0532 UserName: Quest
14:11:35.0437 0532 Windows directory: C:\WINDOWS
14:11:35.0437 0532 System windows directory: C:\WINDOWS
14:11:35.0437 0532 Processor architecture: Intel x86
14:11:35.0437 0532 Number of processors: 2
14:11:35.0437 0532 Page size: 0x1000
14:11:35.0437 0532 Boot type: Normal boot
14:11:35.0437 0532 ============================================================
14:11:43.0921 0532 BG loaded
14:11:45.0640 0532 Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:11:45.0734 0532 ============================================================
14:11:45.0734 0532 \Device\Harddisk0\DR0:
14:11:45.0796 0532 MBR partitions:
14:11:45.0796 0532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
14:11:45.0796 0532 ============================================================
14:11:46.0750 0532 C: <-> \Device\Harddisk0\DR0\Partition1
14:11:46.0750 0532 ============================================================
14:11:46.0750 0532 Initialize success
14:11:46.0750 0532 ============================================================
14:13:40.0968 2548 ============================================================
14:13:40.0968 2548 Scan started
14:13:40.0968 2548 Mode: Manual; SigCheck; TDLFS;
14:13:40.0968 2548 ============================================================
14:13:41.0078 2548 ================ Scan system memory ========================
14:13:41.0078 2548 System memory - ok
14:13:41.0078 2548 ================ Scan services =============================
14:13:41.0234 2548 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
14:13:41.0406 2548 Aavmker4 - ok
14:13:41.0437 2548 Abiosdsk - ok
14:13:41.0468 2548 abp480n5 - ok
14:13:41.0531 2548 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:13:42.0250 2548 ACPI ( UnsignedFile.Multi.Generic ) - warning
14:13:42.0265 2548 ACPI - detected UnsignedFile.Multi.Generic (1)
14:13:42.0312 2548 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:13:42.0359 2548 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
14:13:42.0359 2548 ACPIEC - detected UnsignedFile.Multi.Generic (1)
14:13:42.0500 2548 [ CD89FBA8CC72646D00DAF0EE89C27514 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
14:13:42.0531 2548 AcrSch2Svc - ok
14:13:42.0578 2548 [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:13:42.0625 2548 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
14:13:42.0625 2548 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
14:13:42.0703 2548 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:13:42.0718 2548 AdobeFlashPlayerUpdateSvc - ok
14:13:42.0734 2548 adpu160m - ok
14:13:42.0812 2548 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:13:42.0828 2548 aec ( UnsignedFile.Multi.Generic ) - warning
14:13:42.0828 2548 aec - detected UnsignedFile.Multi.Generic (1)
14:13:42.0890 2548 [ 53696AD8FFC5FAC51949A525FF65A689 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
14:13:42.0906 2548 afcdp - ok
14:13:43.0078 2548 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
14:13:43.0187 2548 afcdpsrv - ok
14:13:43.0250 2548 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:13:43.0468 2548 AFD - ok
14:13:43.0500 2548 Aha154x - ok
14:13:43.0531 2548 aic78u2 - ok
14:13:43.0562 2548 aic78xx - ok
14:13:43.0609 2548 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:13:43.0625 2548 Alerter ( UnsignedFile.Multi.Generic ) - warning
14:13:43.0625 2548 Alerter - detected UnsignedFile.Multi.Generic (1)
14:13:43.0671 2548 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
14:13:43.0687 2548 ALG ( UnsignedFile.Multi.Generic ) - warning
14:13:43.0687 2548 ALG - detected UnsignedFile.Multi.Generic (1)
14:13:43.0703 2548 AliIde - ok
14:13:43.0734 2548 amsint - ok
14:13:43.0812 2548 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:13:43.0828 2548 Apple Mobile Device - ok
14:13:43.0843 2548 AppMgmt - ok
14:13:43.0875 2548 asc - ok
14:13:43.0906 2548 asc3350p - ok
14:13:43.0937 2548 asc3550 - ok
14:13:44.0078 2548 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:13:44.0125 2548 aspnet_state - ok
14:13:44.0156 2548 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:13:44.0171 2548 aswFsBlk - ok
14:13:44.0187 2548 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
14:13:44.0218 2548 aswMon2 - ok
14:13:44.0250 2548 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
14:13:44.0265 2548 AswRdr - ok
14:13:44.0359 2548 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
14:13:44.0390 2548 aswSnx - ok
14:13:44.0453 2548 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
14:13:44.0484 2548 aswSP - ok
14:13:44.0515 2548 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
14:13:44.0531 2548 aswTdi - ok
14:13:44.0578 2548 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:13:44.0593 2548 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
14:13:44.0593 2548 AsyncMac - detected UnsignedFile.Multi.Generic (1)
14:13:44.0640 2548 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:13:44.0671 2548 atapi ( UnsignedFile.Multi.Generic ) - warning
14:13:44.0671 2548 atapi - detected UnsignedFile.Multi.Generic (1)
14:13:44.0687 2548 Atdisk - ok
14:13:44.0750 2548 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:13:44.0765 2548 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
14:13:44.0765 2548 Atmarpc - detected UnsignedFile.Multi.Generic (1)
14:13:44.0812 2548 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:13:44.0828 2548 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
14:13:44.0828 2548 AudioSrv - detected UnsignedFile.Multi.Generic (1)
14:13:44.0875 2548 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:13:44.0890 2548 audstub ( UnsignedFile.Multi.Generic ) - warning
14:13:44.0890 2548 audstub - detected UnsignedFile.Multi.Generic (1)
14:13:44.0937 2548 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:13:44.0953 2548 avast! Antivirus - ok
14:13:45.0062 2548 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:13:45.0093 2548 Beep ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0093 2548 Beep - detected UnsignedFile.Multi.Generic (1)
14:13:45.0156 2548 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:13:45.0171 2548 Bonjour Service - ok
14:13:45.0218 2548 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
14:13:45.0250 2548 Browser ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0250 2548 Browser - detected UnsignedFile.Multi.Generic (1)
14:13:45.0296 2548 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:13:45.0312 2548 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0312 2548 cbidf2k - detected UnsignedFile.Multi.Generic (1)
14:13:45.0328 2548 cd20xrnt - ok
14:13:45.0390 2548 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:13:45.0390 2548 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0390 2548 Cdaudio - detected UnsignedFile.Multi.Generic (1)
14:13:45.0437 2548 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:13:45.0468 2548 Cdfs ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0468 2548 Cdfs - detected UnsignedFile.Multi.Generic (1)
14:13:45.0515 2548 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:13:45.0546 2548 Cdrom ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0546 2548 Cdrom - detected UnsignedFile.Multi.Generic (1)
14:13:45.0562 2548 Changer - ok
14:13:45.0609 2548 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:13:45.0640 2548 CiSvc ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0640 2548 CiSvc - detected UnsignedFile.Multi.Generic (1)
14:13:45.0671 2548 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:13:45.0671 2548 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
14:13:45.0671 2548 ClipSrv - detected UnsignedFile.Multi.Generic (1)
14:13:45.0718 2548 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:45.0812 2548 clr_optimization_v2.0.50727_32 - ok
14:13:45.0828 2548 CmdIde - ok
14:13:45.0859 2548 COMSysApp - ok
14:13:45.0921 2548 Cpqarray - ok
14:13:45.0984 2548 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:13:46.0015 2548 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
14:13:46.0015 2548 CryptSvc - detected UnsignedFile.Multi.Generic (1)
14:13:46.0031 2548 dac2w2k - ok
14:13:46.0062 2548 dac960nt - ok
14:13:46.0140 2548 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:13:46.0890 2548 DcomLaunch - ok
14:13:46.0937 2548 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:13:46.0984 2548 Dhcp ( UnsignedFile.Multi.Generic ) - warning
14:13:46.0984 2548 Dhcp - detected UnsignedFile.Multi.Generic (1)
14:13:47.0031 2548 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:13:47.0046 2548 Disk ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0046 2548 Disk - detected UnsignedFile.Multi.Generic (1)
14:13:47.0062 2548 dmadmin - ok
14:13:47.0140 2548 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:13:47.0218 2548 dmboot ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0218 2548 dmboot - detected UnsignedFile.Multi.Generic (1)
14:13:47.0265 2548 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:13:47.0281 2548 dmio ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0281 2548 dmio - detected UnsignedFile.Multi.Generic (1)
14:13:47.0312 2548 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:13:47.0343 2548 dmload ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0343 2548 dmload - detected UnsignedFile.Multi.Generic (1)
14:13:47.0375 2548 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
14:13:47.0406 2548 dmserver ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0406 2548 dmserver - detected UnsignedFile.Multi.Generic (1)
14:13:47.0453 2548 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:13:47.0468 2548 DMusic ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0468 2548 DMusic - detected UnsignedFile.Multi.Generic (1)
14:13:47.0515 2548 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:13:47.0546 2548 Dnscache ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0546 2548 Dnscache - detected UnsignedFile.Multi.Generic (1)
14:13:47.0562 2548 dpti2o - ok
14:13:47.0609 2548 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:13:47.0640 2548 drmkaud ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0640 2548 drmkaud - detected UnsignedFile.Multi.Generic (1)
14:13:47.0687 2548 [ C42009E37E377AE55968768E521E05C3 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
14:13:47.0718 2548 E1000 - ok
14:13:47.0765 2548 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:13:47.0781 2548 ERSvc ( UnsignedFile.Multi.Generic ) - warning
14:13:47.0781 2548 ERSvc - detected UnsignedFile.Multi.Generic (1)
14:13:47.0828 2548 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
14:13:47.0890 2548 Eventlog - ok
14:13:47.0953 2548 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
14:13:48.0015 2548 EventSystem - ok
14:13:48.0078 2548 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:13:48.0093 2548 Fastfat ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0093 2548 Fastfat - detected UnsignedFile.Multi.Generic (1)
14:13:48.0156 2548 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:13:48.0187 2548 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0187 2548 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
14:13:48.0218 2548 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:13:48.0250 2548 Fdc ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0250 2548 Fdc - detected UnsignedFile.Multi.Generic (1)
14:13:48.0296 2548 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:13:48.0343 2548 Fips ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0343 2548 Fips - detected UnsignedFile.Multi.Generic (1)
14:13:48.0390 2548 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:13:48.0406 2548 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0406 2548 Flpydisk - detected UnsignedFile.Multi.Generic (1)
14:13:48.0453 2548 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:13:48.0500 2548 FltMgr ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0500 2548 FltMgr - detected UnsignedFile.Multi.Generic (1)
14:13:48.0578 2548 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:13:48.0593 2548 FontCache3.0.0.0 - ok
14:13:48.0625 2548 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:13:48.0640 2548 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0640 2548 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
14:13:48.0703 2548 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:13:48.0734 2548 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0734 2548 Ftdisk - detected UnsignedFile.Multi.Generic (1)
14:13:48.0781 2548 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:13:48.0781 2548 GEARAspiWDM - ok
14:13:48.0843 2548 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:13:48.0875 2548 Gpc ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0875 2548 Gpc - detected UnsignedFile.Multi.Generic (1)
14:13:48.0984 2548 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:13:48.0984 2548 helpsvc ( UnsignedFile.Multi.Generic ) - warning
14:13:48.0984 2548 helpsvc - detected UnsignedFile.Multi.Generic (1)
14:13:49.0046 2548 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:13:49.0078 2548 HidServ ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0078 2548 HidServ - detected UnsignedFile.Multi.Generic (1)
14:13:49.0109 2548 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:13:49.0125 2548 hidusb ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0125 2548 hidusb - detected UnsignedFile.Multi.Generic (1)
14:13:49.0156 2548 hpn - ok
14:13:49.0218 2548 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:13:49.0281 2548 HTTP - ok
14:13:49.0343 2548 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:13:49.0375 2548 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0375 2548 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
14:13:49.0390 2548 i2omgmt - ok
14:13:49.0421 2548 i2omp - ok
14:13:49.0484 2548 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:13:49.0515 2548 i8042prt ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0515 2548 i8042prt - detected UnsignedFile.Multi.Generic (1)
14:13:49.0609 2548 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:13:49.0656 2548 idsvc - ok
14:13:49.0718 2548 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:13:49.0750 2548 Imapi ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0750 2548 Imapi - detected UnsignedFile.Multi.Generic (1)
14:13:49.0812 2548 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:13:49.0828 2548 ImapiService ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0828 2548 ImapiService - detected UnsignedFile.Multi.Generic (1)
14:13:49.0859 2548 ini910u - ok
14:13:49.0953 2548 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:13:49.0968 2548 IntelIde ( UnsignedFile.Multi.Generic ) - warning
14:13:49.0968 2548 IntelIde - detected UnsignedFile.Multi.Generic (1)
14:13:50.0031 2548 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:13:50.0046 2548 intelppm ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0046 2548 intelppm - detected UnsignedFile.Multi.Generic (1)
14:13:50.0078 2548 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:13:50.0093 2548 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0093 2548 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
14:13:50.0140 2548 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:13:50.0156 2548 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0156 2548 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
14:13:50.0171 2548 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:13:50.0203 2548 IpInIp ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0203 2548 IpInIp - detected UnsignedFile.Multi.Generic (1)
14:13:50.0234 2548 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:13:50.0265 2548 IpNat ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0265 2548 IpNat - detected UnsignedFile.Multi.Generic (1)
14:13:50.0437 2548 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:13:50.0484 2548 iPod Service - ok
14:13:50.0515 2548 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:13:50.0546 2548 IPSec ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0546 2548 IPSec - detected UnsignedFile.Multi.Generic (1)
14:13:50.0593 2548 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:13:50.0609 2548 IRENUM ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0609 2548 IRENUM - detected UnsignedFile.Multi.Generic (1)
14:13:50.0671 2548 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:13:50.0687 2548 isapnp ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0687 2548 isapnp - detected UnsignedFile.Multi.Generic (1)
14:13:50.0781 2548 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:13:50.0781 2548 JavaQuickStarterService - ok
14:13:50.0843 2548 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:13:50.0875 2548 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0875 2548 Kbdclass - detected UnsignedFile.Multi.Generic (1)
14:13:50.0906 2548 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:13:50.0937 2548 kmixer ( UnsignedFile.Multi.Generic ) - warning
14:13:50.0937 2548 kmixer - detected UnsignedFile.Multi.Generic (1)
14:13:50.0984 2548 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:13:51.0093 2548 KSecDD - ok
14:13:51.0140 2548 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:13:51.0171 2548 lanmanserver ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0171 2548 lanmanserver - detected UnsignedFile.Multi.Generic (1)
14:13:51.0234 2548 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:13:51.0281 2548 lanmanworkstation - ok
14:13:51.0312 2548 lbrtfdc - ok
14:13:51.0390 2548 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:13:51.0421 2548 LmHosts ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0421 2548 LmHosts - detected UnsignedFile.Multi.Generic (1)
14:13:51.0453 2548 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:13:51.0484 2548 Messenger ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0484 2548 Messenger - detected UnsignedFile.Multi.Generic (1)
14:13:51.0546 2548 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:13:51.0562 2548 mnmdd ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0562 2548 mnmdd - detected UnsignedFile.Multi.Generic (1)
14:13:51.0609 2548 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:13:51.0640 2548 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0640 2548 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
14:13:51.0687 2548 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:13:51.0687 2548 Modem ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0687 2548 Modem - detected UnsignedFile.Multi.Generic (1)
14:13:51.0750 2548 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:13:51.0781 2548 Mouclass ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0781 2548 Mouclass - detected UnsignedFile.Multi.Generic (1)
14:13:51.0812 2548 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:13:51.0843 2548 mouhid ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0843 2548 mouhid - detected UnsignedFile.Multi.Generic (1)
14:13:51.0890 2548 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:13:51.0906 2548 MountMgr ( UnsignedFile.Multi.Generic ) - warning
14:13:51.0906 2548 MountMgr - detected UnsignedFile.Multi.Generic (1)
14:13:51.0953 2548 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:13:51.0968 2548 MozillaMaintenance - ok
14:13:51.0984 2548 mraid35x - ok
14:13:52.0015 2548 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:13:52.0062 2548 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0062 2548 MRxDAV - detected UnsignedFile.Multi.Generic (1)
14:13:52.0125 2548 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:13:52.0203 2548 MRxSmb - ok
14:13:52.0250 2548 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:13:52.0281 2548 MSDTC ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0281 2548 MSDTC - detected UnsignedFile.Multi.Generic (1)
14:13:52.0359 2548 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:13:52.0390 2548 Msfs ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0390 2548 Msfs - detected UnsignedFile.Multi.Generic (1)
14:13:52.0406 2548 MSIServer - ok
14:13:52.0468 2548 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:13:52.0500 2548 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0500 2548 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
14:13:52.0531 2548 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:13:52.0546 2548 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0546 2548 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
14:13:52.0578 2548 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:13:52.0593 2548 MSPQM ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0593 2548 MSPQM - detected UnsignedFile.Multi.Generic (1)
14:13:52.0640 2548 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:13:52.0656 2548 mssmbios ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0656 2548 mssmbios - detected UnsignedFile.Multi.Generic (1)
14:13:52.0703 2548 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:13:52.0734 2548 Mup ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0734 2548 Mup - detected UnsignedFile.Multi.Generic (1)
14:13:52.0796 2548 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:13:52.0812 2548 NDIS ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0812 2548 NDIS - detected UnsignedFile.Multi.Generic (1)
14:13:52.0859 2548 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:13:52.0859 2548 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0859 2548 NdisTapi - detected UnsignedFile.Multi.Generic (1)
14:13:52.0921 2548 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:13:52.0937 2548 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
14:13:52.0937 2548 Ndisuio - detected UnsignedFile.Multi.Generic (1)
14:13:52.0984 2548 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:13:53.0015 2548 NdisWan ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0015 2548 NdisWan - detected UnsignedFile.Multi.Generic (1)
14:13:53.0062 2548 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:13:53.0062 2548 NDProxy ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0062 2548 NDProxy - detected UnsignedFile.Multi.Generic (1)
14:13:53.0093 2548 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:13:53.0109 2548 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0109 2548 NetBIOS - detected UnsignedFile.Multi.Generic (1)
14:13:53.0156 2548 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:13:53.0171 2548 NetBT ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0171 2548 NetBT - detected UnsignedFile.Multi.Generic (1)
14:13:53.0218 2548 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
14:13:53.0250 2548 NetDDE ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0250 2548 NetDDE - detected UnsignedFile.Multi.Generic (1)
14:13:53.0265 2548 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:13:53.0296 2548 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0296 2548 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
14:13:53.0343 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:13:53.0375 2548 Netlogon ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0375 2548 Netlogon - detected UnsignedFile.Multi.Generic (1)
14:13:53.0437 2548 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
14:13:53.0453 2548 Netman ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0453 2548 Netman - detected UnsignedFile.Multi.Generic (1)
14:13:53.0484 2548 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:13:53.0500 2548 NetTcpPortSharing - ok
14:13:53.0546 2548 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
14:13:53.0593 2548 Nla - ok
14:13:53.0625 2548 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:13:53.0656 2548 Npfs ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0656 2548 Npfs - detected UnsignedFile.Multi.Generic (1)
14:13:53.0718 2548 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:13:53.0796 2548 Ntfs ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0796 2548 Ntfs - detected UnsignedFile.Multi.Generic (1)
14:13:53.0828 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:13:53.0828 2548 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0828 2548 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
14:13:53.0890 2548 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:13:53.0937 2548 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
14:13:53.0937 2548 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
14:13:53.0968 2548 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:13:54.0000 2548 Null ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0000 2548 Null - detected UnsignedFile.Multi.Generic (1)
14:13:54.0062 2548 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:13:54.0109 2548 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0109 2548 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
14:13:54.0171 2548 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:13:54.0218 2548 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0218 2548 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
14:13:54.0265 2548 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:13:54.0281 2548 Parport ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0281 2548 Parport - detected UnsignedFile.Multi.Generic (1)
14:13:54.0328 2548 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:13:54.0375 2548 PartMgr ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0375 2548 PartMgr - detected UnsignedFile.Multi.Generic (1)
14:13:54.0421 2548 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:13:54.0453 2548 ParVdm ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0453 2548 ParVdm - detected UnsignedFile.Multi.Generic (1)
14:13:54.0500 2548 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:13:54.0531 2548 PCI ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0531 2548 PCI - detected UnsignedFile.Multi.Generic (1)
14:13:54.0546 2548 PCIDump - ok
14:13:54.0593 2548 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
14:13:54.0609 2548 PCIIde ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0609 2548 PCIIde - detected UnsignedFile.Multi.Generic (1)
14:13:54.0671 2548 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:13:54.0687 2548 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
14:13:54.0687 2548 Pcmcia - detected UnsignedFile.Multi.Generic (1)
14:13:54.0703 2548 PDCOMP - ok
14:13:54.0734 2548 PDFRAME - ok
14:13:54.0765 2548 PDRELI - ok
14:13:54.0796 2548 PDRFRAME - ok
14:13:54.0828 2548 perc2 - ok
14:13:54.0859 2548 perc2hib - ok
14:13:54.0968 2548 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
14:13:55.0046 2548 PlugPlay - ok
14:13:55.0078 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:13:55.0093 2548 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0093 2548 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
14:13:55.0125 2548 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:13:55.0125 2548 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0125 2548 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
14:13:55.0156 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:13:55.0171 2548 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0171 2548 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
14:13:55.0203 2548 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:13:55.0218 2548 PSched ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0218 2548 PSched - detected UnsignedFile.Multi.Generic (1)
14:13:55.0265 2548 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:13:55.0281 2548 Ptilink ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0281 2548 Ptilink - detected UnsignedFile.Multi.Generic (1)
14:13:55.0296 2548 ql1080 - ok
14:13:55.0328 2548 Ql10wnt - ok
14:13:55.0359 2548 ql12160 - ok
14:13:55.0390 2548 ql1240 - ok
14:13:55.0421 2548 ql1280 - ok
14:13:55.0468 2548 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:13:55.0515 2548 RasAcd ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0515 2548 RasAcd - detected UnsignedFile.Multi.Generic (1)
14:13:55.0562 2548 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:13:55.0593 2548 RasAuto ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0593 2548 RasAuto - detected UnsignedFile.Multi.Generic (1)
14:13:55.0625 2548 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:13:55.0656 2548 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0656 2548 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
14:13:55.0703 2548 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:13:55.0718 2548 RasMan ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0718 2548 RasMan - detected UnsignedFile.Multi.Generic (1)
14:13:55.0734 2548 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:13:55.0765 2548 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0781 2548 RasPppoe - detected UnsignedFile.Multi.Generic (1)
14:13:55.0812 2548 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:13:55.0843 2548 Raspti ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0843 2548 Raspti - detected UnsignedFile.Multi.Generic (1)
14:13:55.0875 2548 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:13:55.0906 2548 Rdbss ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0906 2548 Rdbss - detected UnsignedFile.Multi.Generic (1)
14:13:55.0937 2548 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:13:55.0968 2548 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
14:13:55.0968 2548 RDPCDD - detected UnsignedFile.Multi.Generic (1)
14:13:56.0046 2548 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:13:56.0093 2548 RDPWD ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0093 2548 RDPWD - detected UnsignedFile.Multi.Generic (1)
14:13:56.0140 2548 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:13:56.0171 2548 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0171 2548 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
14:13:56.0203 2548 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:13:56.0218 2548 redbook ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0218 2548 redbook - detected UnsignedFile.Multi.Generic (1)
14:13:56.0265 2548 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:13:56.0281 2548 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0281 2548 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
14:13:56.0343 2548 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
14:13:56.0375 2548 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0375 2548 RpcLocator - detected UnsignedFile.Multi.Generic (1)
14:13:56.0421 2548 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:13:56.0500 2548 RpcSs - ok
14:13:56.0562 2548 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:13:56.0593 2548 RSVP ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0593 2548 RSVP - detected UnsignedFile.Multi.Generic (1)
14:13:56.0625 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
14:13:56.0640 2548 SamSs ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0640 2548 SamSs - detected UnsignedFile.Multi.Generic (1)
14:13:56.0703 2548 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:13:56.0734 2548 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0734 2548 SCardSvr - detected UnsignedFile.Multi.Generic (1)
14:13:56.0796 2548 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:13:56.0828 2548 Schedule ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0828 2548 Schedule - detected UnsignedFile.Multi.Generic (1)
14:13:56.0875 2548 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:13:56.0906 2548 Secdrv ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0906 2548 Secdrv - detected UnsignedFile.Multi.Generic (1)
14:13:56.0937 2548 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
14:13:56.0953 2548 seclogon ( UnsignedFile.Multi.Generic ) - warning
14:13:56.0953 2548 seclogon - detected UnsignedFile.Multi.Generic (1)
14:13:56.0984 2548 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
14:13:57.0015 2548 SENS ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0015 2548 SENS - detected UnsignedFile.Multi.Generic (1)
14:13:57.0031 2548 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:13:57.0078 2548 serenum ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0078 2548 serenum - detected UnsignedFile.Multi.Generic (1)
14:13:57.0109 2548 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:13:57.0140 2548 Serial ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0140 2548 Serial - detected UnsignedFile.Multi.Generic (1)
14:13:57.0203 2548 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:13:57.0234 2548 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0234 2548 Sfloppy - detected UnsignedFile.Multi.Generic (1)
14:13:57.0296 2548 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:13:57.0312 2548 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0312 2548 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
14:13:57.0328 2548 Simbad - ok
14:13:57.0406 2548 [ 1319EA66A96250D59665D133C0FF7CD0 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
14:13:57.0437 2548 smwdm ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0437 2548 smwdm - detected UnsignedFile.Multi.Generic (1)
14:13:57.0484 2548 [ EB49860E776CE860DC3CFB9EDB1BA517 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
14:13:57.0515 2548 snapman - ok
14:13:57.0531 2548 Sparrow - ok
14:13:57.0562 2548 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:13:57.0593 2548 splitter ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0593 2548 splitter - detected UnsignedFile.Multi.Generic (1)
14:13:57.0640 2548 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:13:57.0671 2548 Spooler ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0671 2548 Spooler - detected UnsignedFile.Multi.Generic (1)
14:13:57.0718 2548 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:13:57.0734 2548 sr ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0734 2548 sr - detected UnsignedFile.Multi.Generic (1)
14:13:57.0765 2548 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
14:13:57.0796 2548 srservice ( UnsignedFile.Multi.Generic ) - warning
14:13:57.0796 2548 srservice - detected UnsignedFile.Multi.Generic (1)
14:13:57.0843 2548 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:13:57.0921 2548 Srv - ok
14:13:57.0968 2548 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:13:58.0015 2548 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0015 2548 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
14:13:58.0078 2548 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:13:58.0140 2548 stisvc ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0140 2548 stisvc - detected UnsignedFile.Multi.Generic (1)
14:13:58.0171 2548 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:13:58.0203 2548 swenum ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0203 2548 swenum - detected UnsignedFile.Multi.Generic (1)
14:13:58.0250 2548 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:13:58.0265 2548 swmidi ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0265 2548 swmidi - detected UnsignedFile.Multi.Generic (1)
14:13:58.0296 2548 SwPrv - ok
14:13:58.0328 2548 symc810 - ok
14:13:58.0359 2548 symc8xx - ok
14:13:58.0390 2548 sym_hi - ok
14:13:58.0421 2548 sym_u3 - ok
14:13:58.0468 2548 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:13:58.0500 2548 sysaudio ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0500 2548 sysaudio - detected UnsignedFile.Multi.Generic (1)
14:13:58.0546 2548 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:13:58.0562 2548 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0562 2548 SysmonLog - detected UnsignedFile.Multi.Generic (1)
14:13:58.0609 2548 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:13:58.0640 2548 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0640 2548 TapiSrv - detected UnsignedFile.Multi.Generic (1)
14:13:58.0687 2548 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:13:58.0734 2548 Tcpip - ok
14:13:58.0781 2548 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:13:58.0812 2548 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0812 2548 TDPIPE - detected UnsignedFile.Multi.Generic (1)
14:13:58.0890 2548 [ 431801FCC97034E04A6EFF81136578D7 ] tdrpman273 C:\WINDOWS\system32\DRIVERS\tdrpm273.sys
14:13:58.0921 2548 tdrpman273 - ok
14:13:58.0953 2548 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:13:58.0984 2548 TDTCP ( UnsignedFile.Multi.Generic ) - warning
14:13:58.0984 2548 TDTCP - detected UnsignedFile.Multi.Generic (1)
14:13:59.0046 2548 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:13:59.0062 2548 TermDD ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0062 2548 TermDD - detected UnsignedFile.Multi.Generic (1)
14:13:59.0125 2548 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
14:13:59.0156 2548 TermService ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0156 2548 TermService - detected UnsignedFile.Multi.Generic (1)
14:13:59.0203 2548 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:13:59.0218 2548 Themes ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0218 2548 Themes - detected UnsignedFile.Multi.Generic (1)
14:13:59.0281 2548 [ A34D7024BB7140EC785C86BC065D4F60 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
14:13:59.0328 2548 timounter - ok
14:13:59.0343 2548 TosIde - ok
14:13:59.0390 2548 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:13:59.0406 2548 TrkWks ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0406 2548 TrkWks - detected UnsignedFile.Multi.Generic (1)
14:13:59.0484 2548 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:13:59.0515 2548 Udfs ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0515 2548 Udfs - detected UnsignedFile.Multi.Generic (1)
14:13:59.0531 2548 ultra - ok
14:13:59.0593 2548 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:13:59.0625 2548 Update ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0625 2548 Update - detected UnsignedFile.Multi.Generic (1)
14:13:59.0671 2548 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
14:13:59.0703 2548 upnphost ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0703 2548 upnphost - detected UnsignedFile.Multi.Generic (1)
14:13:59.0734 2548 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
14:13:59.0781 2548 UPS ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0781 2548 UPS - detected UnsignedFile.Multi.Generic (1)
14:13:59.0828 2548 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:13:59.0843 2548 usbaudio ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0843 2548 usbaudio - detected UnsignedFile.Multi.Generic (1)
14:13:59.0906 2548 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:13:59.0921 2548 usbccgp ( UnsignedFile.Multi.Generic ) - warning
14:13:59.0921 2548 usbccgp - detected UnsignedFile.Multi.Generic (1)
14:13:59.0968 2548 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:14:00.0000 2548 usbehci ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0000 2548 usbehci - detected UnsignedFile.Multi.Generic (1)
14:14:00.0031 2548 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:14:00.0062 2548 usbhub ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0062 2548 usbhub - detected UnsignedFile.Multi.Generic (1)
14:14:00.0109 2548 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:14:00.0125 2548 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0125 2548 USBSTOR - detected UnsignedFile.Multi.Generic (1)
14:14:00.0156 2548 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:14:00.0187 2548 usbuhci ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0187 2548 usbuhci - detected UnsignedFile.Multi.Generic (1)
14:14:00.0218 2548 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:14:00.0250 2548 VgaSave ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0250 2548 VgaSave - detected UnsignedFile.Multi.Generic (1)
14:14:00.0265 2548 ViaIde - ok
14:14:00.0312 2548 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:14:00.0328 2548 VolSnap ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0328 2548 VolSnap - detected UnsignedFile.Multi.Generic (1)
14:14:00.0406 2548 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
14:14:00.0437 2548 VSS ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0437 2548 VSS - detected UnsignedFile.Multi.Generic (1)
14:14:00.0500 2548 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
14:14:00.0515 2548 W32Time ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0515 2548 W32Time - detected UnsignedFile.Multi.Generic (1)
14:14:00.0546 2548 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:14:00.0593 2548 Wanarp ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0593 2548 Wanarp - detected UnsignedFile.Multi.Generic (1)
14:14:00.0609 2548 WDICA - ok
14:14:00.0656 2548 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:14:00.0687 2548 wdmaud ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0687 2548 wdmaud - detected UnsignedFile.Multi.Generic (1)
14:14:00.0718 2548 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:14:00.0750 2548 WebClient ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0750 2548 WebClient - detected UnsignedFile.Multi.Generic (1)
14:14:00.0859 2548 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:14:00.0875 2548 winmgmt ( UnsignedFile.Multi.Generic ) - warning
14:14:00.0875 2548 winmgmt - detected UnsignedFile.Multi.Generic (1)
14:14:00.0968 2548 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
14:14:01.0359 2548 WmdmPmSN - ok
14:14:01.0421 2548 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:14:01.0453 2548 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
14:14:01.0453 2548 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
14:14:01.0500 2548 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:14:01.0515 2548 wscsvc ( UnsignedFile.Multi.Generic ) - warning
14:14:01.0515 2548 wscsvc - detected UnsignedFile.Multi.Generic (1)
14:14:01.0562 2548 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:14:01.0609 2548 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
14:14:01.0609 2548 WZCSVC - detected UnsignedFile.Multi.Generic (1)
14:14:01.0656 2548 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:14:01.0687 2548 xmlprov ( UnsignedFile.Multi.Generic ) - warning
14:14:01.0687 2548 xmlprov - detected UnsignedFile.Multi.Generic (1)
14:14:01.0703 2548 ================ Scan global ===============================
14:14:01.0750 2548 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
14:14:01.0765 2548 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
14:14:01.0796 2548 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
14:14:01.0828 2548 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
14:14:01.0843 2548 [Global] - ok
14:14:01.0843 2548 ================ Scan MBR ==================================
14:14:01.0875 2548 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:14:02.0078 2548 \Device\Harddisk0\DR0 - ok
14:14:02.0078 2548 ================ Scan VBR ==================================
14:14:02.0125 2548 [ 1B9D96A6E41C50A0AC47075D9A72303D ] \Device\Harddisk0\DR0\Partition1
14:14:02.0125 2548 \Device\Harddisk0\DR0\Partition1 - ok
14:14:02.0125 2548 ================ Scan active images ========================
14:14:02.0140 2548 [ 279FB78702454DFF2BB445F238C048D2 ] C:\WINDOWS\system32\drivers\intelppm.sys
14:14:02.0140 2548 C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:14:02.0171 2548 [ 2034CA78F9C6E787B4B76D81AC888351 ] C:\WINDOWS\system32\drivers\usbport.sys
14:14:02.0171 2548 C:\WINDOWS\system32\drivers\usbport.sys - ok
14:14:02.0187 2548 [ F8FD1400092E23C8F2F31406EF06167B ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:14:02.0187 2548 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:14:02.0218 2548 [ 15E993BA2F6946B2BFBBFCD30398621E ] C:\WINDOWS\system32\drivers\usbehci.sys
14:14:02.0218 2548 C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:14:02.0250 2548 [ C42009E37E377AE55968768E521E05C3 ] C:\WINDOWS\system32\drivers\e1000325.sys
14:14:02.0250 2548 C:\WINDOWS\system32\drivers\e1000325.sys - ok
14:14:02.0281 2548 [ 5502B58EEF7486EE6F93F3F164DCB808 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:14:02.0281 2548 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:14:02.0296 2548 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:14:02.0296 2548 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:14:02.0328 2548 [ CED2E8396A8838E59D8FD529C680E02C ] C:\WINDOWS\system32\drivers\fdc.sys
14:14:02.0328 2548 C:\WINDOWS\system32\drivers\fdc.sys - ok
14:14:02.0359 2548 [ CD9404D115A00D249F70A371B46D5A26 ] C:\WINDOWS\system32\drivers\serial.sys
14:14:02.0359 2548 C:\WINDOWS\system32\drivers\serial.sys - ok
14:14:02.0390 2548 [ A2D868AEEFF612E70E213C451A70CAFB ] C:\WINDOWS\system32\drivers\serenum.sys
14:14:02.0390 2548 C:\WINDOWS\system32\drivers\serenum.sys - ok
14:14:02.0421 2548 [ 29744EB4CE659DFE3B4122DEB45BC478 ] C:\WINDOWS\system32\drivers\parport.sys
14:14:02.0421 2548 C:\WINDOWS\system32\drivers\parport.sys - ok
14:14:02.0437 2548 [ AF9C19B3100FE010496B1A27181FBF72 ] C:\WINDOWS\system32\drivers\cdrom.sys
14:14:02.0437 2548 C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:14:02.0468 2548 [ B9540E258F952650DE8DEC68719A5C97 ] C:\WINDOWS\system32\drivers\ks.sys
14:14:02.0468 2548 C:\WINDOWS\system32\drivers\ks.sys - ok
14:14:02.0500 2548 [ B31B4588E4086D8D84ADBF9845C2402B ] C:\WINDOWS\system32\drivers\redbook.sys
14:14:02.0500 2548 C:\WINDOWS\system32\drivers\redbook.sys - ok
14:14:02.0531 2548 [ FF86422268DE771D571E123EB7092C6A ] C:\WINDOWS\system32\drivers\drmk.sys
14:14:02.0531 2548 C:\WINDOWS\system32\drivers\drmk.sys - ok
14:14:02.0562 2548 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
14:14:02.0562 2548 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
14:14:02.0593 2548 [ 5B0F00E43A7094C0B7E433CB42C79164 ] C:\WINDOWS\system32\drivers\portcls.sys
14:14:02.0593 2548 C:\WINDOWS\system32\drivers\portcls.sys - ok
14:14:02.0625 2548 [ 1319EA66A96250D59665D133C0FF7CD0 ] C:\WINDOWS\system32\drivers\smwdm.sys
14:14:02.0625 2548 C:\WINDOWS\system32\drivers\smwdm.sys - ok
14:14:02.0656 2548 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:14:02.0656 2548 C:\WINDOWS\system32\drivers\audstub.sys - ok
14:14:02.0671 2548 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:14:02.0671 2548 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:14:02.0703 2548 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:14:02.0703 2548 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:14:02.0734 2548 [ 0B90E255A9490166AB368CD55A529893 ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:14:02.0734 2548 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:14:02.0765 2548 [ 7306EEED8895454CBED4669BE9F79FAA ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:14:02.0765 2548 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:14:02.0781 2548 [ 1C5CC65AAC0783C344F16353E60B72AC ] C:\WINDOWS\system32\drivers\raspptp.sys
14:14:02.0781 2548 C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:14:02.0812 2548 [ 6891B74AB9A016064E82A419388D0601 ] C:\WINDOWS\system32\drivers\tdi.sys
14:14:02.0812 2548 C:\WINDOWS\system32\drivers\tdi.sys - ok
14:14:02.0843 2548 [ C0F1D4A21DE5A415DF8170616703DEBF ] C:\WINDOWS\system32\drivers\msgpc.sys
14:14:02.0843 2548 C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:14:02.0875 2548 [ 48671F327553DCF1D27F6197F622A668 ] C:\WINDOWS\system32\drivers\psched.sys
14:14:02.0875 2548 C:\WINDOWS\system32\drivers\psched.sys - ok
14:14:02.0906 2548 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:14:02.0906 2548 C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:14:02.0921 2548 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:14:02.0921 2548 C:\WINDOWS\system32\drivers\raspti.sys - ok
14:14:02.0953 2548 [ A540A99C281D933F3D69D55E48727F47 ] C:\WINDOWS\system32\drivers\termdd.sys
14:14:02.0953 2548 C:\WINDOWS\system32\drivers\termdd.sys - ok
14:14:02.0984 2548 [ 34E1F0031153E491910E12551400192C ] C:\WINDOWS\system32\drivers\mouclass.sys
14:14:02.0984 2548 C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:14:03.0015 2548 [ 03C1BAE4766E2450219D20B993D6E046 ] C:\WINDOWS\system32\drivers\swenum.sys
14:14:03.0015 2548 C:\WINDOWS\system32\drivers\swenum.sys - ok
14:14:03.0031 2548 [ 469541F8BFD2B32659D5D463A6714BCE ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:14:03.0031 2548 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:14:03.0062 2548 [ AFF2E5045961BBC0A602BB6F95EB1345 ] C:\WINDOWS\system32\drivers\update.sys
14:14:03.0062 2548 C:\WINDOWS\system32\drivers\update.sys - ok
14:14:03.0093 2548 [ 59FC3FB44D2669BC144FD87826BB571F ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:14:03.0093 2548 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:14:03.0125 2548 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:14:03.0125 2548 C:\WINDOWS\system32\drivers\usbd.sys - ok
14:14:03.0140 2548 [ C72F40947F92CEA56A8FB532EDF025F1 ] C:\WINDOWS\system32\drivers\usbhub.sys
14:14:03.0140 2548 C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:14:03.0171 2548 [ 0DD1DE43115B93F4D85E889D7A86F548 ] C:\WINDOWS\system32\drivers\flpydisk.sys
14:14:03.0171 2548 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
14:14:03.0203 2548 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:14:03.0203 2548 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:14:03.0234 2548 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:14:03.0234 2548 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:14:03.0265 2548 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:14:03.0265 2548 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:14:03.0281 2548 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:14:03.0281 2548 C:\WINDOWS\system32\drivers\null.sys - ok
14:14:03.0312 2548 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:14:03.0312 2548 C:\WINDOWS\system32\drivers\beep.sys - ok
14:14:03.0343 2548 [ D5A9D123F5ED7C9965A481BD20CF66D8 ] C:\WINDOWS\system32\drivers\videoprt.sys
14:14:03.0343 2548 C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:14:03.0375 2548 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:14:03.0375 2548 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:14:03.0390 2548 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] C:\WINDOWS\system32\drivers\vga.sys
14:14:03.0390 2548 C:\WINDOWS\system32\drivers\vga.sys - ok
14:14:03.0421 2548 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:14:03.0421 2548 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:14:03.0453 2548 [ 561B3A4333CA2DBDBA28B5B956822519 ] C:\WINDOWS\system32\drivers\msfs.sys
14:14:03.0453 2548 C:\WINDOWS\system32\drivers\msfs.sys - ok
14:14:03.0484 2548 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] C:\WINDOWS\system32\drivers\npfs.sys
14:14:03.0484 2548 C:\WINDOWS\system32\drivers\npfs.sys - ok
14:14:03.0515 2548 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:14:03.0515 2548 C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:14:03.0531 2548 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:14:03.0531 2548 C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:14:03.0562 2548 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] C:\WINDOWS\system32\drivers\tcpip.sys
14:14:03.0562 2548 C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:14:03.0593 2548 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] C:\WINDOWS\system32\drivers\aswTdi.sys
14:14:03.0593 2548 C:\WINDOWS\system32\drivers\aswTdi.sys - ok
14:14:03.0625 2548 [ 984EF0B9788ABF89974CFED4BFBAACBC ] C:\WINDOWS\system32\drivers\wanarp.sys
14:14:03.0625 2548 C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:14:03.0640 2548 [ 0C80E410CD2F47134407EE7DD19CC86B ] C:\WINDOWS\system32\drivers\netbt.sys
14:14:03.0640 2548 C:\WINDOWS\system32\drivers\netbt.sys - ok
14:14:03.0671 2548 [ 55E6E1C51B6D30E54335750955453702 ] C:\WINDOWS\system32\drivers\afd.sys
14:14:03.0671 2548 C:\WINDOWS\system32\drivers\afd.sys - ok
14:14:03.0703 2548 [ B7D5E4486BA658ED08624D8084ABB830 ] C:\WINDOWS\system32\drivers\aswRdr.sys
14:14:03.0703 2548 C:\WINDOWS\system32\drivers\aswRdr.sys - ok
14:14:03.0734 2548 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] C:\WINDOWS\system32\drivers\netbios.sys
14:14:03.0734 2548 C:\WINDOWS\system32\drivers\netbios.sys - ok
14:14:03.0765 2548 [ 29D66245ADBA878FFF574CD66ABD2884 ] C:\WINDOWS\system32\drivers\rdbss.sys
14:14:03.0765 2548 C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:14:03.0781 2548 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:14:03.0781 2548 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:14:03.0812 2548 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] C:\WINDOWS\system32\drivers\fips.sys
14:14:03.0812 2548 C:\WINDOWS\system32\drivers\fips.sys - ok
14:14:03.0843 2548 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] C:\WINDOWS\system32\drivers\imapi.sys
14:14:03.0843 2548 C:\WINDOWS\system32\drivers\imapi.sys - ok
14:14:03.0859 2548 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] C:\WINDOWS\system32\drivers\aswSP.sys
14:14:03.0875 2548 C:\WINDOWS\system32\drivers\aswSP.sys - ok
14:14:03.0890 2548 [ 30E45AF8B4D83176CA850FC9699E860B ] C:\WINDOWS\system32\drivers\aswSnx.sys
14:14:03.0890 2548 C:\WINDOWS\system32\drivers\aswSnx.sys - ok
14:14:03.0921 2548 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] C:\WINDOWS\system32\drivers\aavmker4.sys
14:14:03.0921 2548 C:\WINDOWS\system32\drivers\aavmker4.sys - ok
14:14:03.0953 2548 [ BD7FB0957C716F1A60333AEE04DE2178 ] C:\WINDOWS\system32\smss.exe
14:14:03.0953 2548 C:\WINDOWS\system32\smss.exe - ok
14:14:03.0984 2548 [ C06986B55981B355090DD34DE809E4BB ] C:\WINDOWS\system32\ntdll.dll
14:14:03.0984 2548 C:\WINDOWS\system32\ntdll.dll - ok
14:14:04.0015 2548 [ 5FFF41CD5108E9051D255C37825AF697 ] C:\WINDOWS\system32\drivers\hidparse.sys
14:14:04.0015 2548 C:\WINDOWS\system32\drivers\hidparse.sys - ok
14:14:04.0031 2548 [ B3415B9D6026F65E43089ABED096C38C ] C:\WINDOWS\system32\autochk.exe
14:14:04.0031 2548 C:\WINDOWS\system32\autochk.exe - ok
14:14:04.0062 2548 [ 378055AB8DDA86228683C697C4E11685 ] C:\WINDOWS\system32\drivers\hidclass.sys
14:14:04.0062 2548 C:\WINDOWS\system32\drivers\hidclass.sys - ok
14:14:04.0093 2548 [ 1DE6783B918F540149AA69943BDFEBA8 ] C:\WINDOWS\system32\drivers\hidusb.sys
14:14:04.0093 2548 C:\WINDOWS\system32\drivers\hidusb.sys - ok
14:14:04.0109 2548 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] C:\WINDOWS\system32\drivers\usbccgp.sys
14:14:04.0109 2548 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
14:14:04.0140 2548 [ 8B4C802F44D71974407D5E82C45062B8 ] C:\WINDOWS\system32\auto_reactivate.exe
14:14:04.0140 2548 C:\WINDOWS\system32\auto_reactivate.exe - ok
14:14:04.0171 2548 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
14:14:04.0171 2548 C:\WINDOWS\system32\drivers\mouhid.sys - ok
14:14:04.0203 2548 [ 30A609E00BD1D4FFC49D6B5A432BE7F2 ] C:\WINDOWS\system32\sfcfiles.dll
14:14:04.0203 2548 C:\WINDOWS\system32\sfcfiles.dll - ok
14:14:04.0234 2548 [ 45A0D14B26C35497AD93BCE7E15C9941 ] C:\WINDOWS\system32\drivers\USBAUDIO.sys
14:14:04.0234 2548 C:\WINDOWS\system32\drivers\USBAUDIO.sys - ok
14:14:04.0265 2548 [ CD7D5152DF32B47F4E36F710B35AAE02 ] C:\WINDOWS\system32\drivers\cdfs.sys
14:14:04.0265 2548 C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:14:04.0281 2548 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:14:04.0281 2548 C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:14:04.0312 2548 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] C:\WINDOWS\system32\drivers\atapi.sys
14:14:04.0312 2548 C:\WINDOWS\system32\drivers\atapi.sys - ok
14:14:04.0343 2548 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:14:04.0343 2548 C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:14:04.0359 2548 [ C9BF2F12C4E6C12F8A85FBA4B6BC6208 ] C:\WINDOWS\system32\watchdog.sys
14:14:04.0359 2548 C:\WINDOWS\system32\watchdog.sys - ok
14:14:04.0390 2548 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
14:14:04.0390 2548 C:\WINDOWS\system32\basesrv.dll - ok
14:14:04.0421 2548 [ EFD2862F003538B9A5B4C015F8FDB1B3 ] C:\WINDOWS\system32\csrsrv.dll
14:14:04.0421 2548 C:\WINDOWS\system32\csrsrv.dll - ok
14:14:04.0453 2548 [ F12B178B1678D778CFD3FF1FC38C71FB ] C:\WINDOWS\system32\csrss.exe
14:14:04.0453 2548 C:\WINDOWS\system32\csrss.exe - ok
14:14:04.0484 2548 [ 7190A8EBD16D56C78864E49C9BB5FE7D ] C:\WINDOWS\system32\win32k.sys
14:14:04.0484 2548 C:\WINDOWS\system32\win32k.sys - ok
14:14:04.0515 2548 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
14:14:04.0515 2548 C:\WINDOWS\system32\winsrv.dll - ok
14:14:04.0531 2548 [ C72661F8552ACE7C5C85E16A3CF505C4 ] C:\WINDOWS\system32\user32.dll
14:14:04.0531 2548 C:\WINDOWS\system32\user32.dll - ok
14:14:04.0562 2548 [ B6ACAED7588295129791E0E6A2B0FADE ] C:\WINDOWS\system32\kernel32.dll
14:14:04.0562 2548 C:\WINDOWS\system32\kernel32.dll - ok
14:14:04.0578 2548 [ 0C07B16769E579F78C541773D0A2E7E0 ] C:\WINDOWS\system32\gdi32.dll
14:14:04.0578 2548 C:\WINDOWS\system32\gdi32.dll - ok
14:14:04.0609 2548 [ D3DAC8432110AAD0B02A58B4459AB835 ] C:\WINDOWS\system32\drivers\dxg.sys
14:14:04.0609 2548 C:\WINDOWS\system32\drivers\dxg.sys - ok
14:14:04.0640 2548 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:14:04.0640 2548 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:14:04.0671 2548 [ D3C80B28E4F74E0BDD888A8798B29268 ] C:\WINDOWS\system32\framebuf.dll
14:14:04.0671 2548 C:\WINDOWS\system32\framebuf.dll - ok
14:14:04.0703 2548 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:14:04.0703 2548 C:\WINDOWS\system32\vga.dll - ok
14:14:04.0734 2548 [ 1FB5E4AD68B9091148D2A28CF6831D77 ] C:\WINDOWS\system32\vga256.dll
14:14:04.0734 2548 C:\WINDOWS\system32\vga256.dll - ok
14:14:04.0765 2548 [ D5A9D4E5DFD788A5F427DEC60A278FBD ] C:\WINDOWS\system32\vga64k.dll
14:14:04.0765 2548 C:\WINDOWS\system32\vga64k.dll - ok
14:14:04.0781 2548 [ 01C3346C241652F43AED8E2149881BFE ] C:\WINDOWS\system32\winlogon.exe
14:14:04.0781 2548 C:\WINDOWS\system32\winlogon.exe - ok
14:14:04.0812 2548 [ 1081C185AED0660B2B5F173C3E023B23 ] C:\WINDOWS\system32\advapi32.dll
14:14:04.0812 2548 C:\WINDOWS\system32\advapi32.dll - ok
14:14:04.0828 2548 [ 461B6E2F04112E659280314B7A414F30 ] C:\WINDOWS\system32\rpcrt4.dll
14:14:04.0828 2548 C:\WINDOWS\system32\rpcrt4.dll - ok
14:14:04.0859 2548 [ A3930A43856BD52772BA475648D6DB5B ] C:\WINDOWS\system32\authz.dll
14:14:04.0859 2548 C:\WINDOWS\system32\authz.dll - ok
14:14:04.0890 2548 [ 174F3D2CA3C9E53643772A67C36BE5AF ] C:\WINDOWS\system32\secur32.dll
14:14:04.0890 2548 C:\WINDOWS\system32\secur32.dll - ok
14:14:04.0921 2548 [ B0FEFA816D61EC66AA765DDF534EAB5E ] C:\WINDOWS\system32\msvcrt.dll
14:14:04.0921 2548 C:\WINDOWS\system32\msvcrt.dll - ok
14:14:04.0953 2548 [ EFC958396A7A7EF7E6D4A52B97512E18 ] C:\WINDOWS\system32\crypt32.dll
14:14:04.0953 2548 C:\WINDOWS\system32\crypt32.dll - ok
14:14:04.0984 2548 [ DDE959EFC7CD79D1AC4BDA320A959DC0 ] C:\WINDOWS\system32\msasn1.dll
14:14:04.0984 2548 C:\WINDOWS\system32\msasn1.dll - ok
14:14:05.0015 2548 [ 458AB591E8CF240CC105A23671F2C3D6 ] C:\WINDOWS\system32\nddeapi.dll
14:14:05.0015 2548 C:\WINDOWS\system32\nddeapi.dll - ok
14:14:05.0031 2548 [ FE4F71711CF5C17ADE5E506348132D24 ] C:\WINDOWS\system32\profmap.dll
14:14:05.0031 2548 C:\WINDOWS\system32\profmap.dll - ok
14:14:05.0046 2548 [ 0A457307006530FD03A797F572A067FA ] C:\WINDOWS\system32\netapi32.dll
14:14:05.0062 2548 C:\WINDOWS\system32\netapi32.dll - ok
14:14:05.0078 2548 [ 2B9B56A89A8A42E917511972A6DB36E3 ] C:\WINDOWS\system32\userenv.dll
14:14:05.0078 2548 C:\WINDOWS\system32\userenv.dll - ok
14:14:05.0109 2548 [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\WINDOWS\system32\psapi.dll
14:14:05.0109 2548 C:\WINDOWS\system32\psapi.dll - ok
14:14:05.0140 2548 [ 899ED710FDC37EB7D0115C2932C2B1EB ] C:\WINDOWS\system32\regapi.dll
14:14:05.0140 2548 C:\WINDOWS\system32\regapi.dll - ok
14:14:05.0171 2548 [ 7808313CBC634EE08346D5DDFEF1CC5F ] C:\WINDOWS\system32\setupapi.dll
14:14:05.0171 2548 C:\WINDOWS\system32\setupapi.dll - ok
14:14:05.0203 2548 [ D38408967BE738D0C1B47005BCE8CEEB ] C:\WINDOWS\system32\version.dll
14:14:05.0203 2548 C:\WINDOWS\system32\version.dll - ok
14:14:05.0234 2548 [ 7BC4BA4C33ADF3EF5CD370D99BC60B04 ] C:\WINDOWS\system32\winsta.dll
14:14:05.0234 2548 C:\WINDOWS\system32\winsta.dll - ok
14:14:05.0265 2548 [ 1955BD9737BE6F4B72AD7A4859B4E300 ] C:\WINDOWS\system32\wintrust.dll
14:14:05.0265 2548 C:\WINDOWS\system32\wintrust.dll - ok
14:14:05.0281 2548 [ 5AFCE94E8286B2F57A04DA37F01BF21A ] C:\WINDOWS\system32\imagehlp.dll
14:14:05.0281 2548 C:\WINDOWS\system32\imagehlp.dll - ok
14:14:05.0296 2548 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
14:14:05.0296 2548 C:\WINDOWS\system32\kbdus.dll - ok
14:14:05.0328 2548 [ 9BEACB911CA61E5881102188AB7FB431 ] C:\WINDOWS\system32\ws2help.dll
14:14:05.0328 2548 C:\WINDOWS\system32\ws2help.dll - ok
14:14:05.0359 2548 [ 2ED0B7F12A60F90092081C50FA0EC2B2 ] C:\WINDOWS\system32\ws2_32.dll
14:14:05.0359 2548 C:\WINDOWS\system32\ws2_32.dll - ok
14:14:05.0390 2548 [ A29AF639AA180CC68C59242A10E1D3B1 ] C:\WINDOWS\system32\msgina.dll
14:14:05.0390 2548 C:\WINDOWS\system32\msgina.dll - ok
14:14:05.0421 2548 [ 56B6333DDA2576803F99F0EA373D0A7B ] C:\WINDOWS\system32\shell32.dll
14:14:05.0421 2548 C:\WINDOWS\system32\shell32.dll - ok
14:14:05.0453 2548 [ 54B34498B0B7917F825631B082A133A1 ] C:\WINDOWS\system32\shlwapi.dll
14:14:05.0453 2548 C:\WINDOWS\system32\shlwapi.dll - ok
14:14:05.0484 2548 [ A77DFB85FAEE49D66C74DA6024EBC69B ] C:\WINDOWS\system32\comctl32.dll
14:14:05.0484 2548 C:\WINDOWS\system32\comctl32.dll - ok
14:14:05.0515 2548 [ F79D7D98CD764499ECCBAAF3F800D349 ] C:\WINDOWS\system32\odbc32.dll
14:14:05.0515 2548 C:\WINDOWS\system32\odbc32.dll - ok
14:14:05.0531 2548 [ 1EDB1BB89D021955E6F7265911175B8D ] C:\WINDOWS\system32\comdlg32.dll
14:14:05.0531 2548 C:\WINDOWS\system32\comdlg32.dll - ok
14:14:05.0562 2548 [ BCDF5F4BAE714231ECC916A1EF724627 ] C:\WINDOWS\system32\sxs.dll
14:14:05.0562 2548 C:\WINDOWS\system32\sxs.dll - ok
14:14:05.0593 2548 [ 5AF68A5E44734A082442668E9C787743 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
14:14:05.0593 2548 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - ok
14:14:05.0625 2548 [ C237FB08F52F27823C4E4E6705ECD196 ] C:\WINDOWS\system32\odbcint.dll
14:14:05.0625 2548 C:\WINDOWS\system32\odbcint.dll - ok
14:14:05.0656 2548 [ E7518DC542D3EBDCB80EDD98462C7821 ] C:\WINDOWS\system32\shsvcs.dll
14:14:05.0656 2548 C:\WINDOWS\system32\shsvcs.dll - ok
14:14:05.0687 2548 [ E8A12A12EA9088B4327D49EDCA3ADD3E ] C:\WINDOWS\system32\sfc.dll
14:14:05.0687 2548 C:\WINDOWS\system32\sfc.dll - ok
14:14:05.0718 2548 [ 9858CC4D73A4CCF2F852FAE07C11A0B5 ] C:\WINDOWS\system32\sfc_os.dll
14:14:05.0718 2548 C:\WINDOWS\system32\sfc_os.dll - ok
14:14:05.0750 2548 [ 4FE9D9FA62D020E35E0AC6D1AEEB96F0 ] C:\WINDOWS\system32\ole32.dll
14:14:05.0750 2548 C:\WINDOWS\system32\ole32.dll - ok
14:14:05.0765 2548 [ ECA24AB73FCFFA754D4070CDB03529E3 ] C:\WINDOWS\system32\apphelp.dll
14:14:05.0765 2548 C:\WINDOWS\system32\apphelp.dll - ok
14:14:05.0781 2548 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
14:14:05.0781 2548 C:\WINDOWS\system32\services.exe - ok
14:14:05.0812 2548 [ 84885F9B82F4D55C6146EBF6065D75D2 ] C:\WINDOWS\system32\lsass.exe
14:14:05.0812 2548 C:\WINDOWS\system32\lsass.exe - ok
14:14:05.0843 2548 [ 39F3B6CC2932E103D72C4564F8A680AC ] C:\WINDOWS\system32\lsasrv.dll
14:14:05.0843 2548 C:\WINDOWS\system32\lsasrv.dll - ok
14:14:05.0875 2548 [ DA201A0A309B96381FD674D0FAB5DA86 ] C:\WINDOWS\system32\ncobjapi.dll
14:14:05.0875 2548 C:\WINDOWS\system32\ncobjapi.dll - ok
14:14:05.0906 2548 [ 1F57EB5B92B2AC7F9D71A77D184D8C13 ] C:\WINDOWS\system32\msvcp60.dll
14:14:05.0906 2548 C:\WINDOWS\system32\msvcp60.dll - ok
14:14:05.0937 2548 [ 9A42C1F3154545A4D32E5043038B01FA ] C:\WINDOWS\system32\scesrv.dll
14:14:05.0937 2548 C:\WINDOWS\system32\scesrv.dll - ok
14:14:05.0968 2548 [ 2CFE80AA3428C09E6DE67FAC50DA65CF ] C:\WINDOWS\system32\mpr.dll
14:14:05.0968 2548 C:\WINDOWS\system32\mpr.dll - ok
14:14:05.0984 2548 [ 6201BACF384292A5FE94CE73364AE53A ] C:\WINDOWS\system32\ntdsapi.dll
14:14:06.0000 2548 C:\WINDOWS\system32\ntdsapi.dll - ok
14:14:06.0015 2548 [ 176497D0E7AE618860552A4B5635B206 ] C:\WINDOWS\system32\dnsapi.dll
14:14:06.0015 2548 C:\WINDOWS\system32\dnsapi.dll - ok
14:14:06.0031 2548 [ B43A92C15AE97C6E609C88129CFEE53B ] C:\WINDOWS\system32\umpnpmgr.dll
14:14:06.0031 2548 C:\WINDOWS\system32\umpnpmgr.dll - ok
14:14:06.0062 2548 [ 43DA983415EA533F9E667FDB415F4655 ] C:\WINDOWS\system32\shimeng.dll
14:14:06.0062 2548 C:\WINDOWS\system32\shimeng.dll - ok
14:14:06.0093 2548 [ 10F36FA092D7A309A0647FCDC764AE6C ] C:\WINDOWS\system32\wldap32.dll
14:14:06.0093 2548 C:\WINDOWS\system32\wldap32.dll - ok
14:14:06.0125 2548 [ FB537F29A827D78F756154CF397A113F ] C:\WINDOWS\AppPatch\AcGenral.dll
14:14:06.0125 2548 C:\WINDOWS\AppPatch\AcGenral.dll - ok
14:14:06.0156 2548 [ EBE12F403FDE45E7312E7BF764BFB6C6 ] C:\WINDOWS\system32\samlib.dll
14:14:06.0156 2548 C:\WINDOWS\system32\samlib.dll - ok
14:14:06.0187 2548 [ E15154E7FDA8A580A8F74C7CC16B1FFE ] C:\WINDOWS\system32\samsrv.dll
14:14:06.0187 2548 C:\WINDOWS\system32\samsrv.dll - ok
14:14:06.0218 2548 [ EF5B64A9CD71ED27E837165C08DA4CC1 ] C:\WINDOWS\system32\cryptdll.dll
14:14:06.0218 2548 C:\WINDOWS\system32\cryptdll.dll - ok
14:14:06.0234 2548 [ 90FDAA22F38D9E911F91FA3B8A1F7E5D ] C:\WINDOWS\system32\winmm.dll
14:14:06.0234 2548 C:\WINDOWS\system32\winmm.dll - ok
14:14:06.0265 2548 [ B3742DEE858B243E77C73D2B8F7C8223 ] C:\WINDOWS\system32\oleaut32.dll
14:14:06.0265 2548 C:\WINDOWS\system32\oleaut32.dll - ok
14:14:06.0281 2548 [ 975D12353B1D525C0F3444C447FB3B9A ] C:\WINDOWS\system32\msacm32.dll
14:14:06.0281 2548 C:\WINDOWS\system32\msacm32.dll - ok
14:14:06.0312 2548 [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\system32\uxtheme.dll
14:14:06.0312 2548 C:\WINDOWS\system32\uxtheme.dll - ok
14:14:06.0343 2548 [ E484F006380A89A52CCC7828ECE5DCA0 ] C:\WINDOWS\system32\msapsspc.dll
14:14:06.0343 2548 C:\WINDOWS\system32\msapsspc.dll - ok
14:14:06.0375 2548 [ 146D198E3AD9D4B69C9EB0AEA6EF333B ] C:\WINDOWS\system32\msvcrt40.dll
14:14:06.0375 2548 C:\WINDOWS\system32\msvcrt40.dll - ok
14:14:06.0406 2548 [ 7B47C36B4F0170B8EF4F3B4EFD371F67 ] C:\WINDOWS\system32\schannel.dll
14:14:06.0406 2548 C:\WINDOWS\system32\schannel.dll - ok
14:14:06.0437 2548 [ 7F2310210256C0AC04A82285DEBC0F51 ] C:\WINDOWS\system32\digest.dll
14:14:06.0437 2548 C:\WINDOWS\system32\digest.dll - ok
14:14:06.0468 2548 [ BB1367FECA810F06B1AEA06D610B1E4F ] C:\WINDOWS\system32\msnsspc.dll
14:14:06.0468 2548 C:\WINDOWS\system32\msnsspc.dll - ok
14:14:06.0484 2548 [ 6BEC17053284E847CF1FBB8C9A181E1E ] C:\WINDOWS\system32\msprivs.dll
14:14:06.0484 2548 C:\WINDOWS\system32\msprivs.dll - ok
14:14:06.0515 2548 [ FE1F6432B5B64500FB2927098219EA8D ] C:\WINDOWS\system32\atmfd.dll
14:14:06.0515 2548 C:\WINDOWS\system32\atmfd.dll - ok
14:14:06.0531 2548 [ C0FE34F85B6D29368133587B1D6FA039 ] C:\WINDOWS\system32\kerberos.dll
14:14:06.0531 2548 C:\WINDOWS\system32\kerberos.dll - ok
14:14:06.0562 2548 [ 4E49D244C178505FEB090E37989D4045 ] C:\WINDOWS\system32\msv1_0.dll
14:14:06.0562 2548 C:\WINDOWS\system32\msv1_0.dll - ok
14:14:06.0593 2548 [ 42A1912DBDF8BCC087A1CAE008DB060C ] C:\WINDOWS\system32\iphlpapi.dll
14:14:06.0593 2548 C:\WINDOWS\system32\iphlpapi.dll - ok
14:14:06.0625 2548 [ 96353FCECBA774BB8DA74A1C6507015A ] C:\WINDOWS\system32\netlogon.dll
14:14:06.0625 2548 C:\WINDOWS\system32\netlogon.dll - ok
14:14:06.0656 2548 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] C:\WINDOWS\system32\w32time.dll
14:14:06.0656 2548 C:\WINDOWS\system32\w32time.dll - ok
14:14:06.0687 2548 [ 26ACBD865F8CFF730F1791C4D0854352 ] C:\WINDOWS\system32\rsaenh.dll
14:14:06.0687 2548 C:\WINDOWS\system32\rsaenh.dll - ok
14:14:06.0703 2548 [ DBB2E47723A164B178836668A6CA4C1B ] C:\WINDOWS\system32\wdigest.dll
14:14:06.0703 2548 C:\WINDOWS\system32\wdigest.dll - ok
14:14:06.0734 2548 [ 7BCB23FA39CE266AF4347A6BEAB60F8C ] C:\WINDOWS\system32\winscard.dll
14:14:06.0734 2548 C:\WINDOWS\system32\winscard.dll - ok
14:14:06.0765 2548 [ 67F2D109AB373FECEB819F420DB11F03 ] C:\WINDOWS\system32\wtsapi32.dll
14:14:06.0765 2548 C:\WINDOWS\system32\wtsapi32.dll - ok
14:14:06.0781 2548 [ 0F78E27F563F2AAF74B91A49E2ABF19A ] C:\WINDOWS\system32\scecli.dll
14:14:06.0781 2548 C:\WINDOWS\system32\scecli.dll - ok
14:14:06.0812 2548 [ F5DC168BF77572D51BE28BA261B30CB4 ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:14:06.0812 2548 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
14:14:06.0843 2548 [ 8F078AE4ED187AAABC0A305146DE6716 ] C:\WINDOWS\system32\svchost.exe
14:14:06.0843 2548 C:\WINDOWS\system32\svchost.exe - ok
14:14:06.0875 2548 [ DAA91B358E685FC6CCA9ACA72BE6FE85 ] C:\WINDOWS\system32\ntmarta.dll
14:14:06.0875 2548 C:\WINDOWS\system32\ntmarta.dll - ok
14:14:06.0906 2548 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] C:\WINDOWS\system32\rpcss.dll
14:14:06.0906 2548 C:\WINDOWS\system32\rpcss.dll - ok
14:14:06.0937 2548 [ 1320AEA7057A26A671D9548CC7BEBDA5 ] C:\WINDOWS\system32\xpsp2res.dll
14:14:06.0937 2548 C:\WINDOWS\system32\xpsp2res.dll - ok
14:14:06.0953 2548 [ 82B24CB70E5944E6E34662205A2A5B78 ] C:\WINDOWS\system32\eventlog.dll
14:14:06.0953 2548 C:\WINDOWS\system32\eventlog.dll - ok
14:14:06.0984 2548 [ 097722F235A1FB698BF9234E01B52637 ] C:\WINDOWS\system32\mswsock.dll
14:14:06.0984 2548 C:\WINDOWS\system32\mswsock.dll - ok
14:14:07.0015 2548 [ 765B30C776A1780B46B479FE614F707C ] C:\WINDOWS\system32\hnetcfg.dll
14:14:07.0015 2548 C:\WINDOWS\system32\hnetcfg.dll - ok
14:14:07.0031 2548 [ A7F95A53EE055115DF03588997A47D4D ] C:\WINDOWS\system32\wshtcpip.dll
14:14:07.0031 2548 C:\WINDOWS\system32\wshtcpip.dll - ok
14:14:07.0062 2548 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
14:14:07.0062 2548 C:\Program Files\Bonjour\mdnsNSP.dll - ok
14:14:07.0093 2548 [ 2C8FDB176F22629EA5342DB474FAC391 ] C:\WINDOWS\system32\winrnr.dll
14:14:07.0093 2548 C:\WINDOWS\system32\winrnr.dll - ok
14:14:07.0125 2548 [ 4CAEC028C1E21C75E17877D4522D3DB4 ] C:\WINDOWS\system32\rasadhlp.dll
14:14:07.0125 2548 C:\WINDOWS\system32\rasadhlp.dll - ok
14:14:07.0156 2548 [ 34D6CD56409DA9A7ED573E1C90A308BF ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:14:07.0156 2548 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:14:07.0171 2548 [ CB6CA3E5261D65F6F809EED23BF167AA ] C:\WINDOWS\system32\dhcpcsvc.dll
14:14:07.0171 2548 C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:14:07.0203 2548 [ 7379DE06FD196E396A00AA97B990C00D ] C:\WINDOWS\system32\dnsrslvr.dll
14:14:07.0203 2548 C:\WINDOWS\system32\dnsrslvr.dll - ok
14:14:07.0234 2548 [ B3EFF6D938C572E90A07B3D87A3C7657 ] C:\WINDOWS\system32\lmhsvc.dll
14:14:07.0234 2548 C:\WINDOWS\system32\lmhsvc.dll - ok
14:14:07.0265 2548 [ 5A91E6FEAB9F901302FA7FF768C0120F ] C:\WINDOWS\system32\wzcsvc.dll
14:14:07.0265 2548 C:\WINDOWS\system32\wzcsvc.dll - ok
14:14:07.0281 2548 [ 2030FA027E7C3E0A145649C03171457B ] C:\WINDOWS\system32\rtutils.dll
14:14:07.0281 2548 C:\WINDOWS\system32\rtutils.dll - ok
14:14:07.0312 2548 [ E682696D7F982494A8CFC80C5B59D422 ] C:\WINDOWS\system32\wmi.dll
14:14:07.0312 2548 C:\WINDOWS\system32\wmi.dll - ok
14:14:07.0343 2548 [ A57B8ACD54AFBE482042C285C2767EBF ] C:\WINDOWS\system32\esent.dll
14:14:07.0343 2548 C:\WINDOWS\system32\esent.dll - ok
14:14:07.0375 2548 [ 72F2CFC7653FB5ABB85789D28E26A643 ] C:\WINDOWS\system32\atl.dll
14:14:07.0375 2548 C:\WINDOWS\system32\atl.dll - ok
14:14:07.0406 2548 [ E26F50A92EE564F21C30501AA6173676 ] C:\WINDOWS\system32\clbcatq.dll
14:14:07.0406 2548 C:\WINDOWS\system32\clbcatq.dll - ok
14:14:07.0421 2548 [ 6728270CB7DBB776ED086F5AC4C82310 ] C:\WINDOWS\system32\comres.dll
14:14:07.0421 2548 C:\WINDOWS\system32\comres.dll - ok
14:14:07.0453 2548 [ 5414CCF382E4FCC6819ABA84F5BFEFD4 ] C:\WINDOWS\system32\rastls.dll
14:14:07.0453 2548 C:\WINDOWS\system32\rastls.dll - ok
14:14:07.0484 2548 [ 4AC302BF714DC163E685D0A187A36D0F ] C:\WINDOWS\system32\cryptui.dll
14:14:07.0484 2548 C:\WINDOWS\system32\cryptui.dll - ok
14:14:07.0515 2548 [ 602BB82E56758BC6E50B17741CD5F081 ] C:\WINDOWS\system32\wininet.dll
14:14:07.0515 2548 C:\WINDOWS\system32\wininet.dll - ok
14:14:07.0531 2548 [ 875D770F477E0AE0088BE1810D537B23 ] C:\WINDOWS\system32\activeds.dll
14:14:07.0531 2548 C:\WINDOWS\system32\activeds.dll - ok
14:14:07.0562 2548 [ 9F78F329B1858E845087B923B4DBA0F3 ] C:\WINDOWS\system32\mprapi.dll
14:14:07.0562 2548 C:\WINDOWS\system32\mprapi.dll - ok
14:14:07.0593 2548 [ 12A581CA44E53B09D24C5B94F252C78D ] C:\WINDOWS\system32\adsldpc.dll
14:14:07.0593 2548 C:\WINDOWS\system32\adsldpc.dll - ok
14:14:07.0625 2548 [ CD1F7ED9842138BEADF9ECBF37818BEF ] C:\WINDOWS\system32\rasapi32.dll
14:14:07.0625 2548 C:\WINDOWS\system32\rasapi32.dll - ok
14:14:07.0656 2548 [ 30E244A707E6CE0A4B099CD6384EC6CA ] C:\WINDOWS\system32\rasman.dll
14:14:07.0656 2548 C:\WINDOWS\system32\rasman.dll - ok
14:14:07.0671 2548 [ 6307A1B82F6CA87D7E0CDF49E6E7BC00 ] C:\WINDOWS\system32\tapi32.dll
14:14:07.0671 2548 C:\WINDOWS\system32\tapi32.dll - ok
14:14:07.0703 2548 [ A0BC687A49542C40EB60B7308F454E8A ] C:\WINDOWS\system32\riched20.dll
14:14:07.0703 2548 C:\WINDOWS\system32\riched20.dll - ok
14:14:07.0734 2548 [ 0B8EB60C983666C3F09AB770EDFD2F96 ] C:\WINDOWS\system32\raschap.dll
14:14:07.0734 2548 C:\WINDOWS\system32\raschap.dll - ok
14:14:07.0765 2548 [ 7DB59FFF2AF32C27EB2276424FA5EDDB ] C:\WINDOWS\system32\logonui.exe
14:14:07.0765 2548 C:\WINDOWS\system32\logonui.exe - ok
14:14:07.0781 2548 [ 587729679B4FE04CE06A5C61D6C56DCD ] C:\WINDOWS\system32\cscdll.dll
14:14:07.0781 2548 C:\WINDOWS\system32\cscdll.dll - ok
14:14:07.0812 2548 [ A599E5E366C1408E48AA5D37882D4E3E ] C:\WINDOWS\system32\wlnotify.dll
14:14:07.0812 2548 C:\WINDOWS\system32\wlnotify.dll - ok
14:14:07.0843 2548 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] C:\WINDOWS\system32\drivers\aswmon2.sys
14:14:07.0843 2548 C:\WINDOWS\system32\drivers\aswmon2.sys - ok
14:14:07.0875 2548 [ 777EB29D0135D81AD9828A2B05443496 ] C:\WINDOWS\system32\winspool.drv
14:14:07.0875 2548 C:\WINDOWS\system32\winspool.drv - ok
14:14:07.0890 2548 [ ED7E847905DD2797565B4B695E92F42B ] C:\WINDOWS\system32\duser.dll
14:14:07.0890 2548 C:\WINDOWS\system32\duser.dll - ok
14:14:07.0921 2548 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
14:14:07.0921 2548 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
14:14:07.0953 2548 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:14:07.0953 2548 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
14:14:07.0984 2548 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
14:14:07.0984 2548 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
14:14:08.0015 2548 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
14:14:08.0015 2548 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
14:14:08.0031 2548 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
14:14:08.0031 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
14:14:08.0062 2548 [ B5331F2B6F37C66C29C847F3B94FF900 ] C:\WINDOWS\system32\msimg32.dll
14:14:08.0062 2548 C:\WINDOWS\system32\msimg32.dll - ok
14:14:08.0093 2548 [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
14:14:08.0093 2548 C:\WINDOWS\system32\oleacc.dll - ok
14:14:08.0125 2548 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
14:14:08.0125 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
14:14:08.0140 2548 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\AVAST Software\Avast\ashBase.dll
14:14:08.0140 2548 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
14:14:08.0171 2548 [ 1D3A8A40F8045100A3E35C5F9BC6C5DE ] C:\WINDOWS\system32\shgina.dll
14:14:08.0171 2548 C:\WINDOWS\system32\shgina.dll - ok
14:14:08.0203 2548 [ 53AF9F2B2CE4B6EFF41C70417359D010 ] C:\WINDOWS\system32\wsock32.dll
14:14:08.0203 2548 C:\WINDOWS\system32\wsock32.dll - ok
14:14:08.0234 2548 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
14:14:08.0234 2548 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
14:14:08.0265 2548 [ 6479A184873F7CA797FF0375D711E9A6 ] C:\WINDOWS\system32\dbghelp.dll
14:14:08.0265 2548 C:\WINDOWS\system32\dbghelp.dll - ok
14:14:08.0281 2548 [ 4CC47E4FEA86625FD5419D864E6A16D1 ] C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
14:14:08.0281 2548 C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll - ok
14:14:08.0312 2548 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
14:14:08.0312 2548 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
14:14:08.0343 2548 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
14:14:08.0343 2548 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
14:14:08.0375 2548 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
14:14:08.0375 2548 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
14:14:08.0390 2548 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
14:14:08.0406 2548 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
14:14:08.0421 2548 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
14:14:08.0421 2548 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
14:14:08.0453 2548 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
14:14:08.0453 2548 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
14:14:08.0484 2548 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
14:14:08.0484 2548 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
14:14:08.0515 2548 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
14:14:08.0515 2548 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
14:14:08.0531 2548 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
14:14:08.0531 2548 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
14:14:08.0562 2548 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
14:14:08.0562 2548 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
14:14:08.0593 2548 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
14:14:08.0593 2548 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
14:14:08.0625 2548 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
14:14:08.0625 2548 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
14:14:08.0640 2548 [ 92360854316611F6CC471612213C3D92 ] C:\WINDOWS\system32\schedsvc.dll
14:14:08.0640 2548 C:\WINDOWS\system32\schedsvc.dll - ok
14:14:08.0671 2548 [ 249817F51C84D283E96E6B2580D21FFD ] C:\WINDOWS\system32\msidle.dll
14:14:08.0671 2548 C:\WINDOWS\system32\msidle.dll - ok
14:14:08.0703 2548 [ 7435B108B935E42EA92CA94F59C8E717 ] C:\WINDOWS\system32\spoolsv.exe
14:14:08.0703 2548 C:\WINDOWS\system32\spoolsv.exe - ok
14:14:08.0734 2548 [ DB66DB626E4882EBEF55F136F12C1829 ] C:\WINDOWS\system32\audiosrv.dll
14:14:08.0734 2548 C:\WINDOWS\system32\audiosrv.dll - ok
14:14:08.0765 2548 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] C:\WINDOWS\system32\wkssvc.dll
14:14:08.0765 2548 C:\WINDOWS\system32\wkssvc.dll - ok
14:14:08.0781 2548 [ 1869C1A8ABB6D3E0B7FA81EE4346DC14 ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswEngin.dll
14:14:08.0781 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswEngin.dll - ok
14:14:08.0812 2548 [ 51230212AE7F8159A90F06A7EA30DD8A ] C:\WINDOWS\system32\cscui.dll
14:14:08.0812 2548 C:\WINDOWS\system32\cscui.dll - ok
14:14:08.0843 2548 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnOS.dll
14:14:08.0843 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnOS.dll - ok
14:14:08.0875 2548 [ 1B5F6923ABB450692E9FE0672C897AED ] C:\WINDOWS\system32\powrprof.dll
14:14:08.0875 2548 C:\WINDOWS\system32\powrprof.dll - ok
14:14:08.0890 2548 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnIS.dll
14:14:08.0890 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnIS.dll - ok
14:14:08.0921 2548 [ D6A8DC8C374EEA24744F2D4E87CA0E7E ] C:\WINDOWS\system32\wdmaud.drv
14:14:08.0921 2548 C:\WINDOWS\system32\wdmaud.drv - ok
14:14:08.0953 2548 [ 2D7ADA0265BECAB304C1DB95248E8610 ] C:\WINDOWS\system32\dpcdll.dll
14:14:08.0953 2548 C:\WINDOWS\system32\dpcdll.dll - ok
14:14:08.0984 2548 [ 2797F33EBF50466020C430EE4F037933 ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:14:08.0984 2548 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:14:09.0015 2548 [ 650AD082D46BAC0E64C9C0E0928492FD ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:14:09.0015 2548 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:14:09.0031 2548 [ 16D72F62FBF97AFD0511BCFE4C732EA9 ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnBS.dll
14:14:09.0031 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswCmnBS.dll - ok
14:14:09.0062 2548 [ 45551558282528DD5AD76606D51E6F09 ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswScan.dll
14:14:09.0062 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswScan.dll - ok
14:14:09.0093 2548 [ 8E186B8F23295D1E42C573B82B80D548 ] C:\WINDOWS\system32\drivers\splitter.sys
14:14:09.0093 2548 C:\WINDOWS\system32\drivers\splitter.sys - ok
14:14:09.0125 2548 [ 841F385C6CFAF66B58FBD898722BB4F0 ] C:\WINDOWS\system32\drivers\aec.sys
14:14:09.0125 2548 C:\WINDOWS\system32\drivers\aec.sys - ok
14:14:09.0140 2548 [ 39B1FFB03C2296323832ACBAE50D2AFF ] C:\WINDOWS\system32\userinit.exe
14:14:09.0140 2548 C:\WINDOWS\system32\userinit.exe - ok
14:14:09.0171 2548 [ B174DE0DE6C9AA8AFFD3B926653E625F ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
14:14:09.0171 2548 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
14:14:09.0203 2548 [ E2D37F405E21BE2534FF4A84F5032ECA ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswRep.dll
14:14:09.0203 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswRep.dll - ok
14:14:09.0234 2548 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] C:\WINDOWS\system32\drivers\swmidi.sys
14:14:09.0234 2548 C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:14:09.0265 2548 [ A0732187050030AE399B241436565E64 ] C:\WINDOWS\explorer.exe
14:14:09.0265 2548 C:\WINDOWS\explorer.exe - ok
14:14:09.0281 2548 [ A6F881284AC1150E37D9AE47FF601267 ] C:\WINDOWS\system32\drivers\DMusic.sys
14:14:09.0281 2548 C:\WINDOWS\system32\drivers\DMusic.sys - ok
14:14:09.0312 2548 [ D93CAD07C5683DB066B0B2D2D3790EAD ] C:\WINDOWS\system32\drivers\kmixer.sys
14:14:09.0312 2548 C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:14:09.0343 2548 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:14:09.0343 2548 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:14:09.0375 2548 [ C71A884DD6F8CFFA87D70FB75857449C ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswFiDb.dll
14:14:09.0375 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswFiDb.dll - ok
14:14:09.0390 2548 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:14:09.0390 2548 C:\WINDOWS\system32\msacm32.drv - ok
14:14:09.0421 2548 [ 3B4702155BB2AE9DC00C06A68834BDFA ] C:\WINDOWS\system32\midimap.dll
14:14:09.0421 2548 C:\WINDOWS\system32\midimap.dll - ok
14:14:09.0453 2548 [ DF51AE7FFE9625165821BD24A87F26E5 ] C:\WINDOWS\system32\browseui.dll
14:14:09.0453 2548 C:\WINDOWS\system32\browseui.dll - ok
14:14:09.0484 2548 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
14:14:09.0484 2548 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
14:14:09.0515 2548 [ 138D8F403EECD37985BF2799F2B30B79 ] C:\WINDOWS\system32\shdocvw.dll
14:14:09.0515 2548 C:\WINDOWS\system32\shdocvw.dll - ok
14:14:09.0531 2548 [ 8BB06C11677774CB1F95A88692A7B034 ] C:\Program Files\AVAST Software\Avast\defs\12100301\algo.dll
14:14:09.0531 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\algo.dll - ok
14:14:09.0562 2548 [ C98FAC19A0FFA2A65F2BD73FA2D9D693 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
14:14:09.0562 2548 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
14:14:09.0593 2548 [ 1CBC000ECD2DE2E6FD2B19BC9AABCC52 ] C:\WINDOWS\system32\msi.dll
14:14:09.0593 2548 C:\WINDOWS\system32\msi.dll - ok
14:14:09.0625 2548 [ E931B4DD87DFACE46468FD506FDCD262 ] C:\WINDOWS\system32\desk.cpl
14:14:09.0625 2548 C:\WINDOWS\system32\desk.cpl - ok
14:14:09.0640 2548 [ E6796D51CED309E46D29C0B787735615 ] C:\WINDOWS\system32\themeui.dll
14:14:09.0640 2548 C:\WINDOWS\system32\themeui.dll - ok
14:14:09.0671 2548 [ 46EDCC8F2DB2F322C24F48785CB46366 ] C:\WINDOWS\system32\drivers\mrxdav.sys
14:14:09.0671 2548 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
14:14:09.0703 2548 [ 13510490BEA0997DB625DAA0178CBFCA ] C:\WINDOWS\system32\actxprxy.dll
14:14:09.0703 2548 C:\WINDOWS\system32\actxprxy.dll - ok
14:14:09.0734 2548 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] C:\WINDOWS\system32\webclnt.dll
14:14:09.0734 2548 C:\WINDOWS\system32\webclnt.dll - ok
14:14:09.0765 2548 [ 9F156B58502D897F28FFC54E37B11E15 ] C:\WINDOWS\system32\urlmon.dll
14:14:09.0765 2548 C:\WINDOWS\system32\urlmon.dll - ok
14:14:09.0781 2548 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
14:14:09.0781 2548 C:\WINDOWS\system32\drivers\parvdm.sys - ok
14:14:09.0812 2548 [ CD89FBA8CC72646D00DAF0EE89C27514 ] C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
14:14:09.0812 2548 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe - ok
14:14:09.0843 2548 [ EEB024F2C81F0D55936FB825D21A91D6 ] C:\WINDOWS\system32\cmd.exe
14:14:09.0843 2548 C:\WINDOWS\system32\cmd.exe - ok
14:14:09.0859 2548 [ AF44F7E027037628F1FAC3C13CDE73E6 ] C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
14:14:09.0859 2548 C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe - ok
14:14:09.0890 2548 [ 0A78DBCEB73BF14086DDDDFD640CB6A6 ] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
14:14:09.0890 2548 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe - ok
14:14:09.0921 2548 [ B90F3789852CB8725833220CCCD1C9D1 ] C:\WINDOWS\system32\fltlib.dll
14:14:09.0921 2548 C:\WINDOWS\system32\fltlib.dll - ok
14:14:09.0953 2548 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
14:14:09.0953 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
14:14:09.0984 2548 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
14:14:09.0984 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
14:14:10.0015 2548 [ CAD4AA32E7ECA00C23CC39C0EB833F9D ] C:\WINDOWS\system32\cryptnet.dll
14:14:10.0015 2548 C:\WINDOWS\system32\cryptnet.dll - ok
14:14:10.0031 2548 [ DCE3C277C4C9ADBC11850DBC4AD131B3 ] C:\WINDOWS\system32\winhttp.dll
14:14:10.0031 2548 C:\WINDOWS\system32\winhttp.dll - ok
14:14:10.0062 2548 [ B8114963F8D9A57EB56B8C977C7D225C ] C:\Program Files\Common Files\Acronis\SnapAPI\snapapi.dll
14:14:10.0062 2548 C:\Program Files\Common Files\Acronis\SnapAPI\snapapi.dll - ok
14:14:10.0093 2548 [ 10654F9DDCEA9C46CFB77554231BE73B ] C:\WINDOWS\system32\cryptsvc.dll
14:14:10.0093 2548 C:\WINDOWS\system32\cryptsvc.dll - ok
14:14:10.0109 2548 [ 6E205319848B8AF2A0DA52B8D63DB91E ] C:\WINDOWS\system32\sensapi.dll
14:14:10.0109 2548 C:\WINDOWS\system32\sensapi.dll - ok
14:14:10.0140 2548 [ A12175F063302CD68F8FC6D572D7E5FD ] C:\Program Files\Java\jre7\bin\jqs.exe
14:14:10.0140 2548 C:\Program Files\Java\jre7\bin\jqs.exe - ok
14:14:10.0171 2548 [ AD44C5BC21213F394F6AFCB55CC39293 ] C:\WINDOWS\system32\certcli.dll
14:14:10.0171 2548 C:\WINDOWS\system32\certcli.dll - ok
14:14:10.0203 2548 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
14:14:10.0203 2548 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
14:14:10.0234 2548 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] C:\WINDOWS\system32\ersvc.dll
14:14:10.0234 2548 C:\WINDOWS\system32\ersvc.dll - ok
14:14:10.0265 2548 [ 60D1A6342238378BFB7545C81EE3606C ] C:\WINDOWS\system32\es.dll
14:14:10.0265 2548 C:\WINDOWS\system32\es.dll - ok
14:14:10.0281 2548 [ 08F0190AE201EC331B4CA3B0FA2D2CCE ] C:\WINDOWS\system32\cabinet.dll
14:14:10.0281 2548 C:\WINDOWS\system32\cabinet.dll - ok
14:14:10.0312 2548 [ 8827911A8C37E40C027CBFC88E69D967 ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
14:14:10.0312 2548 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
14:14:10.0343 2548 [ 9376E6893E52B368ABC6255BF54F0B28 ] C:\WINDOWS\system32\hidserv.dll
14:14:10.0343 2548 C:\WINDOWS\system32\hidserv.dll - ok
14:14:10.0359 2548 [ 18AFEE0EDE045B6255408D634372DC29 ] C:\WINDOWS\system32\hid.dll
14:14:10.0359 2548 C:\WINDOWS\system32\hid.dll - ok
14:14:10.0390 2548 [ DB963459BEA73867E50BC92D3A3F61BC ] C:\WINDOWS\system32\pdh.dll
14:14:10.0390 2548 C:\WINDOWS\system32\pdh.dll - ok
14:14:10.0421 2548 [ 7AA15CCBE1DD20339200659AF99D588F ] C:\WINDOWS\system32\odbcbcp.dll
14:14:10.0421 2548 C:\WINDOWS\system32\odbcbcp.dll - ok
14:14:10.0453 2548 [ D1E299962B5956005113EC4AB1E0D9B7 ] C:\WINDOWS\system32\ipsecsvc.dll
14:14:10.0453 2548 C:\WINDOWS\system32\ipsecsvc.dll - ok
14:14:10.0484 2548 [ 93D32468D34E000CB3407947D1D6E22A ] C:\WINDOWS\system32\srvsvc.dll
14:14:10.0484 2548 C:\WINDOWS\system32\srvsvc.dll - ok
14:14:10.0515 2548 [ FC77C63C47AE2D0D8B05DA6EC1785C0F ] C:\WINDOWS\system32\perfos.dll
14:14:10.0515 2548 C:\WINDOWS\system32\perfos.dll - ok
14:14:10.0531 2548 [ BA868A32EB6EB8EBD2FF0D8679801DEF ] C:\WINDOWS\system32\perfdisk.dll
14:14:10.0531 2548 C:\WINDOWS\system32\perfdisk.dll - ok
14:14:10.0562 2548 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
14:14:10.0562 2548 C:\WINDOWS\system32\netmsg.dll - ok
14:14:10.0578 2548 [ E7E39B9152E6C27E5F608574EA6C5A52 ] C:\WINDOWS\system32\oakley.dll
14:14:10.0578 2548 C:\WINDOWS\system32\oakley.dll - ok
14:14:10.0609 2548 [ B1E0CE09895376871746F36DC5773B4F ] C:\WINDOWS\system32\seclogon.dll
14:14:10.0609 2548 C:\WINDOWS\system32\seclogon.dll - ok
14:14:10.0640 2548 [ DFD9870CF39C791D86C4C209DA9FA919 ] C:\WINDOWS\system32\sens.dll
14:14:10.0640 2548 C:\WINDOWS\system32\sens.dll - ok
14:14:10.0671 2548 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] C:\WINDOWS\system32\srsvc.dll
14:14:10.0671 2548 C:\WINDOWS\system32\srsvc.dll - ok
14:14:10.0703 2548 [ 2B2F31E3F2CE3723C1B0F3700C8BE28B ] C:\WINDOWS\system32\winipsec.dll
14:14:10.0703 2548 C:\WINDOWS\system32\winipsec.dll - ok
14:14:10.0734 2548 [ 306B30A036DB25FCB76B507FEDE07D58 ] C:\WINDOWS\system32\pstorsvc.dll
14:14:10.0734 2548 C:\WINDOWS\system32\pstorsvc.dll - ok
14:14:10.0765 2548 [ 7A4F147CC6B133F905F6E65E2F8669FB ] C:\WINDOWS\system32\drivers\srv.sys
14:14:10.0765 2548 C:\WINDOWS\system32\drivers\srv.sys - ok
14:14:10.0781 2548 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] C:\WINDOWS\system32\trkwks.dll
14:14:10.0781 2548 C:\WINDOWS\system32\trkwks.dll - ok
14:14:10.0812 2548 [ 4D3CCDF22D2B4BAE229BA73B81D13E26 ] C:\WINDOWS\system32\psbase.dll
14:14:10.0812 2548 C:\WINDOWS\system32\psbase.dll - ok
14:14:10.0828 2548 [ F399242A80C4066FD155EFA4CF96658E ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:14:10.0828 2548 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:14:10.0859 2548 [ CACD2C63A79268D131EA37E85524CC44 ] C:\WINDOWS\system32\dssenh.dll
14:14:10.0859 2548 C:\WINDOWS\system32\dssenh.dll - ok
14:14:10.0890 2548 [ 79DABB124D00ADF19852AE879C201890 ] C:\WINDOWS\system32\vssapi.dll
14:14:10.0890 2548 C:\WINDOWS\system32\vssapi.dll - ok
14:14:10.0921 2548 [ 4D59DAA66C60858CDF4F67A900F42D4A ] C:\WINDOWS\system32\wscsvc.dll
14:14:10.0921 2548 C:\WINDOWS\system32\wscsvc.dll - ok
14:14:10.0953 2548 [ BF52A4D4EB4CFB3109667E429B93E21A ] C:\WINDOWS\system32\netshell.dll
14:14:10.0953 2548 C:\WINDOWS\system32\netshell.dll - ok
14:14:10.0984 2548 [ 1ECB753D7CEEC8F5A94C9781CA64EC44 ] C:\WINDOWS\system32\credui.dll
14:14:10.0984 2548 C:\WINDOWS\system32\credui.dll - ok
14:14:11.0015 2548 [ 652603D2A664D9BFC1D5EB0A9FAEA016 ] C:\WINDOWS\system32\comsvcs.dll
14:14:11.0015 2548 C:\WINDOWS\system32\comsvcs.dll - ok
14:14:11.0031 2548 [ 99F43B9B76C88ACEAD42FE84744F8C87 ] C:\WINDOWS\system32\mtxclu.dll
14:14:11.0031 2548 C:\WINDOWS\system32\mtxclu.dll - ok
14:14:11.0062 2548 [ 01A04FB59E76697C9171B6327274D371 ] C:\WINDOWS\system32\colbact.dll
14:14:11.0062 2548 C:\WINDOWS\system32\colbact.dll - ok
14:14:11.0078 2548 [ 98C1FF6676E02D43DA208802286A6EE7 ] C:\WINDOWS\system32\clusapi.dll
14:14:11.0078 2548 C:\WINDOWS\system32\clusapi.dll - ok
14:14:11.0109 2548 [ 2738C8A33FF07DD3C99C7C8F0A85DA72 ] C:\WINDOWS\system32\resutils.dll
14:14:11.0109 2548 C:\WINDOWS\system32\resutils.dll - ok
14:14:11.0140 2548 [ 8DC664B45019F14485CFBF84D8B90036 ] C:\WINDOWS\system32\mtxoci.dll
14:14:11.0140 2548 C:\WINDOWS\system32\mtxoci.dll - ok
14:14:11.0171 2548 [ 87B85BC1E1F6E0228876204A20A9C24C ] C:\WINDOWS\system32\spoolss.dll
14:14:11.0171 2548 C:\WINDOWS\system32\spoolss.dll - ok
14:14:11.0203 2548 [ 2E632F071817AD3758C386571CBD9858 ] C:\WINDOWS\system32\localspl.dll
14:14:11.0203 2548 C:\WINDOWS\system32\localspl.dll - ok
14:14:11.0234 2548 [ 7105749E78925FDFFD078DD54A8C2B70 ] C:\WINDOWS\system32\cnbjmon.dll
14:14:11.0234 2548 C:\WINDOWS\system32\cnbjmon.dll - ok
14:14:11.0265 2548 [ C44BC10BA73575C91FF50CDAF4D8E370 ] C:\WINDOWS\system32\pjlmon.dll
14:14:11.0265 2548 C:\WINDOWS\system32\pjlmon.dll - ok
14:14:11.0281 2548 [ A3F853629F7F2537157EA6EA9857EA56 ] C:\WINDOWS\system32\tcpmon.dll
14:14:11.0281 2548 C:\WINDOWS\system32\tcpmon.dll - ok
14:14:11.0296 2548 [ 242D07D7FC72AD897944BFF932D57C3C ] C:\WINDOWS\system32\usbmon.dll
14:14:11.0296 2548 C:\WINDOWS\system32\usbmon.dll - ok
14:14:11.0328 2548 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:14:11.0328 2548 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:14:11.0359 2548 [ 84A5644AE4731202A4A02E6342D29BA6 ] C:\WINDOWS\system32\netrap.dll
14:14:11.0359 2548 C:\WINDOWS\system32\netrap.dll - ok
14:14:11.0390 2548 [ A1C10F87248529173F39F4B4734DF14B ] C:\WINDOWS\system32\win32spl.dll
14:14:11.0390 2548 C:\WINDOWS\system32\win32spl.dll - ok
14:14:11.0421 2548 [ F14A6BD840E4D7CD4C0535CB3CEF2887 ] C:\WINDOWS\system32\inetpp.dll
14:14:11.0421 2548 C:\WINDOWS\system32\inetpp.dll - ok
14:14:11.0453 2548 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
14:14:11.0453 2548 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
14:14:11.0484 2548 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] C:\WINDOWS\system32\browser.dll
14:14:11.0484 2548 C:\WINDOWS\system32\browser.dll - ok
14:14:11.0515 2548 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
14:14:11.0515 2548 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
14:14:11.0531 2548 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
14:14:11.0531 2548 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
14:14:11.0546 2548 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
14:14:11.0546 2548 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
14:14:11.0578 2548 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
14:14:11.0578 2548 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
14:14:11.0609 2548 [ 851547797C2A7F8A04841644C471A567 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:14:11.0609 2548 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:14:11.0640 2548 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
14:14:11.0640 2548 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
14:14:11.0671 2548 [ 4E39C36213E95FB971A61A247BDE2F61 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:14:11.0671 2548 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:14:11.0703 2548 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
14:14:11.0703 2548 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
14:14:11.0734 2548 [ 36360B625D7290BBA2CD03AD4975E1BC ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:14:11.0734 2548 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:14:11.0765 2548 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
14:14:11.0765 2548 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
14:14:11.0781 2548 [ DE578E4E6844954823FC7688625F00C8 ] C:\WINDOWS\system32\wbem\esscli.dll
14:14:11.0781 2548 C:\WINDOWS\system32\wbem\esscli.dll - ok
14:14:11.0812 2548 [ AFDCC326174D131C374766FEB946F496 ] C:\Program Files\Java\jre7\bin\awt.dll
14:14:11.0812 2548 C:\Program Files\Java\jre7\bin\awt.dll - ok
14:14:11.0828 2548 [ 47B5CF49EF651E9954231BA079A95058 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
14:14:11.0828 2548 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
14:14:11.0859 2548 [ 950DF6295D3C6B5F2D508DCB1B275B87 ] C:\WINDOWS\system32\wbem\fastprox.dll
14:14:11.0859 2548 C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:14:11.0890 2548 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswAR.dll
14:14:11.0890 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswAR.dll - ok
14:14:11.0921 2548 [ 7D676AC8CC19341117C77C261647BA07 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:14:11.0921 2548 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:14:11.0953 2548 [ 0A1161DB4FCCF7821736C70D70A0F5A3 ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:14:11.0953 2548 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:14:11.0984 2548 [ 9A66728EFE501D855D0FFE3DE023CE32 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:14:11.0984 2548 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:14:12.0015 2548 [ 80B1AA84CD23724C284AD5988F208EB3 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:14:12.0015 2548 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:14:12.0031 2548 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12100301\aswRawFS.dll
14:14:12.0031 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\aswRawFS.dll - ok
14:14:12.0062 2548 [ 615F729DF8E1E7160445858C6D32C910 ] C:\Program Files\Java\jre7\bin\dcpr.dll
14:14:12.0062 2548 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
14:14:12.0078 2548 [ 6708E1DDF12CAB2D5B5A2B66B76E0038 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:14:12.0078 2548 C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:14:12.0109 2548 [ 40D1D0A2569395D34A7CE070F99A5365 ] C:\Program Files\Java\jre7\bin\deploy.dll
14:14:12.0109 2548 C:\Program Files\Java\jre7\bin\deploy.dll - ok
14:14:12.0140 2548 [ DA443EC760094294B23EBDE1CB1FF213 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
14:14:12.0140 2548 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
14:14:12.0171 2548 [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll
14:14:12.0171 2548 C:\WINDOWS\system32\wuapi.dll - ok
14:14:12.0203 2548 [ 26F2B2669BBEEFA02DCC8052701D9563 ] C:\Program Files\Java\jre7\bin\java.dll
14:14:12.0203 2548 C:\Program Files\Java\jre7\bin\java.dll - ok
14:14:12.0234 2548 [ 5BD255C0051A41738FCB67F3A0C68DCA ] C:\Program Files\Java\jre7\bin\javaw.exe
14:14:12.0234 2548 C:\Program Files\Java\jre7\bin\javaw.exe - ok
14:14:12.0265 2548 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
14:14:12.0265 2548 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
14:14:12.0281 2548 [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\system32\wups.dll
14:14:12.0281 2548 C:\WINDOWS\system32\wups.dll - ok
14:14:12.0312 2548 [ 6AE613FFF9F9DFEE552652662BFABE41 ] C:\WINDOWS\system32\wbem\ncprov.dll
14:14:12.0312 2548 C:\WINDOWS\system32\wbem\ncprov.dll - ok
14:14:12.0328 2548 [ 8CB1564D5084BAA5B79A77CBC92621C5 ] C:\Program Files\Java\jre7\bin\jp2native.dll
14:14:12.0328 2548 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
14:14:12.0359 2548 [ 9A85F6C0D35643AA02199C95ECCE2CF1 ] C:\Program Files\Java\jre7\bin\jpeg.dll
14:14:12.0359 2548 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
14:14:12.0390 2548 [ 9CD4C33E2115E4EFF7836ADA562847D6 ] C:\WINDOWS\system32\oledlg.dll
14:14:12.0390 2548 C:\WINDOWS\system32\oledlg.dll - ok
14:14:12.0421 2548 [ 687A1BEA3FEF91B75F8CF46B0620C9D7 ] C:\Program Files\Java\jre7\bin\net.dll
14:14:12.0421 2548 C:\Program Files\Java\jre7\bin\net.dll - ok
14:14:12.0453 2548 [ 8C1D980BD50D81261B770B47C1553976 ] C:\Program Files\Java\jre7\bin\nio.dll
14:14:12.0453 2548 C:\Program Files\Java\jre7\bin\nio.dll - ok
14:14:12.0484 2548 [ 8CC69BCE988C0921CCFE7AFFEA394B17 ] C:\Program Files\Java\jre7\bin\verify.dll
14:14:12.0484 2548 C:\Program Files\Java\jre7\bin\verify.dll - ok
14:14:12.0515 2548 [ 53696AD8FFC5FAC51949A525FF65A689 ] C:\WINDOWS\system32\drivers\afcdp.sys
14:14:12.0515 2548 C:\WINDOWS\system32\drivers\afcdp.sys - ok
14:14:12.0531 2548 [ B60C877D16D9C880B952FDA04ADF16E6 ] C:\WINDOWS\system32\termsrv.dll
14:14:12.0531 2548 C:\WINDOWS\system32\termsrv.dll - ok
14:14:12.0546 2548 [ D18D28CEF9FEA09359C7DE7BE3669F66 ] C:\WINDOWS\system32\wbem\wbemcons.dll
14:14:12.0546 2548 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
14:14:12.0578 2548 [ 2A65F096DFEFD5AF498A43CD53D53B0C ] C:\Program Files\Java\jre7\bin\zip.dll
14:14:12.0578 2548 C:\Program Files\Java\jre7\bin\zip.dll - ok
14:14:12.0609 2548 [ 37E7DB460A5315E4609B212C6C014527 ] C:\WINDOWS\system32\icaapi.dll
14:14:12.0609 2548 C:\WINDOWS\system32\icaapi.dll - ok
14:14:12.0640 2548 [ F5EE7CACD1784241F138A5E55B715897 ] C:\WINDOWS\system32\mstlsapi.dll
14:14:12.0640 2548 C:\WINDOWS\system32\mstlsapi.dll - ok
14:14:12.0671 2548 [ 87CA7CE6469577F059297B9D6556D66D ] C:\WINDOWS\system32\imm32.dll
14:14:12.0671 2548 C:\WINDOWS\system32\imm32.dll - ok
14:14:12.0703 2548 [ 49911DD39E023BB6C45E4E436CFBD297 ] C:\WINDOWS\system32\wscntfy.exe
14:14:12.0703 2548 C:\WINDOWS\system32\wscntfy.exe - ok
14:14:12.0734 2548 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\DOCUME~1\Quest\LOCALS~1\temp\952EAA15-E6A3-4D72-90DF-67766EF3DB2A.exe
14:14:12.0734 2548 C:\DOCUME~1\Quest\LOCALS~1\temp\952EAA15-E6A3-4D72-90DF-67766EF3DB2A.exe - ok
14:14:12.0765 2548 [ 385E9AEC6E100DBEBEE5BD1F27A55E1D ] C:\WINDOWS\system32\ntshrui.dll
14:14:12.0765 2548 C:\WINDOWS\system32\ntshrui.dll - ok
14:14:12.0781 2548 [ D810CB25C7A41BB56FDA92C9B24D1396 ] C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
14:14:12.0781 2548 C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe - ok
14:14:12.0796 2548 [ 53E7EE89FD12FFD470B25EF6CFC05C06 ] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
14:14:12.0796 2548 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe - ok
14:14:12.0828 2548 [ DAB9E6C7105D2EF49876FE92C524F565 ] C:\WINDOWS\system32\netman.dll
14:14:12.0828 2548 C:\WINDOWS\system32\netman.dll - ok
14:14:12.0859 2548 [ 9A9BBC71D0EBCD400A33ABCD5F0AB39C ] C:\WINDOWS\system32\wzcsapi.dll
14:14:12.0859 2548 C:\WINDOWS\system32\wzcsapi.dll - ok
14:14:12.0890 2548 [ B3710D5900EA1A07D531E443C1979CA6 ] C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll
14:14:12.0890 2548 C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll - ok
14:14:12.0921 2548 [ BAD0D303EF0A519409C625738F3E10A3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:14:12.0921 2548 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
14:14:12.0953 2548 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:14:12.0953 2548 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
14:14:12.0984 2548 [ 28F9344A4ADFE21D1BE8D05B2529DF4A ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
14:14:12.0984 2548 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
14:14:13.0015 2548 [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
14:14:13.0015 2548 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
14:14:13.0031 2548 [ 3AA02E4DBFC15CAC83EDE9784D130E53 ] C:\Program Files\Acronis\TrueImageHome\Common\resource.dll
14:14:13.0031 2548 C:\Program Files\Acronis\TrueImageHome\Common\resource.dll - ok
14:14:13.0046 2548 [ C2BBD044C741EA4292016C36F718D2E4 ] C:\WINDOWS\system32\linkinfo.dll
14:14:13.0046 2548 C:\WINDOWS\system32\linkinfo.dll - ok
14:14:13.0078 2548 [ DA23A12845607133ACF1DB3502D4E575 ] C:\WINDOWS\system32\msisip.dll
14:14:13.0078 2548 C:\WINDOWS\system32\msisip.dll - ok
14:14:13.0109 2548 [ 339089D6C3FC3BC5CED8D9049C4D2101 ] C:\WINDOWS\system32\upnp.dll
14:14:13.0109 2548 C:\WINDOWS\system32\upnp.dll - ok
14:14:13.0140 2548 [ 423069307FB726E51E2A66F1C3F738FE ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
14:14:13.0140 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok
14:14:13.0171 2548 [ A42C79BF8C1921CE37DAF0C2AD708CCD ] C:\WINDOWS\system32\wshext.dll
14:14:13.0171 2548 C:\WINDOWS\system32\wshext.dll - ok
14:14:13.0203 2548 [ 3196A17F47585A1CE5052F3A6C9CDF89 ] C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\Common\gc.dll
14:14:13.0203 2548 C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\Common\gc.dll - ok
14:14:13.0234 2548 [ 4602907535FD682195DFFF9117365826 ] C:\WINDOWS\system32\mfc42.dll
14:14:13.0234 2548 C:\WINDOWS\system32\mfc42.dll - ok
14:14:13.0265 2548 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\95790947.sys
14:14:13.0265 2548 C:\WINDOWS\system32\drivers\95790947.sys - ok
14:14:13.0281 2548 [ 5B8DFA748FA4845BC04445A30126F2E9 ] C:\WINDOWS\system32\ssdpapi.dll
14:14:13.0281 2548 C:\WINDOWS\system32\ssdpapi.dll - ok
14:14:13.0312 2548 [ 9F8B0F4276F618964FD118BE4289B7CD ] C:\WINDOWS\system32\drivers\http.sys
14:14:13.0312 2548 C:\WINDOWS\system32\drivers\http.sys - ok
14:14:13.0343 2548 [ 8592754160F46F3CCD634DFB889E8771 ] C:\Program Files\Acronis\TrueImageHome\Common\thread_pool.dll
14:14:13.0343 2548 C:\Program Files\Acronis\TrueImageHome\Common\thread_pool.dll - ok
14:14:13.0375 2548 [ 4B8D61792F7175BED48859CC18CE4E38 ] C:\WINDOWS\system32\ssdpsrv.dll
14:14:13.0375 2548 C:\WINDOWS\system32\ssdpsrv.dll - ok
14:14:13.0406 2548 [ A63A0EA8E31A3BBD32A03B269C7E5657 ] C:\Program Files\Acronis\TrueImageHome\Common\rpc_client.dll
14:14:13.0406 2548 C:\Program Files\Acronis\TrueImageHome\Common\rpc_client.dll - ok
14:14:13.0437 2548 [ 387FD826630C57270A42EC070F70F420 ] C:\Program Files\3RVX\3RVX.exe
14:14:13.0437 2548 C:\Program Files\3RVX\3RVX.exe - ok
14:14:13.0468 2548 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
14:14:13.0468 2548 C:\WINDOWS\system32\mscoree.dll - ok
14:14:13.0500 2548 [ A29E27328CAA54EE94104694270FD8D0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
14:14:13.0500 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
14:14:13.0515 2548 [ 6501DB5182D5A8C0F1F1707286161D66 ] C:\WINDOWS\system32\webcheck.dll
14:14:13.0515 2548 C:\WINDOWS\system32\webcheck.dll - ok
14:14:13.0531 2548 [ E3AE8DC04643850D2DFD431443558B28 ] C:\WINDOWS\system32\netcfgx.dll
14:14:13.0531 2548 C:\WINDOWS\system32\netcfgx.dll - ok
14:14:13.0562 2548 [ 297101A925ECFFDCDF7F6341FFBB6C1A ] C:\WINDOWS\system32\stobject.dll
14:14:13.0562 2548 C:\WINDOWS\system32\stobject.dll - ok
14:14:13.0593 2548 [ 4E6EEEA8EB9302D604603D4758C05E75 ] C:\WINDOWS\system32\batmeter.dll
14:14:13.0593 2548 C:\WINDOWS\system32\batmeter.dll - ok
14:14:13.0625 2548 [ 41A3C11E3517C962C9B44893BCEC3B34 ] C:\WINDOWS\system32\rasmans.dll
14:14:13.0625 2548 C:\WINDOWS\system32\rasmans.dll - ok
14:14:13.0656 2548 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] C:\WINDOWS\system32\tapisrv.dll
14:14:13.0656 2548 C:\WINDOWS\system32\tapisrv.dll - ok
14:14:13.0687 2548 [ 1D536BEBC30DD8D0D3B6FF3B0CD2D32B ] C:\WINDOWS\system32\rastapi.dll
14:14:13.0687 2548 C:\WINDOWS\system32\rastapi.dll - ok
14:14:13.0718 2548 [ 1DFD6E8DA0FE2D14A5FA12CFCFB162C1 ] C:\WINDOWS\system32\unimdm.tsp
14:14:13.0718 2548 C:\WINDOWS\system32\unimdm.tsp - ok
14:14:13.0750 2548 [ 3AB4213BF48F9062E087B909832AA8E6 ] C:\WINDOWS\system32\uniplat.dll
14:14:13.0750 2548 C:\WINDOWS\system32\uniplat.dll - ok
14:14:13.0765 2548 [ 7735385C0FA821961F9A1EBA94F2AC98 ] C:\WINDOWS\system32\kmddsp.tsp
14:14:13.0781 2548 C:\WINDOWS\system32\kmddsp.tsp - ok
14:14:13.0781 2548 [ 37D7005A87F6405DEA87F50098CE03F7 ] C:\WINDOWS\system32\ndptsp.tsp
14:14:13.0781 2548 C:\WINDOWS\system32\ndptsp.tsp - ok
14:14:13.0812 2548 [ A4C40AF21BF9F90E08A3C1DD0DC79E0B ] C:\WINDOWS\system32\ipconf.tsp
14:14:13.0812 2548 C:\WINDOWS\system32\ipconf.tsp - ok
14:14:13.0843 2548 [ 49361F295DF887AC32CD660CA94ACAA5 ] C:\WINDOWS\system32\h323.tsp
14:14:13.0843 2548 C:\WINDOWS\system32\h323.tsp - ok
14:14:13.0875 2548 [ 2A632A95433E9719F37AE06BA00543AC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
14:14:13.0875 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - ok
14:14:13.0906 2548 [ 83168270F2E73A20E981B0F38A34958F ] C:\WINDOWS\system32\hidphone.tsp
14:14:13.0906 2548 C:\WINDOWS\system32\hidphone.tsp - ok
14:14:13.0937 2548 [ 04ECEC0447F79419AD25227205B8277D ] C:\WINDOWS\system32\rasppp.dll
14:14:13.0937 2548 C:\WINDOWS\system32\rasppp.dll - ok
14:14:13.0968 2548 [ D77B93504CAFE32D9051A241BDC21B33 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
14:14:13.0968 2548 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
14:14:14.0000 2548 [ C5EF2A4F6CB968B3119B43F43C64A1A6 ] C:\WINDOWS\system32\ntlsapi.dll
14:14:14.0000 2548 C:\WINDOWS\system32\ntlsapi.dll - ok
14:14:14.0015 2548 [ A4865DD58110A6455921D9B4F2D6D991 ] C:\Program Files\AVAST Software\Avast\aswData.dll
14:14:14.0015 2548 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
14:14:14.0031 2548 [ 6DBFCD6270BC91EAEE1CCDFCB02E4378 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
14:14:14.0031 2548 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
14:14:14.0062 2548 [ C678F64DC988A4AACECDDB459FDB7A25 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
14:14:14.0062 2548 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
14:14:14.0093 2548 [ FC6427FFB3D95CF1BB9BABE68BAA8385 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
14:14:14.0093 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll - ok
14:14:14.0125 2548 [ BA5D5FD3CCA6F64A429E2E0E1A1A0917 ] C:\WINDOWS\system32\rasdlg.dll
14:14:14.0125 2548 C:\WINDOWS\system32\rasdlg.dll - ok
14:14:14.0156 2548 [ 7B4EDC7CD6AA9DD238334A8451B919B9 ] C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
14:14:14.0156 2548 C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll - ok
14:14:14.0187 2548 [ 263C2D26D30A60588774727A7E6B1088 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_278.ocx
14:14:14.0187 2548 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_278.ocx - ok
14:14:14.0218 2548 [ 3BFE3D86BB8101ACF59E532E612EC4C6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
14:14:14.0218 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll - ok
14:14:14.0250 2548 [ 40D6CFB6D879B49C4E9BAF83419A4F09 ] C:\Program Files\Acronis\TrueImageHome\Common\icu38.dll
14:14:14.0250 2548 C:\Program Files\Acronis\TrueImageHome\Common\icu38.dll - ok
14:14:14.0265 2548 [ 3E4820FD3996DC6866EEDFC0B721A636 ] C:\Program Files\Acronis\TrueImageHome\Common\icudt38.dll
14:14:14.0265 2548 C:\Program Files\Acronis\TrueImageHome\Common\icudt38.dll - ok
14:14:14.0281 2548 [ 7C8F371C924DAA376217E553378275BA ] C:\WINDOWS\system32\shfolder.dll
14:14:14.0281 2548 C:\WINDOWS\system32\shfolder.dll - ok
14:14:14.0312 2548 [ 8C1D2248DC442D6AA55C420FA37AD5A3 ] C:\Program Files\Common Files\Acronis\TrueImageHome\tdrpapi.dll
14:14:14.0312 2548 C:\Program Files\Common Files\Acronis\TrueImageHome\tdrpapi.dll - ok
14:14:14.0343 2548 [ 55370339447E2C6717BB73B223722E90 ] C:\Program Files\3RVX\CoreAudioApi.dll
14:14:14.0343 2548 C:\Program Files\3RVX\CoreAudioApi.dll - ok
14:14:14.0375 2548 [ 92B08605FC5019A05F46F7FB14571072 ] C:\Program Files\3RVX\WaveLibMixer.dll
14:14:14.0375 2548 C:\Program Files\3RVX\WaveLibMixer.dll - ok
14:14:14.0406 2548 [ E2AFA8D0000AE48D5D7B5070DCFFD226 ] C:\Program Files\3RVX\MHook.dll
14:14:14.0406 2548 C:\Program Files\3RVX\MHook.dll - ok
14:14:14.0437 2548 [ 28FFB3733E1DA6B31C8C1236C4A94270 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\3RVX\f90d59b43abb04fe94d29e2567d49fa2\3RVX.ni.exe
14:14:14.0437 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\3RVX\f90d59b43abb04fe94d29e2567d49fa2\3RVX.ni.exe - ok
14:14:14.0468 2548 [ 4CF0C5C89662234D87FB844CFE2C8DCB ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MHook\433167efebc51acafa2f2a23735862c9\MHook.ni.dll
14:14:14.0468 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MHook\433167efebc51acafa2f2a23735862c9\MHook.ni.dll - ok
14:14:14.0500 2548 [ E98C11E27DB83D440007CA0A5D7705B0 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WaveLibMixer\3cac7b4f7d01bb8161aff071a7b8a032\WaveLibMixer.ni.dll
14:14:14.0500 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WaveLibMixer\3cac7b4f7d01bb8161aff071a7b8a032\WaveLibMixer.ni.dll - ok
14:14:14.0515 2548 [ 94890E513679F4ECBE76C007AA188E10 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreAudioApi\6a23d4f56f98cb6ebc8e37cd023ad140\CoreAudioApi.ni.dll
14:14:14.0515 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreAudioApi\6a23d4f56f98cb6ebc8e37cd023ad140\CoreAudioApi.ni.dll - ok
14:14:14.0531 2548 [ A4E5BDA4BE6EF0FACA03FC3CF7F26AEE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
14:14:14.0531 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll - ok
14:14:14.0562 2548 [ 25D3193F2A85E45CDE275BE2A39D1DFD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
14:14:14.0562 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll - ok
14:14:14.0593 2548 [ 55E148C01296696588EAFA425782C3E8 ] C:\WINDOWS\system32\dsound.dll
14:14:14.0593 2548 C:\WINDOWS\system32\dsound.dll - ok
14:14:14.0625 2548 [ 4ED87C9C1F9EA9FC68C2E22C3A2DB286 ] C:\WINDOWS\system32\mscms.dll
14:14:14.0625 2548 C:\WINDOWS\system32\mscms.dll - ok
14:14:14.0656 2548 [ 695106DF3C15A9EA30069CCECEEC2B66 ] C:\Program Files\AVAST Software\Avast\defs\12100301\uiext.dll
14:14:14.0656 2548 C:\Program Files\AVAST Software\Avast\defs\12100301\uiext.dll - ok
14:14:14.0687 2548 [ 7620E44114D390E490761ACF9F1281BE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
14:14:14.0687 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll - ok
14:14:14.0718 2548 [ 121D3E27E960A65E82A9ACF16DCA01C9 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
14:14:14.0718 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll - ok
14:14:14.0750 2548 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
14:14:14.0750 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
14:14:14.0781 2548 [ 51301ACC5E5FDA65CFA1968395E5D951 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
14:14:14.0781 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
14:14:14.0796 2548 [ 98B17BDA1D0BEA2FC8313DB218C0139F ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
14:14:14.0796 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
14:14:14.0828 2548 [ 30B5A2254561E21CCC7BA21F80165D0B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
14:14:14.0828 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
14:14:14.0859 2548 [ 44DE39CB56D1919346C09C92A4B57C69 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
14:14:14.0859 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
14:14:14.0890 2548 [ 88E05F3B2031980A48D458EB78C67659 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
14:14:14.0890 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
14:14:14.0921 2548 [ 30B7CF178A3823436A7FD17F3ABD2066 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
14:14:14.0921 2548 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
14:14:14.0953 2548 [ 47F50AE87EE36D131EDCDC7E9BB4D31E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
14:14:14.0953 2548 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll - ok
14:14:14.0984 2548 [ C39CD25443CCCDD121BF1F807564DCFA ] C:\WINDOWS\system32\drprov.dll
14:14:14.0984 2548 C:\WINDOWS\system32\drprov.dll - ok
14:14:15.0015 2548 [ 01520B46830C8178E1B2C05A4F3F6C16 ] C:\WINDOWS\system32\netui0.dll
14:14:15.0015 2548 C:\WINDOWS\system32\netui0.dll - ok
14:14:15.0031 2548 [ 6539CED6E5AB5684AA09E6B0ABBF4124 ] C:\WINDOWS\system32\ntlanman.dll
14:14:15.0031 2548 C:\WINDOWS\system32\ntlanman.dll - ok
14:14:15.0062 2548 [ 88B918E7FB3B09595DD8A0FD09A35B8F ] C:\WINDOWS\system32\netui1.dll
14:14:15.0062 2548 C:\WINDOWS\system32\netui1.dll - ok
14:14:15.0093 2548 [ 716A078B2FC6CC0BB3030B2559EC143F ] C:\WINDOWS\system32\davclnt.dll
14:14:15.0093 2548 C:\WINDOWS\system32\davclnt.dll - ok
14:14:15.0109 2548 ============================================================
14:14:15.0109 2548 Scan finished
14:14:15.0109 2548 ============================================================
14:14:15.0250 2540 Detected object count: 167
14:14:15.0250 2540 Actual detected object count: 167
14:16:34.0437 2540 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0437 2540 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0437 2540 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0437 2540 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0453 2540 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0453 2540 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0468 2540 aec ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0468 2540 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0484 2540 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0484 2540 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0500 2540 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0500 2540 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0515 2540 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0515 2540 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0531 2540 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0531 2540 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0546 2540 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0546 2540 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0546 2540 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0546 2540 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0562 2540 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0562 2540 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0578 2540 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0578 2540 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0593 2540 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0593 2540 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0609 2540 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0609 2540 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0625 2540 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0625 2540 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0640 2540 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0640 2540 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0656 2540 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0656 2540 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0671 2540 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0671 2540 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0687 2540 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0687 2540 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0703 2540 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0703 2540 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0718 2540 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0718 2540 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0734 2540 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0734 2540 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0750 2540 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0750 2540 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0750 2540 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0750 2540 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0765 2540 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0765 2540 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0781 2540 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0781 2540 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0796 2540 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0796 2540 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0812 2540 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0812 2540 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0828 2540 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0828 2540 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0843 2540 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0843 2540 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0859 2540 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0859 2540 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0875 2540 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0875 2540 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0890 2540 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0890 2540 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0906 2540 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0906 2540 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0921 2540 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0921 2540 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0937 2540 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0937 2540 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0953 2540 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0953 2540 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0968 2540 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0968 2540 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0968 2540 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0968 2540 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:34.0984 2540 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:34.0984 2540 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0000 2540 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0000 2540 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0015 2540 hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0015 2540 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0031 2540 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0031 2540 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0046 2540 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0046 2540 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0062 2540 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0062 2540 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0078 2540 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0078 2540 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0093 2540 IntelIde ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0093 2540 IntelIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0109 2540 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0109 2540 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0109 2540 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0109 2540 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0125 2540 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0125 2540 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0140 2540 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0140 2540 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0156 2540 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0156 2540 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0171 2540 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0171 2540 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0187 2540 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0187 2540 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0203 2540 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0203 2540 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0218 2540 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0218 2540 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0234 2540 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0234 2540 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0250 2540 lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0250 2540 lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0250 2540 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0250 2540 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0265 2540 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0265 2540 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0281 2540 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0281 2540 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0296 2540 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0296 2540 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0312 2540 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0312 2540 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0328 2540 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0328 2540 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0343 2540 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0343 2540 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0359 2540 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0359 2540 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0375 2540 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0375 2540 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0390 2540 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0390 2540 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0390 2540 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0406 2540 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0406 2540 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0406 2540 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0421 2540 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0421 2540 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0437 2540 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0437 2540 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0453 2540 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0453 2540 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0468 2540 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0468 2540 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0484 2540 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0484 2540 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0500 2540 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0500 2540 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0515 2540 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0515 2540 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0531 2540 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0531 2540 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0531 2540 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0546 2540 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0546 2540 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0546 2540 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0562 2540 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0562 2540 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0578 2540 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0578 2540 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0593 2540 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0593 2540 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0609 2540 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0609 2540 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0625 2540 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0625 2540 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0640 2540 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0640 2540 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0656 2540 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0656 2540 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0671 2540 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0671 2540 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0687 2540 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0687 2540 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0687 2540 Null ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0687 2540 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0703 2540 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0703 2540 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0718 2540 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0718 2540 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0734 2540 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0734 2540 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0750 2540 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0750 2540 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0765 2540 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0765 2540 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0781 2540 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0781 2540 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0796 2540 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0796 2540 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0812 2540 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0812 2540 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0828 2540 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0828 2540 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0828 2540 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0828 2540 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0843 2540 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0843 2540 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0859 2540 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0859 2540 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0875 2540 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0875 2540 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0890 2540 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0890 2540 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0906 2540 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0906 2540 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0921 2540 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0921 2540 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0937 2540 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0937 2540 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0953 2540 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0953 2540 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0968 2540 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0968 2540 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0968 2540 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0968 2540 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:35.0984 2540 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:35.0984 2540 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0000 2540 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0000 2540 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0015 2540 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0015 2540 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0031 2540 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0031 2540 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0046 2540 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0046 2540 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0062 2540 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0062 2540 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0078 2540 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0078 2540 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0093 2540 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0093 2540 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0093 2540 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0109 2540 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0109 2540 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0109 2540 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0125 2540 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0125 2540 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0140 2540 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0140 2540 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0156 2540 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0156 2540 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0171 2540 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0171 2540 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0187 2540 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0187 2540 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0203 2540 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0203 2540 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0218 2540 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0218 2540 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0234 2540 smwdm ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0234 2540 smwdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0234 2540 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0250 2540 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0250 2540 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0250 2540 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0265 2540 sr ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0265 2540 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0281 2540 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0281 2540 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0296 2540 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0296 2540 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0312 2540 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0312 2540 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0328 2540 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0328 2540 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0343 2540 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0343 2540 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0359 2540 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0359 2540 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0375 2540 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0375 2540 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0375 2540 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0390 2540 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0390 2540 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0390 2540 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0406 2540 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0406 2540 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0421 2540 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0421 2540 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0437 2540 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0437 2540 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0453 2540 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0453 2540 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0468 2540 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0468 2540 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0484 2540 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0484 2540 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0500 2540 Update ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0500 2540 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0515 2540 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0515 2540 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0515 2540 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0531 2540 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0531 2540 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0531 2540 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0546 2540 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0546 2540 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0562 2540 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0562 2540 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0578 2540 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0578 2540 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0593 2540 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0593 2540 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0609 2540 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0609 2540 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0625 2540 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0625 2540 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0640 2540 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0640 2540 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0656 2540 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0656 2540 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0671 2540 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0671 2540 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0671 2540 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0671 2540 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0687 2540 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0687 2540 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0703 2540 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0703 2540 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0718 2540 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0718 2540 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0734 2540 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0734 2540 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0750 2540 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0750 2540 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0765 2540 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0765 2540 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:36.0781 2540 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:36.0781 2540 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:58.0437 2032 Deinitialize success
  • 0

#9
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-04 14:24:18
-----------------------------
14:24:18.125 OS Version: Windows 5.1.2600 Service Pack 2
14:24:18.125 Number of processors: 2 586 0x401
14:24:18.125 ComputerName: IBM_STUDIO_PC UserName: Quest
14:24:18.593 Initialize success
14:24:18.843 AVAST engine defs: 12100301
14:24:26.921 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:24:26.937 Disk 0 Vendor: HDS728040PLAT20 PF1OA22A Size: 38162MB BusType: 3
14:24:26.968 Disk 0 MBR read successfully
14:24:26.984 Disk 0 MBR scan
14:24:27.015 Disk 0 Windows XP default MBR code
14:24:27.031 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
14:24:27.046 Disk 0 scanning sectors +78140160
14:24:27.140 Disk 0 scanning C:\WINDOWS\system32\drivers
14:24:34.593 Service scanning
14:24:50.171 Modules scanning
14:24:55.171 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
14:24:56.406 Disk 0 trace - called modules:
14:24:56.468 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
14:24:56.484 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89869a98]
14:24:56.578 3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> \Device\0000005a[0x898b4510]
14:24:56.656 5 ACPI.sys[f7580620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x898bcd98]
14:24:57.156 AVAST engine scan C:\WINDOWS
14:25:05.359 AVAST engine scan C:\WINDOWS\system32
14:26:49.500 AVAST engine scan C:\WINDOWS\system32\drivers
14:27:00.531 AVAST engine scan C:\Documents and Settings\Quest
14:34:15.531 AVAST engine scan C:\Documents and Settings\All Users
14:34:29.843 Scan finished successfully
14:38:14.984 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Quest\Desktop\MBR.dat"
14:38:15.015 The log file has been saved successfully to "C:\Documents and Settings\Quest\Desktop\aswMBR.txt"
  • 0

#10
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Farbar Service Scanner Version: 19-09-2012
Ran by Quest (administrator) on 04-10-2012 at 14:41:01
Running from "C:\Documents and Settings\Quest\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-12 09:55] - [2008-08-14 05:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-12 10:01] - [2004-08-12 10:01] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-12 10:07] - [2008-06-20 06:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-12 09:58] - [2004-08-12 09:58] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-12 09:56] - [2004-08-12 09:56] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-12 09:58] - [2004-08-12 09:58] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-12 10:02] - [2004-08-12 10:02] - 0198144 ____A (Microsoft Corporation) DAB9E6C7105D2EF49876FE92C524F565

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-09-28 18:10] - [2004-08-12 10:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2010-09-28 18:11] - [2004-08-12 10:06] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2010-09-28 18:11] - [2004-08-12 10:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-12 10:10] - [2004-08-12 10:10] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-09-28 18:10] - [2004-08-12 10:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2010-09-28 18:11] - [2004-08-12 10:10] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2010-09-28 18:11] - [2004-08-12 10:03] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-12 09:57] - [2008-07-07 16:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-12 09:56] - [2004-08-12 09:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-12 10:06] - [2004-08-12 10:06] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-12 10:04] - [2009-02-09 06:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2004-08-12 10:05] - [2009-02-06 13:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0A0000000500000001000000020000000300000004000000080000000700000009000000060000000A000000
IpSec Tag value is correct.

**** End of log ****
  • 0

Advertisements


#11
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
This should be the MBR.dat file you requested ( if I attach it correctly)Attached File  MBR.dat   512bytes   28 downloads
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. Your services are still broken. Let's try to repair them.

Step 1

I'll check this later. For now let's try this tool

Download Windows Repair (all in one) from this site

Install the programme then run

Slock on the Start Repairs tab and click Start button

Leave the preselected items ticked and press Start

Step 2

Please run Farbar Service Scaner one more time and post log here for me.

Step 3

Please don't forget to include these items in your reply:

  • FSS log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#13
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Farbar Service Scanner Version: 19-09-2012
Ran by Quest (administrator) on 05-10-2012 at 16:05:12
Running from "C:\Documents and Settings\Quest\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-12 09:55] - [2008-08-14 05:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-12 10:01] - [2004-08-12 10:01] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-12 10:07] - [2008-06-20 06:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-12 09:58] - [2004-08-12 09:58] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-12 09:56] - [2004-08-12 09:56] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-12 09:58] - [2004-08-12 09:58] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-12 10:02] - [2004-08-12 10:02] - 0198144 ____A (Microsoft Corporation) DAB9E6C7105D2EF49876FE92C524F565

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-09-28 18:10] - [2004-08-12 10:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2010-09-28 18:11] - [2004-08-12 10:06] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2010-09-28 18:11] - [2004-08-12 10:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-12 10:10] - [2004-08-12 10:10] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2010-09-28 18:10] - [2004-08-12 10:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2010-09-28 18:11] - [2004-08-12 10:10] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2010-09-28 18:11] - [2004-08-12 10:03] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-12 09:57] - [2008-07-07 16:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-12 09:56] - [2004-08-12 09:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-12 10:06] - [2004-08-12 10:06] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-12 10:04] - [2009-02-09 06:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2004-08-12 10:05] - [2009-02-06 13:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0A0000000500000001000000020000000300000004000000080000000700000009000000060000000A000000
IpSec Tag value is correct.

**** End of log ****
  • 0

#14
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
How is your system now? Can you turn on your firewall and automatic updated now?
  • 0

#15
TessSteckleXam

TessSteckleXam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Firewall and updates are on. I have Avast running and everything seems well. Thank you for all your work I truly appreciate it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP