Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

FBI mailware- logs pasted [Closed]

Started by surfeit67 , Feb 23 2013 05:51 PM

  • This topic is locked This topic is locked

#16
gringo_pr
Posted 26 February 2013 - 10:17 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello surfeit67

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

Advertisements

#17
gringo_pr
Posted 03 March 2013 - 06:36 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#18
surfeit67
Posted 03 March 2013 - 01:29 PM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Sorry for the delay. I will get to work on the last set of instructions.
  • 0

#19
gringo_pr
Posted 03 March 2013 - 03:10 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
no problem and see you later


gringo
  • 0

#20
gringo_pr
Posted 07 March 2013 - 12:26 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

#21
surfeit67
Posted 08 March 2013 - 09:14 PM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
sorry I haven't gotten to this.. I am working on it right this minute.
  • 0

#22
surfeit67
Posted 09 March 2013 - 02:25 AM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
wow, it did take forever... I need to go to the "my computer is slow" topic next...
I think this is the correct log you need.... (I see a couple more I can send if needed)

ComboFix 13-03-07.03 - Administrator 03/09/2013 1:54.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.317 [GMT -5:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\PriceGong
c:\documents and settings\Administrator\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\2227.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\4489.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\450.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Administrator\Application Data\PriceGong\Data\z.txt
c:\windows\system32\roboot.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-09 to 2013-03-09 )))))))))))))))))))))))))))))))
.
.
2013-03-08 03:27 . 2013-03-08 03:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentControl_v6
2013-03-08 01:16 . 2013-03-08 01:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\StatusWinks
2013-03-08 01:09 . 2013-03-08 01:09 -------- d-----w- c:\windows\system32\searchplugins
2013-03-08 01:09 . 2013-03-08 01:09 -------- d-----w- c:\windows\system32\Extensions
2013-03-08 01:09 . 2013-03-08 01:09 -------- d-----w- c:\documents and settings\All Users\Application Data\BrowserProtect
2013-03-08 01:08 . 2013-03-09 02:33 -------- d-----w- c:\program files\ffdshow
2013-03-08 01:08 . 2013-03-09 02:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\PerformerSoft
2013-03-08 01:08 . 2013-03-08 01:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\SpeedanAlysis
2013-03-08 01:07 . 2013-03-09 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2013-03-08 01:07 . 2013-03-08 01:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2013-03-08 01:07 . 2013-03-08 01:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Babylon
2013-03-08 01:07 . 2013-03-08 01:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\File Scout
2013-03-08 00:59 . 2013-03-06 10:38 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-03-08 00:59 . 2013-03-06 10:38 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-03-08 00:58 . 2013-03-09 02:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nico Mak Computing
2013-03-08 00:56 . 2013-03-09 02:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2013-03-08 00:39 . 2013-03-09 02:15 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-02-28 19:47 . 2013-02-28 19:47 16473456 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-02-25 02:16 . 2011-07-13 02:55 2237440 ----a-r- C:\OTLPE.exe
2013-02-25 02:06 . 2013-02-25 02:06 -------- d-----w- C:\_OTL
2013-02-19 23:13 . 2013-02-19 23:14 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 19:47 . 2012-08-14 00:47 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-28 19:47 . 2012-08-14 00:47 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2004-08-04 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:16 . 2004-08-04 12:00 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36 . 2004-08-03 22:59 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-04 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-04 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2010-03-20 17:02 . 2010-03-20 17:02 13575800 ----a-w- c:\program files\iMeshV9.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-08-11 180269]
"Motive SmartBridge"="c:\progra~1\ALLTEL~1\SMARTB~1\MotiveSB.exe" [2004-11-09 393216]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-07-19 53248]
"Malwarebytes Anti-Malware (rootkit-scan)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-07-03 973488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"Windstream Service Agent.exe"="c:\program files\Windstream\Service Agent\Windstream Service Agent.exe" [2011-10-14 10204472]
"DiagnosticTools.exe"="c:\program files\Windstream\Diagnostic Tools\DiagnosticTools.exe" [2011-04-25 2037048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windstream\\Service Agent\\ServicepointService.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7321:TCP"= 7321:TCP:Services
"7322:TCP"= 7322:TCP:Services
"9147:TCP"= 9147:TCP:Services
"9148:TCP"= 9148:TCP:Services
"3389:TCP"= 3389:TCP:*:Disabled:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"4352:TCP"= 4352:TCP:Services
"7204:TCP"= 7204:TCP:Services
.
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [5/8/2002 9:51 AM 212992]
R2 NetAlrt;NetAlrt;c:\windows\system32\drivers\Netalrt.sys [5/7/2002 4:05 PM 39680]
R2 PlatAlrt;PlatAlrt;c:\windows\system32\drivers\platalrt.sys [5/7/2002 4:06 PM 23744]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/15/2010 6:54 PM 22344]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [3/7/2013 7:39 PM 40776]
R3 Msikbd2k;DellTouch;c:\windows\system32\drivers\Msikbd2k.sys [2/12/2005 11:46 PM 6942]
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 19:47]
.
2013-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
Trusted Zone: alltel.com\care
Trusted Zone: download.com
Trusted Zone: georgiaoas.org\regionj
Trusted Zone: rhapsody.com
Trusted Zone: state.ga.us\lms.dhr
Trusted Zone: state.ga.us\stars.dhr
Trusted Zone: youtube.com\www
TCP: DhcpNameServer = 192.168.254.254
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {68A12883-7584-11D1-A259-00C04FD97350} - hxxps://stars.dhr.state.ga.us/CABS/pcache.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-09 02:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,81,2d,dd,25,a5,7f,43,be,20,39,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,81,2d,dd,25,a5,7f,43,be,20,39,\
.
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\DataMngr_Toolbar]
@Denied: (2) (Administrator)
.
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,4c,ca,3a,34,cf,b6,47,b8,ca,3a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,4c,ca,3a,34,cf,b6,47,b8,ca,3a,\
.
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(664)
c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.
- - - - - - - > 'lsass.exe'(720)
c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll
.
Completion time: 2013-03-09 02:19:09
ComboFix-quarantined-files.txt 2013-03-09 07:18
ComboFix2.txt 2013-03-04 19:08
ComboFix3.txt 2010-09-03 21:48
ComboFix4.txt 2010-09-02 02:14
.
Pre-Run: 3,493,441,536 bytes free
Post-Run: 3,523,067,904 bytes free
.
- - End Of File - - 7BDE780AF3C5F76BE3212DCB2F32DF59
  • 0

#23
gringo_pr
Posted 09 March 2013 - 05:48 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello surfeit67



I want you to reset the DMA you can do this by this script here - Reset DMA

If you have problems when you click on the link try to right click on the link and select "Save Target As" and then save to your desktop.
Once it is on your desktop right click on the file and select "Run"

If you still can't run it then you can go here "Reset DMA" to see what I want to do




At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\documents and settings\All Users\Application Data\Babylon
c:\documents and settings\Administrator\Application Data\Babylon
c:\documents and settings\Administrator\Application Data\File Scout

RegLockDel::
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\DataMngr_Toolbar]

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#24
surfeit67
Posted 09 March 2013 - 11:08 AM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi Gringo,

I could not get the DMA script to download by opening or by moving to desktop....no access to the webpage.

I must be doing something wrong when I tried to manually reset the DMA
the Primary IDE looks fine...(did not do anything there)

The secondary IDE:

device 0:
Transfer Mode = PIO (I selected DMA here, clicked ok, reopened secondard IDE, uninstalled, restarted computer-- 2x's --- but still shows as PIO)
Current Trans mode = PIO


Device 1:
Transf mode = DMA if avail
Current trans mode = Not applicable
  • 0

#25
gringo_pr
Posted 09 March 2013 - 02:06 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
hello


download this file that I have attached - save it to your desktop - right click on the file and select rename - remove the .txt at the end of the file - ok any warning - double click to run - restart the computer


gringo

Attached Files


  • 0

Advertisements

#26
surfeit67
Posted 09 March 2013 - 08:48 PM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
ok, I got it... and thank you so much for your patience through this process.....the computer does run faster than it was just before the FBI virus(it had issues before that happened) so that's great...But,do you think it's even worth a shot to trouble shoot some more(either here or through another topic) to see if there is anything else that may help it move a bit faster?..... this is an ancient computer so I know it may have reached it's limit..


ComboFix 13-03-09.01 - Administrator 03/09/2013 17:59:57.6.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.252 [GMT -5:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFscript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\Babylon
c:\documents and settings\Administrator\Application Data\Babylon\log_file.txt
c:\documents and settings\Administrator\Application Data\File Scout
c:\documents and settings\Administrator\Application Data\File Scout\filescout.exe
c:\documents and settings\Administrator\Application Data\File Scout\uninst.exe
c:\documents and settings\All Users\Application Data\Babylon
.
.
((((((((((((((((((((((((( Files Created from 2013-02-09 to 2013-03-09 )))))))))))))))))))))))))))))))
.
.
2013-03-08 03:27 . 2013-03-08 03:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentControl_v6
2013-03-08 01:16 . 2013-03-08 01:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\StatusWinks
2013-03-08 01:09 . 2013-03-08 01:09 -------- d-----w- c:\windows\system32\searchplugins
2013-03-08 01:09 . 2013-03-08 01:09 -------- d-----w- c:\windows\system32\Extensions
2013-03-08 01:08 . 2013-03-09 02:33 -------- d-----w- c:\program files\ffdshow
2013-03-08 01:08 . 2013-03-09 02:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\PerformerSoft
2013-03-08 01:08 . 2013-03-08 01:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\SpeedanAlysis
2013-03-08 01:07 . 2013-03-09 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2013-03-08 00:59 . 2013-03-06 10:38 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-03-08 00:59 . 2013-03-06 10:38 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-03-08 00:58 . 2013-03-09 02:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nico Mak Computing
2013-03-08 00:56 . 2013-03-09 02:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2013-02-28 19:47 . 2013-02-28 19:47 16473456 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-02-25 02:16 . 2011-07-13 02:55 2237440 ----a-r- C:\OTLPE.exe
2013-02-25 02:06 . 2013-02-25 02:06 -------- d-----w- C:\_OTL
2013-02-19 23:13 . 2013-02-19 23:14 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 19:47 . 2012-08-14 00:47 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-28 19:47 . 2012-08-14 00:47 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2004-08-04 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:16 . 2004-08-04 12:00 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36 . 2004-08-03 22:59 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-04 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-04 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2010-03-20 17:02 . 2010-03-20 17:02 13575800 ----a-w- c:\program files\iMeshV9.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-08-11 180269]
"Motive SmartBridge"="c:\progra~1\ALLTEL~1\SMARTB~1\MotiveSB.exe" [2004-11-09 393216]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-07-19 53248]
"Malwarebytes Anti-Malware (rootkit-scan)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-07-03 973488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"Windstream Service Agent.exe"="c:\program files\Windstream\Service Agent\Windstream Service Agent.exe" [2011-10-14 10204472]
"DiagnosticTools.exe"="c:\program files\Windstream\Diagnostic Tools\DiagnosticTools.exe" [2011-04-25 2037048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windstream\\Service Agent\\ServicepointService.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7321:TCP"= 7321:TCP:Services
"7322:TCP"= 7322:TCP:Services
"9147:TCP"= 9147:TCP:Services
"9148:TCP"= 9148:TCP:Services
"3389:TCP"= 3389:TCP:*:Disabled:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"4352:TCP"= 4352:TCP:Services
"7204:TCP"= 7204:TCP:Services
.
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [5/8/2002 9:51 AM 212992]
R2 HsdService;HsdService;c:\program files\Windstream\Diagnostic Tools\HsdService.exe [1/23/2013 10:15 PM 1393976]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/15/2010 6:54 PM 655944]
R2 NetAlrt;NetAlrt;c:\windows\system32\drivers\Netalrt.sys [5/7/2002 4:05 PM 39680]
R2 PlatAlrt;PlatAlrt;c:\windows\system32\drivers\platalrt.sys [5/7/2002 4:06 PM 23744]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/15/2010 6:54 PM 22344]
R3 Msikbd2k;DellTouch;c:\windows\system32\drivers\Msikbd2k.sys [2/12/2005 11:46 PM 6942]
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 19:47]
.
2013-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
Trusted Zone: alltel.com\care
Trusted Zone: download.com
Trusted Zone: georgiaoas.org\regionj
Trusted Zone: rhapsody.com
Trusted Zone: state.ga.us\lms.dhr
Trusted Zone: state.ga.us\stars.dhr
Trusted Zone: youtube.com\www
TCP: DhcpNameServer = 192.168.254.254
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {68A12883-7584-11D1-A259-00C04FD97350} - hxxps://stars.dhr.state.ga.us/CABS/pcache.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-09 18:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,81,2d,dd,25,a5,7f,43,be,20,39,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,81,2d,dd,25,a5,7f,43,be,20,39,\
.
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,4c,ca,3a,34,cf,b6,47,b8,ca,3a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,4c,ca,3a,34,cf,b6,47,b8,ca,3a,\
.
[HKEY_USERS\S-1-5-21-1004336348-343818398-725345543-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings]
@Denied: (2) (Administrator)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-03-09 18:20:25
ComboFix-quarantined-files.txt 2013-03-09 23:20
ComboFix2.txt 2013-03-09 07:19
ComboFix3.txt 2013-03-04 19:08
ComboFix4.txt 2010-09-03 21:48
ComboFix5.txt 2013-03-09 22:27
.
Pre-Run: 3,521,183,744 bytes free
Post-Run: 3,521,556,480 bytes free
.
- - End Of File - - 3EEC38F8160CAF4EDBA16C119CC458A9
  • 0

#27
gringo_pr
Posted 10 March 2013 - 03:47 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello surfeit67

But,do you think it's even worth a shot to trouble shoot some more(either here or through another topic) to see if there is anything else that may help it move a bit faster?..... this is an ancient computer so I know it may have reached it's limit.. - Lets see where we stand when I am finished, I still have some things to do that may help allot



I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#28
surfeit67
Posted 10 March 2013 - 04:17 PM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
moving around in windows is still choppy and delayed as well as in IE. as I type this text it populates in blocks. I currently on have this one page open... nothing else is pulled up...minimizing, restoring, opening and closing screens IE or not, is delayed as well. sometimes it's works better than others -but seems to get worse the longer the system has been on. Nothing was detected with the MBAR and I did not see a txt log.. you still need that too?

13:09:41.0171 3584 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:09:42.0156 3584 ============================================================
13:09:42.0250 3584 Current date / time: 2013/03/10 13:09:42.0156
13:09:42.0250 3584 SystemInfo:
13:09:42.0250 3584
13:09:42.0250 3584 OS Version: 5.1.2600 ServicePack: 3.0
13:09:42.0250 3584 Product type: Workstation
13:09:42.0250 3584 ComputerName: BETHWOOD
13:09:42.0250 3584 UserName: Administrator
13:09:42.0250 3584 Windows directory: C:\WINDOWS
13:09:42.0250 3584 System windows directory: C:\WINDOWS
13:09:42.0250 3584 Processor architecture: Intel x86
13:09:42.0250 3584 Number of processors: 1
13:09:42.0250 3584 Page size: 0x1000
13:09:42.0250 3584 Boot type: Normal boot
13:09:42.0250 3584 ============================================================
13:09:57.0406 3584 BG loaded
13:10:15.0812 3584 Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:10:16.0125 3584 ============================================================
13:10:16.0125 3584 \Device\Harddisk0\DR0:
13:10:17.0296 3584 MBR partitions:
13:10:17.0296 3584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2546802
13:10:17.0296 3584 ============================================================
13:10:17.0984 3584 C: <-> \Device\Harddisk0\DR0\Partition1
13:10:18.0906 3584 ============================================================
13:10:18.0906 3584 Initialize success
13:10:18.0906 3584 ============================================================
13:10:53.0156 2780 ============================================================
13:10:53.0156 2780 Scan started
13:10:53.0156 2780 Mode: Manual; SigCheck; TDLFS;
13:10:53.0156 2780 ============================================================
13:10:55.0046 2780 ================ Scan system memory ========================
13:10:55.0046 2780 System memory - ok
13:10:55.0062 2780 ================ Scan services =============================
13:10:56.0640 2780 Abiosdsk - ok
13:10:56.0656 2780 abp480n5 - ok
13:10:56.0812 2780 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:11:20.0500 2780 ACPI - ok
13:11:21.0000 2780 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:11:21.0406 2780 ACPIEC - ok
13:11:21.0687 2780 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:11:21.0781 2780 AdobeFlashPlayerUpdateSvc - ok
13:11:21.0796 2780 adpu160m - ok
13:11:21.0843 2780 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
13:11:22.0234 2780 aeaudio - ok
13:11:22.0671 2780 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:11:23.0953 2780 aec - ok
13:11:24.0109 2780 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:11:24.0609 2780 AFD - ok
13:11:24.0625 2780 Aha154x - ok
13:11:24.0640 2780 aic78u2 - ok
13:11:24.0656 2780 aic78xx - ok
13:11:24.0921 2780 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:11:26.0171 2780 Alerter - ok
13:11:26.0312 2780 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:11:27.0062 2780 ALG - ok
13:11:27.0187 2780 AliIde - ok
13:11:27.0265 2780 amsint - ok
13:11:28.0296 2780 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:11:28.0359 2780 Apple Mobile Device - ok
13:11:28.0484 2780 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:11:28.0953 2780 AppMgmt - ok
13:11:28.0968 2780 asc - ok
13:11:29.0000 2780 asc3350p - ok
13:11:29.0015 2780 asc3550 - ok
13:11:29.0109 2780 [ 2B363D346B081BE18DC63E4A8139C258 ] ASFAgent C:\Program Files\Intel\ASF Agent\ASFAgent.exe
13:11:29.0234 2780 ASFAgent ( UnsignedFile.Multi.Generic ) - warning
13:11:29.0234 2780 ASFAgent - detected UnsignedFile.Multi.Generic (1)
13:11:29.0312 2780 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:11:29.0593 2780 AsyncMac - ok
13:11:29.0656 2780 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:11:30.0031 2780 atapi - ok
13:11:30.0093 2780 Atdisk - ok
13:11:30.0218 2780 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:11:30.0656 2780 Atmarpc - ok
13:11:30.0750 2780 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:11:31.0687 2780 AudioSrv - ok
13:11:31.0765 2780 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:11:32.0015 2780 audstub - ok
13:11:32.0109 2780 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:11:32.0359 2780 Beep - ok
13:11:32.0625 2780 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:11:33.0375 2780 BITS - ok
13:11:33.0625 2780 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:11:33.0671 2780 Bonjour Service - ok
13:11:33.0796 2780 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
13:11:34.0015 2780 Browser - ok
13:11:34.0562 2780 catchme - ok
13:11:34.0656 2780 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:11:34.0968 2780 cbidf2k - ok
13:11:34.0984 2780 cd20xrnt - ok
13:11:35.0093 2780 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:11:35.0375 2780 Cdaudio - ok
13:11:35.0578 2780 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:11:35.0984 2780 Cdfs - ok
13:11:36.0046 2780 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:11:36.0312 2780 Cdrom - ok
13:11:36.0328 2780 Changer - ok
13:11:36.0468 2780 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:11:36.0796 2780 CiSvc - ok
13:11:36.0843 2780 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:11:37.0125 2780 ClipSrv - ok
13:11:37.0140 2780 CmdIde - ok
13:11:37.0156 2780 COMSysApp - ok
13:11:37.0187 2780 Cpqarray - ok
13:11:37.0281 2780 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:11:37.0625 2780 CryptSvc - ok
13:11:37.0640 2780 dac2w2k - ok
13:11:37.0656 2780 dac960nt - ok
13:11:37.0875 2780 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:11:38.0687 2780 DcomLaunch - ok
13:11:38.0750 2780 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:11:39.0000 2780 Dhcp - ok
13:11:39.0062 2780 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:11:39.0375 2780 Disk - ok
13:11:39.0390 2780 dmadmin - ok
13:11:39.0812 2780 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:11:40.0984 2780 dmboot - ok
13:11:41.0046 2780 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:11:41.0343 2780 dmio - ok
13:11:41.0406 2780 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:11:41.0718 2780 dmload - ok
13:11:41.0750 2780 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:11:41.0984 2780 dmserver - ok
13:11:42.0046 2780 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:11:42.0390 2780 DMusic - ok
13:11:42.0468 2780 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:11:42.0843 2780 Dnscache - ok
13:11:42.0890 2780 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:11:43.0156 2780 Dot3svc - ok
13:11:43.0171 2780 dpti2o - ok
13:11:43.0250 2780 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:11:43.0640 2780 drmkaud - ok
13:11:43.0750 2780 [ 7DBE45F359B20AE06CDB6A09900E0B18 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000nt5.sys
13:11:43.0812 2780 E1000 - ok
13:11:43.0875 2780 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:11:44.0125 2780 EapHost - ok
13:11:44.0171 2780 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:11:44.0390 2780 ERSvc - ok
13:11:44.0453 2780 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:11:44.0515 2780 Eventlog - ok
13:11:44.0609 2780 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
13:11:44.0718 2780 EventSystem - ok
13:11:44.0781 2780 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:11:44.0984 2780 Fastfat - ok
13:11:45.0062 2780 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:11:45.0156 2780 FastUserSwitchingCompatibility - ok
13:11:45.0203 2780 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:11:45.0437 2780 Fdc - ok
13:11:45.0484 2780 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:11:45.0703 2780 Fips - ok
13:11:45.0781 2780 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:11:46.0000 2780 Flpydisk - ok
13:11:46.0078 2780 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:11:46.0343 2780 FltMgr - ok
13:11:46.0453 2780 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:11:46.0687 2780 Fs_Rec - ok
13:11:46.0765 2780 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:11:47.0015 2780 Ftdisk - ok
13:11:47.0062 2780 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:11:47.0093 2780 GEARAspiWDM - ok
13:11:47.0156 2780 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:11:47.0375 2780 Gpc - ok
13:11:47.0453 2780 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:11:47.0671 2780 helpsvc - ok
13:11:47.0718 2780 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:11:47.0921 2780 HidServ - ok
13:11:48.0000 2780 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:11:48.0171 2780 HidUsb - ok
13:11:48.0250 2780 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:11:48.0484 2780 hkmsvc - ok
13:11:48.0500 2780 hpn - ok
13:11:48.0703 2780 [ E82871D75565219A7E28C6B14572EF63 ] HsdService C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe
13:11:50.0343 2780 HsdService - ok
13:11:50.0406 2780 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:11:50.0484 2780 HTTP - ok
13:11:50.0531 2780 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:11:50.0765 2780 HTTPFilter - ok
13:11:50.0796 2780 i2omgmt - ok
13:11:50.0812 2780 i2omp - ok
13:11:50.0890 2780 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:11:51.0109 2780 i8042prt - ok
13:11:51.0187 2780 [ 3CA41CDB9C912AED354B0C7ABE4A4654 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
13:11:51.0281 2780 ialm ( UnsignedFile.Multi.Generic ) - warning
13:11:51.0281 2780 ialm - detected UnsignedFile.Multi.Generic (1)
13:11:51.0359 2780 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:11:51.0625 2780 Imapi - ok
13:11:51.0671 2780 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:11:51.0890 2780 ImapiService - ok
13:11:51.0921 2780 ini910u - ok
13:11:52.0000 2780 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:11:52.0203 2780 IntelIde - ok
13:11:52.0265 2780 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:11:52.0484 2780 intelppm - ok
13:11:52.0515 2780 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:11:52.0718 2780 Ip6Fw - ok
13:11:52.0765 2780 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:11:53.0015 2780 IpFilterDriver - ok
13:11:53.0078 2780 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:11:53.0296 2780 IpInIp - ok
13:11:53.0375 2780 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:11:53.0609 2780 IpNat - ok
13:11:53.0687 2780 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:11:53.0734 2780 iPod Service - ok
13:11:53.0796 2780 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:11:54.0000 2780 IPSec - ok
13:11:54.0046 2780 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:11:54.0250 2780 IRENUM - ok
13:11:54.0312 2780 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:11:54.0562 2780 isapnp - ok
13:11:54.0718 2780 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:11:54.0750 2780 JavaQuickStarterService - ok
13:11:54.0812 2780 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:11:55.0031 2780 Kbdclass - ok
13:11:55.0062 2780 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:11:55.0281 2780 kmixer - ok
13:11:55.0343 2780 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:11:55.0468 2780 KSecDD - ok
13:11:55.0562 2780 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:11:55.0656 2780 lanmanserver - ok
13:11:55.0703 2780 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:11:55.0781 2780 lanmanworkstation - ok
13:11:55.0796 2780 lbrtfdc - ok
13:11:55.0875 2780 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:11:56.0093 2780 LmHosts - ok
13:11:56.0140 2780 [ 695CAD01CCDAC6F8DDB80375EA80E4A6 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
13:11:56.0171 2780 LMouKE ( UnsignedFile.Multi.Generic ) - warning
13:11:56.0171 2780 LMouKE - detected UnsignedFile.Multi.Generic (1)
13:11:56.0234 2780 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:11:57.0046 2780 MBAMProtector - ok
13:11:57.0171 2780 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:11:57.0250 2780 MBAMService - ok
13:11:57.0296 2780 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:11:57.0312 2780 MBAMSwissArmy - ok
13:11:57.0437 2780 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
13:11:57.0515 2780 McciCMService ( UnsignedFile.Multi.Generic ) - warning
13:11:57.0515 2780 McciCMService - detected UnsignedFile.Multi.Generic (1)
13:11:57.0593 2780 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] MCSTRM C:\WINDOWS\system32\drivers\MCSTRM.sys
13:11:57.0609 2780 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
13:11:57.0609 2780 MCSTRM - detected UnsignedFile.Multi.Generic (1)
13:11:57.0734 2780 [ 0EFEE4F2D23BA2D8B27FBA942106E0E1 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
13:11:57.0765 2780 MDM ( UnsignedFile.Multi.Generic ) - warning
13:11:57.0765 2780 MDM - detected UnsignedFile.Multi.Generic (1)
13:11:57.0828 2780 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:11:58.0062 2780 Messenger - ok
13:11:58.0125 2780 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:11:58.0390 2780 mnmdd - ok
13:11:58.0484 2780 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:11:58.0718 2780 mnmsrvc - ok
13:11:58.0796 2780 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:11:59.0015 2780 Modem - ok
13:11:59.0062 2780 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:11:59.0265 2780 Mouclass - ok
13:11:59.0375 2780 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:11:59.0703 2780 mouhid - ok
13:11:59.0750 2780 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:11:59.0968 2780 MountMgr - ok
13:11:59.0984 2780 mraid35x - ok
13:12:00.0031 2780 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
13:12:00.0078 2780 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
13:12:00.0078 2780 MREMP50 - detected UnsignedFile.Multi.Generic (1)
13:12:00.0140 2780 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
13:12:00.0171 2780 MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
13:12:00.0171 2780 MREMPR5 - detected UnsignedFile.Multi.Generic (1)
13:12:00.0218 2780 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 c:\PROGRA~1\COMMON~1\motive\MRENDIS5.SYS
13:12:00.0250 2780 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
13:12:00.0250 2780 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
13:12:00.0296 2780 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
13:12:00.0343 2780 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
13:12:00.0343 2780 MRESP50 - detected UnsignedFile.Multi.Generic (1)
13:12:00.0375 2780 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:12:00.0625 2780 MRxDAV - ok
13:12:00.0687 2780 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:12:00.0843 2780 MRxSmb - ok
13:12:00.0875 2780 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:12:01.0093 2780 MSDTC - ok
13:12:01.0140 2780 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:12:01.0359 2780 Msfs - ok
13:12:01.0453 2780 [ 877FFD0FB093B80F5ED6BA64D7921881 ] Msikbd2k C:\WINDOWS\system32\DRIVERS\msikbd2k.sys
13:12:01.0500 2780 Msikbd2k - ok
13:12:01.0531 2780 MSIServer - ok
13:12:01.0593 2780 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:12:01.0812 2780 MSKSSRV - ok
13:12:01.0859 2780 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:12:02.0437 2780 MSPCLOCK - ok
13:12:02.0515 2780 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:12:02.0734 2780 MSPQM - ok
13:12:02.0781 2780 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:12:03.0000 2780 mssmbios - ok
13:12:03.0062 2780 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:12:03.0140 2780 Mup - ok
13:12:03.0203 2780 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:12:03.0437 2780 napagent - ok
13:12:03.0468 2780 NAVAP - ok
13:12:03.0484 2780 NAVAPEL - ok
13:12:03.0531 2780 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:12:03.0750 2780 NDIS - ok
13:12:03.0812 2780 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:12:03.0890 2780 NdisTapi - ok
13:12:03.0968 2780 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:12:04.0171 2780 Ndisuio - ok
13:12:04.0250 2780 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:12:04.0453 2780 NdisWan - ok
13:12:04.0500 2780 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:12:04.0562 2780 NDProxy - ok
13:12:04.0640 2780 [ 73C0F29643F54EBE777521C88535114A ] NetAlrt C:\WINDOWS\system32\drivers\NetAlrt.sys
13:12:04.0656 2780 NetAlrt ( UnsignedFile.Multi.Generic ) - warning
13:12:04.0656 2780 NetAlrt - detected UnsignedFile.Multi.Generic (1)
13:12:04.0734 2780 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:12:04.0937 2780 NetBIOS - ok
13:12:04.0984 2780 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:12:05.0187 2780 NetBT - ok
13:12:05.0265 2780 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:12:05.0484 2780 NetDDE - ok
13:12:05.0500 2780 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:12:05.0703 2780 NetDDEdsdm - ok
13:12:05.0750 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:12:05.0953 2780 Netlogon - ok
13:12:05.0984 2780 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:12:06.0250 2780 Netman - ok
13:12:06.0265 2780 [ 522215532916836B9CA19EE30658F3C1 ] Nhksrv C:\WINDOWS\Nhksrv.exe
13:12:11.0609 2780 Nhksrv - ok
13:12:11.0640 2780 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
13:12:11.0718 2780 Nla - ok
13:12:11.0781 2780 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:12:11.0968 2780 Npfs - ok
13:12:12.0046 2780 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:12:12.0312 2780 Ntfs - ok
13:12:12.0343 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:12:12.0531 2780 NtLmSsp - ok
13:12:12.0609 2780 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:12:12.0812 2780 NtmsSvc - ok
13:12:12.0859 2780 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:12:13.0109 2780 Null - ok
13:12:13.0187 2780 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:12:13.0421 2780 NwlnkFlt - ok
13:12:13.0468 2780 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:12:13.0687 2780 NwlnkFwd - ok
13:12:13.0750 2780 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
13:12:13.0781 2780 OMCI ( UnsignedFile.Multi.Generic ) - warning
13:12:13.0781 2780 OMCI - detected UnsignedFile.Multi.Generic (1)
13:12:13.0843 2780 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:12:14.0046 2780 Parport - ok
13:12:14.0078 2780 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:12:14.0265 2780 PartMgr - ok
13:12:14.0328 2780 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:12:14.0546 2780 ParVdm - ok
13:12:14.0578 2780 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:12:14.0796 2780 PCI - ok
13:12:14.0812 2780 PCIDump - ok
13:12:14.0890 2780 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:12:15.0109 2780 PCIIde - ok
13:12:15.0203 2780 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:12:15.0421 2780 Pcmcia - ok
13:12:15.0437 2780 PDCOMP - ok
13:12:15.0453 2780 PDFRAME - ok
13:12:15.0500 2780 PDRELI - ok
13:12:15.0531 2780 PDRFRAME - ok
13:12:15.0546 2780 perc2 - ok
13:12:15.0578 2780 perc2hib - ok
13:12:15.0687 2780 [ 7E885EB50520747204947EFF818B0A29 ] PlatAlrt C:\WINDOWS\system32\drivers\PlatAlrt.sys
13:12:15.0703 2780 PlatAlrt ( UnsignedFile.Multi.Generic ) - warning
13:12:15.0703 2780 PlatAlrt - detected UnsignedFile.Multi.Generic (1)
13:12:15.0750 2780 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:12:15.0812 2780 PlugPlay - ok
13:12:15.0859 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:12:16.0046 2780 PolicyAgent - ok
13:12:16.0109 2780 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:12:16.0328 2780 PptpMiniport - ok
13:12:16.0359 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:12:16.0531 2780 ProtectedStorage - ok
13:12:16.0609 2780 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:12:16.0828 2780 PSched - ok
13:12:16.0890 2780 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:12:17.0125 2780 Ptilink - ok
13:12:17.0187 2780 [ DB3B30C3A4CDCF07E164C14584D9D0F2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:12:17.0203 2780 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
13:12:17.0203 2780 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
13:12:17.0218 2780 ql1080 - ok
13:12:17.0250 2780 Ql10wnt - ok
13:12:17.0265 2780 ql12160 - ok
13:12:17.0296 2780 ql1240 - ok
13:12:17.0312 2780 ql1280 - ok
13:12:17.0359 2780 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:12:17.0562 2780 RasAcd - ok
13:12:17.0609 2780 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:12:17.0812 2780 RasAuto - ok
13:12:17.0890 2780 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:12:18.0109 2780 Rasl2tp - ok
13:12:18.0156 2780 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:12:18.0390 2780 RasMan - ok
13:12:18.0468 2780 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:12:18.0671 2780 RasPppoe - ok
13:12:18.0703 2780 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:12:18.0921 2780 Raspti - ok
13:12:19.0015 2780 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:12:19.0234 2780 Rdbss - ok
13:12:19.0296 2780 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:12:19.0531 2780 RDPCDD - ok
13:12:19.0609 2780 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:12:19.0828 2780 rdpdr - ok
13:12:19.0906 2780 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:12:20.0015 2780 RDPWD - ok
13:12:20.0093 2780 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:12:20.0296 2780 RDSessMgr - ok
13:12:20.0359 2780 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:12:20.0578 2780 redbook - ok
13:12:20.0671 2780 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:12:20.0875 2780 RemoteAccess - ok
13:12:20.0921 2780 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:12:21.0140 2780 RemoteRegistry - ok
13:12:21.0187 2780 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
13:12:21.0375 2780 RpcLocator - ok
13:12:21.0453 2780 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:12:21.0562 2780 RpcSs - ok
13:12:21.0640 2780 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:12:21.0843 2780 RSVP - ok
13:12:21.0875 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:12:22.0062 2780 SamSs - ok
13:12:22.0140 2780 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:12:22.0359 2780 SCardSvr - ok
13:12:22.0468 2780 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:12:22.0703 2780 Schedule - ok
13:12:22.0750 2780 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:12:22.0968 2780 Secdrv - ok
13:12:23.0015 2780 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:12:23.0218 2780 seclogon - ok
13:12:23.0265 2780 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:12:23.0484 2780 SENS - ok
13:12:23.0531 2780 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:12:23.0734 2780 serenum - ok
13:12:23.0796 2780 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:12:24.0015 2780 Serial - ok
13:12:24.0859 2780 [ 9910F4097EECBF561B257D614ADEF09A ] ServicepointService C:\Program Files\Windstream\Service Agent\ServicepointService.exe
13:12:25.0500 2780 ServicepointService - ok
13:12:25.0531 2780 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:12:25.0734 2780 Sfloppy - ok
13:12:25.0796 2780 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:12:26.0046 2780 SharedAccess - ok
13:12:26.0125 2780 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:12:26.0171 2780 ShellHWDetection - ok
13:12:26.0187 2780 Simbad - ok
13:12:26.0281 2780 [ 70B8DD8707DBF6142530C106365DF67D ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
13:12:26.0375 2780 smwdm - ok
13:12:26.0390 2780 Sparrow - ok
13:12:26.0484 2780 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:12:26.0687 2780 splitter - ok
13:12:26.0734 2780 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:12:26.0796 2780 Spooler - ok
13:12:26.0859 2780 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:12:27.0062 2780 sr - ok
13:12:27.0125 2780 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
13:12:27.0343 2780 srservice - ok
13:12:27.0437 2780 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:12:27.0562 2780 Srv - ok
13:12:27.0640 2780 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:12:27.0843 2780 SSDPSRV - ok
13:12:27.0921 2780 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:12:28.0171 2780 stisvc - ok
13:12:28.0250 2780 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:12:28.0468 2780 swenum - ok
13:12:28.0531 2780 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:12:28.0734 2780 swmidi - ok
13:12:28.0750 2780 SwPrv - ok
13:12:28.0781 2780 symc810 - ok
13:12:28.0812 2780 symc8xx - ok
13:12:28.0843 2780 sym_hi - ok
13:12:28.0859 2780 sym_u3 - ok
13:12:28.0937 2780 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:12:29.0140 2780 sysaudio - ok
13:12:29.0218 2780 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:12:29.0437 2780 SysmonLog - ok
13:12:29.0515 2780 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:12:29.0734 2780 TapiSrv - ok
13:12:29.0812 2780 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:12:29.0921 2780 Tcpip - ok
13:12:29.0984 2780 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:12:30.0187 2780 TDPIPE - ok
13:12:30.0218 2780 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:12:30.0437 2780 TDTCP - ok
13:12:30.0484 2780 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:12:30.0750 2780 TermDD - ok
13:12:30.0812 2780 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:12:31.0031 2780 TermService - ok
13:12:31.0125 2780 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
13:12:31.0156 2780 Themes - ok
13:12:31.0203 2780 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:12:31.0406 2780 TlntSvr - ok
13:12:31.0421 2780 TosIde - ok
13:12:31.0484 2780 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:12:31.0703 2780 TrkWks - ok
13:12:31.0796 2780 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:12:32.0000 2780 Udfs - ok
13:12:32.0015 2780 ultra - ok
13:12:32.0093 2780 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:12:32.0359 2780 Update - ok
13:12:32.0484 2780 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:12:32.0703 2780 upnphost - ok
13:12:32.0765 2780 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:12:32.0984 2780 UPS - ok
13:12:33.0046 2780 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
13:12:33.0125 2780 USBAAPL - ok
13:12:33.0187 2780 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:12:33.0390 2780 usbccgp - ok
13:12:33.0515 2780 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:12:33.0734 2780 usbehci - ok
13:12:33.0796 2780 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:12:34.0000 2780 usbhub - ok
13:12:34.0078 2780 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:12:34.0281 2780 usbprint - ok
13:12:34.0328 2780 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:12:34.0531 2780 usbscan - ok
13:12:34.0578 2780 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:12:34.0781 2780 USBSTOR - ok
13:12:34.0812 2780 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:12:35.0031 2780 usbuhci - ok
13:12:35.0078 2780 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:12:35.0296 2780 VgaSave - ok
13:12:35.0312 2780 ViaIde - ok
13:12:35.0375 2780 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:12:35.0609 2780 VolSnap - ok
13:12:35.0671 2780 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:12:35.0906 2780 VSS - ok
13:12:35.0953 2780 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
13:12:36.0171 2780 W32Time - ok
13:12:36.0250 2780 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:12:36.0468 2780 Wanarp - ok
13:12:36.0484 2780 WDICA - ok
13:12:36.0546 2780 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:12:36.0750 2780 wdmaud - ok
13:12:36.0812 2780 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:12:37.0031 2780 WebClient - ok
13:12:37.0140 2780 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
13:12:37.0156 2780 WinDefend - ok
13:12:37.0281 2780 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:12:37.0500 2780 winmgmt - ok
13:12:37.0640 2780 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:12:37.0796 2780 WmdmPmSN - ok
13:12:37.0890 2780 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:12:38.0000 2780 Wmi - ok
13:12:38.0078 2780 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:12:38.0281 2780 WmiApSrv - ok
13:12:38.0546 2780 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:12:38.0671 2780 WMPNetworkSvc - ok
13:12:38.0734 2780 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
13:12:38.0781 2780 WpdUsb - ok
13:12:38.0843 2780 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:12:39.0078 2780 WS2IFSL - ok
13:12:39.0125 2780 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:12:39.0343 2780 wscsvc - ok
13:12:39.0375 2780 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:12:39.0578 2780 wuauserv - ok
13:12:39.0640 2780 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:12:39.0734 2780 WudfPf - ok
13:12:39.0812 2780 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:12:39.0843 2780 WudfRd - ok
13:12:39.0890 2780 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:12:39.0937 2780 WudfSvc - ok
13:12:40.0015 2780 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:12:40.0281 2780 WZCSVC - ok
13:12:40.0328 2780 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:12:40.0562 2780 xmlprov - ok
13:12:40.0609 2780 [ 981210DDF5F7ED0CDF9F407999B3080C ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
13:12:41.0046 2780 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
13:12:41.0109 2780 [ 7BA8437F4E9DB34AC602FFB66CA7120F ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
13:12:41.0156 2780 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
13:12:41.0171 2780 ================ Scan global ===============================
13:12:41.0218 2780 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:12:41.0296 2780 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:12:41.0328 2780 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:12:41.0359 2780 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:12:41.0375 2780 [Global] - ok
13:12:41.0375 2780 ================ Scan MBR ==================================
13:12:41.0421 2780 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:12:41.0468 2780 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
13:12:41.0468 2780 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
13:12:41.0703 2780 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:12:41.0703 2780 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:12:41.0718 2780 ================ Scan VBR ==================================
13:12:41.0718 2780 [ 9799AEA3A09FFFA4CACFADB68996A9F0 ] \Device\Harddisk0\DR0\Partition1
13:12:41.0734 2780 \Device\Harddisk0\DR0\Partition1 - ok
13:12:41.0734 2780 ================ Scan active images ========================
13:12:41.0750 2780 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
13:12:41.0750 2780 C:\WINDOWS\system32\drivers\intelppm.sys - ok
13:12:41.0765 2780 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
13:12:41.0765 2780 C:\WINDOWS\system32\drivers\videoprt.sys - ok
13:12:41.0781 2780 [ 3CA41CDB9C912AED354B0C7ABE4A4654 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
13:12:41.0781 2780 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
13:12:41.0796 2780 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
13:12:41.0796 2780 C:\WINDOWS\system32\drivers\usbport.sys - ok
13:12:41.0812 2780 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
13:12:41.0812 2780 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
13:12:41.0828 2780 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
13:12:41.0828 2780 C:\WINDOWS\system32\drivers\usbehci.sys - ok
13:12:41.0843 2780 [ 7DBE45F359B20AE06CDB6A09900E0B18 ] C:\WINDOWS\system32\drivers\e1000nt5.sys
13:12:41.0843 2780 C:\WINDOWS\system32\drivers\e1000nt5.sys - ok
13:12:41.0859 2780 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
13:12:41.0859 2780 C:\WINDOWS\system32\drivers\fdc.sys - ok
13:12:41.0875 2780 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
13:12:41.0875 2780 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
13:12:41.0890 2780 [ 877FFD0FB093B80F5ED6BA64D7921881 ] C:\WINDOWS\system32\drivers\Msikbd2k.sys
13:12:41.0890 2780 C:\WINDOWS\system32\drivers\Msikbd2k.sys - ok
13:12:41.0906 2780 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
13:12:41.0906 2780 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
13:12:41.0921 2780 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
13:12:41.0921 2780 C:\WINDOWS\system32\drivers\serial.sys - ok
13:12:41.0937 2780 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
13:12:41.0937 2780 C:\WINDOWS\system32\drivers\serenum.sys - ok
13:12:41.0953 2780 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
13:12:41.0953 2780 C:\WINDOWS\system32\drivers\parport.sys - ok
13:12:41.0968 2780 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
13:12:41.0968 2780 C:\WINDOWS\system32\drivers\cdrom.sys - ok
13:12:41.0984 2780 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
13:12:41.0984 2780 C:\WINDOWS\system32\drivers\ks.sys - ok
13:12:42.0000 2780 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
13:12:42.0000 2780 C:\WINDOWS\system32\drivers\redbook.sys - ok
13:12:42.0015 2780 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
13:12:42.0015 2780 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
13:12:42.0031 2780 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
13:12:42.0031 2780 C:\WINDOWS\system32\drivers\drmk.sys - ok
13:12:42.0046 2780 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
13:12:42.0046 2780 C:\WINDOWS\system32\drivers\portcls.sys - ok
13:12:42.0062 2780 [ 70B8DD8707DBF6142530C106365DF67D ] C:\WINDOWS\system32\drivers\smwdm.sys
13:12:42.0062 2780 C:\WINDOWS\system32\drivers\smwdm.sys - ok
13:12:42.0078 2780 [ 11C04B17ED2ABBB4833694BCD644AC90 ] C:\WINDOWS\system32\drivers\aeaudio.sys
13:12:42.0078 2780 C:\WINDOWS\system32\drivers\aeaudio.sys - ok
13:12:42.0093 2780 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
13:12:42.0093 2780 C:\WINDOWS\system32\drivers\audstub.sys - ok
13:12:42.0109 2780 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
13:12:42.0109 2780 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
13:12:42.0125 2780 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
13:12:42.0125 2780 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
13:12:42.0140 2780 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
13:12:42.0140 2780 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
13:12:42.0156 2780 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
13:12:42.0156 2780 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
13:12:42.0171 2780 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
13:12:42.0171 2780 C:\WINDOWS\system32\drivers\tdi.sys - ok
13:12:42.0187 2780 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
13:12:42.0187 2780 C:\WINDOWS\system32\drivers\raspptp.sys - ok
13:12:42.0203 2780 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
13:12:42.0203 2780 C:\WINDOWS\system32\drivers\psched.sys - ok
13:12:42.0218 2780 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
13:12:42.0218 2780 C:\WINDOWS\system32\drivers\msgpc.sys - ok
13:12:42.0234 2780 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
13:12:42.0234 2780 C:\WINDOWS\system32\drivers\ptilink.sys - ok
13:12:42.0234 2780 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
13:12:42.0234 2780 C:\WINDOWS\system32\drivers\raspti.sys - ok
13:12:42.0250 2780 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
13:12:42.0250 2780 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
13:12:42.0265 2780 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
13:12:42.0265 2780 C:\WINDOWS\system32\drivers\termdd.sys - ok
13:12:42.0281 2780 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
13:12:42.0281 2780 C:\WINDOWS\system32\drivers\mouclass.sys - ok
13:12:42.0296 2780 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
13:12:42.0296 2780 C:\WINDOWS\system32\drivers\swenum.sys - ok
13:12:42.0312 2780 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
13:12:42.0312 2780 C:\WINDOWS\system32\drivers\update.sys - ok
13:12:42.0328 2780 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
13:12:42.0328 2780 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
13:12:42.0343 2780 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
13:12:42.0343 2780 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
13:12:42.0359 2780 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
13:12:42.0359 2780 C:\WINDOWS\system32\drivers\usbd.sys - ok
13:12:42.0375 2780 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
13:12:42.0375 2780 C:\WINDOWS\system32\drivers\usbhub.sys - ok
13:12:42.0390 2780 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
13:12:42.0390 2780 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
13:12:42.0406 2780 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
13:12:42.0406 2780 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
13:12:42.0421 2780 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
13:12:42.0421 2780 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
13:12:42.0437 2780 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
13:12:42.0437 2780 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
13:12:42.0437 2780 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
13:12:42.0437 2780 C:\WINDOWS\system32\drivers\beep.sys - ok
13:12:42.0453 2780 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
13:12:42.0453 2780 C:\WINDOWS\system32\drivers\null.sys - ok
13:12:42.0468 2780 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
13:12:42.0468 2780 C:\WINDOWS\system32\drivers\vga.sys - ok
13:12:42.0484 2780 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
13:12:42.0484 2780 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
13:12:42.0500 2780 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
13:12:42.0500 2780 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
13:12:42.0515 2780 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
13:12:42.0515 2780 C:\WINDOWS\system32\drivers\msfs.sys - ok
13:12:42.0531 2780 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
13:12:42.0531 2780 C:\WINDOWS\system32\drivers\npfs.sys - ok
13:12:42.0546 2780 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
13:12:42.0546 2780 C:\WINDOWS\system32\drivers\rasacd.sys - ok
13:12:42.0562 2780 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
13:12:42.0562 2780 C:\WINDOWS\system32\drivers\ipsec.sys - ok
13:12:42.0578 2780 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
13:12:42.0578 2780 C:\WINDOWS\system32\drivers\tcpip.sys - ok
13:12:42.0593 2780 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
13:12:42.0593 2780 C:\WINDOWS\system32\drivers\netbt.sys - ok
13:12:42.0609 2780 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
13:12:42.0609 2780 C:\WINDOWS\system32\drivers\ipnat.sys - ok
13:12:42.0625 2780 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
13:12:42.0625 2780 C:\WINDOWS\system32\drivers\wanarp.sys - ok
13:12:42.0640 2780 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:12:42.0640 2780 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
13:12:42.0656 2780 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
13:12:42.0656 2780 C:\WINDOWS\system32\drivers\afd.sys - ok
13:12:42.0656 2780 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
13:12:42.0656 2780 C:\WINDOWS\system32\drivers\netbios.sys - ok
13:12:42.0671 2780 [ 981210DDF5F7ED0CDF9F407999B3080C ] C:\WINDOWS\system32\drivers\ialmsbw.sys
13:12:42.0671 2780 C:\WINDOWS\system32\drivers\ialmsbw.sys - ok
13:12:42.0687 2780 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] C:\WINDOWS\system32\drivers\omci.sys
13:12:42.0687 2780 C:\WINDOWS\system32\drivers\omci.sys - ok
13:12:42.0703 2780 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
13:12:42.0703 2780 C:\WINDOWS\system32\drivers\rdbss.sys - ok
13:12:42.0718 2780 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
13:12:42.0718 2780 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
13:12:42.0734 2780 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
13:12:42.0734 2780 C:\WINDOWS\system32\drivers\imapi.sys - ok
13:12:42.0750 2780 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
13:12:42.0750 2780 C:\WINDOWS\system32\drivers\fips.sys - ok
13:12:42.0765 2780 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
13:12:42.0765 2780 C:\WINDOWS\system32\smss.exe - ok
13:12:42.0781 2780 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
13:12:42.0781 2780 C:\WINDOWS\system32\ntdll.dll - ok
13:12:42.0796 2780 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
13:12:42.0796 2780 C:\WINDOWS\system32\autochk.exe - ok
13:12:42.0796 2780 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
13:12:42.0796 2780 C:\WINDOWS\system32\sfcfiles.dll - ok
13:12:42.0812 2780 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
13:12:42.0812 2780 C:\WINDOWS\system32\drivers\cdfs.sys - ok
13:12:42.0828 2780 [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
13:12:42.0828 2780 C:\WINDOWS\system32\drivers\usbprint.sys - ok
13:12:42.0843 2780 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
13:12:42.0843 2780 C:\WINDOWS\system32\drivers\hidparse.sys - ok
13:12:42.0859 2780 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
13:12:42.0859 2780 C:\WINDOWS\system32\drivers\hidclass.sys - ok
13:12:42.0875 2780 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
13:12:42.0875 2780 C:\WINDOWS\system32\drivers\hidusb.sys - ok
13:12:42.0890 2780 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
13:12:42.0890 2780 C:\WINDOWS\system32\drivers\mouhid.sys - ok
13:12:42.0906 2780 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
13:12:42.0906 2780 C:\WINDOWS\system32\drivers\wmilib.sys - ok
13:12:42.0906 2780 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
13:12:42.0906 2780 C:\WINDOWS\system32\drivers\atapi.sys - ok
13:12:42.0921 2780 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
13:12:42.0921 2780 C:\WINDOWS\system32\drivers\dxapi.sys - ok
13:12:42.0937 2780 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
13:12:42.0937 2780 C:\WINDOWS\system32\watchdog.sys - ok
13:12:42.0953 2780 [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
13:12:42.0953 2780 C:\WINDOWS\system32\win32k.sys - ok
13:12:42.0968 2780 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
13:12:42.0968 2780 C:\WINDOWS\system32\csrsrv.dll - ok
13:12:42.0984 2780 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
13:12:42.0984 2780 C:\WINDOWS\system32\csrss.exe - ok
13:12:43.0000 2780 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:12:43.0000 2780 C:\WINDOWS\system32\basesrv.dll - ok
13:12:43.0015 2780 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
13:12:43.0015 2780 C:\WINDOWS\system32\winsrv.dll - ok
13:12:43.0031 2780 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
13:12:43.0031 2780 C:\WINDOWS\system32\gdi32.dll - ok
13:12:43.0046 2780 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
13:12:43.0046 2780 C:\WINDOWS\system32\kernel32.dll - ok
13:12:43.0062 2780 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
13:12:43.0062 2780 C:\WINDOWS\system32\user32.dll - ok
13:12:43.0078 2780 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
13:12:43.0078 2780 C:\WINDOWS\system32\drivers\dxg.sys - ok
13:12:43.0093 2780 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
13:12:43.0093 2780 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
13:12:43.0109 2780 [ CCF1C7FAAD185F489F91618F4ACCAD43 ] C:\WINDOWS\system32\ialmdnt5.dll
13:12:43.0109 2780 C:\WINDOWS\system32\ialmdnt5.dll - ok
13:12:43.0125 2780 [ 624FA10AAC7D113BECECC64AE203FF4F ] C:\WINDOWS\system32\ialmrnt5.dll
13:12:43.0125 2780 C:\WINDOWS\system32\ialmrnt5.dll - ok
13:12:43.0125 2780 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
13:12:43.0125 2780 C:\WINDOWS\system32\vga.dll - ok
13:12:43.0140 2780 [ D6AD6A7A9FA9BC5877A2669B35B7D93C ] C:\WINDOWS\system32\ialmdev5.dll
13:12:43.0140 2780 C:\WINDOWS\system32\ialmdev5.dll - ok
13:12:43.0156 2780 [ 633D0CF2C9FDD35F09F42CC78BC93768 ] C:\WINDOWS\system32\ialmdd5.dll
13:12:43.0156 2780 C:\WINDOWS\system32\ialmdd5.dll - ok
13:12:43.0171 2780 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
13:12:43.0171 2780 C:\WINDOWS\system32\winlogon.exe - ok
13:12:43.0187 2780 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
13:12:43.0187 2780 C:\WINDOWS\system32\advapi32.dll - ok
13:12:43.0203 2780 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
13:12:43.0203 2780 C:\WINDOWS\system32\rpcrt4.dll - ok
13:12:43.0218 2780 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
13:12:43.0218 2780 C:\WINDOWS\system32\authz.dll - ok
13:12:43.0234 2780 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
13:12:43.0234 2780 C:\WINDOWS\system32\secur32.dll - ok
13:12:43.0234 2780 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
13:12:43.0250 2780 C:\WINDOWS\system32\msvcrt.dll - ok
13:12:43.0250 2780 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
13:12:43.0250 2780 C:\WINDOWS\system32\crypt32.dll - ok
13:12:43.0265 2780 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
13:12:43.0265 2780 C:\WINDOWS\system32\msasn1.dll - ok
13:12:43.0281 2780 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
13:12:43.0281 2780 C:\WINDOWS\system32\nddeapi.dll - ok
13:12:43.0296 2780 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
13:12:43.0296 2780 C:\WINDOWS\system32\netapi32.dll - ok
13:12:43.0312 2780 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
13:12:43.0312 2780 C:\WINDOWS\system32\profmap.dll - ok
13:12:43.0328 2780 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
13:12:43.0328 2780 C:\WINDOWS\system32\userenv.dll - ok
13:12:43.0343 2780 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
13:12:43.0343 2780 C:\WINDOWS\system32\psapi.dll - ok
13:12:43.0359 2780 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
13:12:43.0359 2780 C:\WINDOWS\system32\regapi.dll - ok
13:12:43.0375 2780 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
13:12:43.0375 2780 C:\WINDOWS\system32\setupapi.dll - ok
13:12:43.0390 2780 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
13:12:43.0390 2780 C:\WINDOWS\system32\version.dll - ok
13:12:43.0406 2780 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
13:12:43.0406 2780 C:\WINDOWS\system32\winsta.dll - ok
13:12:43.0406 2780 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
13:12:43.0406 2780 C:\WINDOWS\system32\wintrust.dll - ok
13:12:43.0421 2780 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
13:12:43.0421 2780 C:\WINDOWS\system32\imagehlp.dll - ok
13:12:43.0468 2780 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
13:12:43.0468 2780 C:\WINDOWS\system32\ws2_32.dll - ok
13:12:43.0484 2780 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
13:12:43.0484 2780 C:\WINDOWS\system32\imm32.dll - ok
13:12:43.0500 2780 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
13:12:43.0500 2780 C:\WINDOWS\system32\ws2help.dll - ok
13:12:43.0515 2780 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
13:12:43.0515 2780 C:\WINDOWS\system32\kbdus.dll - ok
13:12:43.0531 2780 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
13:12:43.0531 2780 C:\WINDOWS\system32\msgina.dll - ok
13:12:43.0546 2780 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
13:12:43.0546 2780 C:\WINDOWS\system32\comctl32.dll - ok
13:12:43.0562 2780 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
13:12:43.0562 2780 C:\WINDOWS\system32\odbc32.dll - ok
13:12:43.0578 2780 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
13:12:43.0578 2780 C:\WINDOWS\system32\comdlg32.dll - ok
13:12:43.0593 2780 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
13:12:43.0593 2780 C:\WINDOWS\system32\shell32.dll - ok
13:12:43.0609 2780 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
13:12:43.0609 2780 C:\WINDOWS\system32\shlwapi.dll - ok
13:12:43.0625 2780 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
13:12:43.0625 2780 C:\WINDOWS\system32\sxs.dll - ok
13:12:43.0640 2780 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
13:12:43.0640 2780 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
13:12:43.0640 2780 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
13:12:43.0640 2780 C:\WINDOWS\system32\odbcint.dll - ok
13:12:43.0656 2780 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
13:12:43.0656 2780 C:\WINDOWS\system32\shsvcs.dll - ok
13:12:43.0671 2780 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
13:12:43.0671 2780 C:\WINDOWS\system32\sfc.dll - ok
13:12:43.0687 2780 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
13:12:43.0687 2780 C:\WINDOWS\system32\sfc_os.dll - ok
13:12:43.0703 2780 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
13:12:43.0703 2780 C:\WINDOWS\system32\ole32.dll - ok
13:12:43.0718 2780 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
13:12:43.0718 2780 C:\WINDOWS\system32\apphelp.dll - ok
13:12:43.0734 2780 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
13:12:43.0734 2780 C:\WINDOWS\system32\lsass.exe - ok
13:12:43.0750 2780 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:12:43.0750 2780 C:\WINDOWS\system32\services.exe - ok
13:12:43.0750 2780 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
13:12:43.0750 2780 C:\WINDOWS\system32\lsasrv.dll - ok
13:12:43.0765 2780 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
13:12:43.0765 2780 C:\WINDOWS\system32\ncobjapi.dll - ok
13:12:43.0781 2780 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
13:12:43.0781 2780 C:\WINDOWS\system32\msvcp60.dll - ok
13:12:43.0796 2780 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
13:12:43.0796 2780 C:\WINDOWS\system32\mpr.dll - ok
13:12:43.0812 2780 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
13:12:43.0812 2780 C:\WINDOWS\system32\ntdsapi.dll - ok
13:12:43.0828 2780 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
13:12:43.0828 2780 C:\WINDOWS\system32\scesrv.dll - ok
13:12:43.0843 2780 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
13:12:43.0843 2780 C:\WINDOWS\system32\dnsapi.dll - ok
13:12:43.0859 2780 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
13:12:43.0859 2780 C:\WINDOWS\system32\wldap32.dll - ok
13:12:43.0875 2780 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
13:12:43.0875 2780 C:\WINDOWS\system32\umpnpmgr.dll - ok
13:12:43.0890 2780 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
13:12:43.0890 2780 C:\WINDOWS\system32\samlib.dll - ok
13:12:43.0906 2780 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
13:12:43.0906 2780 C:\WINDOWS\system32\samsrv.dll - ok
13:12:43.0921 2780 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
13:12:43.0921 2780 C:\WINDOWS\system32\shimeng.dll - ok
13:12:43.0921 2780 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
13:12:43.0921 2780 C:\WINDOWS\AppPatch\acadproc.dll - ok
13:12:43.0937 2780 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
13:12:43.0937 2780 C:\WINDOWS\AppPatch\acgenral.dll - ok
13:12:43.0953 2780 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
13:12:43.0953 2780 C:\WINDOWS\system32\cryptdll.dll - ok
13:12:43.0968 2780 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
13:12:43.0968 2780 C:\WINDOWS\system32\winmm.dll - ok
13:12:43.0984 2780 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
13:12:43.0984 2780 C:\WINDOWS\system32\oleaut32.dll - ok
13:12:44.0000 2780 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
13:12:44.0000 2780 C:\WINDOWS\system32\msacm32.dll - ok
13:12:44.0015 2780 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
13:12:44.0015 2780 C:\WINDOWS\system32\uxtheme.dll - ok
13:12:44.0031 2780 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
13:12:44.0031 2780 C:\WINDOWS\system32\msapsspc.dll - ok
13:12:44.0046 2780 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
13:12:44.0046 2780 C:\WINDOWS\system32\msvcrt40.dll - ok
13:12:44.0062 2780 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
13:12:44.0062 2780 C:\WINDOWS\system32\schannel.dll - ok
13:12:44.0062 2780 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
13:12:44.0078 2780 C:\WINDOWS\system32\digest.dll - ok
13:12:44.0078 2780 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
13:12:44.0078 2780 C:\WINDOWS\system32\msnsspc.dll - ok
13:12:44.0093 2780 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
13:12:44.0093 2780 C:\WINDOWS\system32\msctfime.ime - ok
13:12:44.0109 2780 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
13:12:44.0109 2780 C:\WINDOWS\system32\msprivs.dll - ok
13:12:44.0125 2780 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
13:12:44.0125 2780 C:\WINDOWS\system32\kerberos.dll - ok
13:12:44.0140 2780 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
13:12:44.0140 2780 C:\WINDOWS\system32\iphlpapi.dll - ok
13:12:44.0156 2780 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
13:12:44.0156 2780 C:\WINDOWS\system32\msv1_0.dll - ok
13:12:44.0171 2780 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
13:12:44.0171 2780 C:\WINDOWS\system32\netlogon.dll - ok
13:12:44.0187 2780 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
13:12:44.0187 2780 C:\WINDOWS\system32\w32time.dll - ok
13:12:44.0187 2780 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
13:12:44.0187 2780 C:\WINDOWS\system32\rsaenh.dll - ok
13:12:44.0203 2780 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
13:12:44.0203 2780 C:\WINDOWS\system32\wdigest.dll - ok
13:12:44.0218 2780 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
13:12:44.0218 2780 C:\WINDOWS\system32\winscard.dll - ok
13:12:44.0234 2780 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
13:12:44.0234 2780 C:\WINDOWS\system32\wtsapi32.dll - ok
13:12:44.0250 2780 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
13:12:44.0250 2780 C:\WINDOWS\system32\scecli.dll - ok
13:12:44.0265 2780 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] C:\WINDOWS\system32\drivers\mbam.sys
13:12:44.0265 2780 C:\WINDOWS\system32\drivers\mbam.sys - ok
13:12:44.0281 2780 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
13:12:44.0281 2780 C:\WINDOWS\system32\svchost.exe - ok
13:12:44.0296 2780 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
13:12:44.0296 2780 C:\WINDOWS\system32\ntmarta.dll - ok
13:12:44.0312 2780 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
13:12:44.0312 2780 C:\WINDOWS\system32\rpcss.dll - ok
13:12:44.0328 2780 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
13:12:44.0328 2780 C:\WINDOWS\system32\xpsp2res.dll - ok
13:12:44.0343 2780 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
13:12:44.0343 2780 C:\WINDOWS\system32\eventlog.dll - ok
13:12:44.0359 2780 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
13:12:44.0359 2780 C:\WINDOWS\system32\mswsock.dll - ok
13:12:44.0375 2780 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
13:12:44.0375 2780 C:\WINDOWS\system32\hnetcfg.dll - ok
13:12:44.0390 2780 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
13:12:44.0390 2780 C:\WINDOWS\system32\wshtcpip.dll - ok
13:12:44.0406 2780 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
13:12:44.0406 2780 C:\Program Files\Bonjour\mdnsNSP.dll - ok
13:12:44.0421 2780 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
13:12:44.0421 2780 C:\WINDOWS\system32\winrnr.dll - ok
13:12:44.0421 2780 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
13:12:44.0421 2780 C:\WINDOWS\system32\rasadhlp.dll - ok
13:12:44.0437 2780 [ F45DD1E1365D857DD08BC23563370D0E ] C:\Program Files\Windows Defender\MsMpEng.exe
13:12:44.0437 2780 C:\Program Files\Windows Defender\MsMpEng.exe - ok
13:12:44.0453 2780 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
13:12:44.0453 2780 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
13:12:44.0468 2780 [ 64898BEA32C12BADDA4218BE88DBD595 ] C:\Program Files\Windows Defender\MpSvc.dll
13:12:44.0468 2780 C:\Program Files\Windows Defender\MpSvc.dll - ok
13:12:44.0500 2780 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
13:12:44.0500 2780 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
13:12:44.0515 2780 [ 6F44DD636C791B70ADE78FE974BE0A1D ] C:\Program Files\Windows Defender\MpClient.dll
13:12:44.0515 2780 C:\Program Files\Windows Defender\MpClient.dll - ok
13:12:44.0531 2780 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
13:12:44.0531 2780 C:\WINDOWS\system32\cscdll.dll - ok
13:12:44.0546 2780 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
13:12:44.0546 2780 C:\WINDOWS\system32\logonui.exe - ok
13:12:44.0562 2780 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
13:12:44.0562 2780 C:\WINDOWS\system32\WudfSvc.dll - ok
13:12:44.0578 2780 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
13:12:44.0578 2780 C:\WINDOWS\system32\WudfPlatform.dll - ok
13:12:44.0593 2780 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
13:12:44.0593 2780 C:\WINDOWS\system32\dimsntfy.dll - ok
13:12:44.0609 2780 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
13:12:44.0609 2780 C:\WINDOWS\system32\wlnotify.dll - ok
13:12:44.0625 2780 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
13:12:44.0625 2780 C:\WINDOWS\system32\winspool.drv - ok
13:12:44.0640 2780 [ 147429092C26D18AF550790AC102F32A ] C:\WINDOWS\system32\WgaLogon.dll
13:12:44.0640 2780 C:\WINDOWS\system32\WgaLogon.dll - ok
13:12:44.0656 2780 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
13:12:44.0656 2780 C:\WINDOWS\system32\duser.dll - ok
13:12:44.0671 2780 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
13:12:44.0671 2780 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
13:12:44.0671 2780 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
13:12:44.0671 2780 C:\WINDOWS\system32\dhcpcsvc.dll - ok
13:12:44.0687 2780 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
13:12:44.0687 2780 C:\WINDOWS\system32\dnsrslvr.dll - ok
13:12:44.0703 2780 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
13:12:44.0703 2780 C:\WINDOWS\system32\msimg32.dll - ok
13:12:44.0718 2780 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
13:12:44.0718 2780 C:\WINDOWS\system32\oleacc.dll - ok
13:12:44.0734 2780 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
13:12:44.0734 2780 C:\WINDOWS\system32\clbcatq.dll - ok
13:12:44.0750 2780 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
13:12:44.0750 2780 C:\WINDOWS\system32\comres.dll - ok
13:12:44.0765 2780 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
13:12:44.0765 2780 C:\WINDOWS\system32\msxml3.dll - ok
13:12:44.0781 2780 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
13:12:44.0781 2780 C:\WINDOWS\system32\shgina.dll - ok
13:12:44.0781 2780 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
13:12:44.0781 2780 C:\WINDOWS\system32\lmhsvc.dll - ok
13:12:44.0796 2780 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
13:12:44.0796 2780 C:\WINDOWS\system32\wzcsvc.dll - ok
13:12:44.0812 2780 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
13:12:44.0812 2780 C:\WINDOWS\system32\eapolqec.dll - ok
13:12:44.0828 2780 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
13:12:44.0828 2780 C:\WINDOWS\system32\rtutils.dll - ok
13:12:44.0843 2780 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
13:12:44.0843 2780 C:\WINDOWS\system32\wmi.dll - ok
13:12:44.0859 2780 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
13:12:44.0859 2780 C:\WINDOWS\system32\atl.dll - ok
13:12:44.0875 2780 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
13:12:44.0875 2780 C:\WINDOWS\system32\dot3api.dll - ok
13:12:44.0890 2780 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
13:12:44.0890 2780 C:\WINDOWS\system32\qutil.dll - ok
13:12:44.0906 2780 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
13:12:44.0906 2780 C:\WINDOWS\system32\esent.dll - ok
13:12:44.0921 2780 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
13:12:44.0921 2780 C:\WINDOWS\system32\rastls.dll - ok
13:12:44.0921 2780 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
13:12:44.0921 2780 C:\WINDOWS\system32\cryptui.dll - ok
13:12:44.0937 2780 [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
13:12:44.0937 2780 C:\WINDOWS\system32\wininet.dll - ok
13:12:44.0953 2780 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
13:12:44.0953 2780 C:\WINDOWS\system32\normaliz.dll - ok
13:12:44.0968 2780 [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
13:12:44.0968 2780 C:\WINDOWS\system32\urlmon.dll - ok
13:12:44.0984 2780 [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
13:12:44.0984 2780 C:\WINDOWS\system32\iertutil.dll - ok
13:12:45.0000 2780 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
13:12:45.0000 2780 C:\WINDOWS\system32\mprapi.dll - ok
13:12:45.0015 2780 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
13:12:45.0015 2780 C:\WINDOWS\system32\activeds.dll - ok
13:12:45.0031 2780 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
13:12:45.0031 2780 C:\WINDOWS\system32\adsldpc.dll - ok
13:12:45.0046 2780 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
13:12:45.0046 2780 C:\WINDOWS\system32\rasapi32.dll - ok
13:12:45.0062 2780 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
13:12:45.0062 2780 C:\WINDOWS\system32\rasman.dll - ok
13:12:45.0078 2780 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
13:12:45.0078 2780 C:\WINDOWS\system32\tapi32.dll - ok
13:12:45.0093 2780 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
13:12:45.0093 2780 C:\WINDOWS\system32\riched20.dll - ok
13:12:45.0109 2780 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
13:12:45.0109 2780 C:\WINDOWS\system32\raschap.dll - ok
13:12:45.0109 2780 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
13:12:45.0109 2780 C:\WINDOWS\system32\schedsvc.dll - ok
13:12:45.0125 2780 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
13:12:45.0125 2780 C:\WINDOWS\system32\msidle.dll - ok
13:12:45.0140 2780 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
13:12:45.0140 2780 C:\WINDOWS\system32\spoolsv.exe - ok
13:12:45.0156 2780 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
13:12:45.0156 2780 C:\WINDOWS\system32\audiosrv.dll - ok
13:12:45.0171 2780 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
13:12:45.0171 2780 C:\WINDOWS\system32\wkssvc.dll - ok
13:12:45.0187 2780 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
13:12:45.0187 2780 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
13:12:45.0203 2780 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
13:12:45.0203 2780 C:\WINDOWS\system32\webclnt.dll - ok
13:12:45.0218 2780 [ 522215532916836B9CA19EE30658F3C1 ] C:\WINDOWS\Nhksrv.exe
13:12:45.0218 2780 C:\WINDOWS\Nhksrv.exe - ok
13:12:45.0218 2780 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
13:12:45.0218 2780 C:\WINDOWS\system32\drivers\parvdm.sys - ok
13:12:45.0234 2780 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:12:45.0234 2780 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
13:12:45.0250 2780 [ 80942B137077DA7D2375B3041DA9127F ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
13:12:45.0250 2780 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
13:12:45.0265 2780 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
13:12:45.0265 2780 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
13:12:45.0281 2780 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
13:12:45.0281 2780 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
13:12:45.0296 2780 [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
13:12:45.0296 2780 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
13:12:45.0312 2780 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
13:12:45.0312 2780 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
13:12:45.0328 2780 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
13:12:45.0328 2780 C:\WINDOWS\system32\wsock32.dll - ok
13:12:45.0343 2780 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
13:12:45.0343 2780 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
13:12:45.0359 2780 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
13:12:45.0359 2780 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
13:12:45.0375 2780 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
13:12:45.0375 2780 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
13:12:45.0390 2780 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
13:12:45.0390 2780 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
13:12:45.0406 2780 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
13:12:45.0406 2780 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
13:12:45.0421 2780 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
13:12:45.0421 2780 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
13:12:45.0421 2780 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
13:12:45.0421 2780 C:\WINDOWS\system32\dnssd.dll - ok
13:12:45.0437 2780 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
13:12:45.0437 2780 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
13:12:45.0453 2780 [ 2B363D346B081BE18DC63E4A8139C258 ] C:\Program Files\Intel\ASF Agent\ASFAgent.exe
13:12:45.0453 2780 C:\Program Files\Intel\ASF Agent\ASFAgent.exe - ok
13:12:45.0468 2780 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
13:12:45.0468 2780 C:\Program Files\Bonjour\mDNSResponder.exe - ok
13:12:45.0484 2780 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
13:12:45.0484 2780 C:\WINDOWS\system32\powrprof.dll - ok
13:12:45.0500 2780 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
13:12:45.0500 2780 C:\WINDOWS\system32\cryptsvc.dll - ok
13:12:45.0531 2780 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
13:12:45.0531 2780 C:\WINDOWS\system32\certcli.dll - ok
13:12:45.0546 2780 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
13:12:45.0546 2780 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
13:12:45.0562 2780 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
13:12:45.0562 2780 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
13:12:45.0578 2780 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
13:12:45.0578 2780 C:\WINDOWS\system32\dmserver.dll - ok
13:12:45.0593 2780 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
13:12:45.0593 2780 C:\WINDOWS\system32\ersvc.dll - ok
13:12:45.0609 2780 [ E82871D75565219A7E28C6B14572EF63 ] C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe
13:12:45.0609 2780 C:\Program Files\Windstream\Diagnostic Tools\HsdService.exe - ok
13:12:45.0609 2780 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
13:12:45.0625 2780 C:\WINDOWS\system32\es.dll - ok
13:12:45.0625 2780 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
13:12:45.0625 2780 C:\WINDOWS\system32\hidserv.dll - ok
13:12:45.0640 2780 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
13:12:45.0640 2780 C:\WINDOWS\system32\hid.dll - ok
13:12:45.0656 2780 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
13:12:45.0656 2780 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
13:12:45.0671 2780 [ 265C08289B262A19BBD56E03C4EEDC63 ] C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll
13:12:45.0671 2780 C:\Program Files\Intel\ASF Agent\ASFCfgsv.dll - ok
13:12:45.0687 2780 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\Windstream\Diagnostic Tools\dbghelp.dll
13:12:45.0687 2780 C:\Program Files\Windstream\Diagnostic Tools\dbghelp.dll - ok
13:12:45.0703 2780 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
13:12:45.0703 2780 C:\WINDOWS\system32\icmp.dll - ok
13:12:45.0718 2780 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
13:12:45.0718 2780 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
13:12:45.0734 2780 [ 011285619951BC4C92FE322E08ABF050 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
13:12:45.0734 2780 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
13:12:45.0734 2780 [ 80F08F50D248EEEEB9256F6522891D40 ] C:\Program Files\Java\jre7\bin\jqs.exe
13:12:45.0734 2780 C:\Program Files\Java\jre7\bin\jqs.exe - ok
13:12:45.0750 2780 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
13:12:45.0750 2780 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
13:12:45.0765 2780 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
13:12:45.0765 2780 C:\WINDOWS\system32\pdh.dll - ok
13:12:45.0781 2780 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
13:12:45.0781 2780 C:\WINDOWS\system32\odbcbcp.dll - ok
13:12:45.0796 2780 [ 43683E970F008C93C9429EF428147A54 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:12:45.0796 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
13:12:45.0812 2780 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
13:12:45.0812 2780 C:\WINDOWS\system32\srvsvc.dll - ok
13:12:45.0828 2780 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
13:12:45.0828 2780 C:\WINDOWS\system32\netmsg.dll - ok
13:12:45.0843 2780 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
13:12:45.0843 2780 C:\WINDOWS\system32\perfos.dll - ok
13:12:45.0859 2780 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
13:12:45.0859 2780 C:\WINDOWS\system32\perfdisk.dll - ok
13:12:45.0875 2780 [ FB665485B6C8EE16FED0619ADFF8B27A ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
13:12:45.0875 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
13:12:45.0890 2780 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
13:12:45.0890 2780 C:\WINDOWS\system32\drivers\srv.sys - ok
13:12:45.0906 2780 [ 24744F14E76174927AA2BD4600709192 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
13:12:45.0906 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
13:12:45.0921 2780 [ 8F233C5BC68E34D18D38257B283CE96C ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
13:12:45.0921 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
13:12:45.0921 2780 [ E6CB119EF2E148EAA1A247343550756E ] C:\Program Files\Common Files\Motive\McciCMService.exe
13:12:45.0921 2780 C:\Program Files\Common Files\Motive\McciCMService.exe - ok
13:12:45.0937 2780 [ 0EFEE4F2D23BA2D8B27FBA942106E0E1 ] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
13:12:45.0937 2780 C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe - ok
13:12:45.0953 2780 [ 5BB01B9F582259D1FB7653C5C1DA3653 ] C:\WINDOWS\system32\drivers\mcstrm.sys
13:12:45.0953 2780 C:\WINDOWS\system32\drivers\mcstrm.sys - ok
13:12:45.0968 2780 [ 73C0F29643F54EBE777521C88535114A ] C:\WINDOWS\system32\drivers\Netalrt.sys
13:12:45.0968 2780 C:\WINDOWS\system32\drivers\Netalrt.sys - ok
13:12:45.0984 2780 [ 7E885EB50520747204947EFF818B0A29 ] C:\WINDOWS\system32\drivers\platalrt.sys
13:12:45.0984 2780 C:\WINDOWS\system32\drivers\platalrt.sys - ok
13:12:46.0000 2780 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
13:12:46.0000 2780 C:\WINDOWS\system32\ipsecsvc.dll - ok
13:12:46.0015 2780 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
13:12:46.0015 2780 C:\WINDOWS\system32\netman.dll - ok
13:12:46.0031 2780 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
13:12:46.0031 2780 C:\WINDOWS\system32\oakley.dll - ok
13:12:46.0046 2780 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
13:12:46.0046 2780 C:\WINDOWS\system32\winipsec.dll - ok
13:12:46.0062 2780 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
13:12:46.0062 2780 C:\WINDOWS\system32\netshell.dll - ok
13:12:46.0078 2780 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
13:12:46.0078 2780 C:\WINDOWS\system32\pstorsvc.dll - ok
13:12:46.0078 2780 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
13:12:46.0078 2780 C:\WINDOWS\system32\regsvc.dll - ok
13:12:46.0093 2780 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
13:12:46.0093 2780 C:\WINDOWS\system32\psbase.dll - ok
13:12:46.0109 2780 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
13:12:46.0109 2780 C:\WINDOWS\system32\credui.dll - ok
13:12:46.0125 2780 [ 9910F4097EECBF561B257D614ADEF09A ] C:\Program Files\Windstream\Service Agent\ServicepointService.exe
13:12:46.0125 2780 C:\Program Files\Windstream\Service Agent\ServicepointService.exe - ok
13:12:46.0140 2780 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
13:12:46.0140 2780 C:\WINDOWS\system32\dot3dlg.dll - ok
13:12:46.0156 2780 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
13:12:46.0156 2780 C:\WINDOWS\system32\onex.dll - ok
13:12:46.0171 2780 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
13:12:46.0171 2780 C:\WINDOWS\system32\dssenh.dll - ok
13:12:46.0187 2780 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
13:12:46.0187 2780 C:\WINDOWS\system32\eappcfg.dll - ok
13:12:46.0187 2780 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
13:12:46.0187 2780 C:\WINDOWS\system32\eappprxy.dll - ok
13:12:46.0203 2780 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
13:12:46.0203 2780 C:\WINDOWS\system32\wzcsapi.dll - ok
13:12:46.0218 2780 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
13:12:46.0218 2780 C:\WINDOWS\system32\sens.dll - ok
13:12:46.0234 2780 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
13:12:46.0234 2780 C:\WINDOWS\system32\seclogon.dll - ok
13:12:46.0250 2780 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\Windstream\Service Agent\dbghelp.dll
13:12:46.0250 2780 C:\Program Files\Windstream\Service Agent\dbghelp.dll - ok
13:12:46.0265 2780 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
13:12:46.0265 2780 C:\WINDOWS\system32\srsvc.dll - ok
13:12:46.0281 2780 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
13:12:46.0281 2780 C:\WINDOWS\system32\termsrv.dll - ok
13:12:46.0296 2780 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
13:12:46.0296 2780 C:\WINDOWS\system32\wiaservc.dll - ok
13:12:46.0312 2780 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
13:12:46.0312 2780 C:\WINDOWS\system32\trkwks.dll - ok
13:12:46.0328 2780 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
13:12:46.0328 2780 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
13:12:46.0343 2780 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
13:12:46.0343 2780 C:\WINDOWS\system32\wuauserv.dll - ok
13:12:46.0359 2780 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
13:12:46.0359 2780 C:\WINDOWS\system32\msi.dll - ok
13:12:46.0375 2780 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
13:12:46.0375 2780 C:\WINDOWS\system32\icaapi.dll - ok
13:12:46.0390 2780 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
13:12:46.0390 2780 C:\WINDOWS\system32\mstlsapi.dll - ok
13:12:46.0406 2780 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
13:12:46.0406 2780 C:\WINDOWS\system32\vssapi.dll - ok
13:12:46.0421 2780 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
13:12:46.0421 2780 C:\WINDOWS\system32\cfgmgr32.dll - ok
13:12:46.0421 2780 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
13:12:46.0421 2780 C:\WINDOWS\system32\mscms.dll - ok
13:12:46.0437 2780 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
13:12:46.0437 2780 C:\WINDOWS\system32\wuaueng.dll - ok
13:12:46.0453 2780 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
13:12:46.0453 2780 C:\WINDOWS\system32\winhttp.dll - ok
13:12:46.0468 2780 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
13:12:46.0468 2780 C:\WINDOWS\system32\cabinet.dll - ok
13:12:46.0484 2780 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
13:12:46.0484 2780 C:\WINDOWS\system32\mspatcha.dll - ok
13:12:46.0500 2780 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
13:12:46.0500 2780 C:\WINDOWS\system32\actxprxy.dll - ok
13:12:46.0515 2780 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
13:12:46.0515 2780 C:\WINDOWS\system32\browser.dll - ok
13:12:46.0531 2780 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
13:12:46.0531 2780 C:\WINDOWS\system32\ipnathlp.dll - ok
13:12:46.0546 2780 [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
13:12:46.0546 2780 C:\WINDOWS\system32\ieframe.dll - ok
13:12:46.0562 2780 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
13:12:46.0562 2780 C:\WINDOWS\system32\wscsvc.dll - ok
13:12:46.0578 2780 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
13:12:46.0578 2780 C:\WINDOWS\system32\wups.dll - ok
13:12:46.0593 2780 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
13:12:46.0593 2780 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
13:12:46.0609 2780 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
13:12:46.0609 2780 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
13:12:46.0625 2780 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
13:12:46.0625 2780 C:\WINDOWS\system32\wups2.dll - ok
13:12:46.0640 2780 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
13:12:46.0640 2780 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
13:12:46.0656 2780 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
13:12:46.0656 2780 C:\WINDOWS\system32\wbem\esscli.dll - ok
13:12:46.0656 2780 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
13:12:46.0656 2780 C:\WINDOWS\system32\wbem\fastprox.dll - ok
13:12:46.0671 2780 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
13:12:46.0671 2780 C:\WINDOWS\system32\comsvcs.dll - ok
13:12:46.0687 2780 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
13:12:46.0687 2780 C:\WINDOWS\system32\colbact.dll - ok
13:12:46.0703 2780 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
13:12:46.0703 2780 C:\WINDOWS\system32\mtxclu.dll - ok
13:12:46.0718 2780 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
13:12:46.0718 2780 C:\WINDOWS\system32\clusapi.dll - ok
13:12:46.0734 2780 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
13:12:46.0734 2780 C:\WINDOWS\system32\resutils.dll - ok
13:12:46.0750 2780 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
13:12:46.0750 2780 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
13:12:46.0765 2780 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
13:12:46.0765 2780 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
13:12:46.0765 2780 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
13:12:46.0765 2780 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
13:12:46.0781 2780 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
13:12:46.0781 2780 C:\WINDOWS\system32\wuauclt.exe - ok
13:12:46.0796 2780 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
13:12:46.0796 2780 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
13:12:46.0812 2780 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
13:12:46.0812 2780 C:\WINDOWS\system32\wbem\wbemess.dll - ok
13:12:46.0828 2780 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
13:12:46.0828 2780 C:\WINDOWS\system32\wuapi.dll - ok
13:12:46.0843 2780 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
13:12:46.0843 2780 C:\WINDOWS\system32\wbem\ncprov.dll - ok
13:12:46.0859 2780 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
13:12:46.0859 2780 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
13:12:46.0875 2780 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
13:12:46.0875 2780 C:\WINDOWS\system32\tapisrv.dll - ok
13:12:46.0890 2780 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
13:12:46.0890 2780 C:\WINDOWS\system32\alg.exe - ok
13:12:46.0906 2780 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
13:12:46.0906 2780 C:\WINDOWS\system32\rasmans.dll - ok
13:12:46.0921 2780 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
13:12:46.0921 2780 C:\WINDOWS\system32\netcfgx.dll - ok
13:12:46.0921 2780 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
13:12:46.0921 2780 C:\WINDOWS\system32\rastapi.dll - ok
13:12:46.0937 2780 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
13:12:46.0937 2780 C:\WINDOWS\system32\unimdm.tsp - ok
13:12:46.0953 2780 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
13:12:46.0953 2780 C:\WINDOWS\system32\uniplat.dll - ok
13:12:46.0968 2780 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
13:12:46.0968 2780 C:\WINDOWS\system32\kmddsp.tsp - ok
13:12:46.0984 2780 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
13:12:46.0984 2780 C:\WINDOWS\system32\ipconf.tsp - ok
13:12:47.0000 2780 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
13:12:47.0000 2780 C:\WINDOWS\system32\ndptsp.tsp - ok
13:12:47.0015 2780 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
13:12:47.0015 2780 C:\WINDOWS\system32\h323.tsp - ok
13:12:47.0031 2780 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
13:12:47.0031 2780 C:\WINDOWS\system32\hidphone.tsp - ok
13:12:47.0046 2780 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
13:12:47.0046 2780 C:\WINDOWS\system32\rasppp.dll - ok
13:12:47.0062 2780 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
13:12:47.0062 2780 C:\WINDOWS\system32\ntlsapi.dll - ok
13:12:47.0078 2780 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
13:12:47.0078 2780 C:\WINDOWS\system32\rasqec.dll - ok
13:12:47.0093 2780 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
13:12:47.0093 2780 C:\WINDOWS\system32\sensapi.dll - ok
13:12:47.0109 2780 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
13:12:47.0109 2780 C:\WINDOWS\system32\cryptnet.dll - ok
13:12:47.0125 2780 [ 467CFC0FE895D9FD08B27188CDE02063 ] C:\Program Files\Java\jre7\bin\awt.dll
13:12:47.0125 2780 C:\Program Files\Java\jre7\bin\awt.dll - ok
13:12:47.0140 2780 [ 95AC512898A8E9F0E76740EB259E4C31 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
13:12:47.0140 2780 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
13:12:47.0156 2780 [ 87E6543D1CB0D386AC7AC287828E5B07 ] C:\Program Files\Java\jre7\bin\dcpr.dll
13:12:47.0156 2780 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
13:12:47.0156 2780 [ 21F53789F627FF735F54E17BDA1DFD81 ] C:\Program Files\Java\jre7\bin\deploy.dll
13:12:47.0171 2780 C:\Program Files\Java\jre7\bin\deploy.dll - ok
13:12:47.0171 2780 [ 28661294ADE35EF4170615FD43A8A406 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
13:12:47.0171 2780 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
13:12:47.0187 2780 [ 1E15EAF07C548430B88620AAFD75EB6A ] C:\Program Files\Java\jre7\bin\java.dll
13:12:47.0187 2780 C:\Program Files\Java\jre7\bin\java.dll - ok
13:12:47.0203 2780 [ A8F3C0659931724881347F586730827C ] C:\Program Files\Java\jre7\bin\javaw.exe
13:12:47.0203 2780 C:\Program Files\Java\jre7\bin\javaw.exe - ok
13:12:47.0218 2780 [ 567E9566ABB3590D5AABA395E76CE6BD ] C:\Program Files\Java\jre7\bin\jp2native.dll
13:12:47.0218 2780 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
13:12:47.0234 2780 [ 0A93AD186EDBAFA06F60712C16063AC6 ] C:\Program Files\Java\jre7\bin\jpeg.dll
13:12:47.0234 2780 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
13:12:47.0250 2780 [ CFFAD68E72DD41D207CBD0A77956989E ] C:\Program Files\Java\jre7\bin\net.dll
13:12:47.0250 2780 C:\Program Files\Java\jre7\bin\net.dll - ok
13:12:47.0265 2780 [ 96257A7FB009579DE9DC3A58D626BB47 ] C:\Program Files\Java\jre7\bin\nio.dll
13:12:47.0265 2780 C:\Program Files\Java\jre7\bin\nio.dll - ok
13:12:47.0281 2780 [ F613C1A517B04533C6DA1813200E2A95 ] C:\Program Files\Java\jre7\bin\verify.dll
13:12:47.0281 2780 C:\Program Files\Java\jre7\bin\verify.dll - ok
13:12:47.0296 2780 [ CFDBFCD763E3612E41E198D6AA3CB09A ] C:\Program Files\Java\jre7\bin\zip.dll
13:12:47.0296 2780 C:\Program Files\Java\jre7\bin\zip.dll - ok
13:12:47.0312 2780 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
13:12:47.0312 2780 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
13:12:47.0328 2780 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
13:12:47.0328 2780 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
13:12:47.0343 2780 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
13:12:47.0343 2780 C:\WINDOWS\system32\wbem\framedyn.dll - ok
13:12:47.0359 2780 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
13:12:47.0359 2780 C:\WINDOWS\system32\security.dll - ok
13:12:47.0375 2780 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
13:12:47.0375 2780 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
13:12:47.0390 2780 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
13:12:47.0390 2780 C:\WINDOWS\system32\spoolss.dll - ok
13:12:47.0390 2780 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
13:12:47.0390 2780 C:\WINDOWS\system32\localspl.dll - ok
13:12:47.0406 2780 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
13:12:47.0406 2780 C:\WINDOWS\system32\cnbjmon.dll - ok
13:12:47.0421 2780 [ 3AD786908F881329FA74C3AE64F6643C ] C:\WINDOWS\system32\zlhp1018.dll
13:12:47.0421 2780 C:\WINDOWS\system32\zlhp1018.dll - ok
13:12:47.0437 2780 [ 65F8EA0D6858140BEDA30F42578EE37C ] C:\WINDOWS\system32\zlm.dll
13:12:47.0437 2780 C:\WINDOWS\system32\zlm.dll - ok
13:12:47.0453 2780 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
13:12:47.0453 2780 C:\WINDOWS\system32\pjlmon.dll - ok
13:12:47.0468 2780 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
13:12:47.0468 2780 C:\WINDOWS\system32\tcpmon.dll - ok
13:12:47.0484 2780 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
13:12:47.0484 2780 C:\WINDOWS\system32\usbmon.dll - ok
13:12:47.0500 2780 [ BBCE4DEB3501B71E7EB1D8AF3A35B975 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
13:12:47.0500 2780 C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL - ok
13:12:47.0515 2780 [ A0DF3F3AA3DC40FE160AAEFBB5187FD9 ] C:\WINDOWS\system32\IMF32.DLL
13:12:47.0515 2780 C:\WINDOWS\system32\IMF32.DLL - ok
13:12:47.0515 2780 [ FAE332DA4762C6779A3845810405924F ] C:\WINDOWS\system32\ZSPOOL.DLL
13:12:47.0515 2780 C:\WINDOWS\system32\ZSPOOL.DLL - ok
13:12:47.0531 2780 [ 27B026CC7EE3B42745C3362603FBFC52 ] C:\WINDOWS\system32\ZTAG32.DLL
13:12:47.0531 2780 C:\WINDOWS\system32\ZTAG32.DLL - ok
13:12:47.0546 2780 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
13:12:47.0546 2780 C:\WINDOWS\system32\netrap.dll - ok
13:12:47.0562 2780 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
13:12:47.0562 2780 C:\WINDOWS\system32\win32spl.dll - ok
13:12:47.0578 2780 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
13:12:47.0578 2780 C:\WINDOWS\system32\inetpp.dll - ok
13:12:47.0593 2780 [ 9FAD7DFF67555FF1E06BC4A3893024A7 ] C:\WINDOWS\system32\logon.scr
13:12:47.0593 2780 C:\WINDOWS\system32\logon.scr - ok
13:12:47.0609 2780 [ 846300110A32ACDEE7CB60E54C7F693A ] C:\WINDOWS\system32\catsrvut.dll
13:12:47.0609 2780 C:\WINDOWS\system32\catsrvut.dll - ok
13:12:47.0625 2780 [ 28CDB50D882D3BAD993D25BE596307EA ] C:\WINDOWS\system32\catsrv.dll
13:12:47.0625 2780 C:\WINDOWS\system32\catsrv.dll - ok
13:12:47.0640 2780 [ 5ED071407F58C1BE06AE8D251D6CCC6C ] C:\WINDOWS\system32\mfcsubs.dll
13:12:47.0640 2780 C:\WINDOWS\system32\mfcsubs.dll - ok
13:12:47.0656 2780 [ 9942DC4CC265CDA00486504444EF521D ] C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:47.0656 2780 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - ok
13:12:47.0671 2780 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
13:12:47.0671 2780 C:\WINDOWS\system32\cscui.dll - ok
13:12:47.0671 2780 [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll
13:12:47.0671 2780 C:\WINDOWS\system32\dpcdll.dll - ok
13:12:47.0687 2780 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
13:12:47.0687 2780 C:\WINDOWS\system32\wdmaud.drv - ok
13:12:47.0703 2780 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
13:12:47.0703 2780 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
13:12:47.0718 2780 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
13:12:47.0718 2780 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
13:12:47.0734 2780 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
13:12:47.0734 2780 C:\WINDOWS\system32\drivers\splitter.sys - ok
13:12:47.0750 2780 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
13:12:47.0750 2780 C:\WINDOWS\system32\drivers\aec.sys - ok
13:12:47.0765 2780 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
13:12:47.0765 2780 C:\WINDOWS\system32\userinit.exe - ok
13:12:47.0781 2780 [ B202D32C55AB828E3364109875F210F0 ] C:\WINDOWS\system32\WgaTray.exe
13:12:47.0781 2780 C:\WINDOWS\system32\WgaTray.exe - ok
13:12:47.0796 2780 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
13:12:47.0796 2780 C:\WINDOWS\system32\drivers\swmidi.sys - ok
13:12:47.0812 2780 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
13:12:47.0812 2780 C:\WINDOWS\system32\drivers\dmusic.sys - ok
13:12:47.0828 2780 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
13:12:47.0828 2780 C:\WINDOWS\system32\drivers\kmixer.sys - ok
13:12:47.0843 2780 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
13:12:47.0843 2780 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
13:12:47.0843 2780 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
13:12:47.0843 2780 C:\WINDOWS\system32\msacm32.drv - ok
13:12:47.0875 2780 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
13:12:47.0875 2780 C:\WINDOWS\explorer.exe - ok
13:12:47.0875 2780 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
13:12:47.0875 2780 C:\WINDOWS\system32\midimap.dll - ok
13:12:47.0890 2780 [ E058C4821D48E0A67F6069CB50818D44 ] C:\WINDOWS\system32\LegitCheckControl.dll
13:12:47.0890 2780 C:\WINDOWS\system32\LegitCheckControl.dll - ok
13:12:47.0906 2780 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
13:12:47.0906 2780 C:\WINDOWS\system32\browseui.dll - ok
13:12:47.0921 2780 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
13:12:47.0921 2780 C:\WINDOWS\system32\licwmi.dll - ok
13:12:47.0937 2780 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
13:12:47.0937 2780 C:\WINDOWS\system32\shdocvw.dll - ok
13:12:47.0953 2780 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
13:12:47.0953 2780 C:\WINDOWS\system32\licdll.dll - ok
13:12:47.0968 2780 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
13:12:47.0968 2780 C:\WINDOWS\system32\desk.cpl - ok
13:12:47.0984 2780 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
13:12:47.0984 2780 C:\WINDOWS\system32\themeui.dll - ok
13:12:47.0984 2780 [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WINDOW~4\MpShHook.dll
13:12:47.0984 2780 C:\PROGRA~1\WINDOW~4\MpShHook.dll - ok
13:12:48.0000 2780 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
13:12:48.0000 2780 C:\WINDOWS\system32\cmd.exe - ok
13:12:48.0015 2780 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\010E15E8-CF5C-418B-B263-FFDB4CA5E7F6.exe
13:12:48.0015 2780 C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\010E15E8-CF5C-418B-B263-FFDB4CA5E7F6.exe - ok
13:12:48.0031 2780 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
13:12:48.0031 2780 C:\WINDOWS\system32\msutb.dll - ok
13:12:48.0046 2780 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
13:12:48.0046 2780 C:\WINDOWS\system32\msctf.dll - ok
13:12:48.0062 2780 [ 1AC2C58B587C70DE64582AD41EE79FBA ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
13:12:48.0062 2780 C:\Program Files\Common Files\Real\Update_OB\realsched.exe - ok
13:12:48.0078 2780 [ 7EF6DD82A8F1D94806755A6E9E4C58BC ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\MotiveSB.exe
13:12:48.0078 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\MotiveSB.exe - ok
13:12:48.0093 2780 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
13:12:48.0093 2780 C:\WINDOWS\system32\linkinfo.dll - ok
13:12:48.0109 2780 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
13:12:48.0109 2780 C:\WINDOWS\system32\ntshrui.dll - ok
13:12:48.0125 2780 [ B4C082003DB0FEF5EBD49E58B49F7E03 ] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
13:12:48.0125 2780 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe - ok
13:12:48.0140 2780 [ A78B2B9439125F1A2F3CF188FE927E2B ] C:\Program Files\Common Files\Real\Update_OB\setu3270.dll
13:12:48.0140 2780 C:\Program Files\Common Files\Real\Update_OB\setu3270.dll - ok
13:12:48.0156 2780 [ 89C8EE7324463C2C155DED8F8DA9AFDA ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
13:12:48.0156 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
13:12:48.0171 2780 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
13:12:48.0171 2780 C:\WINDOWS\system32\msxml6.dll - ok
13:12:48.0171 2780 [ 5CD294CB2AA8D7AFED70703CFEB385E5 ] C:\WINDOWS\system32\igfxtray.exe
13:12:48.0171 2780 C:\WINDOWS\system32\igfxtray.exe - ok
13:12:48.0187 2780 [ 2E8E2007269D3BD1A7942CF34AD77677 ] C:\WINDOWS\system32\hkcmd.exe
13:12:48.0187 2780 C:\WINDOWS\system32\hkcmd.exe - ok
13:12:48.0203 2780 [ 0071D1D75C776D124EB0505E11933CDF ] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMVCP70.dll
13:12:48.0203 2780 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMVCP70.dll - ok
13:12:48.0218 2780 [ C98FF6C440E8967251F59C7919B505A1 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
13:12:48.0218 2780 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
13:12:48.0234 2780 [ 13001EB0A58B4DE96126B16AB15FD8CC ] C:\WINDOWS\system32\pncrt.dll
13:12:48.0234 2780 C:\WINDOWS\system32\pncrt.dll - ok
13:12:48.0250 2780 [ CAF0AC94386BD20475C681A6C373764F ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\httpclient52.dll
13:12:48.0250 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\httpclient52.dll - ok
13:12:48.0265 2780 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:12:48.0265 2780 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
13:12:48.0281 2780 [ 702ED9998623E1E9B4EB2344D0835526 ] C:\WINDOWS\system32\hccutils.dll
13:12:48.0281 2780 C:\WINDOWS\system32\hccutils.dll - ok
13:12:48.0296 2780 [ 80EF6653710A2A53E8183981BADD582F ] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMVCR70.dll
13:12:48.0296 2780 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMVCR70.dll - ok
13:12:48.0312 2780 [ 84DB35F319E5B67838A4877C11748866 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
13:12:48.0312 2780 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
13:12:48.0328 2780 [ D41BC0E2029A1D4C6D4CEB45040B5838 ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\clientutil52.dll
13:12:48.0328 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\clientutil52.dll - ok
13:12:48.0328 2780 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
13:12:48.0328 2780 C:\WINDOWS\system32\webcheck.dll - ok
13:12:48.0343 2780 [ F19030C43CF278B01B8D5E6CA0EBC1B6 ] C:\WINDOWS\system32\igfxdev.dll
13:12:48.0343 2780 C:\WINDOWS\system32\igfxdev.dll - ok
13:12:48.0375 2780 [ F86358C8D1BD3E35CB916C1788766F3B ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\SBRes.dll
13:12:48.0375 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\SBRes.dll - ok
13:12:48.0390 2780 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
13:12:48.0390 2780 C:\WINDOWS\system32\mlang.dll - ok
13:12:48.0406 2780 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
13:12:48.0406 2780 C:\WINDOWS\system32\stobject.dll - ok
13:12:48.0421 2780 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
13:12:48.0421 2780 C:\WINDOWS\system32\batmeter.dll - ok
13:12:48.0421 2780 [ 7DAF7413E584622EE93D9975A3CE1FE6 ] C:\WINDOWS\system32\igfxsrvc.dll
13:12:48.0421 2780 C:\WINDOWS\system32\igfxsrvc.dll - ok
13:12:48.0437 2780 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:12:48.0437 2780 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
13:12:48.0453 2780 [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\psapi.dll
13:12:48.0453 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\psapi.dll - ok
13:12:48.0468 2780 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
13:12:48.0468 2780 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
13:12:48.0484 2780 [ 64B33CC5BF131DEF2721394CF9B3F8ED ] C:\WINDOWS\system32\msvbvm60.dll
13:12:48.0484 2780 C:\WINDOWS\system32\msvbvm60.dll - ok
13:12:48.0500 2780 [ 166D4304B61E489C68864E2D08B7C89C ] C:\Program Files\Real\RealPlayer\realplay.exe
13:12:48.0500 2780 C:\Program Files\Real\RealPlayer\realplay.exe - ok
13:12:48.0515 2780 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:12:48.0515 2780 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
13:12:48.0531 2780 [ 60F26730993E8AC25D69790AD83FCF15 ] C:\WINDOWS\system32\igfxres.dll
13:12:48.0531 2780 C:\WINDOWS\system32\igfxres.dll - ok
13:12:48.0546 2780 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
13:12:48.0546 2780 C:\WINDOWS\system32\mydocs.dll - ok
13:12:48.0578 2780 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files\iTunes\iTunesHelper.exe
13:12:48.0578 2780 C:\Program Files\iTunes\iTunesHelper.exe - ok
13:12:48.0593 2780 [ 09957571F2836E7737DC8E55D9EEDBC4 ] C:\WINDOWS\system32\igfxress.dll
13:12:48.0593 2780 C:\WINDOWS\system32\igfxress.dll - ok
13:12:48.0609 2780 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
13:12:48.0609 2780 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
13:12:48.0625 2780 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files\iTunes\iTunesHelper.dll
13:12:48.0625 2780 C:\Program Files\iTunes\iTunesHelper.dll - ok
13:12:48.0640 2780 [ 0EE044B88928825B7DA99F1311E80E5B ] C:\WINDOWS\system32\igfxhk.dll
13:12:48.0640 2780 C:\WINDOWS\system32\igfxhk.dll - ok
13:12:48.0656 2780 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\48922547.sys
13:12:48.0656 2780 C:\WINDOWS\system32\drivers\48922547.sys - ok
13:12:48.0656 2780 [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
13:12:48.0656 2780 C:\WINDOWS\system32\regsvr32.exe - ok
13:12:48.0671 2780 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
13:12:48.0671 2780 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
13:12:48.0687 2780 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
13:12:48.0687 2780 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
13:12:48.0703 2780 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
13:12:48.0703 2780 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
13:12:48.0718 2780 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
13:12:48.0718 2780 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
13:12:48.0734 2780 [ 727C9E97CB26879C17A30484C2C76E98 ] C:\WINDOWS\system32\mshtml.dll
13:12:48.0734 2780 C:\WINDOWS\system32\mshtml.dll - ok
13:12:48.0750 2780 [ 33DD56EA4BD4D80C795568231A42DF12 ] C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll
13:12:48.0750 2780 C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll - ok
13:12:48.0765 2780 [ F789AF15CB1F4B6821A0C26ACBD6D661 ] C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
13:12:48.0765 2780 C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll - ok
13:12:48.0765 2780 [ 3EC8CDBA59CBCE5A65D76A7454C87E06 ] C:\Program Files\Common Files\Real\Common\objb3201.dll
13:12:48.0765 2780 C:\Program Files\Common Files\Real\Common\objb3201.dll - ok
13:12:48.0781 2780 [ A65D3054EC15EF918F6072CC042EEF7A ] C:\Program Files\Windstream\Service Agent\Windstream Service Agent.exe
13:12:48.0781 2780 C:\Program Files\Windstream\Service Agent\Windstream Service Agent.exe - ok
13:12:48.0796 2780 [ 4753A3BA6324677E1DB205DCC7509549 ] C:\Program Files\Windstream\Diagnostic Tools\DiagnosticTools.exe
13:12:48.0796 2780 C:\Program Files\Windstream\Diagnostic Tools\DiagnosticTools.exe - ok
13:12:48.0812 2780 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
13:12:48.0812 2780 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
13:12:48.0828 2780 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
13:12:48.0828 2780 C:\WINDOWS\system32\msls31.dll - ok
13:12:48.0843 2780 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
13:12:48.0843 2780 C:\WINDOWS\system32\ctfmon.exe - ok
13:12:48.0859 2780 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
13:12:48.0859 2780 C:\WINDOWS\system32\qmgr.dll - ok
13:12:48.0875 2780 [ 92941CAFA2E3EAA71B59D3EBD0F14574 ] C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
13:12:48.0875 2780 C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx - ok
13:12:48.0890 2780 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
13:12:48.0890 2780 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
13:12:48.0906 2780 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
13:12:48.0906 2780 C:\WINDOWS\system32\msisip.dll - ok
13:12:48.0921 2780 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
13:12:48.0921 2780 C:\WINDOWS\system32\shfolder.dll - ok
13:12:48.0921 2780 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
13:12:48.0921 2780 C:\WINDOWS\ime\sptip.dll - ok
13:12:48.0937 2780 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
13:12:48.0937 2780 C:\WINDOWS\system32\wshext.dll - ok
13:12:48.0953 2780 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
13:12:48.0953 2780 C:\WINDOWS\system32\advpack.dll - ok
13:12:48.0968 2780 [ FE9141073B7F9597A99E4203C7706BE2 ] C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
13:12:48.0968 2780 C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL - ok
13:12:48.0984 2780 [ E8A39D41474BE42FD8830CED32932D6C ] C:\Program Files\iPod\bin\iPodService.exe
13:12:48.0984 2780 C:\Program Files\iPod\bin\iPodService.exe - ok
13:12:49.0000 2780 [ 379C4389D9C548A2F572F1D83650A5D4 ] C:\Program Files\Windstream\Service Agent\Windows7Features.dll
13:12:49.0000 2780 C:\Program Files\Windstream\Service Agent\Windows7Features.dll - ok
13:12:49.0015 2780 [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
13:12:49.0015 2780 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
13:12:49.0031 2780 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
13:12:49.0031 2780 C:\WINDOWS\system32\olepro32.dll - ok
13:12:49.0046 2780 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
13:12:49.0046 2780 C:\WINDOWS\system32\qmgrprxy.dll - ok
13:12:49.0062 2780 [ 5BC65464354A9FD3BEAA28E18839734A ] C:\Program Files\Microsoft Office\Office10\OSA.EXE
13:12:49.0062 2780 C:\Program Files\Microsoft Office\Office10\OSA.EXE - ok
13:12:49.0078 2780 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
13:12:49.0078 2780 C:\WINDOWS\system32\oledlg.dll - ok
13:12:49.0093 2780 [ 69EE0CB3B05F619EFF7E46F978BBFEEA ] C:\WINDOWS\system32\asycfilt.dll
13:12:49.0093 2780 C:\WINDOWS\system32\asycfilt.dll - ok
13:12:49.0093 2780 [ 7DF0DECD3006B8BA450AEC714086FF3C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
13:12:49.0093 2780 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
13:12:49.0109 2780 [ 280013E1CA1A648A6B896D884CC46601 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
13:12:49.0109 2780 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
13:12:49.0125 2780 [ 592C494EAA7C68622603EE1798D5ECC8 ] C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll
13:12:49.0125 2780 C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll - ok
13:12:49.0140 2780 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
13:12:49.0140 2780 C:\WINDOWS\system32\upnp.dll - ok
13:12:49.0156 2780 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
13:12:49.0156 2780 C:\WINDOWS\system32\ssdpapi.dll - ok
13:12:49.0171 2780 [ 98E53CA00D3C0A2E9FAA4E59C101AEBA ] C:\WINDOWS\system32\mslbui.dll
13:12:49.0171 2780 C:\WINDOWS\system32\mslbui.dll - ok
13:12:49.0187 2780 [ 469A72937D711D161088236330E2FB21 ] C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll
13:12:49.0187 2780 C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll - ok
13:12:49.0203 2780 [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
13:12:49.0203 2780 C:\WINDOWS\system32\wlanapi.dll - ok
13:12:49.0218 2780 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
13:12:49.0218 2780 C:\WINDOWS\system32\drivers\http.sys - ok
13:12:49.0218 2780 [ 857BB77E24874BABDDE67B8C48AB1D15 ] C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll
13:12:49.0218 2780 C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll - ok
13:12:49.0234 2780 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
13:12:49.0234 2780 C:\WINDOWS\system32\drprov.dll - ok
13:12:49.0250 2780 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
13:12:49.0250 2780 C:\WINDOWS\system32\ntlanman.dll - ok
13:12:49.0265 2780 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
13:12:49.0265 2780 C:\WINDOWS\system32\ssdpsrv.dll - ok
13:12:49.0281 2780 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
13:12:49.0281 2780 C:\WINDOWS\system32\netui0.dll - ok
13:12:49.0296 2780 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
13:12:49.0296 2780 C:\WINDOWS\system32\netui1.dll - ok
13:12:49.0312 2780 [ A3CDCDF1A0EE11A39F6BDEABB4DDE7EE ] C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
13:12:49.0312 2780 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL - ok
13:12:49.0328 2780 [ F56FF2BECDD6BC5797830C2A3C46A2EE ] C:\Program Files\Common Files\Real\Common\pnrs3260.dll
13:12:49.0328 2780 C:\Program Files\Common Files\Real\Common\pnrs3260.dll - ok
13:12:49.0343 2780 [ 44161CD6E618291224BD1D1755B606BA ] C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll
13:12:49.0343 2780 C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll - ok
13:12:49.0359 2780 [ B2D45B0D13630932545A9B56193E6B09 ] C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll
13:12:49.0359 2780 C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll - ok
13:12:49.0375 2780 [ D35F79567FFA13B3E4EE2E4E890CFFF4 ] C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll
13:12:49.0375 2780 C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll - ok
13:12:49.0390 2780 [ B0D68EB46462A65C59D7E01FD4614AD8 ] C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll
13:12:49.0390 2780 C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll - ok
13:12:49.0406 2780 [ EDF8864D50FA534D478FC8D7ACFDDA04 ] C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll
13:12:49.0406 2780 C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll - ok
13:12:49.0421 2780 [ 0DB7527DB188C7D967A37BB51BBF3963 ] C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:12:49.0421 2780 C:\WINDOWS\system32\drivers\mbamswissarmy.sys - ok
13:12:49.0421 2780 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
13:12:49.0421 2780 C:\WINDOWS\system32\davclnt.dll - ok
13:12:49.0437 2780 [ 6CB4ADE89BA1DE3360B284D249E80F66 ] C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll
13:12:49.0437 2780 C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll - ok
13:12:49.0453 2780 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
13:12:49.0453 2780 C:\WINDOWS\system32\rasdlg.dll - ok
13:12:49.0468 2780 [ DF2816F2B14E03492BFB463D299985C6 ] C:\Program Files\Common Files\Real\Plugins\authmgr.dll
13:12:49.0468 2780 C:\Program Files\Common Files\Real\Plugins\authmgr.dll - ok
13:12:49.0484 2780 [ D82529BDC23C420F23E752FDE96F6142 ] C:\Program Files\Common Files\Real\Plugins\hxxml.dll
13:12:49.0484 2780 C:\Program Files\Common Files\Real\Plugins\hxxml.dll - ok
13:12:49.0500 2780 [ AAE14AFFA55B3E4B7BBDA39F65B4F4D4 ] C:\PROGRA~1\ALLTEL~1\SMARTB~1\alertfilter.dll
13:12:49.0500 2780 C:\PROGRA~1\ALLTEL~1\SMARTB~1\alertfilter.dll - ok
13:12:49.0515 2780 [ C7355EBCC01B2139B0E50B241C81E073 ] C:\Program Files\Common Files\Real\Plugins\vidsite.dll
13:12:49.0515 2780 C:\Program Files\Common Files\Real\Plugins\vidsite.dll - ok
13:12:49.0515 2780 ============================================================
13:12:49.0515 2780 Scan finished
13:12:49.0515 2780 ============================================================
13:12:49.0671 2772 Detected object count: 16
13:12:49.0671 2772 Actual detected object count: 16
13:13:22.0484 2772 ASFAgent ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0484 2772 ASFAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0484 2772 ialm ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0484 2772 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0484 2772 LMouKE ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0484 2772 LMouKE ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0500 2772 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0500 2772 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0500 2772 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0500 2772 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0500 2772 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0500 2772 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0500 2772 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0500 2772 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0500 2772 MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0500 2772 MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0515 2772 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0515 2772 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0515 2772 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0515 2772 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0515 2772 NetAlrt ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0515 2772 NetAlrt ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0515 2772 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0515 2772 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0531 2772 PlatAlrt ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0531 2772 PlatAlrt ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0531 2772 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:22.0531 2772 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:22.0937 2772 \Device\Harddisk0\DR0\# - copied to quarantine
13:13:22.0937 2772 \Device\Harddisk0\DR0 - copied to quarantine
13:13:22.0984 2772 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
13:13:23.0031 2772 \Device\Harddisk0\DR0 - ok
13:13:23.0031 2772 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
13:13:23.0031 2772 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:13:23.0031 2772 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:14:48.0031 3368 Deinitialize success
  • 0

#29
gringo_pr
Posted 10 March 2013 - 04:47 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


I would like you to rerun TDSSkiller and when it get to this part

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to select delete this time instead and skip



gringo
  • 0

#30
surfeit67
Posted 10 March 2013 - 07:35 PM

surfeit67

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
ok, I deleted it.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP