Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

GetSavin Ad- Virus/Malware Needs Safely Removed [Solved]

Started by PBHRescue , Mar 13 2013 12:41 PM

This topic is locked

#16
gringo_pr

Posted 15 March 2013 - 07:13 AM

Trusted Helper

Malware Removal
7,268 posts

Hello PBHRescue

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

If the forum still complains about it being to long send me everything that is at the end of the report after where it says

==================
Scan finished
==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo

#17
PBHRescue

Posted 15 March 2013 - 09:55 AM

Member

Topic Starter
Member
96 posts

Okay... TDSSKiller found 8 suspicious files... but since it didn't mention anything about finding malware hence, it did not give me the option of "curing" anything... Here is the report. I'm going to download the other program now.

11:47:22.0421 2700 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:47:23.0781 2700 ============================================================
11:47:23.0781 2700 Current date / time: 2013/03/15 11:47:23.0781
11:47:23.0781 2700 SystemInfo:
11:47:23.0781 2700
11:47:23.0781 2700 OS Version: 5.1.2600 ServicePack: 3.0
11:47:23.0781 2700 Product type: Workstation
11:47:23.0781 2700 ComputerName: PBHRESCUE
11:47:23.0781 2700 UserName: Administrator
11:47:23.0781 2700 Windows directory: C:\WINDOWS
11:47:23.0781 2700 System windows directory: C:\WINDOWS
11:47:23.0781 2700 Processor architecture: Intel x86
11:47:23.0781 2700 Number of processors: 1
11:47:23.0781 2700 Page size: 0x1000
11:47:23.0781 2700 Boot type: Normal boot
11:47:23.0781 2700 ============================================================
11:47:26.0375 2700 BG loaded
11:47:26.0843 2700 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:47:26.0843 2700 ============================================================
11:47:26.0843 2700 \Device\Harddisk0\DR0:
11:47:26.0843 2700 MBR partitions:
11:47:26.0843 2700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8AA33DA
11:47:26.0843 2700 ============================================================
11:47:26.0890 2700 C: <-> \Device\Harddisk0\DR0\Partition1
11:47:26.0906 2700 ============================================================
11:47:26.0906 2700 Initialize success
11:47:26.0906 2700 ============================================================
11:49:07.0109 0272 ============================================================
11:49:07.0109 0272 Scan started
11:49:07.0109 0272 Mode: Manual; SigCheck; TDLFS;
11:49:07.0109 0272 ============================================================
11:49:08.0687 0272 ================ Scan system memory ========================
11:49:10.0640 0272 System memory - ok
11:49:10.0640 0272 ================ Scan services =============================
11:49:10.0781 0272 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:49:11.0140 0272 !SASCORE - ok
11:49:11.0312 0272 Abiosdsk - ok
11:49:11.0359 0272 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:49:12.0546 0272 abp480n5 - ok
11:49:12.0593 0272 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:49:12.0781 0272 ACPI - ok
11:49:12.0812 0272 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:49:12.0953 0272 ACPIEC - ok
11:49:13.0031 0272 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:49:13.0093 0272 AdobeFlashPlayerUpdateSvc - ok
11:49:13.0140 0272 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:49:13.0296 0272 adpu160m - ok
11:49:13.0343 0272 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:49:13.0515 0272 aec - ok
11:49:13.0562 0272 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:49:13.0640 0272 AFD - ok
11:49:13.0671 0272 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:49:13.0828 0272 agp440 - ok
11:49:13.0859 0272 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:49:14.0015 0272 agpCPQ - ok
11:49:14.0062 0272 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:49:14.0125 0272 Aha154x - ok
11:49:14.0187 0272 [ 3936A49ECB74CF23BBB6979CD683DD56 ] ahcix86 C:\WINDOWS\system32\DRIVERS\ahcix86.sys
11:49:14.0312 0272 ahcix86 - ok
11:49:14.0375 0272 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:49:14.0546 0272 aic78u2 - ok
11:49:14.0578 0272 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:49:14.0734 0272 aic78xx - ok
11:49:14.0765 0272 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:49:14.0921 0272 Alerter - ok
11:49:14.0953 0272 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:49:15.0031 0272 ALG - ok
11:49:15.0062 0272 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
11:49:15.0218 0272 AliIde - ok
11:49:15.0250 0272 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:49:15.0406 0272 alim1541 - ok
11:49:15.0453 0272 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:49:15.0625 0272 amdagp - ok
11:49:15.0656 0272 [ 6E58654CB25730B2579E45E1FD116A47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
11:49:15.0671 0272 amdide - ok
11:49:15.0687 0272 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
11:49:15.0781 0272 amsint - ok
11:49:15.0812 0272 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:49:15.0890 0272 AppMgmt - ok
11:49:15.0921 0272 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
11:49:16.0062 0272 asc - ok
11:49:16.0078 0272 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:49:16.0156 0272 asc3350p - ok
11:49:16.0171 0272 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:49:16.0343 0272 asc3550 - ok
11:49:16.0484 0272 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:49:16.0500 0272 aspnet_state - ok
11:49:16.0546 0272 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:49:16.0703 0272 AsyncMac - ok
11:49:16.0750 0272 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:49:16.0890 0272 atapi - ok
11:49:16.0906 0272 Atdisk - ok
11:49:16.0921 0272 [ 15FC040D4E946BA968BA83D49D8AD151 ] atiide C:\WINDOWS\system32\DRIVERS\atiide.sys
11:49:17.0000 0272 atiide - ok
11:49:17.0031 0272 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:49:17.0187 0272 Atmarpc - ok
11:49:17.0234 0272 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:49:17.0406 0272 AudioSrv - ok
11:49:17.0453 0272 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:49:17.0609 0272 audstub - ok
11:49:18.0015 0272 [ BCDF72DCE41874B3AD9143D537B493B2 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
11:49:18.0140 0272 BCMH43XX - ok
11:49:18.0171 0272 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:49:18.0343 0272 Beep - ok
11:49:18.0390 0272 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:49:18.0593 0272 BITS - ok
11:49:18.0671 0272 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:49:18.0718 0272 Bonjour Service - ok
11:49:18.0765 0272 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:49:18.0843 0272 Browser - ok
11:49:18.0890 0272 [ 4813DF77EDE536A52E3737971F910BAA ] BTCFilterService C:\WINDOWS\system32\DRIVERS\motfilt.sys
11:49:19.0078 0272 BTCFilterService - ok
11:49:19.0078 0272 catchme - ok
11:49:19.0125 0272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:49:19.0281 0272 cbidf - ok
11:49:19.0296 0272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:49:19.0437 0272 cbidf2k - ok
11:49:19.0484 0272 [ 2B2F9B4A08190334A9C36446B208BAE9 ] ccSet_NST C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys
11:49:19.0500 0272 ccSet_NST - ok
11:49:19.0531 0272 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:49:19.0609 0272 cd20xrnt - ok
11:49:19.0625 0272 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:49:19.0781 0272 Cdaudio - ok
11:49:19.0828 0272 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:49:19.0968 0272 Cdfs - ok
11:49:20.0000 0272 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:49:20.0171 0272 Cdrom - ok
11:49:20.0203 0272 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
11:49:20.0218 0272 cfwids - ok
11:49:20.0234 0272 Changer - ok
11:49:20.0265 0272 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:49:20.0421 0272 CiSvc - ok
11:49:20.0437 0272 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:49:20.0609 0272 ClipSrv - ok
11:49:20.0625 0272 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:49:20.0656 0272 clr_optimization_v2.0.50727_32 - ok
11:49:20.0750 0272 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:49:20.0796 0272 clr_optimization_v4.0.30319_32 - ok
11:49:20.0843 0272 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:49:20.0984 0272 CmBatt - ok
11:49:21.0000 0272 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:49:21.0156 0272 CmdIde - ok
11:49:21.0203 0272 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:49:21.0359 0272 Compbatt - ok
11:49:21.0375 0272 COMSysApp - ok
11:49:21.0437 0272 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:49:21.0593 0272 Cpqarray - ok
11:49:21.0640 0272 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:49:21.0812 0272 CryptSvc - ok
11:49:21.0890 0272 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:49:22.0046 0272 dac2w2k - ok
11:49:22.0062 0272 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:49:22.0203 0272 dac960nt - ok
11:49:22.0234 0272 [ BB005CB49D0638039703AC4F67FE0A05 ] DC21x4 C:\WINDOWS\system32\DRIVERS\dc21x4.sys
11:49:22.0390 0272 DC21x4 - ok
11:49:22.0453 0272 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:49:22.0531 0272 DcomLaunch - ok
11:49:22.0625 0272 [ 0259948FFE5F7E69CD1D8A8E74E0547C ] DeviceMonitorService C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
11:49:22.0671 0272 DeviceMonitorService - ok
11:49:22.0718 0272 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:49:22.0875 0272 Dhcp - ok
11:49:22.0921 0272 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:49:23.0078 0272 Disk - ok
11:49:23.0093 0272 dmadmin - ok
11:49:23.0156 0272 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:49:23.0343 0272 dmboot - ok
11:49:23.0390 0272 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:49:23.0546 0272 dmio - ok
11:49:23.0546 0272 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:49:23.0718 0272 dmload - ok
11:49:23.0750 0272 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:49:23.0937 0272 dmserver - ok
11:49:23.0953 0272 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:49:24.0109 0272 DMusic - ok
11:49:24.0140 0272 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:49:24.0203 0272 Dnscache - ok
11:49:24.0234 0272 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:49:24.0421 0272 Dot3svc - ok
11:49:24.0453 0272 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:49:24.0609 0272 dpti2o - ok
11:49:24.0656 0272 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:49:24.0796 0272 drmkaud - ok
11:49:24.0859 0272 [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:49:24.0906 0272 E100B - ok
11:49:24.0937 0272 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:49:25.0093 0272 EapHost - ok
11:49:25.0140 0272 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
11:49:25.0171 0272 ElbyCDIO - ok
11:49:25.0187 0272 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:49:25.0343 0272 ERSvc - ok
11:49:25.0390 0272 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:49:25.0421 0272 Eventlog - ok
11:49:25.0468 0272 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:49:25.0515 0272 EventSystem - ok
11:49:25.0546 0272 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:49:25.0687 0272 Fastfat - ok
11:49:25.0734 0272 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:49:25.0812 0272 FastUserSwitchingCompatibility - ok
11:49:25.0859 0272 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:49:26.0000 0272 Fdc - ok
11:49:26.0031 0272 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:49:26.0171 0272 Fips - ok
11:49:26.0203 0272 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:49:26.0359 0272 Flpydisk - ok
11:49:26.0406 0272 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:49:26.0531 0272 FltMgr - ok
11:49:26.0609 0272 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:49:26.0640 0272 FontCache3.0.0.0 - ok
11:49:26.0656 0272 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:49:26.0843 0272 Fs_Rec - ok
11:49:26.0890 0272 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:49:27.0078 0272 Ftdisk - ok
11:49:27.0109 0272 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:49:27.0281 0272 Gpc - ok
11:49:27.0281 0272 GTNDIS5 - ok
11:49:27.0359 0272 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:49:27.0406 0272 gupdate - ok
11:49:27.0421 0272 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:49:27.0437 0272 gupdatem - ok
11:49:27.0515 0272 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:49:27.0671 0272 helpsvc - ok
11:49:27.0703 0272 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:49:27.0859 0272 HidServ - ok
11:49:27.0906 0272 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:49:28.0062 0272 hidusb - ok
11:49:28.0093 0272 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:49:28.0234 0272 hkmsvc - ok
11:49:28.0296 0272 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
11:49:28.0437 0272 hpn - ok
11:49:28.0468 0272 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:49:28.0531 0272 HTTP - ok
11:49:28.0562 0272 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:49:28.0687 0272 HTTPFilter - ok
11:49:28.0734 0272 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
11:49:28.0906 0272 i2omgmt - ok
11:49:28.0953 0272 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:49:29.0093 0272 i2omp - ok
11:49:29.0125 0272 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:49:29.0265 0272 i8042prt - ok
11:49:29.0343 0272 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:49:29.0671 0272 ialm - ok
11:49:29.0718 0272 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
11:49:29.0765 0272 iaStor - ok
11:49:29.0875 0272 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:49:30.0000 0272 idsvc - ok
11:49:30.0031 0272 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:49:30.0187 0272 Imapi - ok
11:49:30.0234 0272 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:49:30.0390 0272 ImapiService - ok
11:49:30.0421 0272 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:49:30.0578 0272 ini910u - ok
11:49:30.0609 0272 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:49:30.0750 0272 IntelIde - ok
11:49:30.0796 0272 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:49:30.0984 0272 intelppm - ok
11:49:31.0015 0272 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:49:31.0156 0272 Ip6Fw - ok
11:49:31.0187 0272 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:49:31.0328 0272 IpFilterDriver - ok
11:49:31.0328 0272 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:49:31.0484 0272 IpInIp - ok
11:49:31.0515 0272 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:49:31.0671 0272 IpNat - ok
11:49:31.0718 0272 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:49:31.0890 0272 IPSec - ok
11:49:31.0921 0272 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:49:32.0031 0272 IRENUM - ok
11:49:32.0078 0272 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:49:32.0234 0272 isapnp - ok
11:49:32.0328 0272 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:49:32.0343 0272 JavaQuickStarterService - ok
11:49:32.0390 0272 [ 7D5053A827FF5BE3A7D0AE5DD5DBA308 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
11:49:32.0421 0272 JRAID - ok
11:49:32.0453 0272 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:49:32.0609 0272 Kbdclass - ok
11:49:32.0640 0272 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:49:32.0765 0272 kbdhid - ok
11:49:32.0781 0272 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:49:32.0968 0272 kmixer - ok
11:49:33.0125 0272 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
11:49:33.0171 0272 Kodak AiO Network Discovery Service - ok
11:49:33.0234 0272 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
11:49:33.0281 0272 Kodak AiO Status Monitor Service - ok
11:49:33.0312 0272 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:49:33.0406 0272 KSecDD - ok
11:49:33.0437 0272 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
11:49:33.0484 0272 LanmanServer - ok
11:49:33.0531 0272 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:49:33.0609 0272 lanmanworkstation - ok
11:49:33.0625 0272 lbrtfdc - ok
11:49:33.0671 0272 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:49:33.0812 0272 LmHosts - ok
11:49:33.0859 0272 McAfee SiteAdvisor Service - ok
11:49:33.0890 0272 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
11:49:33.0906 0272 mcdbus ( UnsignedFile.Multi.Generic ) - warning
11:49:33.0906 0272 mcdbus - detected UnsignedFile.Multi.Generic (1)
11:49:33.0968 0272 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:49:34.0000 0272 McShield - ok
11:49:34.0031 0272 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:49:34.0171 0272 Messenger - ok
11:49:34.0203 0272 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
11:49:34.0234 0272 mfeapfk - ok
11:49:34.0250 0272 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
11:49:34.0265 0272 mfeavfk - ok
11:49:34.0281 0272 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
11:49:34.0312 0272 mfebopk - ok
11:49:34.0359 0272 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:49:34.0375 0272 mfefire - ok
11:49:34.0406 0272 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
11:49:34.0453 0272 mfefirek - ok
11:49:34.0562 0272 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
11:49:34.0703 0272 mfehidk - ok
11:49:34.0734 0272 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:49:34.0796 0272 mfendisk - ok
11:49:34.0812 0272 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:49:34.0875 0272 mfendiskmp - ok
11:49:34.0890 0272 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
11:49:34.0937 0272 mferkdet - ok
11:49:34.0968 0272 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:49:35.0031 0272 mfetdi2k - ok
11:49:35.0093 0272 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe
11:49:35.0187 0272 mfevtp - ok
11:49:35.0406 0272 Microsoft SharePoint Workspace Audit Service - ok
11:49:35.0453 0272 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:49:35.0625 0272 mnmdd - ok
11:49:35.0640 0272 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:49:35.0796 0272 mnmsrvc - ok
11:49:35.0843 0272 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:49:36.0015 0272 Modem - ok
11:49:36.0046 0272 [ 0A43169E115B5E9346A4BA1EFFCB04CB ] motandroidusb C:\WINDOWS\system32\Drivers\motoandroid.sys
11:49:36.0125 0272 motandroidusb - ok
11:49:36.0140 0272 [ F4EA1193A52C8FE4B8A135E210ABE546 ] motccgp C:\WINDOWS\system32\DRIVERS\motccgp.sys
11:49:36.0203 0272 motccgp - ok
11:49:36.0234 0272 [ B812DA6605CAF02641312F1F65C75419 ] motccgpfl C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
11:49:36.0296 0272 motccgpfl - ok
11:49:36.0312 0272 [ 69814ACD50A9D6D28296050EF6215D46 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
11:49:36.0375 0272 motmodem - ok
11:49:36.0453 0272 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
11:49:36.0484 0272 MotoHelper - ok
11:49:36.0531 0272 [ FD8C2CEF7AD8B23C6714103D621FAC1F ] MotoSwitchService C:\WINDOWS\system32\DRIVERS\motswch.sys
11:49:36.0578 0272 MotoSwitchService - ok
11:49:36.0625 0272 [ DDC489D40B49F443787E7FFA75373522 ] Motousbnet C:\WINDOWS\system32\DRIVERS\Motousbnet.sys
11:49:36.0671 0272 Motousbnet - ok
11:49:36.0703 0272 [ F780C53D98A0AAD28F5B7403B184AEA1 ] motusbdevice C:\WINDOWS\system32\DRIVERS\motusbdevice.sys
11:49:36.0750 0272 motusbdevice - ok
11:49:36.0781 0272 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:49:36.0937 0272 Mouclass - ok
11:49:36.0968 0272 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:49:37.0109 0272 mouhid - ok
11:49:37.0156 0272 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:49:37.0312 0272 MountMgr - ok
11:49:37.0375 0272 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:49:37.0421 0272 MozillaMaintenance - ok
11:49:37.0484 0272 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:49:37.0531 0272 MpFilter - ok
11:49:37.0578 0272 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:49:37.0734 0272 mraid35x - ok
11:49:37.0781 0272 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:49:37.0921 0272 MRxDAV - ok
11:49:38.0000 0272 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:49:38.0125 0272 MRxSmb - ok
11:49:38.0171 0272 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:49:38.0328 0272 MSDTC - ok
11:49:38.0390 0272 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:49:38.0578 0272 Msfs - ok
11:49:38.0593 0272 MSIServer - ok
11:49:38.0625 0272 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:49:38.0812 0272 MSKSSRV - ok
11:49:38.0890 0272 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:49:38.0937 0272 MsMpSvc - ok
11:49:39.0015 0272 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:49:39.0187 0272 MSPCLOCK - ok
11:49:39.0218 0272 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:49:39.0343 0272 MSPQM - ok
11:49:39.0406 0272 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:49:39.0562 0272 mssmbios - ok
11:49:39.0609 0272 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:49:39.0703 0272 Mup - ok
11:49:39.0796 0272 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:49:40.0031 0272 napagent - ok
11:49:40.0078 0272 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:49:40.0281 0272 NDIS - ok
11:49:40.0328 0272 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:49:40.0437 0272 NdisTapi - ok
11:49:40.0484 0272 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:49:40.0640 0272 Ndisuio - ok
11:49:40.0671 0272 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:49:40.0843 0272 NdisWan - ok
11:49:40.0906 0272 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:49:41.0015 0272 NDProxy - ok
11:49:41.0093 0272 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:49:41.0281 0272 NetBIOS - ok
11:49:41.0312 0272 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:49:41.0515 0272 NetBT - ok
11:49:41.0562 0272 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:49:41.0718 0272 NetDDE - ok
11:49:41.0734 0272 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:49:41.0859 0272 NetDDEdsdm - ok
11:49:41.0937 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:49:42.0125 0272 Netlogon - ok
11:49:42.0203 0272 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:49:42.0406 0272 Netman - ok
11:49:42.0437 0272 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:49:42.0468 0272 NetTcpPortSharing - ok
11:49:42.0500 0272 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:49:42.0578 0272 Nla - ok
11:49:42.0593 0272 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:49:42.0765 0272 Npfs - ok
11:49:42.0890 0272 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
11:49:42.0937 0272 NSL - ok
11:49:43.0062 0272 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:49:43.0375 0272 Ntfs - ok
11:49:43.0406 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:49:43.0593 0272 NtLmSsp - ok
11:49:43.0750 0272 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:49:44.0062 0272 NtmsSvc - ok
11:49:44.0093 0272 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:49:44.0250 0272 Null - ok
11:49:44.0312 0272 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
11:49:44.0453 0272 nvatabus ( UnsignedFile.Multi.Generic ) - warning
11:49:44.0453 0272 nvatabus - detected UnsignedFile.Multi.Generic (1)
11:49:44.0484 0272 [ 87096913DFB9129144E1038AADFF17EE ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
11:49:44.0515 0272 nvgts - ok
11:49:44.0531 0272 [ B65CE56C36F573113FF2F6D0F07B7563 ] nvraid C:\WINDOWS\system32\DRIVERS\nvraid.sys
11:49:44.0578 0272 nvraid ( UnsignedFile.Multi.Generic ) - warning
11:49:44.0578 0272 nvraid - detected UnsignedFile.Multi.Generic (1)
11:49:44.0593 0272 [ 587E8634A13B682FA39E0DA48CA88ED5 ] nvrd32 C:\WINDOWS\system32\DRIVERS\nvrd32.sys
11:49:44.0625 0272 nvrd32 - ok
11:49:44.0640 0272 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:49:44.0812 0272 NwlnkFlt - ok
11:49:44.0828 0272 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:49:44.0968 0272 NwlnkFwd - ok
11:49:45.0031 0272 [ 1A008CBB313F7A6644B883AE1829393B ] OAcat C:\Program Files\Online Armor\OAcat.exe
11:49:45.0062 0272 OAcat - ok
11:49:45.0109 0272 [ C0BA927C3A1A62F2BF664F242D91C082 ] OADevice C:\WINDOWS\system32\drivers\OADriver.sys
11:49:45.0156 0272 OADevice - ok
11:49:45.0187 0272 [ C968369E2BC5F6A8426C1E7D78E33F1B ] oahlpXX C:\WINDOWS\system32\drivers\oahlp32.sys
11:49:45.0218 0272 oahlpXX - ok
11:49:45.0234 0272 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] OAmon C:\WINDOWS\system32\drivers\OAmon.sys
11:49:45.0265 0272 OAmon - ok
11:49:45.0281 0272 [ F3250D94BEE44A0D00939F10830B3563 ] OAnet C:\WINDOWS\system32\drivers\OAnet.sys
11:49:45.0296 0272 OAnet - ok
11:49:45.0390 0272 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:49:45.0406 0272 ose - ok
11:49:45.0609 0272 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:49:45.0890 0272 osppsvc - ok
11:49:45.0921 0272 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:49:46.0093 0272 Parport - ok
11:49:46.0109 0272 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:49:46.0250 0272 PartMgr - ok
11:49:46.0281 0272 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:49:46.0437 0272 ParVdm - ok
11:49:46.0453 0272 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:49:46.0593 0272 PCI - ok
11:49:46.0609 0272 PCIDump - ok
11:49:46.0640 0272 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:49:46.0781 0272 PCIIde - ok
11:49:46.0812 0272 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:49:46.0968 0272 Pcmcia - ok
11:49:47.0000 0272 [ 7BC8027D56FAB153A987C56AE9835664 ] PCnet C:\WINDOWS\system32\DRIVERS\pcntpci5.sys
11:49:47.0140 0272 PCnet - ok
11:49:47.0156 0272 PDCOMP - ok
11:49:47.0156 0272 PDFRAME - ok
11:49:47.0171 0272 PDRELI - ok
11:49:47.0187 0272 PDRFRAME - ok
11:49:47.0218 0272 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
11:49:47.0343 0272 perc2 - ok
11:49:47.0375 0272 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:49:47.0500 0272 perc2hib - ok
11:49:47.0562 0272 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:49:47.0578 0272 PlugPlay - ok
11:49:47.0593 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:49:47.0718 0272 PolicyAgent - ok
11:49:47.0750 0272 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:49:47.0890 0272 PptpMiniport - ok
11:49:47.0906 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:49:48.0031 0272 ProtectedStorage - ok
11:49:48.0031 0272 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:49:48.0203 0272 Ptilink - ok
11:49:48.0281 0272 [ 91195091F449699B176FE1305DAD40DA ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:49:48.0312 0272 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
11:49:48.0312 0272 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
11:49:48.0375 0272 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
11:49:48.0390 0272 QBFCService ( UnsignedFile.Multi.Generic ) - warning
11:49:48.0390 0272 QBFCService - detected UnsignedFile.Multi.Generic (1)
11:49:48.0515 0272 [ 147552E28311DB3E86188A356A7A9F9C ] QBVSS C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
11:49:48.0625 0272 QBVSS ( UnsignedFile.Multi.Generic ) - warning
11:49:48.0625 0272 QBVSS - detected UnsignedFile.Multi.Generic (1)
11:49:48.0656 0272 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:49:48.0796 0272 ql1080 - ok
11:49:48.0859 0272 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:49:48.0984 0272 Ql10wnt - ok
11:49:49.0031 0272 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:49:49.0156 0272 ql12160 - ok
11:49:49.0187 0272 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:49:49.0312 0272 ql1240 - ok
11:49:49.0343 0272 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:49:49.0484 0272 ql1280 - ok
11:49:49.0515 0272 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:49:49.0640 0272 RasAcd - ok
11:49:49.0671 0272 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:49:50.0484 0272 RasAuto - ok
11:49:50.0500 0272 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:49:50.0640 0272 Rasl2tp - ok
11:49:50.0671 0272 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:49:50.0781 0272 RasMan - ok
11:49:50.0796 0272 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:49:50.0937 0272 RasPppoe - ok
11:49:50.0953 0272 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:49:51.0093 0272 Raspti - ok
11:49:51.0125 0272 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:49:51.0296 0272 Rdbss - ok
11:49:51.0328 0272 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:49:51.0468 0272 RDPCDD - ok
11:49:51.0515 0272 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:49:51.0671 0272 rdpdr - ok
11:49:51.0703 0272 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:49:51.0765 0272 RDPWD - ok
11:49:51.0796 0272 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:49:51.0953 0272 RDSessMgr - ok
11:49:51.0968 0272 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:49:52.0109 0272 redbook - ok
11:49:52.0140 0272 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:49:52.0281 0272 RemoteAccess - ok
11:49:52.0328 0272 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:49:52.0468 0272 RemoteRegistry - ok
11:49:52.0500 0272 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:49:52.0640 0272 RpcLocator - ok
11:49:52.0687 0272 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:49:52.0750 0272 RpcSs - ok
11:49:52.0765 0272 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:49:52.0921 0272 RSVP - ok
11:49:53.0000 0272 [ 4F153709D0691C6DE8C9A4C5E813907C ] RT73 C:\WINDOWS\system32\DRIVERS\rt73.sys
11:49:53.0046 0272 RT73 ( UnsignedFile.Multi.Generic ) - warning
11:49:53.0046 0272 RT73 - detected UnsignedFile.Multi.Generic (1)
11:49:53.0078 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:49:53.0203 0272 SamSs - ok
11:49:53.0250 0272 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:49:53.0265 0272 SASDIFSV - ok
11:49:53.0281 0272 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:49:53.0296 0272 SASKUTIL - ok
11:49:53.0343 0272 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:49:53.0484 0272 SCardSvr - ok
11:49:53.0531 0272 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:49:53.0656 0272 Schedule - ok
11:49:53.0687 0272 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:49:53.0750 0272 Secdrv - ok
11:49:53.0781 0272 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:49:53.0937 0272 seclogon - ok
11:49:54.0015 0272 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
11:49:54.0140 0272 senfilt - ok
11:49:54.0156 0272 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:49:54.0296 0272 SENS - ok
11:49:54.0328 0272 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:49:54.0468 0272 serenum - ok
11:49:54.0500 0272 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:49:54.0640 0272 Serial - ok
11:49:54.0703 0272 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:49:54.0843 0272 Sfloppy - ok
11:49:54.0875 0272 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:49:55.0046 0272 SharedAccess - ok
11:49:55.0078 0272 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:49:55.0125 0272 ShellHWDetection - ok
11:49:55.0171 0272 [ 20655E752703CBF3A70AA164806A0D72 ] SI3112 C:\WINDOWS\system32\DRIVERS\SI3112.sys
11:49:55.0203 0272 SI3112 - ok
11:49:55.0234 0272 [ 14ECBDB9A9DD896A5EA5CBDC725B11E5 ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
11:49:55.0250 0272 SiFilter - ok
11:49:55.0265 0272 Simbad - ok
11:49:55.0265 0272 [ 25D81DC8421BF01EE4C7D31167BFFF07 ] SiRemFil C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
11:49:55.0296 0272 SiRemFil - ok
11:49:55.0343 0272 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:49:55.0484 0272 sisagp - ok
11:49:55.0531 0272 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
11:49:55.0562 0272 smwdm - ok
11:49:55.0609 0272 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:49:55.0687 0272 Sparrow - ok
11:49:55.0718 0272 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:49:55.0859 0272 splitter - ok
11:49:55.0906 0272 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:49:55.0984 0272 Spooler - ok
11:49:56.0015 0272 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:49:56.0078 0272 sr - ok
11:49:56.0109 0272 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:49:56.0171 0272 srservice - ok
11:49:56.0218 0272 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:49:56.0312 0272 Srv - ok
11:49:56.0343 0272 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:49:56.0421 0272 SSDPSRV - ok
11:49:56.0468 0272 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:49:56.0640 0272 stisvc - ok
11:49:56.0828 0272 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe
11:49:57.0140 0272 SvcOnlineArmor - ok
11:49:57.0187 0272 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:49:57.0328 0272 swenum - ok
11:49:57.0343 0272 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:49:57.0500 0272 swmidi - ok
11:49:57.0515 0272 SwPrv - ok
11:49:57.0562 0272 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
11:49:57.0671 0272 symc810 - ok
11:49:57.0703 0272 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:49:57.0843 0272 symc8xx - ok
11:49:57.0859 0272 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:49:58.0000 0272 sym_hi - ok
11:49:58.0031 0272 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:49:58.0156 0272 sym_u3 - ok
11:49:58.0171 0272 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:49:58.0296 0272 sysaudio - ok
11:49:58.0343 0272 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:49:58.0468 0272 SysmonLog - ok
11:49:58.0500 0272 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:49:58.0640 0272 TapiSrv - ok
11:49:58.0687 0272 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:49:58.0765 0272 Tcpip - ok
11:49:58.0781 0272 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:49:58.0921 0272 TDPIPE - ok
11:49:58.0937 0272 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:49:59.0062 0272 TDTCP - ok
11:49:59.0093 0272 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:49:59.0218 0272 TermDD - ok
11:49:59.0250 0272 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:49:59.0406 0272 TermService - ok
11:49:59.0437 0272 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:49:59.0468 0272 Themes - ok
11:49:59.0500 0272 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:49:59.0593 0272 TlntSvr - ok
11:49:59.0609 0272 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
11:49:59.0734 0272 TosIde - ok
11:49:59.0765 0272 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:49:59.0921 0272 TrkWks - ok
11:49:59.0968 0272 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:50:00.0109 0272 Udfs - ok
11:50:00.0171 0272 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
11:50:00.0265 0272 ultra - ok
11:50:00.0312 0272 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:50:00.0500 0272 Update - ok
11:50:00.0531 0272 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:50:00.0625 0272 upnphost - ok
11:50:00.0640 0272 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:50:00.0781 0272 UPS - ok
11:50:00.0812 0272 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:50:00.0937 0272 usbccgp - ok
11:50:00.0968 0272 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:50:01.0109 0272 usbehci - ok
11:50:01.0140 0272 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:50:01.0265 0272 usbhub - ok
11:50:01.0312 0272 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:50:01.0437 0272 usbprint - ok
11:50:01.0453 0272 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:50:01.0593 0272 usbscan - ok
11:50:01.0609 0272 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:50:01.0750 0272 USBSTOR - ok
11:50:01.0781 0272 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:50:01.0937 0272 usbuhci - ok
11:50:01.0984 0272 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
11:50:01.0984 0272 VClone ( UnsignedFile.Multi.Generic ) - warning
11:50:01.0984 0272 VClone - detected UnsignedFile.Multi.Generic (1)
11:50:02.0000 0272 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:50:02.0140 0272 VgaSave - ok
11:50:02.0171 0272 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:50:02.0312 0272 viaagp - ok
11:50:02.0343 0272 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:50:02.0484 0272 ViaIde - ok
11:50:02.0546 0272 [ 00046AA2E396EDC2238556E740A8E5AF ] viamraid C:\WINDOWS\system32\DRIVERS\viamraid.sys
11:50:02.0578 0272 viamraid - ok
11:50:02.0609 0272 [ F314359357B6960EB727620470FFC9CF ] viapdsk C:\WINDOWS\system32\DRIVERS\viapdsk.sys
11:50:02.0640 0272 viapdsk - ok
11:50:02.0656 0272 [ 4CC623591204ACD5FC89BD0DAD70E838 ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys
11:50:02.0718 0272 videX32 - ok
11:50:02.0734 0272 [ 82132036EE4D3E8AA3E73FEEBE1A9741 ] vmscsi C:\WINDOWS\system32\DRIVERS\vmscsi.sys
11:50:02.0765 0272 vmscsi - ok
11:50:02.0796 0272 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:50:02.0921 0272 VolSnap - ok
11:50:02.0953 0272 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:50:03.0046 0272 VSS - ok
11:50:03.0093 0272 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:50:03.0234 0272 W32Time - ok
11:50:03.0265 0272 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:50:03.0406 0272 Wanarp - ok
11:50:03.0468 0272 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
11:50:03.0546 0272 Wdf01000 - ok
11:50:03.0546 0272 WDICA - ok
11:50:03.0578 0272 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:50:03.0718 0272 wdmaud - ok
11:50:03.0750 0272 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:50:03.0890 0272 WebClient - ok
11:50:04.0000 0272 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:50:04.0140 0272 winmgmt - ok
11:50:04.0218 0272 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:50:04.0359 0272 WinRM - ok
11:50:04.0406 0272 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:50:04.0484 0272 WmdmPmSN - ok
11:50:04.0546 0272 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:50:04.0640 0272 Wmi - ok
11:50:04.0687 0272 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:50:04.0828 0272 WmiApSrv - ok
11:50:04.0937 0272 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:50:05.0046 0272 WMPNetworkSvc - ok
11:50:05.0078 0272 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:50:05.0093 0272 WpdUsb - ok
11:50:05.0234 0272 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:50:05.0296 0272 WPFFontCache_v0400 - ok
11:50:05.0343 0272 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:50:05.0484 0272 WS2IFSL - ok
11:50:05.0515 0272 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:50:05.0671 0272 wscsvc - ok
11:50:05.0671 0272 WSearch - ok
11:50:05.0781 0272 [ D161D62AE8D3F3EC1197B012D5E47431 ] WSWNDA3100v2 C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
11:50:05.0828 0272 WSWNDA3100v2 - ok
11:50:05.0859 0272 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:50:06.0015 0272 wuauserv - ok
11:50:06.0062 0272 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:50:06.0125 0272 WudfPf - ok
11:50:06.0140 0272 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:50:06.0171 0272 WUDFRd - ok
11:50:06.0203 0272 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:50:06.0250 0272 WudfSvc - ok
11:50:06.0312 0272 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:50:06.0515 0272 WZCSVC - ok
11:50:06.0546 0272 [ A1B2B0211441F9C822F8CBC0C2D1B41E ] xfilt C:\WINDOWS\system32\DRIVERS\xfilt.sys
11:50:06.0593 0272 xfilt - ok
11:50:06.0625 0272 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:50:06.0765 0272 xmlprov - ok
11:50:06.0812 0272 ================ Scan global ===============================
11:50:06.0859 0272 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:50:06.0921 0272 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:50:06.0968 0272 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:50:07.0000 0272 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:50:07.0000 0272 [Global] - ok
11:50:07.0000 0272 ================ Scan MBR ==================================
11:50:07.0078 0272 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:50:07.0312 0272 \Device\Harddisk0\DR0 - ok
11:50:07.0328 0272 ================ Scan VBR ==================================
11:50:07.0328 0272 [ 45E3380C19E3E01D1DA99F229FCF4B38 ] \Device\Harddisk0\DR0\Partition1
11:50:07.0328 0272 \Device\Harddisk0\DR0\Partition1 - ok
11:50:07.0328 0272 ================ Scan active images ========================
11:50:07.0328 0272 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
11:50:07.0328 0272 C:\WINDOWS\system32\drivers\intelppm.sys - ok
11:50:07.0343 0272 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
11:50:07.0343 0272 C:\WINDOWS\system32\drivers\videoprt.sys - ok
11:50:07.0343 0272 [ 9A883C3C4D91292C0D09DE7C728E781C ] C:\WINDOWS\system32\drivers\ialmnt5.sys
11:50:07.0343 0272 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
11:50:07.0359 0272 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
11:50:07.0359 0272 C:\WINDOWS\system32\drivers\usbport.sys - ok
11:50:07.0359 0272 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
11:50:07.0359 0272 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
11:50:07.0375 0272 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
11:50:07.0375 0272 C:\WINDOWS\system32\drivers\usbehci.sys - ok
11:50:07.0375 0272 [ AC9CF17EE2AE003C98EB4F5336C38058 ] C:\WINDOWS\system32\drivers\e100b325.sys
11:50:07.0375 0272 C:\WINDOWS\system32\drivers\e100b325.sys - ok
11:50:07.0390 0272 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
11:50:07.0390 0272 C:\WINDOWS\system32\drivers\fdc.sys - ok
11:50:07.0390 0272 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
11:50:07.0390 0272 C:\WINDOWS\system32\drivers\serial.sys - ok
11:50:07.0406 0272 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
11:50:07.0406 0272 C:\WINDOWS\system32\drivers\serenum.sys - ok
11:50:07.0406 0272 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
11:50:07.0406 0272 C:\WINDOWS\system32\drivers\parport.sys - ok
11:50:07.0421 0272 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
11:50:07.0421 0272 C:\WINDOWS\system32\drivers\imapi.sys - ok
11:50:07.0421 0272 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
11:50:07.0421 0272 C:\WINDOWS\system32\drivers\cdrom.sys - ok
11:50:07.0437 0272 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
11:50:07.0437 0272 C:\WINDOWS\system32\drivers\ks.sys - ok
11:50:07.0437 0272 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
11:50:07.0437 0272 C:\WINDOWS\system32\drivers\redbook.sys - ok
11:50:07.0453 0272 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
11:50:07.0453 0272 C:\WINDOWS\system32\drivers\drmk.sys - ok
11:50:07.0453 0272 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
11:50:07.0453 0272 C:\WINDOWS\system32\drivers\portcls.sys - ok
11:50:07.0468 0272 [ C6D9959E493682F872A639B6EC1B4A08 ] C:\WINDOWS\system32\drivers\smwdm.sys
11:50:07.0468 0272 C:\WINDOWS\system32\drivers\smwdm.sys - ok
11:50:07.0468 0272 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] C:\WINDOWS\system32\drivers\senfilt.sys
11:50:07.0468 0272 C:\WINDOWS\system32\drivers\senfilt.sys - ok
11:50:07.0484 0272 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
11:50:07.0484 0272 C:\WINDOWS\system32\drivers\audstub.sys - ok
11:50:07.0484 0272 [ 26C76D10ED650E6492800D6F081ECFBA ] C:\WINDOWS\system32\drivers\mfendisk.sys
11:50:07.0484 0272 C:\WINDOWS\system32\drivers\mfendisk.sys - ok
11:50:07.0500 0272 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
11:50:07.0500 0272 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
11:50:07.0500 0272 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
11:50:07.0500 0272 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
11:50:07.0515 0272 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
11:50:07.0515 0272 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
11:50:07.0515 0272 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
11:50:07.0515 0272 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
11:50:07.0531 0272 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
11:50:07.0531 0272 C:\WINDOWS\system32\drivers\tdi.sys - ok
11:50:07.0531 0272 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
11:50:07.0531 0272 C:\WINDOWS\system32\drivers\ptilink.sys - ok
11:50:07.0531 0272 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
11:50:07.0531 0272 C:\WINDOWS\system32\drivers\raspptp.sys - ok
11:50:07.0546 0272 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
11:50:07.0546 0272 C:\WINDOWS\system32\drivers\raspti.sys - ok
11:50:07.0546 0272 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
11:50:07.0546 0272 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
11:50:07.0562 0272 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
11:50:07.0562 0272 C:\WINDOWS\system32\drivers\termdd.sys - ok
11:50:07.0578 0272 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
11:50:07.0578 0272 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
11:50:07.0578 0272 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
11:50:07.0578 0272 C:\WINDOWS\system32\drivers\mouclass.sys - ok
11:50:07.0593 0272 [ 76C465F570E90C28942D52CCB2580A10 ] C:\WINDOWS\system32\drivers\scsiport.sys
11:50:07.0593 0272 C:\WINDOWS\system32\drivers\scsiport.sys - ok
11:50:07.0593 0272 [ 8FD868E32459ECE2A1BB0169F513D31E ] C:\WINDOWS\system32\drivers\mcdbus.sys
11:50:07.0593 0272 C:\WINDOWS\system32\drivers\mcdbus.sys - ok
11:50:07.0609 0272 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
11:50:07.0609 0272 C:\WINDOWS\system32\drivers\swenum.sys - ok
11:50:07.0609 0272 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] C:\WINDOWS\system32\drivers\VClone.sys
11:50:07.0609 0272 C:\WINDOWS\system32\drivers\VClone.sys - ok
11:50:07.0625 0272 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
11:50:07.0625 0272 C:\WINDOWS\system32\drivers\update.sys - ok
11:50:07.0625 0272 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
11:50:07.0625 0272 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
11:50:07.0640 0272 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
11:50:07.0640 0272 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
11:50:07.0640 0272 [ C1DC5F42D3367F33B6451BE78B38BD46 ] C:\WINDOWS\system32\drivers\mfeavfk.sys
11:50:07.0640 0272 C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
11:50:07.0656 0272 [ 4EA6FF90015424517843E931448E00F1 ] C:\WINDOWS\system32\drivers\mfefirek.sys
11:50:07.0656 0272 C:\WINDOWS\system32\drivers\mfefirek.sys - ok
11:50:07.0656 0272 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
11:50:07.0656 0272 C:\WINDOWS\system32\drivers\usbd.sys - ok
11:50:07.0671 0272 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
11:50:07.0671 0272 C:\WINDOWS\system32\drivers\usbhub.sys - ok
11:50:07.0671 0272 [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
11:50:07.0671 0272 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
11:50:07.0687 0272 [ 2B2F9B4A08190334A9C36446B208BAE9 ] C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys
11:50:07.0687 0272 C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys - ok
11:50:07.0687 0272 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
11:50:07.0687 0272 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
11:50:07.0703 0272 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
11:50:07.0703 0272 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
11:50:07.0703 0272 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
11:50:07.0703 0272 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
11:50:07.0703 0272 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
11:50:07.0718 0272 C:\WINDOWS\system32\drivers\beep.sys - ok
11:50:07.0718 0272 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
11:50:07.0718 0272 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
11:50:07.0718 0272 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
11:50:07.0718 0272 C:\WINDOWS\system32\drivers\null.sys - ok
11:50:07.0734 0272 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
11:50:07.0734 0272 C:\WINDOWS\system32\drivers\hidparse.sys - ok
11:50:07.0734 0272 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
11:50:07.0734 0272 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
11:50:07.0750 0272 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
11:50:07.0750 0272 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
11:50:07.0750 0272 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
11:50:07.0750 0272 C:\WINDOWS\system32\drivers\msfs.sys - ok
11:50:07.0765 0272 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
11:50:07.0765 0272 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
11:50:07.0765 0272 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
11:50:07.0765 0272 C:\WINDOWS\system32\drivers\vga.sys - ok
11:50:07.0781 0272 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
11:50:07.0781 0272 C:\WINDOWS\system32\drivers\ipsec.sys - ok
11:50:07.0781 0272 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
11:50:07.0781 0272 C:\WINDOWS\system32\drivers\npfs.sys - ok
11:50:07.0796 0272 [ F3250D94BEE44A0D00939F10830B3563 ] C:\WINDOWS\system32\drivers\OAnet.sys
11:50:07.0796 0272 C:\WINDOWS\system32\drivers\OAnet.sys - ok
11:50:07.0796 0272 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
11:50:07.0796 0272 C:\WINDOWS\system32\drivers\rasacd.sys - ok
11:50:07.0812 0272 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
11:50:07.0812 0272 C:\WINDOWS\system32\drivers\msgpc.sys - ok
11:50:07.0812 0272 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
11:50:07.0812 0272 C:\WINDOWS\system32\drivers\tcpip.sys - ok
11:50:07.0828 0272 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:50:07.0828 0272 C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
11:50:07.0828 0272 [ 04E7E92CD91E61E0CC1BDF849032AD81 ] C:\WINDOWS\system32\drivers\OAmon.sys
11:50:07.0828 0272 C:\WINDOWS\system32\drivers\OAmon.sys - ok
11:50:07.0843 0272 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
11:50:07.0843 0272 C:\WINDOWS\system32\drivers\ipnat.sys - ok
11:50:07.0843 0272 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
11:50:07.0843 0272 C:\WINDOWS\system32\drivers\netbt.sys - ok
11:50:07.0859 0272 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
11:50:07.0859 0272 C:\WINDOWS\system32\drivers\wanarp.sys - ok
11:50:07.0859 0272 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
11:50:07.0859 0272 C:\WINDOWS\system32\drivers\afd.sys - ok
11:50:07.0875 0272 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:50:07.0875 0272 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
11:50:07.0875 0272 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
11:50:07.0875 0272 C:\WINDOWS\system32\drivers\netbios.sys - ok
11:50:07.0890 0272 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
11:50:07.0890 0272 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
11:50:07.0890 0272 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:50:07.0890 0272 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
11:50:07.0906 0272 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
11:50:07.0906 0272 C:\WINDOWS\system32\drivers\rdbss.sys - ok
11:50:07.0906 0272 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
11:50:07.0906 0272 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
11:50:07.0921 0272 [ C0BA927C3A1A62F2BF664F242D91C082 ] C:\WINDOWS\system32\drivers\OADriver.sys
11:50:07.0921 0272 C:\WINDOWS\system32\drivers\OADriver.sys - ok
11:50:07.0937 0272 [ C968369E2BC5F6A8426C1E7D78E33F1B ] C:\WINDOWS\system32\drivers\oahlp32.sys
11:50:07.0937 0272 C:\WINDOWS\system32\drivers\oahlp32.sys - ok
11:50:07.0937 0272 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
11:50:07.0937 0272 C:\WINDOWS\system32\drivers\fips.sys - ok
11:50:07.0953 0272 [ D71233D7CCC2E64F8715A20428D5A33B ] C:\WINDOWS\system32\drivers\ElbyCDIO.sys
11:50:07.0953 0272 C:\WINDOWS\system32\drivers\ElbyCDIO.sys - ok
11:50:07.0953 0272 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
11:50:07.0953 0272 C:\WINDOWS\system32\ntdll.dll - ok
11:50:07.0968 0272 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
11:50:07.0968 0272 C:\WINDOWS\system32\smss.exe - ok
11:50:07.0968 0272 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
11:50:07.0968 0272 C:\WINDOWS\system32\autochk.exe - ok
11:50:07.0984 0272 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
11:50:07.0984 0272 C:\WINDOWS\system32\sfcfiles.dll - ok
11:50:07.0984 0272 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
11:50:07.0984 0272 C:\WINDOWS\system32\drivers\cdfs.sys - ok
11:50:08.0000 0272 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] C:\WINDOWS\system32\drivers\udfs.sys
11:50:08.0000 0272 C:\WINDOWS\system32\drivers\udfs.sys - ok
11:50:08.0000 0272 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
11:50:08.0000 0272 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
11:50:08.0015 0272 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] C:\WINDOWS\system32\drivers\usbscan.sys
11:50:08.0015 0272 C:\WINDOWS\system32\drivers\usbscan.sys - ok
11:50:08.0015 0272 [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
11:50:08.0015 0272 C:\WINDOWS\system32\drivers\usbprint.sys - ok
11:50:08.0031 0272 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
11:50:08.0031 0272 C:\WINDOWS\system32\drivers\hidclass.sys - ok
11:50:08.0031 0272 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
11:50:08.0031 0272 C:\WINDOWS\system32\drivers\hidusb.sys - ok
11:50:08.0031 0272 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
11:50:08.0031 0272 C:\WINDOWS\system32\drivers\mouhid.sys - ok
11:50:08.0046 0272 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
11:50:08.0046 0272 C:\WINDOWS\system32\drivers\wmilib.sys - ok
11:50:08.0046 0272 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
11:50:08.0046 0272 C:\WINDOWS\system32\drivers\atapi.sys - ok
11:50:08.0062 0272 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
11:50:08.0062 0272 C:\WINDOWS\system32\drivers\dxapi.sys - ok
11:50:08.0062 0272 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:50:08.0062 0272 C:\WINDOWS\system32\basesrv.dll - ok
11:50:08.0078 0272 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
11:50:08.0078 0272 C:\WINDOWS\system32\csrsrv.dll - ok
11:50:08.0078 0272 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
11:50:08.0078 0272 C:\WINDOWS\system32\csrss.exe - ok
11:50:08.0093 0272 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
11:50:08.0093 0272 C:\WINDOWS\system32\watchdog.sys - ok
11:50:08.0093 0272 [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
11:50:08.0093 0272 C:\WINDOWS\system32\win32k.sys - ok
11:50:08.0109 0272 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
11:50:08.0109 0272 C:\WINDOWS\system32\gdi32.dll - ok
11:50:08.0109 0272 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
11:50:08.0109 0272 C:\WINDOWS\system32\kernel32.dll - ok
11:50:08.0125 0272 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
11:50:08.0125 0272 C:\WINDOWS\system32\user32.dll - ok
11:50:08.0125 0272 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:50:08.0125 0272 C:\WINDOWS\system32\winsrv.dll - ok
11:50:08.0140 0272 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
11:50:08.0140 0272 C:\WINDOWS\system32\drivers\dxg.sys - ok
11:50:08.0140 0272 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
11:50:08.0140 0272 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
11:50:08.0156 0272 [ E8244B7C635202E5A4326653168B595E ] C:\WINDOWS\system32\ialmdnt5.dll
11:50:08.0156 0272 C:\WINDOWS\system32\ialmdnt5.dll - ok
11:50:08.0156 0272 [ 0CC6C7600EC5AE4373779A79A610796C ] C:\WINDOWS\system32\ialmrnt5.dll
11:50:08.0156 0272 C:\WINDOWS\system32\ialmrnt5.dll - ok
11:50:08.0171 0272 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
11:50:08.0171 0272 C:\WINDOWS\system32\vga.dll - ok
11:50:08.0171 0272 [ 888B8611F99649A61F0306056C204523 ] C:\WINDOWS\system32\ialmdev5.dll
11:50:08.0171 0272 C:\WINDOWS\system32\ialmdev5.dll - ok
11:50:08.0187 0272 [ A3E3FA1DF677FE52F2AACA38735F8E54 ] C:\WINDOWS\system32\ialmdd5.dll
11:50:08.0187 0272 C:\WINDOWS\system32\ialmdd5.dll - ok
11:50:08.0187 0272 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
11:50:08.0187 0272 C:\WINDOWS\system32\advapi32.dll - ok
11:50:08.0203 0272 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
11:50:08.0203 0272 C:\WINDOWS\system32\authz.dll - ok
11:50:08.0203 0272 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
11:50:08.0203 0272 C:\WINDOWS\system32\rpcrt4.dll - ok
11:50:08.0218 0272 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
11:50:08.0218 0272 C:\WINDOWS\system32\secur32.dll - ok
11:50:08.0218 0272 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
11:50:08.0218 0272 C:\WINDOWS\system32\winlogon.exe - ok
11:50:08.0234 0272 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
11:50:08.0234 0272 C:\WINDOWS\system32\crypt32.dll - ok
11:50:08.0234 0272 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
11:50:08.0234 0272 C:\WINDOWS\system32\msvcrt.dll - ok
11:50:08.0250 0272 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
11:50:08.0250 0272 C:\WINDOWS\system32\msasn1.dll - ok
11:50:08.0250 0272 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
11:50:08.0250 0272 C:\WINDOWS\system32\nddeapi.dll - ok
11:50:08.0265 0272 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
11:50:08.0265 0272 C:\WINDOWS\system32\netapi32.dll - ok
11:50:08.0265 0272 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
11:50:08.0265 0272 C:\WINDOWS\system32\profmap.dll - ok
11:50:08.0281 0272 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
11:50:08.0281 0272 C:\WINDOWS\system32\psapi.dll - ok
11:50:08.0281 0272 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
11:50:08.0281 0272 C:\WINDOWS\system32\regapi.dll - ok
11:50:08.0281 0272 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
11:50:08.0281 0272 C:\WINDOWS\system32\setupapi.dll - ok
11:50:08.0296 0272 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
11:50:08.0296 0272 C:\WINDOWS\system32\userenv.dll - ok
11:50:08.0296 0272 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
11:50:08.0296 0272 C:\WINDOWS\system32\version.dll - ok
11:50:08.0312 0272 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
11:50:08.0312 0272 C:\WINDOWS\system32\winsta.dll - ok
11:50:08.0312 0272 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
11:50:08.0312 0272 C:\WINDOWS\system32\imagehlp.dll - ok
11:50:08.0328 0272 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
11:50:08.0328 0272 C:\WINDOWS\system32\wintrust.dll - ok
11:50:08.0328 0272 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
11:50:08.0328 0272 C:\WINDOWS\system32\imm32.dll - ok
11:50:08.0343 0272 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
11:50:08.0343 0272 C:\WINDOWS\system32\ws2help.dll - ok
11:50:08.0343 0272 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
11:50:08.0343 0272 C:\WINDOWS\system32\ws2_32.dll - ok
11:50:08.0359 0272 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
11:50:08.0359 0272 C:\WINDOWS\system32\kbdus.dll - ok
11:50:08.0359 0272 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
11:50:08.0359 0272 C:\WINDOWS\system32\msgina.dll - ok
11:50:08.0375 0272 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
11:50:08.0375 0272 C:\WINDOWS\system32\comctl32.dll - ok
11:50:08.0375 0272 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
11:50:08.0375 0272 C:\WINDOWS\system32\odbc32.dll - ok
11:50:08.0390 0272 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
11:50:08.0390 0272 C:\WINDOWS\system32\comdlg32.dll - ok
11:50:08.0390 0272 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
11:50:08.0390 0272 C:\WINDOWS\system32\shell32.dll - ok
11:50:08.0406 0272 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
11:50:08.0406 0272 C:\WINDOWS\system32\shlwapi.dll - ok
11:50:08.0406 0272 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
11:50:08.0406 0272 C:\WINDOWS\system32\sxs.dll - ok
11:50:08.0421 0272 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:50:08.0421 0272 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:50:08.0421 0272 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
11:50:08.0421 0272 C:\WINDOWS\system32\odbcint.dll - ok
11:50:08.0437 0272 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
11:50:08.0437 0272 C:\WINDOWS\system32\shsvcs.dll - ok
11:50:08.0437 0272 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
11:50:08.0437 0272 C:\WINDOWS\system32\sfc.dll - ok
11:50:08.0453 0272 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
11:50:08.0453 0272 C:\WINDOWS\system32\sfc_os.dll - ok
11:50:08.0453 0272 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
11:50:08.0453 0272 C:\WINDOWS\system32\ole32.dll - ok
11:50:08.0468 0272 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
11:50:08.0468 0272 C:\WINDOWS\system32\apphelp.dll - ok
11:50:08.0468 0272 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
11:50:08.0468 0272 C:\WINDOWS\system32\lsasrv.dll - ok
11:50:08.0484 0272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
11:50:08.0484 0272 C:\WINDOWS\system32\lsass.exe - ok
11:50:08.0484 0272 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
11:50:08.0484 0272 C:\WINDOWS\system32\msvcp60.dll - ok
11:50:08.0500 0272 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
11:50:08.0500 0272 C:\WINDOWS\system32\ncobjapi.dll - ok
11:50:08.0500 0272 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:50:08.0500 0272 C:\WINDOWS\system32\services.exe - ok
11:50:08.0500 0272 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
11:50:08.0500 0272 C:\WINDOWS\system32\scesrv.dll - ok
11:50:08.0515 0272 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
11:50:08.0515 0272 C:\WINDOWS\system32\mpr.dll - ok
11:50:08.0531 0272 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
11:50:08.0531 0272 C:\WINDOWS\system32\ntdsapi.dll - ok
11:50:08.0531 0272 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
11:50:08.0531 0272 C:\WINDOWS\system32\umpnpmgr.dll - ok
11:50:08.0531 0272 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
11:50:08.0531 0272 C:\WINDOWS\AppPatch\AcAdProc.dll - ok
11:50:08.0546 0272 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
11:50:08.0546 0272 C:\WINDOWS\system32\dnsapi.dll - ok
11:50:08.0546 0272 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
11:50:08.0546 0272 C:\WINDOWS\system32\samlib.dll - ok
11:50:08.0562 0272 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
11:50:08.0562 0272 C:\WINDOWS\system32\samsrv.dll - ok
11:50:08.0562 0272 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
11:50:08.0562 0272 C:\WINDOWS\system32\shimeng.dll - ok
11:50:08.0578 0272 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
11:50:08.0578 0272 C:\WINDOWS\system32\wldap32.dll - ok
11:50:08.0578 0272 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
11:50:08.0578 0272 C:\WINDOWS\AppPatch\AcGenral.dll - ok
11:50:08.0593 0272 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
11:50:08.0593 0272 C:\WINDOWS\system32\cryptdll.dll - ok
11:50:08.0593 0272 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
11:50:08.0593 0272 C:\WINDOWS\system32\msacm32.dll - ok
11:50:08.0609 0272 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
11:50:08.0609 0272 C:\WINDOWS\system32\oleaut32.dll - ok
11:50:08.0609 0272 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
11:50:08.0609 0272 C:\WINDOWS\system32\uxtheme.dll - ok
11:50:08.0625 0272 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
11:50:08.0625 0272 C:\WINDOWS\system32\winmm.dll - ok
11:50:08.0625 0272 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
11:50:08.0625 0272 C:\WINDOWS\system32\msapsspc.dll - ok
11:50:08.0640 0272 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
11:50:08.0640 0272 C:\WINDOWS\system32\msvcrt40.dll - ok
11:50:08.0640 0272 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
11:50:08.0640 0272 C:\WINDOWS\system32\schannel.dll - ok
11:50:08.0656 0272 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
11:50:08.0656 0272 C:\WINDOWS\system32\digest.dll - ok
11:50:08.0656 0272 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
11:50:08.0656 0272 C:\WINDOWS\system32\msnsspc.dll - ok
11:50:08.0671 0272 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME
11:50:08.0671 0272 C:\WINDOWS\system32\MSCTFIME.IME - ok
11:50:08.0671 0272 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
11:50:08.0671 0272 C:\WINDOWS\system32\msprivs.dll - ok
11:50:08.0687 0272 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
11:50:08.0687 0272 C:\WINDOWS\system32\kerberos.dll - ok
11:50:08.0687 0272 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
11:50:08.0687 0272 C:\WINDOWS\system32\atmfd.dll - ok
11:50:08.0703 0272 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
11:50:08.0703 0272 C:\WINDOWS\system32\msv1_0.dll - ok
11:50:08.0703 0272 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
11:50:08.0703 0272 C:\WINDOWS\system32\iphlpapi.dll - ok
11:50:08.0718 0272 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
11:50:08.0718 0272 C:\WINDOWS\system32\netlogon.dll - ok
11:50:08.0718 0272 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
11:50:08.0718 0272 C:\WINDOWS\system32\w32time.dll - ok
11:50:08.0734 0272 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
11:50:08.0734 0272 C:\WINDOWS\system32\rsaenh.dll - ok
11:50:08.0734 0272 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
11:50:08.0734 0272 C:\WINDOWS\system32\wdigest.dll - ok
11:50:08.0750 0272 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
11:50:08.0750 0272 C:\WINDOWS\system32\winscard.dll - ok
11:50:08.0750 0272 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
11:50:08.0750 0272 C:\WINDOWS\system32\wtsapi32.dll - ok
11:50:08.0765 0272 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
11:50:08.0765 0272 C:\WINDOWS\system32\scecli.dll - ok
11:50:08.0765 0272 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
11:50:08.0765 0272 C:\WINDOWS\system32\svchost.exe - ok
11:50:08.0781 0272 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
11:50:08.0781 0272 C:\WINDOWS\system32\ntmarta.dll - ok
11:50:08.0781 0272 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
11:50:08.0781 0272 C:\WINDOWS\system32\rpcss.dll - ok
11:50:08.0781 0272 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
11:50:08.0781 0272 C:\WINDOWS\system32\xpsp2res.dll - ok
11:50:08.0796 0272 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
11:50:08.0796 0272 C:\WINDOWS\system32\eventlog.dll - ok
11:50:08.0796 0272 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
11:50:08.0796 0272 C:\WINDOWS\system32\mswsock.dll - ok
11:50:08.0812 0272 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
11:50:08.0812 0272 C:\WINDOWS\system32\hnetcfg.dll - ok
11:50:08.0828 0272 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
11:50:08.0828 0272 C:\WINDOWS\system32\wshtcpip.dll - ok
11:50:08.0828 0272 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
11:50:08.0828 0272 C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:50:08.0843 0272 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
11:50:08.0843 0272 C:\WINDOWS\system32\winrnr.dll - ok
11:50:08.0843 0272 [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
11:50:08.0843 0272 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
11:50:08.0859 0272 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:50:08.0859 0272 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
11:50:08.0859 0272 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
11:50:08.0859 0272 C:\WINDOWS\system32\rasadhlp.dll - ok
11:50:08.0875 0272 [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
11:50:08.0875 0272 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
11:50:08.0875 0272 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
11:50:08.0875 0272 C:\WINDOWS\system32\WudfSvc.dll - ok
11:50:08.0890 0272 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
11:50:08.0890 0272 C:\WINDOWS\system32\WudfPlatform.dll - ok
11:50:08.0890 0272 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
11:50:08.0890 0272 C:\WINDOWS\system32\cscdll.dll - ok
11:50:08.0906 0272 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
11:50:08.0906 0272 C:\WINDOWS\system32\duser.dll - ok
11:50:08.0906 0272 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
11:50:08.0906 0272 C:\WINDOWS\system32\logonui.exe - ok
11:50:08.0921 0272 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
11:50:08.0921 0272 C:\WINDOWS\system32\dimsntfy.dll - ok
11:50:08.0921 0272 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
11:50:08.0921 0272 C:\WINDOWS\system32\wlnotify.dll - ok
11:50:08.0937 0272 [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
11:50:08.0937 0272 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
11:50:08.0937 0272 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
11:50:08.0937 0272 C:\WINDOWS\system32\msimg32.dll - ok
11:50:08.0953 0272 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
11:50:08.0953 0272 C:\WINDOWS\system32\oleacc.dll - ok
11:50:08.0953 0272 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
11:50:08.0953 0272 C:\WINDOWS\system32\winspool.drv - ok
11:50:08.0953 0272 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
11:50:08.0953 0272 C:\WINDOWS\system32\fltlib.dll - ok
11:50:08.0968 0272 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
11:50:08.0968 0272 C:\WINDOWS\system32\WgaLogon.dll - ok
11:50:08.0968 0272 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
11:50:08.0968 0272 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
11:50:08.0984 0272 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
11:50:08.0984 0272 C:\WINDOWS\system32\clbcatq.dll - ok
11:50:08.0984 0272 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
11:50:08.0984 0272 C:\WINDOWS\system32\dhcpcsvc.dll - ok
11:50:09.0000 0272 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
11:50:09.0000 0272 C:\WINDOWS\system32\dnsrslvr.dll - ok
11:50:09.0000 0272 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
11:50:09.0000 0272 C:\WINDOWS\system32\comres.dll - ok
11:50:09.0015 0272 [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E3093B2E-12E3-4C0B-89FE-5AAA32A225F3}\mpengine.dll
11:50:09.0015 0272 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E3093B2E-12E3-4C0B-89FE-5AAA32A225F3}\mpengine.dll - ok
11:50:09.0015 0272 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
11:50:09.0015 0272 C:\WINDOWS\system32\msxml3.dll - ok
11:50:09.0031 0272 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
11:50:09.0031 0272 C:\WINDOWS\system32\shgina.dll - ok
11:50:09.0031 0272 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
11:50:09.0031 0272 C:\WINDOWS\system32\lmhsvc.dll - ok
11:50:09.0046 0272 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
11:50:09.0046 0272 C:\WINDOWS\system32\wzcsvc.dll - ok
11:50:09.0046 0272 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
11:50:09.0046 0272 C:\WINDOWS\system32\rtutils.dll - ok
11:50:09.0062 0272 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
11:50:09.0062 0272 C:\WINDOWS\system32\eapolqec.dll - ok
11:50:09.0062 0272 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
11:50:09.0062 0272 C:\WINDOWS\system32\wmi.dll - ok
11:50:09.0078 0272 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
11:50:09.0078 0272 C:\WINDOWS\system32\atl.dll - ok
11:50:09.0078 0272 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
11:50:09.0078 0272 C:\WINDOWS\system32\qutil.dll - ok
11:50:09.0093 0272 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
11:50:09.0093 0272 C:\WINDOWS\system32\dot3api.dll - ok
11:50:09.0093 0272 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
11:50:09.0093 0272 C:\WINDOWS\system32\esent.dll - ok
11:50:09.0109 0272 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
11:50:09.0109 0272 C:\WINDOWS\system32\rastls.dll - ok
11:50:09.0109 0272 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
11:50:09.0109 0272 C:\WINDOWS\system32\cryptui.dll - ok
11:50:09.0125 0272 [ 5AACF4B4DEE1972B7952E8A747122232 ] C:\WINDOWS\system32\wininet.dll
11:50:09.0125 0272 C:\WINDOWS\system32\wininet.dll - ok
11:50:09.0125 0272 [ 1A008CBB313F7A6644B883AE1829393B ] C:\Program Files\Online Armor\oacat.exe
11:50:09.0125 0272 C:\Program Files\Online Armor\oacat.exe - ok
11:50:09.0140 0272 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
11:50:09.0140 0272 C:\WINDOWS\system32\normaliz.dll - ok
11:50:09.0140 0272 [ C332870084DB9164F465D6F1B7472728 ] C:\WINDOWS\system32\urlmon.dll
11:50:09.0140 0272 C:\WINDOWS\system32\urlmon.dll - ok
11:50:09.0156 0272 [ A54B4FBC24C4EDE34BEB5F8D8974752A ] C:\Program Files\Online Armor\oasrv.exe
11:50:09.0156 0272 C:\Program Files\Online Armor\oasrv.exe - ok
11:50:09.0156 0272 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
11:50:09.0156 0272 C:\WINDOWS\system32\wsock32.dll - ok
11:50:09.0171 0272 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
11:50:09.0171 0272 C:\WINDOWS\system32\olepro32.dll - ok
11:50:09.0171 0272 [ 47464CA4943F82E1B8FCB2C57DA15F83 ] C:\WINDOWS\system32\iertutil.dll
11:50:09.0171 0272 C:\WINDOWS\system32\iertutil.dll - ok
11:50:09.0187 0272 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
11:50:09.0187 0272 C:\WINDOWS\system32\mprapi.dll - ok
11:50:09.0187 0272 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
11:50:09.0187 0272 C:\WINDOWS\system32\shfolder.dll - ok
11:50:09.0187 0272 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
11:50:09.0187 0272 C:\WINDOWS\system32\activeds.dll - ok
11:50:09.0203 0272 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
11:50:09.0203 0272 C:\WINDOWS\system32\adsldpc.dll - ok
11:50:09.0203 0272 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
11:50:09.0203 0272 C:\WINDOWS\system32\rasapi32.dll - ok
11:50:09.0218 0272 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
11:50:09.0218 0272 C:\WINDOWS\system32\rasman.dll - ok
11:50:09.0218 0272 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
11:50:09.0218 0272 C:\WINDOWS\system32\tapi32.dll - ok
11:50:09.0234 0272 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
11:50:09.0234 0272 C:\WINDOWS\system32\riched20.dll - ok
11:50:09.0234 0272 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
11:50:09.0234 0272 C:\WINDOWS\system32\raschap.dll - ok
11:50:09.0250 0272 [ 6907C055668EF85BBA6077511A143756 ] C:\Program Files\Online Armor\EmsiCryptApi.dll
11:50:09.0250 0272 C:\Program Files\Online Armor\EmsiCryptApi.dll - ok
11:50:09.0250 0272 [ 01CFA88F8DEE91EC9F8E0988F49D106E ] C:\WINDOWS\system32\avicap32.dll
11:50:09.0250 0272 C:\WINDOWS\system32\avicap32.dll - ok
11:50:09.0265 0272 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
11:50:09.0265 0272 C:\WINDOWS\system32\msvfw32.dll - ok
11:50:09.0265 0272 [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
11:50:09.0265 0272 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
11:50:09.0281 0272 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
11:50:09.0281 0272 C:\WINDOWS\system32\cabinet.dll - ok
11:50:09.0281 0272 [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
11:50:09.0281 0272 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
11:50:09.0296 0272 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
11:50:09.0296 0272 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
11:50:09.0296 0272 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
11:50:09.0296 0272 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
11:50:09.0312 0272 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
11:50:09.0312 0272 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
11:50:09.0312 0272 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
11:50:09.0312 0272 C:\WINDOWS\system32\schedsvc.dll - ok
11:50:09.0328 0272 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
11:50:09.0328 0272 C:\WINDOWS\system32\msidle.dll - ok
11:50:09.0328 0272 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
11:50:09.0328 0272 C:\WINDOWS\system32\spoolsv.exe - ok
11:50:09.0343 0272 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
11:50:09.0343 0272 C:\WINDOWS\system32\audiosrv.dll - ok
11:50:09.0343 0272 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
11:50:09.0343 0272 C:\WINDOWS\system32\wkssvc.dll - ok
11:50:09.0359 0272 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
11:50:09.0359 0272 C:\WINDOWS\system32\cscui.dll - ok
11:50:09.0359 0272 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
11:50:09.0359 0272 C:\WINDOWS\system32\powrprof.dll - ok
11:50:09.0375 0272 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
11:50:09.0375 0272 C:\WINDOWS\system32\dpcdll.dll - ok
11:50:09.0375 0272 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
11:50:09.0375 0272 C:\WINDOWS\system32\wdmaud.drv - ok
11:50:09.0390 0272 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
11:50:09.0390 0272 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
11:50:09.0390 0272 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
11:50:09.0390 0272 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
11:50:09.0406 0272 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
11:50:09.0406 0272 C:\WINDOWS\system32\drivers\aec.sys - ok
11:50:09.0406 0272 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
11:50:09.0406 0272 C:\WINDOWS\system32\drivers\splitter.sys - ok
11:50:09.0421 0272 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
11:50:09.0421 0272 C:\WINDOWS\system32\drivers\DMusic.sys - ok
11:50:09.0421 0272 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
11:50:09.0421 0272 C:\WINDOWS\system32\drivers\swmidi.sys - ok
11:50:09.0437 0272 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
11:50:09.0437 0272 C:\WINDOWS\system32\drivers\kmixer.sys - ok
11:50:09.0437 0272 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
11:50:09.0437 0272 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
11:50:09.0453 0272 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
11:50:09.0453 0272 C:\WINDOWS\system32\midimap.dll - ok
11:50:09.0453 0272 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
11:50:09.0453 0272 C:\WINDOWS\system32\msacm32.drv - ok
11:50:09.0468 0272 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
11:50:09.0468 0272 C:\WINDOWS\system32\userinit.exe - ok
11:50:09.0468 0272 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
11:50:09.0468 0272 C:\WINDOWS\system32\WgaTray.exe - ok
11:50:09.0484 0272 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
11:50:09.0484 0272 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
11:50:09.0484 0272 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
11:50:09.0484 0272 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
11:50:09.0484 0272 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
11:50:09.0484 0272 C:\WINDOWS\system32\msi.dll - ok
11:50:09.0500 0272 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
11:50:09.0500 0272 C:\WINDOWS\system32\dbghelp.dll - ok
11:50:09.0500 0272 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
11:50:09.0500 0272 C:\WINDOWS\explorer.exe - ok
11:50:09.0531 0272 [ 0E674F69C754E853119DFA23DE2DEE86 ] C:\WINDOWS\system32\browseui.dll
11:50:09.0531 0272 C:\WINDOWS\system32\browseui.dll - ok
11:50:09.0546 0272 [ 7A1F71316A894AEAF557647D76F21F2F ] C:\WINDOWS\system32\shdocvw.dll
11:50:09.0546 0272 C:\WINDOWS\system32\shdocvw.dll - ok
11:50:09.0562 0272 [ B96BEC4B15F353EA25B173120662EA61 ] C:\Program Files\Online Armor\oawatch.dll
11:50:09.0562 0272 C:\Program Files\Online Armor\oawatch.dll - ok
11:50:09.0562 0272 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
11:50:09.0562 0272 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
11:50:09.0578 0272 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
11:50:09.0578 0272 C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL - ok
11:50:09.0578 0272 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
11:50:09.0578 0272 C:\WINDOWS\system32\cryptnet.dll - ok
11:50:09.0593 0272 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
11:50:09.0593 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
11:50:09.0593 0272 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
11:50:09.0593 0272 C:\WINDOWS\system32\sensapi.dll - ok
11:50:09.0609 0272 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
11:50:09.0609 0272 C:\WINDOWS\system32\winhttp.dll - ok
11:50:09.0609 0272 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
11:50:09.0609 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
11:50:09.0625 0272 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
11:50:09.0625 0272 C:\WINDOWS\system32\webclnt.dll - ok
11:50:09.0625 0272 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
11:50:09.0625 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll - ok
11:50:09.0640 0272 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
11:50:09.0640 0272 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
11:50:09.0640 0272 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
11:50:09.0640 0272 C:\WINDOWS\system32\LegitCheckControl.dll - ok
11:50:09.0656 0272 [ 74624AEE2D3814E91F60619827DAD662 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
11:50:09.0656 0272 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
11:50:09.0656 0272 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:50:09.0656 0272 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE - ok
11:50:09.0671 0272 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
11:50:09.0671 0272 C:\Program Files\Bonjour\mDNSResponder.exe - ok
11:50:09.0671 0272 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:09.0671 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
11:50:09.0687 0272 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
11:50:09.0687 0272 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
11:50:09.0687 0272 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
11:50:09.0687 0272 C:\WINDOWS\system32\mstask.dll - ok
11:50:09.0703 0272 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
11:50:09.0703 0272 C:\WINDOWS\system32\mscoree.dll - ok
11:50:09.0703 0272 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
11:50:09.0703 0272 C:\WINDOWS\system32\certcli.dll - ok
11:50:09.0718 0272 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
11:50:09.0718 0272 C:\WINDOWS\system32\cryptsvc.dll - ok
11:50:09.0718 0272 [ 0259948FFE5F7E69CD1D8A8E74E0547C ] C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
11:50:09.0718 0272 C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe - ok
11:50:09.0734 0272 [ 39E8577A3FD40DABA05BC5C5A253C9CE ] C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
11:50:09.0734 0272 C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll - ok
11:50:09.0734 0272 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
11:50:09.0734 0272 C:\WINDOWS\system32\dmserver.dll - ok
11:50:09.0750 0272 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
11:50:09.0750 0272 C:\WINDOWS\system32\ersvc.dll - ok
11:50:09.0750 0272 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
11:50:09.0750 0272 C:\WINDOWS\system32\es.dll - ok
11:50:09.0765 0272 [ 34B6FD2289EFB5F3C0347CC4C99EFEC5 ] C:\Program Files\Motorola Media Link\Lite\NFileMonitorInServices.dll
11:50:09.0765 0272 C:\Program Files\Motorola Media Link\Lite\NFileMonitorInServices.dll - ok
11:50:09.0765 0272 [ 455A03B71C5EE747C3747B0F685159AF ] C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
11:50:09.0765 0272 C:\Program Files\Motorola Media Link\Lite\DbAccess.dll - ok
11:50:09.0781 0272 [ 927FE9F7E8C694350E2410DF9FC6EB52 ] C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
11:50:09.0781 0272 C:\Program Files\Motorola Media Link\Lite\sqlite3.dll - ok
11:50:09.0781 0272 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:50:09.0781 0272 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - ok
11:50:09.0781 0272 [ B95010FC1F13B1E2DE77BA7FB39C5DC6 ] C:\PROGRA~1\MICROS~4\Office14\1033\GrooveIntlResource.dll
11:50:09.0781 0272 C:\PROGRA~1\MICROS~4\Office14\1033\GrooveIntlResource.dll - ok
11:50:09.0796 0272 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
11:50:09.0796 0272 C:\WINDOWS\system32\desk.cpl - ok
11:50:09.0796 0272 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
11:50:09.0796 0272 C:\WINDOWS\system32\themeui.dll - ok
11:50:09.0812 0272 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
11:50:09.0812 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
11:50:09.0812 0272 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:50:09.0812 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:50:09.0828 0272 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
11:50:09.0828 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
11:50:09.0828 0272 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
11:50:09.0828 0272 C:\WINDOWS\system32\actxprxy.dll - ok
11:50:09.0843 0272 [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
11:50:09.0843 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
11:50:09.0843 0272 [ 0B515CE16550AEE19235310864EFA5C7 ] C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
11:50:09.0843 0272 C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll - ok
11:50:09.0859 0272 [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
11:50:09.0859 0272 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
11:50:09.0859 0272 [ 7B1DA9816158A4F1451CD7B24AA23C79 ] C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
11:50:09.0859 0272 C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll - ok
11:50:09.0875 0272 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
11:50:09.0875 0272 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
11:50:09.0875 0272 [ E43911A8C5FE61CF9CF17FAFF404A17A ] C:\Program Files\Online Armor\oaevent.dll
11:50:09.0875 0272 C:\Program Files\Online Armor\oaevent.dll - ok
11:50:09.0890 0272 [ 99DDB0177459D938E79BB1DA3B7D016B ] C:\Program Files\Motorola Media Link\Lite\NITuneMonitor.dll
11:50:09.0890 0272 C:\Program Files\Motorola Media Link\Lite\NITuneMonitor.dll - ok
11:50:09.0890 0272 [ 449562FACA27C6A1A14C52A5CDB0330A ] C:\Program Files\Motorola Media Link\Lite\NInstallerHelper.dll
11:50:09.0890 0272 C:\Program Files\Motorola Media Link\Lite\NInstallerHelper.dll - ok
11:50:09.0906 0272 [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
11:50:09.0906 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok
11:50:09.0906 0272 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
11:50:09.0906 0272 C:\WINDOWS\system32\cmd.exe - ok
11:50:09.0921 0272 [ 59570CA554C9D75E72241AC3252E84BD ] C:\WINDOWS\system32\ieframe.dll
11:50:09.0921 0272 C:\WINDOWS\system32\ieframe.dll - ok
11:50:09.0921 0272 [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
11:50:09.0921 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok
11:50:09.0937 0272 [ C1649188479440AA5834EDA555445CDC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
11:50:09.0937 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll - ok
11:50:09.0937 0272 [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
11:50:09.0937 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
11:50:09.0953 0272 [ E0EB0BDC866E2C0CC792B83BD2422501 ] C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
11:50:09.0953 0272 C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
11:50:09.0953 0272 [ 15F5D3FC818E98A14C22D80B0606F825 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
11:50:09.0953 0272 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
11:50:09.0968 0272 [ D91A6B3FDF14C0319333FC583D969126 ] C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
11:50:09.0968 0272 C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll - ok
11:50:09.0968 0272 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
11:50:09.0968 0272 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
11:50:09.0984 0272 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
11:50:09.0984 0272 C:\WINDOWS\system32\hid.dll - ok
11:50:09.0984 0272 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
11:50:09.0984 0272 C:\WINDOWS\system32\hidserv.dll - ok
11:50:10.0000 0272 [ 999DB5F88C8E145CCA9D471E33227143 ] C:\Program Files\Java\jre7\bin\jqs.exe
11:50:10.0000 0272 C:\Program Files\Java\jre7\bin\jqs.exe - ok
11:50:10.0000 0272 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
11:50:10.0000 0272 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
11:50:10.0015 0272 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
11:50:10.0015 0272 C:\WINDOWS\system32\pdh.dll - ok
11:50:10.0015 0272 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
11:50:10.0015 0272 C:\WINDOWS\system32\odbcbcp.dll - ok
11:50:10.0031 0272 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
11:50:10.0031 0272 C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe - ok
11:50:10.0031 0272 [ 17AFF68AB32F8671BC46612D35351099 ] C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
11:50:10.0031 0272 C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe - ok
11:50:10.0046 0272 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
11:50:10.0046 0272 C:\WINDOWS\system32\netmsg.dll - ok
11:50:10.0046 0272 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
11:50:10.0046 0272 C:\WINDOWS\system32\srvsvc.dll - ok
11:50:10.0062 0272 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] C:\WINDOWS\system32\mfevtps.exe
11:50:10.0062 0272 C:\WINDOWS\system32\mfevtps.exe - ok
11:50:10.0062 0272 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
11:50:10.0062 0272 C:\WINDOWS\system32\drivers\srv.sys - ok
11:50:10.0078 0272 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
11:50:10.0078 0272 C:\WINDOWS\system32\spoolss.dll - ok
11:50:10.0078 0272 [ 9DFD34E6841C460B5D992A1C5327AE69 ] C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
11:50:10.0078 0272 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe - ok
11:50:10.0093 0272 [ B990CB9E77E4A0A41281B263C055DFC8 ] C:\Program Files\Motorola\MotoHelper\PST.dll
11:50:10.0093 0272 C:\Program Files\Motorola\MotoHelper\PST.dll - ok
11:50:10.0093 0272 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
11:50:10.0093 0272 C:\WINDOWS\system32\localspl.dll - ok
11:50:10.0109 0272 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
11:50:10.0109 0272 C:\WINDOWS\system32\cnbjmon.dll - ok
11:50:10.0109 0272 [ B8B496E2C715283072A42DE6958D2134 ] C:\WINDOWS\system32\EKIJ5000MON.dll
11:50:10.0109 0272 C:\WINDOWS\system32\EKIJ5000MON.dll - ok
11:50:10.0125 0272 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
11:50:10.0125 0272 C:\WINDOWS\system32\perfos.dll - ok
11:50:10.0125 0272 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
11:50:10.0125 0272 C:\WINDOWS\system32\perfdisk.dll - ok
11:50:10.0140 0272 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
11:50:10.0140 0272 C:\WINDOWS\system32\cfgmgr32.dll - ok
11:50:10.0140 0272 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
11:50:10.0140 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll - ok
11:50:10.0156 0272 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
11:50:10.0156 0272 C:\WINDOWS\system32\pjlmon.dll - ok
11:50:10.0156 0272 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
11:50:10.0156 0272 C:\WINDOWS\system32\tcpmon.dll - ok
11:50:10.0171 0272 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
11:50:10.0171 0272 C:\WINDOWS\system32\usbmon.dll - ok
11:50:10.0171 0272 [ 4ABA36D894C447E45FDD24CD6BE741A5 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
11:50:10.0171 0272 C:\WINDOWS\system32\spool\prtprocs\w32x86\EKIJ5000PPR.dll - ok
11:50:10.0187 0272 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
11:50:10.0187 0272 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
11:50:10.0187 0272 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
11:50:10.0187 0272 C:\WINDOWS\system32\win32spl.dll - ok
11:50:10.0203 0272 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
11:50:10.0203 0272 C:\WINDOWS\system32\netrap.dll - ok
11:50:10.0203 0272 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
11:50:10.0203 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
11:50:10.0218 0272 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
11:50:10.0218 0272 C:\WINDOWS\system32\inetpp.dll - ok
11:50:10.0218 0272 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
11:50:10.0218 0272 C:\WINDOWS\system32\msxml6.dll - ok
11:50:10.0234 0272 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
11:50:10.0234 0272 C:\WINDOWS\system32\netman.dll - ok
11:50:10.0234 0272 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
11:50:10.0234 0272 C:\WINDOWS\system32\netshell.dll - ok
11:50:10.0250 0272 [ E127420B7FEB65C7F279EAAC183BBC0E ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
11:50:10.0250 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe - ok
11:50:10.0250 0272 [ F6914429533842B964C98062B657FB1B ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccL110U.dll
11:50:10.0250 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccL110U.dll - ok
11:50:10.0265 0272 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
11:50:10.0265 0272 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
11:50:10.0265 0272 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
11:50:10.0265 0272 C:\WINDOWS\system32\credui.dll - ok
11:50:10.0265 0272 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
11:50:10.0265 0272 C:\WINDOWS\system32\dot3dlg.dll - ok
11:50:10.0281 0272 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
11:50:10.0281 0272 C:\WINDOWS\system32\onex.dll - ok
11:50:10.0281 0272 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
11:50:10.0281 0272 C:\WINDOWS\system32\eappcfg.dll - ok
11:50:10.0296 0272 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
11:50:10.0296 0272 C:\WINDOWS\system32\ipsecsvc.dll - ok
11:50:10.0296 0272 [ 47A2726C35EA4FF56EF1B5D89981992C ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccVrTrst.dll
11:50:10.0296 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccVrTrst.dll - ok
11:50:10.0312 0272 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
11:50:10.0312 0272 C:\WINDOWS\system32\eappprxy.dll - ok
11:50:10.0312 0272 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
11:50:10.0312 0272 C:\WINDOWS\system32\oakley.dll - ok
11:50:10.0328 0272 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
11:50:10.0328 0272 C:\WINDOWS\system32\wzcsapi.dll - ok
11:50:10.0328 0272 [ 91195091F449699B176FE1305DAD40DA ] C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:50:10.0328 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe - ok
11:50:10.0343 0272 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
11:50:10.0343 0272 C:\WINDOWS\system32\winipsec.dll - ok
11:50:10.0343 0272 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
11:50:10.0343 0272 C:\WINDOWS\system32\psbase.dll - ok
11:50:10.0359 0272 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
11:50:10.0359 0272 C:\WINDOWS\system32\pstorsvc.dll - ok
11:50:10.0359 0272 [ B19D10539E8E58B3BA79C88C7DEFEB11 ] C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll
11:50:10.0359 0272 C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll - ok
11:50:10.0375 0272 [ 0EAD8118270D275149CA1422978BD642 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvc.dll
11:50:10.0375 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvc.dll - ok
11:50:10.0375 0272 [ AA6957EE45DB8E5B65FB244DEAA4259D ] C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
11:50:10.0375 0272 C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe - ok
11:50:10.0390 0272 [ C2B1AC6A0BCDAE72542A8341C35D4987 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.DLL
11:50:10.0390 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.DLL - ok
11:50:10.0390 0272 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
11:50:10.0390 0272 C:\WINDOWS\system32\dssenh.dll - ok
11:50:10.0406 0272 [ FC2741A70B84D7E7BA5F51A352669EE8 ] C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll
11:50:10.0406 0272 C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll - ok
11:50:10.0406 0272 [ 147552E28311DB3E86188A356A7A9F9C ] C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
11:50:10.0406 0272 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe - ok
11:50:10.0421 0272 [ D34A527493F39AF4491B3E909DC697CA ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
11:50:10.0421 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll - ok
11:50:10.0421 0272 [ 58C8D469EDCA6C4396FC941107065AFA ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccIPC.dll
11:50:10.0421 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccIPC.dll - ok
11:50:10.0437 0272 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
11:50:10.0437 0272 C:\WINDOWS\system32\regsvc.dll - ok
11:50:10.0437 0272 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
11:50:10.0437 0272 C:\WINDOWS\system32\seclogon.dll - ok
11:50:10.0453 0272 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
11:50:10.0453 0272 C:\WINDOWS\system32\sens.dll - ok
11:50:10.0453 0272 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
11:50:10.0453 0272 C:\WINDOWS\system32\srsvc.dll - ok
11:50:10.0468 0272 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
11:50:10.0468 0272 C:\WINDOWS\system32\icaapi.dll - ok
11:50:10.0468 0272 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
11:50:10.0468 0272 C:\WINDOWS\system32\termsrv.dll - ok
11:50:10.0484 0272 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
11:50:10.0484 0272 C:\WINDOWS\system32\trkwks.dll - ok
11:50:10.0484 0272 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
11:50:10.0484 0272 C:\WINDOWS\system32\wiaservc.dll - ok
11:50:10.0484 0272 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
11:50:10.0484 0272 C:\WINDOWS\system32\mstlsapi.dll - ok
11:50:10.0500 0272 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
11:50:10.0500 0272 C:\WINDOWS\system32\vssapi.dll - ok
11:50:10.0500 0272 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
11:50:10.0500 0272 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
11:50:10.0515 0272 [ E5118CE6749A61D22EF62D1238D427B9 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll
11:50:10.0515 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll - ok
11:50:10.0531 0272 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
11:50:10.0531 0272 C:\WINDOWS\system32\mscms.dll - ok
11:50:10.0531 0272 [ D161D62AE8D3F3EC1197B012D5E47431 ] C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
11:50:10.0531 0272 C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe - ok
11:50:10.0546 0272 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
11:50:10.0546 0272 C:\WINDOWS\system32\icmp.dll - ok
11:50:10.0546 0272 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
11:50:10.0546 0272 C:\WINDOWS\system32\wuaueng.dll - ok
11:50:10.0562 0272 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
11:50:10.0562 0272 C:\WINDOWS\system32\wuauserv.dll - ok
11:50:10.0562 0272 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
11:50:10.0562 0272 C:\WINDOWS\system32\browser.dll - ok
11:50:10.0578 0272 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
11:50:10.0578 0272 C:\WINDOWS\system32\mspatcha.dll - ok
11:50:10.0578 0272 [ 980CFDCE750A5286D97049680862D659 ] C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
11:50:10.0578 0272 C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll - ok
11:50:10.0593 0272 [ C82519398737215BF7B0406C36791220 ] C:\Program Files\NETGEAR\WNDA3100v2\wps_api.dll
11:50:10.0593 0272 C:\Program Files\NETGEAR\WNDA3100v2\wps_api.dll - ok
11:50:10.0593 0272 [ BAC6EEDE73F2D61583982A07E6382015 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSet.dll
11:50:10.0593 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSet.dll - ok
11:50:10.0609 0272 [ 593FA4C378818ECE76BA64A11AD56CF2 ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
11:50:10.0609 0272 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe - ok
11:50:10.0609 0272 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
11:50:10.0609 0272 C:\WINDOWS\system32\lz32.dll - ok
11:50:10.0625 0272 [ 555EADCD50C486AC19E80E0DD5A38549 ] C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll
11:50:10.0625 0272 C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll - ok
11:50:10.0625 0272 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
11:50:10.0625 0272 C:\WINDOWS\system32\wups.dll - ok
11:50:10.0640 0272 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
11:50:10.0640 0272 C:\WINDOWS\system32\wups2.dll - ok
11:50:10.0640 0272 [ 56D400F4B4F1B923B7D6EAB0AA18AA20 ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll
11:50:10.0640 0272 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll - ok
11:50:10.0656 0272 [ BFB061C148A14905B58C6CDCD42064BE ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll
11:50:10.0656 0272 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll - ok
11:50:10.0656 0272 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
11:50:10.0656 0272 C:\WINDOWS\system32\comsvcs.dll - ok
11:50:10.0671 0272 [ 6202E4AED3044BA97F191B3D884134D3 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coSvcNST.dll
11:50:10.0671 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coSvcNST.dll - ok
11:50:10.0671 0272 [ 8C6D22B4F736B9EF5DDA6009C77B2DA1 ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll
11:50:10.0671 0272 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll - ok
11:50:10.0687 0272 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
11:50:10.0687 0272 C:\WINDOWS\system32\colbact.dll - ok
11:50:10.0687 0272 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
11:50:10.0687 0272 C:\WINDOWS\system32\mtxclu.dll - ok
11:50:10.0703 0272 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
11:50:10.0703 0272 C:\WINDOWS\system32\clusapi.dll - ok
11:50:10.0703 0272 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
11:50:10.0703 0272 C:\WINDOWS\system32\resutils.dll - ok
11:50:10.0718 0272 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
11:50:10.0718 0272 C:\WINDOWS\system32\wuauclt.exe - ok
11:50:10.0718 0272 [ F934E75683BF91831A8C2590E54A0EFC ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll
11:50:10.0718 0272 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll - ok
11:50:10.0734 0272 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
11:50:10.0734 0272 C:\WINDOWS\system32\mydocs.dll - ok
11:50:10.0734 0272 [ 1189879644168AFA95A1EE6E30D3759B ] C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll
11:50:10.0734 0272 C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll - ok
11:50:10.0750 0272 [ BBFED4A3A7CC264599F35D0C11AF5758 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccGEvt.dll
11:50:10.0750 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccGEvt.dll - ok
11:50:10.0750 0272 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
11:50:10.0750 0272 C:\WINDOWS\system32\ntshrui.dll - ok
11:50:10.0765 0272 [ 8A43F5DA0D4DE4FB472ECD9DDB55E949 ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccGLog.dll
11:50:10.0765 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccGLog.dll - ok
11:50:10.0765 0272 [ 523600FDD5F41462CB0F0AFB7A00C94B ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coFFNST.dll
11:50:10.0765 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coFFNST.dll - ok
11:50:10.0781 0272 [ 59E52B5C6A70F28D8B6C0D1E5A7AFCBF ] C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccJobMgr.dll
11:50:10.0781 0272 C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccJobMgr.dll - ok
11:50:10.0781 0272 [ 160672BF565DC4885B1FA685611F47F8 ] C:\WINDOWS\system32\kodak\kds_aio5000\EKAiOWia.dll
11:50:10.0781 0272 C:\WINDOWS\system32\kodak\kds_aio5000\EKAiOWia.dll - ok
11:50:10.0781 0272 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
11:50:10.0796 0272 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
11:50:10.0796 0272 [ E7E28CD9DED3D6E0FDB9A4D3BF19519E ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
11:50:10.0796 0272 C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
11:50:10.0796 0272 [ A9295028995CD08A16CA6A42B4A2EC2B ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
11:50:10.0796 0272 C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
11:50:10.0812 0272 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
11:50:10.0812 0272 C:\WINDOWS\system32\ipnathlp.dll - ok
11:50:10.0812 0272 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
11:50:10.0828 0272 C:\WINDOWS\system32\wscsvc.dll - ok
11:50:10.0828 0272 [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
11:50:10.0828 0272 C:\WINDOWS\system32\searchindexer.exe - ok
11:50:10.0828 0272 [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
11:50:10.0828 0272 C:\WINDOWS\system32\tquery.dll - ok
11:50:10.0843 0272 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] C:\WINDOWS\system32\drivers\mfeapfk.sys
11:50:10.0843 0272 C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
11:50:10.0843 0272 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
11:50:10.0843 0272 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
11:50:10.0859 0272 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
11:50:10.0859 0272 C:\WINDOWS\system32\wbem\esscli.dll - ok
11:50:10.0859 0272 [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
11:50:10.0859 0272 C:\WINDOWS\system32\propsys.dll - ok
11:50:10.0875 0272 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
11:50:10.0875 0272 C:\WINDOWS\system32\wbem\fastprox.dll - ok
11:50:10.0875 0272 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
11:50:10.0875 0272 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
11:50:10.0890 0272 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
11:50:10.0890 0272 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
11:50:10.0890 0272 [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
11:50:10.0890 0272 C:\WINDOWS\system32\mssrch.dll - ok
11:50:10.0906 0272 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
11:50:10.0906 0272 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
11:50:10.0906 0272 [ AD6390536EEC15B53A3CFFBF2A7B8467 ] C:\WINDOWS\system32\ptpusd.dll
11:50:10.0906 0272 C:\WINDOWS\system32\ptpusd.dll - ok
11:50:10.0921 0272 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
11:50:10.0921 0272 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
11:50:10.0937 0272 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
11:50:10.0937 0272 C:\WINDOWS\system32\wbem\wbemess.dll - ok
11:50:10.0937 0272 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
11:50:10.0937 0272 C:\WINDOWS\system32\netcfgx.dll - ok
11:50:10.0953 0272 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
11:50:10.0953 0272 C:\WINDOWS\system32\wuapi.dll - ok
11:50:10.0953 0272 [ 602BABC2744E372A8A4096A22B052D64 ] C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll
11:50:10.0953 0272 C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll - ok
11:50:10.0968 0272 [ 0435C43F4C2BE01B84868AD2A906397B ] C:\WINDOWS\system32\drivers\mfebopk.sys
11:50:10.0968 0272 C:\WINDOWS\system32\drivers\mfebopk.sys - ok
11:50:10.0968 0272 [ 880F7ED2DF24DB14AF96C6D797958796 ] C:\WINDOWS\system32\wbem\wbemdisp.dll
11:50:10.0968 0272 C:\WINDOWS\system32\wbem\wbemdisp.dll - ok
11:50:10.0984 0272 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
11:50:10.0984 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
11:50:10.0984 0272 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
11:50:10.0984 0272 C:\WINDOWS\system32\wbem\ncprov.dll - ok
11:50:11.0000 0272 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
11:50:11.0000 0272 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
11:50:11.0000 0272 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
11:50:11.0000 0272 C:\WINDOWS\system32\wscntfy.exe - ok
11:50:11.0015 0272 [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
11:50:11.0015 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
11:50:11.0015 0272 [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
11:50:11.0015 0272 C:\WINDOWS\system32\query.dll - ok
11:50:11.0031 0272 [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
11:50:11.0031 0272 C:\WINDOWS\system32\xmllite.dll - ok
11:50:11.0031 0272 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-US\tquery.dll.mui
11:50:11.0031 0272 C:\WINDOWS\system32\en-US\tquery.dll.mui - ok
11:50:11.0031 0272 [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
11:50:11.0031 0272 C:\WINDOWS\system32\msscb.dll - ok
11:50:11.0046 0272 [ 1986443C2F2C0E2A18E908DD241BF84D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
11:50:11.0046 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
11:50:11.0046 0272 [ E5BC8D93CDCB957146D971647849A154 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
11:50:11.0046 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
11:50:11.0062 0272 [ 36E71077E1660F81CFDB80FB7272CC00 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Automation.dll
11:50:11.0062 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Automation.dll - ok
11:50:11.0062 0272 [ 44AD39A50E3E4956E0BB91917DD7D619 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll
11:50:11.0062 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll - ok
11:50:11.0078 0272 [ 6EA9A3DDD9024B9156E8836BE281D23E ] C:\Program Files\Kodak\AiO\Center\Inkjet.Hardware.dll
11:50:11.0078 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Hardware.dll - ok
11:50:11.0078 0272 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
11:50:11.0078 0272 C:\WINDOWS\system32\perfproc.dll - ok
11:50:11.0093 0272 [ 887F5BE6B03F0B8B5842582804A9CB5B ] C:\Program Files\Kodak\AiO\Center\Inkjet.Statistics.dll
11:50:11.0093 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Statistics.dll - ok
11:50:11.0093 0272 [ D3E30F36EBE11C59D8A2AB066845A957 ] C:\Program Files\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll
11:50:11.0093 0272 C:\Program Files\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll - ok
11:50:11.0109 0272 [ 2775CF7A0D1ABEBCBF2296A2D95AF793 ] C:\Program Files\Java\jre7\bin\awt.dll
11:50:11.0109 0272 C:\Program Files\Java\jre7\bin\awt.dll - ok
11:50:11.0109 0272 [ 79F1A306B8F247261DF16444069BAC8C ] C:\Program Files\Kodak\AiO\Center\jabber-net.dll
11:50:11.0109 0272 C:\Program Files\Kodak\AiO\Center\jabber-net.dll - ok
11:50:11.0125 0272 [ 91348B1316E54677ADF12FF3E4B33522 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Configuration.dll
11:50:11.0125 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Configuration.dll - ok
11:50:11.0125 0272 [ 05BBBBAA52C9E56338EADC9479FD0701 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Utilities.dll
11:50:11.0125 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Utilities.dll - ok
11:50:11.0140 0272 [ C3470899CC326070BF482429F3EE1DC7 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Diagnostics.dll
11:50:11.0140 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Diagnostics.dll - ok
11:50:11.0140 0272 [ FB50C8BAF2334E032DB4885A5D198151 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Localization.dll
11:50:11.0140 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.Localization.dll - ok
11:50:11.0156 0272 [ F87B323F07BA4FA5ED6FBC7DABDFAF42 ] C:\Program Files\Kodak\AiO\Center\Inkjet.DeviceSettings.dll
11:50:11.0156 0272 C:\Program Files\Kodak\AiO\Center\Inkjet.DeviceSettings.dll - ok
11:50:11.0156 0272 [ 84A99FDCE9B5C7457E503C7C47DD5F4F ] C:\Program Files\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll
11:50:11.0156 0272 C:\Program Files\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll - ok
11:50:11.0171 0272 [ 895A4A61F67E43D666872AA8798C7A01 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\8b01c45039261ef4150bb6b270d1c74f\Inkjet.Automation.ni.dll
11:50:11.0171 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\8b01c45039261ef4150bb6b270d1c74f\Inkjet.Automation.ni.dll - ok
11:50:11.0171 0272 [ 547AA7795F54452E5EF210E6B2EF2C97 ] C:\Program Files\Kodak\AiO\Center\Interop.WIA.dll
11:50:11.0171 0272 C:\Program Files\Kodak\AiO\Center\Interop.WIA.dll - ok
11:50:11.0187 0272 [ 7018F74AED9E00FCFFD510E47813BA40 ] C:\Program Files\Kodak\AiO\Center\ShellLib.dll
11:50:11.0187 0272 C:\Program Files\Kodak\AiO\Center\ShellLib.dll - ok
11:50:11.0187 0272 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65 ] C:\WINDOWS\system32\mssprxy.dll
11:50:11.0187 0272 C:\WINDOWS\system32\mssprxy.dll - ok
11:50:11.0203 0272 [ 5AD6F05A2955872F697C91EB9ED02A16 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\b7b3b0789757a620eda5338bef36c381\Inkjet.Utilities.ni.dll
11:50:11.0203 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\b7b3b0789757a620eda5338bef36c381\Inkjet.Utilities.ni.dll - ok
11:50:11.0203 0272 [ 0C4D9B4BD393328A74C18742BCFF4384 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\f2554db13b4f250f3e005f6a1b0b9d06\Inkjet.Configuration.ni.dll
11:50:11.0203 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\f2554db13b4f250f3e005f6a1b0b9d06\Inkjet.Configuration.ni.dll - ok
11:50:11.0218 0272 [ 0404124AD180B07668390693B285B09F ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll
11:50:11.0218 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll - ok
11:50:11.0218 0272 [ 50E9F899EFC8CE7ABD61FF19AD2C2DF1 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\decf9d95c3df2ef822e0c48d1efba8c8\Inkjet.Diagnostics.ni.dll
11:50:11.0218 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\decf9d95c3df2ef822e0c48d1efba8c8\Inkjet.Diagnostics.ni.dll - ok
11:50:11.0234 0272 [ 1EE316574719D1FDF285AB464BBD80BA ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll
11:50:11.0234 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll - ok
11:50:11.0234 0272 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
11:50:11.0234 0272 C:\WINDOWS\system32\alg.exe - ok
11:50:11.0250 0272 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
11:50:11.0250 0272 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
11:50:11.0250 0272 [ AD739DC6E2EFB5F55F181A3EF54A206E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll
11:50:11.0250 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll - ok
11:50:11.0265 0272 [ 08C8FD7B2F760CC6A1D25279DD6BBDA0 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\de3e6b59e3949f8086973d53518a9ecb\System.Windows.Forms.ni.dll
11:50:11.0265 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\de3e6b59e3949f8086973d53518a9ecb\System.Windows.Forms.ni.dll - ok
11:50:11.0265 0272 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
11:50:11.0265 0272 C:\WINDOWS\system32\licwmi.dll - ok
11:50:11.0281 0272 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
11:50:11.0281 0272 C:\WINDOWS\system32\wbem\framedyn.dll - ok
11:50:11.0281 0272 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
11:50:11.0281 0272 C:\WINDOWS\system32\licdll.dll - ok
11:50:11.0296 0272 [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files\Java\jre7\bin\client\jvm.dll
11:50:11.0296 0272 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
11:50:11.0296 0272 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
11:50:11.0296 0272 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
11:50:11.0312 0272 [ 60C2752036FAC5DA6E5F72CB9AB60747 ] C:\Program Files\Java\jre7\bin\dcpr.dll
11:50:11.0312 0272 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
11:50:11.0312 0272 [ F38B92211F961CF9D48B2192BC7B00D6 ] C:\Program Files\Java\jre7\bin\deploy.dll
11:50:11.0312 0272 C:\Program Files\Java\jre7\bin\deploy.dll - ok
11:50:11.0328 0272 [ 24265143B1F4D8C57695630FBF6494CD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
11:50:11.0328 0272 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
11:50:11.0328 0272 [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files\Java\jre7\bin\java.dll
11:50:11.0328 0272 C:\Program Files\Java\jre7\bin\java.dll - ok
11:50:11.0343 0272 [ 0B56B878192DBA95D66A3162D38911F2 ] C:\Program Files\Java\jre7\bin\javaw.exe
11:50:11.0343 0272 C:\Program Files\Java\jre7\bin\javaw.exe - ok
11:50:11.0343 0272 [ C053C0F4F941A74EE163A601AEFE7AC3 ] C:\Program Files\Java\jre7\bin\jp2native.dll
11:50:11.0343 0272 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
11:50:11.0359 0272 [ 467B0D0BC47D0B9CFA3837DA0A498C7F ] C:\Program Files\Java\jre7\bin\jpeg.dll
11:50:11.0359 0272 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
11:50:11.0359 0272 [ 0A45A39E9A1D3D33A49D1BAF292659E3 ] C:\Program Files\Java\jre7\bin\net.dll
11:50:11.0359 0272 C:\Program Files\Java\jre7\bin\net.dll - ok
11:50:11.0375 0272 [ F897D8369C0523D32A5DD169DF545BCD ] C:\Program Files\Java\jre7\bin\nio.dll
11:50:11.0375 0272 C:\Program Files\Java\jre7\bin\nio.dll - ok
11:50:11.0375 0272 [ 76F27FAB5BA22E336E5D42626702E744 ] C:\Program Files\Java\jre7\bin\verify.dll
11:50:11.0375 0272 C:\Program Files\Java\jre7\bin\verify.dll - ok
11:50:11.0390 0272 [ 95A841BE3CF27181D7E9033DD66BC5CF ] C:\Program Files\Java\jre7\bin\zip.dll
11:50:11.0390 0272 C:\Program Files\Java\jre7\bin\zip.dll - ok
11:50:11.0390 0272 [ 2AC2E733F341181555E9C92090BA3A82 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\25656dffe9a855c247bb288f2d204d9f\Inkjet.Localization.ni.dll
11:50:11.0390 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\25656dffe9a855c247bb288f2d204d9f\Inkjet.Localization.ni.dll - ok
11:50:11.0406 0272 [ 4A6FC31F8B24C1C641731C9DBC7815C0 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\569d22d5591f3d2d35bc64437011e919\System.Runtime.Remoting.ni.dll
11:50:11.0406 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\569d22d5591f3d2d35bc64437011e919\System.Runtime.Remoting.ni.dll - ok
11:50:11.0406 0272 [ 78A0E9A7456A565179B24B1E9F89D019 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\83d36c5c44a800ec1880ea8a9b7bd7db\Inkjet.Statistics.ni.dll
11:50:11.0406 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\83d36c5c44a800ec1880ea8a9b7bd7db\Inkjet.Statistics.ni.dll - ok
11:50:11.0421 0272 [ D1CB3AA6EA95A56B453DD6ABFC3E11C1 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\463e4575df85e896c197618b4c073def\Inkjet.Hardware.ni.dll
11:50:11.0421 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\463e4575df85e896c197618b4c073def\Inkjet.Hardware.ni.dll - ok
11:50:11.0421 0272 [ C42622BCF4C936A2DBD16A00533211D7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\d4eee885eacc8998377fbdd51c5609a0\Inkjet.DeviceSettings.ni.dll
11:50:11.0421 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\d4eee885eacc8998377fbdd51c5609a0\Inkjet.DeviceSettings.ni.dll - ok
11:50:11.0437 0272 [ 4D534921D65609114D3F66A27C2D54AA ] C:\Program Files\Kodak\AiO\Center\Logger.dll
11:50:11.0437 0272 C:\Program Files\Kodak\AiO\Center\Logger.dll - ok
11:50:11.0437 0272 [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
11:50:11.0437 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
11:50:11.0453 0272 [ 20C4CA5899C571287DF66300CB5F293E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\9fe9ee3a09926aa88b59f266ddcc192f\Interop.EKAiO2SDKLib.ni.dll
11:50:11.0453 0272 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\9fe9ee3a09926aa88b59f266ddcc192f\Interop.EKAiO2SDKLib.ni.dll - ok
11:50:11.0453 0272 [ 49BACF955ED0DD7E3C6B957F568A5D3E ] C:\Program Files\Kodak\AiO\Center\EKIJ5000SDK.dll
11:50:11.0453 0272 C:\Program Files\Kodak\AiO\Center\EKIJ5000SDK.dll - ok
11:50:11.0468 0272 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
11:50:11.0468 0272 C:\WINDOWS\system32\qmgr.dll - ok
11:50:11.0468 0272 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
11:50:11.0468 0272 C:\WINDOWS\system32\qmgrprxy.dll - ok
11:50:11.0484 0272 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
11:50:11.0484 0272 C:\WINDOWS\system32\security.dll - ok
11:50:11.0484 0272 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
11:50:11.0484 0272 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
11:50:11.0500 0272 [ C4894B3B448B647BEDC9E916D181BDBE ] C:\WINDOWS\system32\searchprotocolhost.exe
11:50:11.0500 0272 C:\WINDOWS\system32\searchprotocolhost.exe - ok
11:50:11.0500 0272 [ 4774D83BE60B7F47C612E25D6FE0F010 ] C:\WINDOWS\system32\msshooks.dll
11:50:11.0500 0272 C:\WINDOWS\system32\msshooks.dll - ok
11:50:11.0515 0272 [ 6E914EEDD145C5ACCE56F4D5F3D606FC ] C:\WINDOWS\system32\mssph.dll
11:50:11.0515 0272 C:\WINDOWS\system32\mssph.dll - ok
11:50:11.0515 0272 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
11:50:11.0515 0272 C:\WINDOWS\system32\mapi32.dll - ok
11:50:11.0531 0272 [ 14FC8F36BF4AC96DEFFD5602D90B3DE6 ] C:\PROGRA~1\MICROS~4\Office14\MAPIPH.DLL
11:50:11.0531 0272 C:\PROGRA~1\MICROS~4\Office14\MAPIPH.DLL - ok
11:50:11.0531 0272 [ 9C88AF1E803B3DCBCD83DF5F9AE921BA ] C:\PROGRA~1\MICROS~4\Office14\OLMAPI32.DLL
11:50:11.0531 0272 C:\PROGRA~1\MICROS~4\Office14\OLMAPI32.DLL - ok
11:50:11.0531 0272 [ C24790D5D45B7DCE6C4A06062CBA6534 ] C:\WINDOWS\system32\msfeeds.dll
11:50:11.0531 0272 C:\WINDOWS\system32\msfeeds.dll - ok
11:50:11.0546 0272 [ D59A7119054D70FC745A1BF9C06DCC65 ] C:\WINDOWS\system32\oeph.dll
11:50:11.0546 0272 C:\WINDOWS\system32\oeph.dll - ok
11:50:11.0546 0272 [ 79ED352549EB6D5B1A454916C37D2E85 ] C:\WINDOWS\system32\UncPH.dll
11:50:11.0546 0272 C:\WINDOWS\system32\UncPH.dll - ok
11:50:11.0562 0272 [ F9CCA77443DF0A9F79FC585C8D705D54 ] C:\PROGRA~1\MICROS~4\Office14\ONFILTER.DLL
11:50:11.0562 0272 C:\PROGRA~1\MICROS~4\Office14\ONFILTER.DLL - ok
11:50:11.0562 0272 [ 87889A983C015080FA813D7E32910D1E ] C:\WINDOWS\system32\searchfilterhost.exe
11:50:11.0562 0272 C:\WINDOWS\system32\searchfilterhost.exe - ok
11:50:11.0578 0272 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\0D4892A2-BBD5-4023-9232-BE48A36C564A.exe
11:50:11.0578 0272 C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\0D4892A2-BBD5-4023-9232-BE48A36C564A.exe - ok
11:50:11.0578 0272 [ E8A3670314B3DDFE6DD18C4B501A9476 ] C:\Program Files\Windows Desktop Search\deskbar.dll
11:50:11.0578 0272 C:\Program Files\Windows Desktop Search\deskbar.dll - ok
11:50:11.0593 0272 [ 2A0B76FCC5138AC0321A01766C980387 ] C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui
11:50:11.0593 0272 C:\Program Files\Windows Desktop Search\en-US\dbres.dll.mui - ok
11:50:11.0593 0272 [ F2ECE68ACF2C051EFFB305708C3AEFA9 ] C:\Program Files\Windows Desktop Search\dbres.dll
11:50:11.0593 0272 C:\Program Files\Windows Desktop Search\dbres.dll - ok
11:50:11.0609 0272 [ B5B27B057B97A947C31B41F0EF3B4D44 ] C:\Program Files\Windows Desktop Search\wordwheel.dll
11:50:11.0609 0272 C:\Program Files\Windows Desktop Search\wordwheel.dll - ok
11:50:11.0609 0272 [ 0E28E671281EBF1F1F8FE093D2BD4A7B ] C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui
11:50:11.0609 0272 C:\Program Files\Windows Desktop Search\en-US\MSNLExtRes.dll.mui - ok
11:50:11.0625 0272 [ 2996FAECA864EE4938AA247B2386A69B ] C:\Program Files\Windows Desktop Search\MSNLExtRes.dll
11:50:11.0625 0272 C:\Program Files\Windows Desktop Search\MSNLExtRes.dll - ok
11:50:11.0625 0272 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
11:50:11.0625 0272 C:\WINDOWS\system32\msutb.dll - ok
11:50:11.0640 0272 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
11:50:11.0640 0272 C:\WINDOWS\system32\MSCTF.dll - ok
11:50:11.0640 0272 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
11:50:11.0640 0272 C:\WINDOWS\system32\verclsid.exe - ok
11:50:11.0656 0272 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\50894667.sys
11:50:11.0656 0272 C:\WINDOWS\system32\drivers\50894667.sys - ok
11:50:11.0656 0272 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
11:50:11.0656 0272 C:\WINDOWS\system32\upnp.dll - ok
11:50:11.0671 0272 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
11:50:11.0671 0272 C:\WINDOWS\system32\ssdpapi.dll - ok
11:50:11.0671 0272 [ 8E53B67FA3816E854B07C5DC66E10730 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
11:50:11.0671 0272 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
11:50:11.0687 0272 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
11:50:11.0687 0272 C:\WINDOWS\system32\drivers\http.sys - ok
11:50:11.0687 0272 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
11:50:11.0687 0272 C:\WINDOWS\system32\ssdpsrv.dll - ok
11:50:11.0703 0272 [ 10247C15D999CC116C87DA36BD0AD64D ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
11:50:11.0703 0272 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
11:50:11.0703 0272 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
11:50:11.0703 0272 C:\WINDOWS\system32\webcheck.dll - ok
11:50:11.0718 0272 [ 17CC0A9B3ABB69ED96D1EEB8117DF856 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
11:50:11.0718 0272 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
11:50:11.0718 0272 [ B9D2D59FF389A8C824308A08665C97F2 ] C:\WINDOWS\system32\Edcrypt.dll
11:50:11.0718 0272 C:\WINDOWS\system32\Edcrypt.dll - ok
11:50:11.0734 0272 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
11:50:11.0734 0272 C:\WINDOWS\system32\mlang.dll - ok
11:50:11.0734 0272 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
11:50:11.0734 0272 C:\WINDOWS\system32\mfc42.dll - ok
11:50:11.0750 0272 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
11:50:11.0750 0272 C:\WINDOWS\system32\linkinfo.dll - ok
11:50:11.0750 0272 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
11:50:11.0750 0272 C:\WINDOWS\system32\stobject.dll - ok
11:50:11.0765 0272 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files\QuickTime\QTTask.exe
11:50:11.0765 0272 C:\Program Files\QuickTime\QTTask.exe - ok
11:50:11.0765 0272 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
11:50:11.0765 0272 C:\WINDOWS\system32\imapi.exe - ok
11:50:11.0781 0272 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
11:50:11.0781 0272 C:\WINDOWS\system32\batmeter.dll - ok
11:50:11.0781 0272 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
11:50:11.0781 0272 C:\WINDOWS\system32\dsound.dll - ok
11:50:11.0781 0272 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
11:50:11.0796 0272 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
11:50:11.0796 0272 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
11:50:11.0796 0272 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
11:50:11.0796 0272 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
11:50:11.0796 0272 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
11:50:11.0812 0272 [ 2FCA1E8A973E696DE994B17772A266CB ] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe
11:50:11.0812 0272 C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe - ok
11:50:11.0828 0272 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
11:50:11.0828 0272 C:\WINDOWS\system32\ksuser.dll - ok
11:50:11.0828 0272 [ 3F2C8DD08549BB3419CDA372F5999FFA ] C:\WINDOWS\system32\igfxtray.exe
11:50:11.0828 0272 C:\WINDOWS\system32\igfxtray.exe - ok
11:50:11.0843 0272 [ CF833AC004268E1C3C4BF543656200A9 ] C:\WINDOWS\system32\hccutils.dll
11:50:11.0843 0272 C:\WINDOWS\system32\hccutils.dll - ok
11:50:11.0843 0272 [ 996ABAC2332DE28F3B6A179C6DA20205 ] C:\WINDOWS\system32\igfxpers.exe
11:50:11.0843 0272 C:\WINDOWS\system32\igfxpers.exe - ok
11:50:11.0859 0272 [ 7A7831A07950CD7E8AC82AFA7E44A816 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
11:50:11.0859 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll - ok
11:50:11.0859 0272 [ 982E7190DF0B0A79954EF1886D42047D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
11:50:11.0859 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll - ok
11:50:11.0875 0272 [ 01018F75F3F18CE629FAC9689954A2AE ] C:\WINDOWS\system32\hkcmd.exe
11:50:11.0875 0272 C:\WINDOWS\system32\hkcmd.exe - ok
11:50:11.0875 0272 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
11:50:11.0875 0272 C:\WINDOWS\system32\rasdlg.dll - ok
11:50:11.0890 0272 [ 98B93FD3A8F8D140B18D414014C5F929 ] C:\WINDOWS\system32\igfxsrvc.exe
11:50:11.0890 0272 C:\WINDOWS\system32\igfxsrvc.exe - ok
11:50:11.0890 0272 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:50:11.0890 0272 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
11:50:11.0906 0272 [ 25A2C1F0A75AB0B6508784220D1B102C ] C:\WINDOWS\system32\igfxsrvc.dll
11:50:11.0906 0272 C:\WINDOWS\system32\igfxsrvc.dll - ok
11:50:11.0906 0272 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
11:50:11.0906 0272 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
11:50:11.0921 0272 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:50:11.0921 0272 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
11:50:11.0921 0272 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
11:50:11.0921 0272 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
11:50:11.0937 0272 [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
11:50:11.0937 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok
11:50:11.0937 0272 [ 09DC1F2A2293E5536FE31D23AF3E8C05 ] C:\WINDOWS\system32\igfxdev.dll
11:50:11.0937 0272 C:\WINDOWS\system32\igfxdev.dll - ok
11:50:11.0953 0272 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
11:50:11.0953 0272 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
11:50:11.0953 0272 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
11:50:11.0953 0272 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
11:50:11.0968 0272 [ 41B2B21ABE8D2029AFE0F6194E0A8BBA ] C:\WINDOWS\system32\igfxres.dll
11:50:11.0968 0272 C:\WINDOWS\system32\igfxres.dll - ok
11:50:11.0968 0272 [ 5C59E612AA95F10DBD29F6249EA379D3 ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
11:50:11.0968 0272 C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe - ok
11:50:11.0984 0272 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
11:50:11.0984 0272 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
11:50:11.0984 0272 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
11:50:11.0984 0272 C:\WINDOWS\system32\oledlg.dll - ok
11:50:12.0000 0272 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
11:50:12.0000 0272 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
11:50:12.0000 0272 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
11:50:12.0000 0272 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
11:50:12.0015 0272 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
11:50:12.0015 0272 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
11:50:12.0015 0272 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
11:50:12.0015 0272 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
11:50:12.0031 0272 [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
11:50:12.0031 0272 C:\Program Files\Microsoft Security Client\msseces.exe - ok
11:50:12.0031 0272 [ 0AEFDADCDA44D8CE3C57BB32B7A3CED5 ] C:\Program Files\Online Armor\oaui.exe
11:50:12.0031 0272 C:\Program Files\Online Armor\oaui.exe - ok
11:50:12.0031 0272 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
11:50:12.0031 0272 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
11:50:12.0046 0272 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
11:50:12.0046 0272 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
11:50:12.0046 0272 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
11:50:12.0046 0272 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
11:50:12.0062 0272 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
11:50:12.0062 0272 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
11:50:12.0062 0272 [ BB3B08157FA22769B7ED9D2C44081D5A ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
11:50:12.0062 0272 C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe - ok
11:50:12.0078 0272 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
11:50:12.0078 0272 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
11:50:12.0078 0272 [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
11:50:12.0078 0272 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
11:50:12.0093 0272 [ F07B8AAE1805EF9B12BF8EDFD0D50F0A ] C:\Program Files\Online Armor\oahlp.exe
11:50:12.0093 0272 C:\Program Files\Online Armor\oahlp.exe - ok
11:50:12.0093 0272 [ 2A21FE60A9BC5247BD8C57409A2B97F8 ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
11:50:12.0093 0272 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe - ok
11:50:12.0109 0272 [ 0D7D58F63A079CE865915CF64458851C ] C:\WINDOWS\system32\ElbyVCD.dll
11:50:12.0109 0272 C:\WINDOWS\system32\ElbyVCD.dll - ok
11:50:12.0109 0272 [ 735F6D1D9EB8A6C76EFD55E7182DE272 ] C:\WINDOWS\system32\ElbyCDIO.dll
11:50:12.0109 0272 C:\WINDOWS\system32\ElbyCDIO.dll - ok
11:50:12.0125 0272 [ 2C112E09680F7691783154D2C59CCE63 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll
11:50:12.0125 0272 C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.dll - ok
11:50:12.0125 0272 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
11:50:12.0125 0272 C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok
11:50:12.0140 0272 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
11:50:12.0140 0272 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
11:50:12.0140 0272 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
11:50:12.0140 0272 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
11:50:12.0156 0272 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
11:50:12.0156 0272 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
11:50:12.0156 0272 [ A2F2CB2B9EF133B3D24BCE7180B3596E ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SMessaging.exe
11:50:12.0156 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SMessaging.exe - ok
11:50:12.0171 0272 [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
11:50:12.0171 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
11:50:12.0171 0272 [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
11:50:12.0171 0272 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
11:50:12.0187 0272 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
11:50:12.0187 0272 C:\WINDOWS\system32\msisip.dll - ok
11:50:12.0187 0272 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
11:50:12.0187 0272 C:\WINDOWS\system32\msftedit.dll - ok
11:50:12.0203 0272 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
11:50:12.0203 0272 C:\WINDOWS\system32\wshext.dll - ok
11:50:12.0203 0272 [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll
11:50:12.0203 0272 C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
11:50:12.0218 0272 [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
11:50:12.0218 0272 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
11:50:12.0218 0272 [ 5943030732612EEC9A3D3CE7968B7D9E ] C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
11:50:12.0218 0272 C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe - ok
11:50:12.0234 0272 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
11:50:12.0234 0272 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
11:50:12.0234 0272 [ E5DA26EFBDD861325E32FE6DC965D6DF ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\Common.dll
11:50:12.0234 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\Common.dll - ok
11:50:12.0250 0272 [ 86E7B431A007C09437A3F9744FAA6440 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\edbf4e4a55e63b9fbf0b0b40cba13063\System.Core.ni.dll
11:50:12.0250 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\edbf4e4a55e63b9fbf0b0b40cba13063\System.Core.ni.dll - ok
11:50:12.0250 0272 [ 9108D3DDD3334DC96BBC578BCAEDC9F1 ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOSLibrary.dll
11:50:12.0250 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOSLibrary.dll - ok
11:50:12.0265 0272 [ 259F1B5F7AEB4B394CF8F52194A1242F ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.Infiniscale.dll
11:50:12.0265 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.Infiniscale.dll - ok
11:50:12.0265 0272 [ E67E8DC60FD2856F341671EE667F35DC ] C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
11:50:12.0265 0272 C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe - ok
11:50:12.0281 0272 [ A72B46061434F66FA281FA5E51A7E52E ] C:\Program Files\Online Armor\oadump.exe
11:50:12.0281 0272 C:\Program Files\Online Armor\oadump.exe - ok
11:50:12.0281 0272 [ 50AF3E1B3A0744F7750B9BCD3C80AA52 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\8462c03b4f10c4624feb95790d6d1e30\System.Data.ni.dll
11:50:12.0281 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\8462c03b4f10c4624feb95790d6d1e30\System.Data.ni.dll - ok
11:50:12.0281 0272 [ 0E7A9FECE94D2B4499EC5E5B151A58FA ] C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
11:50:12.0281 0272 C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll - ok
11:50:12.0296 0272 [ 2CFE88EE740380F4B594B2DE58AA933D ] C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
11:50:12.0296 0272 C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll - ok
11:50:12.0296 0272 [ 16F96C1496CBD0965285AB19A9271D02 ] C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
11:50:12.0296 0272 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
11:50:12.0312 0272 [ FC875B1741A01A5332CA1B59F08D619E ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
11:50:12.0312 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe - ok
11:50:12.0312 0272 [ B89D884E3F2E5D9834D0FE24E9D97922 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbuchannel.dll
11:50:12.0312 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbuchannel.dll - ok
11:50:12.0328 0272 [ FC2741A70B84D7E7BA5F51A352669EE8 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\stlport_r50.dll
11:50:12.0328 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\stlport_r50.dll - ok
11:50:12.0328 0272 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
11:50:12.0328 0272 C:\WINDOWS\system32\httpapi.dll - ok
11:50:12.0343 0272 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
11:50:12.0343 0272 C:\WINDOWS\system32\w3ssl.dll - ok
11:50:12.0343 0272 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
11:50:12.0343 0272 C:\WINDOWS\system32\strmfilt.dll - ok
11:50:12.0359 0272 [ 7BF2126CD04BDA3BE99DA01BAB0C1F58 ] C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
11:50:12.0359 0272 C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE - ok
11:50:12.0359 0272 [ FC2741A70B84D7E7BA5F51A352669EE8 ] C:\Program Files\Intuit\QuickBooks 2011\stlport_r50.dll
11:50:12.0359 0272 C:\Program Files\Intuit\QuickBooks 2011\stlport_r50.dll - ok
11:50:12.0375 0272 [ 0C720C33E8D28AD60B7932EAD82309EA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
11:50:12.0375 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll - ok
11:50:12.0375 0272 [ B5C9F63C01FCFEC3F64EC6A0940A1825 ] C:\Program Files\Windows Desktop Search\WindowsSearch.exe
11:50:12.0375 0272 C:\Program Files\Windows Desktop Search\WindowsSearch.exe - ok
11:50:12.0390 0272 [ 004BB1B8AA103AF0A3CCDDCBF6897E3E ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBSendError20.dll
11:50:12.0390 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBSendError20.dll - ok
11:50:12.0390 0272 [ BA8FDF82D0B1316D5EAF60F5A0498DE1 ] C:\WINDOWS\system32\UncDMS.dll
11:50:12.0390 0272 C:\WINDOWS\system32\UncDMS.dll - ok
11:50:12.0406 0272 [ F5DD097058C147CDE4C5AA476B2F3F2C ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll
11:50:12.0406 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll - ok
11:50:12.0406 0272 [ DE64E8D4D2DF15DA67E55E839502B3F2 ] C:\Program Files\Common Files\Intuit\DataProtect\OAuthHelper.dll
11:50:12.0406 0272 C:\Program Files\Common Files\Intuit\DataProtect\OAuthHelper.dll - ok
11:50:12.0421 0272 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
11:50:12.0421 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
11:50:12.0421 0272 [ 56183FB6413B7C5CB42B8AC1541A4EE8 ] C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui
11:50:12.0421 0272 C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui - ok
11:50:12.0437 0272 [ CBFD0FB0A9491ED3F1BAB4C64A04D2F1 ] C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll
11:50:12.0437 0272 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll - ok
11:50:12.0437 0272 [ 3A646A41FA0F5F25DFB4849C733AE9D7 ] C:\Program Files\Intuit\QuickBooks 2011\QBWMain.DLL
11:50:12.0437 0272 C:\Program Files\Intuit\QuickBooks 2011\QBWMain.DLL - ok
11:50:12.0453 0272 [ F23A5D407B753F2E5E2BB6A95AB6D12B ] C:\Program Files\Windows Desktop Search\WdsMktTools.dll
11:50:12.0453 0272 C:\Program Files\Windows Desktop Search\WdsMktTools.dll - ok
11:50:12.0453 0272 [ A77F650FE3C5AC3B5D26DBD86D7E18E0 ] C:\WINDOWS\system32\InetClnt.dll
11:50:12.0453 0272 C:\WINDOWS\system32\InetClnt.dll - ok
11:50:12.0468 0272 [ CDBBFFD3ADAA56C4C8E0A9690FE83476 ] C:\Program Files\Outlook Express\msoe.dll
11:50:12.0468 0272 C:\Program Files\Outlook Express\msoe.dll - ok
11:50:12.0468 0272 [ 84E68052970FBC281D929A15427040FE ] C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.XmlSerializers.dll
11:50:12.0468 0272 C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.XmlSerializers.dll - ok
11:50:12.0484 0272 [ 70B034685916298B6394B5DA4FD8B630 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8a0eba3c8f881dd718ab4d1bb5118f15\System.Web.Services.ni.dll
11:50:12.0484 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8a0eba3c8f881dd718ab4d1bb5118f15\System.Web.Services.ni.dll - ok
11:50:12.0484 0272 [ 0485AB01B862FB91C21D39BD60BDF2AC ] C:\WINDOWS\system32\msoert2.dll
11:50:12.0484 0272 C:\WINDOWS\system32\msoert2.dll - ok
11:50:12.0500 0272 [ 5963633010616B25503EE126F55E8DE4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
11:50:12.0500 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll - ok
11:50:12.0500 0272 [ 51301ACC5E5FDA65CFA1968395E5D951 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
11:50:12.0500 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
11:50:12.0515 0272 [ 871888B4AA0CA343E73C81E94AD4ED93 ] C:\WINDOWS\system32\msoeacct.dll
11:50:12.0515 0272 C:\WINDOWS\system32\msoeacct.dll - ok
11:50:12.0515 0272 [ 57AA18B2896055E8CB269B19DD85E7F3 ] C:\WINDOWS\system32\inetcomm.dll
11:50:12.0515 0272 C:\WINDOWS\system32\inetcomm.dll - ok
11:50:12.0531 0272 [ BDC9AB094347D9A6BFCAF65E36078A9A ] C:\Program Files\Intuit\QuickBooks 2011\QBWIN32.DLL
11:50:12.0531 0272 C:\Program Files\Intuit\QuickBooks 2011\QBWIN32.DLL - ok
11:50:12.0531 0272 [ 98B17BDA1D0BEA2FC8313DB218C0139F ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
11:50:12.0531 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
11:50:12.0546 0272 [ 441086F355F0DEA94621984C9A3BE765 ] C:\WINDOWS\system32\acctres.dll
11:50:12.0546 0272 C:\WINDOWS\system32\acctres.dll - ok
11:50:12.0578 0272 [ A6F6923B46802785B9A47A03AE3CD8BF ] C:\WINDOWS\system32\inetres.dll
11:50:12.0578 0272 C:\WINDOWS\system32\inetres.dll - ok
11:50:12.0578 0272 [ 116AA2B169ABD0B620961CAFF0AEAC84 ] C:\Program Files\Outlook Express\msoeres.dll
11:50:12.0578 0272 C:\Program Files\Outlook Express\msoeres.dll - ok
11:50:12.0593 0272 [ 85AC5F11D4759D13674B3E92EAC3F140 ] C:\WINDOWS\system32\msident.dll
11:50:12.0593 0272 C:\WINDOWS\system32\msident.dll - ok
11:50:12.0593 0272 [ 7ED041C7F82A381417AA3F43AB55F95A ] C:\WINDOWS\system32\msidntld.dll
11:50:12.0593 0272 C:\WINDOWS\system32\msidntld.dll - ok
11:50:12.0609 0272 [ 8E7FBEE2DE145808A8C063671E70527C ] C:\Program Files\Intuit\QuickBooks 2011\qblist32.DLL
11:50:12.0609 0272 C:\Program Files\Intuit\QuickBooks 2011\qblist32.DLL - ok
11:50:12.0609 0272 [ A14D324C50EB71FB480DDD60481D0C04 ] C:\WINDOWS\system32\pstorec.dll
11:50:12.0609 0272 C:\WINDOWS\system32\pstorec.dll - ok
11:50:12.0625 0272 [ 1E3AA5C879A68A94B485E15A9CEEFD3D ] C:\Program Files\Intuit\QuickBooks 2011\qbform32.DLL
11:50:12.0625 0272 C:\Program Files\Intuit\QuickBooks 2011\qbform32.DLL - ok
11:50:12.0625 0272 [ A0C2CB21F4B521429F033FDEB18D63D7 ] C:\Program Files\Common Files\System\directdb.dll
11:50:12.0625 0272 C:\Program Files\Common Files\System\directdb.dll - ok
11:50:12.0640 0272 [ 30B5A2254561E21CCC7BA21F80165D0B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
11:50:12.0640 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
11:50:12.0640 0272 [ B913A0C8AD94DCE3A25A1ECF2F3CC590 ] C:\Program Files\Intuit\QuickBooks 2011\QBWRPT32.DLL
11:50:12.0640 0272 C:\Program Files\Intuit\QuickBooks 2011\QBWRPT32.DLL - ok
11:50:12.0656 0272 [ 44DE39CB56D1919346C09C92A4B57C69 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
11:50:12.0656 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
11:50:12.0656 0272 [ 88E05F3B2031980A48D458EB78C67659 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
11:50:12.0656 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
11:50:12.0671 0272 [ DC7C8B3EA9BB9C7C50673D0349F9397C ] C:\Program Files\Intuit\QuickBooks 2011\paycore.DLL
11:50:12.0671 0272 C:\Program Files\Intuit\QuickBooks 2011\paycore.DLL - ok
11:50:12.0671 0272 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
11:50:12.0671 0272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll - ok
11:50:12.0687 0272 [ 45E5B638351BB930CA202E00492DF941 ] C:\Program Files\Intuit\QuickBooks 2011\PAYSERV.DLL
11:50:12.0687 0272 C:\Program Files\Intuit\QuickBooks 2011\PAYSERV.DLL - ok
11:50:12.0687 0272 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
11:50:12.0687 0272 C:\WINDOWS\system32\drprov.dll - ok
11:50:12.0703 0272 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
11:50:12.0703 0272 C:\WINDOWS\system32\ntlanman.dll - ok
11:50:12.0703 0272 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
11:50:12.0703 0272 C:\WINDOWS\system32\netui0.dll - ok
11:50:12.0718 0272 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
11:50:12.0718 0272 C:\WINDOWS\system32\netui1.dll - ok
11:50:12.0718 0272 [ B0C4776341ABBC6BF2F1A95987E5DEDA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad737988d5bde126a3b7770eacc51e5b\System.Transactions.ni.dll
11:50:12.0718 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad737988d5bde126a3b7770eacc51e5b\System.Transactions.ni.dll - ok
11:50:12.0734 0272 [ 9AD4C2E348D75B70195F25B3EE4DB7AC ] C:\Program Files\Intuit\QuickBooks 2011\PAYUTIL.DLL
11:50:12.0734 0272 C:\Program Files\Intuit\QuickBooks 2011\PAYUTIL.DLL - ok
11:50:12.0734 0272 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
11:50:12.0734 0272 C:\WINDOWS\system32\davclnt.dll - ok
11:50:12.0750 0272 [ F054572A92573CA32D5F3AA8C15D2BAC ] C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
11:50:12.0750 0272 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
11:50:12.0750 0272 [ 14224FA932CFD8EB3330F5B578341F0F ] C:\Program Files\Intuit\QuickBooks 2011\PAYRES.DLL
11:50:12.0750 0272 C:\Program Files\Intuit\QuickBooks 2011\PAYRES.DLL - ok
11:50:12.0765 0272 [ 349C17B1EB3E88AE18C10309ABA446B5 ] C:\WINDOWS\system32\netfxperf.dll
11:50:12.0765 0272 C:\WINDOWS\system32\netfxperf.dll - ok
11:50:12.0765 0272 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
11:50:12.0765 0272 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
11:50:12.0781 0272 [ 257147843B66B67CB72AE8197DD479CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
11:50:12.0781 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
11:50:12.0781 0272 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
11:50:12.0781 0272 C:\WINDOWS\system32\msdart.dll - ok
11:50:12.0796 0272 [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
11:50:12.0796 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
11:50:12.0796 0272 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
11:50:12.0796 0272 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
11:50:12.0812 0272 [ 6D3F74B93FDE043AFEC9711A5E4893B3 ] C:\Program Files\Intuit\QuickBooks 2011\qbutilities.DLL
11:50:12.0812 0272 C:\Program Files\Intuit\QuickBooks 2011\qbutilities.DLL - ok
11:50:12.0812 0272 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
11:50:12.0812 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
11:50:12.0828 0272 [ 0645AAAD99C516182EA6CBAD0D3238EC ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
11:50:12.0828 0272 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - ok
11:50:12.0828 0272 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
11:50:12.0828 0272 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
11:50:12.0843 0272 [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
11:50:12.0843 0272 C:\WINDOWS\system32\msjetoledb40.dll - ok
11:50:12.0843 0272 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
11:50:12.0843 0272 C:\WINDOWS\system32\msjet40.dll - ok
11:50:12.0859 0272 [ AFC58ACB272A1DF5D3FC5B6B067B8FBF ] C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll
11:50:12.0859 0272 C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll - ok
11:50:12.0859 0272 [ F1AA467825079B05D590D475432B4066 ] C:\WINDOWS\system32\msscntrs.dll
11:50:12.0859 0272 C:\WINDOWS\system32\msscntrs.dll - ok
11:50:12.0875 0272 [ 97AA76AE301C43098FA46147D06764CF ] C:\Program Files\Intuit\QuickBooks 2011\qbtool32.DLL
11:50:12.0875 0272 C:\Program Files\Intuit\QuickBooks 2011\qbtool32.DLL - ok
11:50:12.0875 0272 [ A00D2AAF88FD04652C6BB355074F79C6 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
11:50:12.0875 0272 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL - ok
11:50:12.0890 0272 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
11:50:12.0890 0272 C:\WINDOWS\system32\mswstr10.dll - ok
11:50:12.0890 0272 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
11:50:12.0890 0272 C:\WINDOWS\system32\msjter40.dll - ok
11:50:12.0906 0272 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
11:50:12.0906 0272 C:\WINDOWS\system32\msjint40.dll - ok
11:50:12.0906 0272 [ 64A1693A4EAC1CCFF24F523355C682E0 ] C:\Program Files\Intuit\QuickBooks 2011\QBSTYL32.DLL
11:50:12.0906 0272 C:\Program Files\Intuit\QuickBooks 2011\QBSTYL32.DLL - ok
11:50:12.0921 0272 [ 148530A0833E54D071DA732D20AE5B27 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\04eea38364e5ced71d02bf104cb5892c\System.EnterpriseServices.ni.dll
11:50:12.0921 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\04eea38364e5ced71d02bf104cb5892c\System.EnterpriseServices.ni.dll - ok
11:50:12.0921 0272 [ 771097EF8B89E0461F105AB894AFCE6D ] C:\Program Files\Intuit\QuickBooks 2011\QBCONV32.DLL
11:50:12.0921 0272 C:\Program Files\Intuit\QuickBooks 2011\QBCONV32.DLL - ok
11:50:12.0937 0272 [ E786C33D35D39C5CCB523AECC18D7BD7 ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
11:50:12.0937 0272 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - ok
11:50:12.0937 0272 [ 74D5A885D251F47CFF056B9C28D7382E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\04eea38364e5ced71d02bf104cb5892c\System.EnterpriseServices.Wrapper.dll
11:50:12.0937 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\04eea38364e5ced71d02bf104cb5892c\System.EnterpriseServices.Wrapper.dll - ok
11:50:12.0953 0272 [ 6AD815843D205CD08F271D38E32A88AE ] C:\Program Files\Intuit\QuickBooks 2011\QBINTR32.DLL
11:50:12.0953 0272 C:\Program Files\Intuit\QuickBooks 2011\QBINTR32.DLL - ok
11:50:12.0953 0272 [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
11:50:12.0953 0272 C:\WINDOWS\system32\msjtes40.dll - ok
11:50:12.0968 0272 [ 2F92013D8C43A96A72396202AEDE7904 ] C:\Program Files\Intuit\QuickBooks 2011\ui.DLL
11:50:12.0968 0272 C:\Program Files\Intuit\QuickBooks 2011\ui.DLL - ok
11:50:12.0968 0272 [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
11:50:12.0968 0272 C:\WINDOWS\system32\vbajet32.dll - ok
11:50:12.0984 0272 [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
11:50:12.0984 0272 C:\WINDOWS\system32\expsrv.dll - ok
11:50:12.0984 0272 [ C06C4591B016ABF041EC22BD5AE25724 ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.Shared.dll
11:50:12.0984 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.Shared.dll - ok
11:50:13.0000 0272 [ D27383C33620E6EB8A9AF6FA5C9D0218 ] C:\Program Files\Intuit\QuickBooks 2011\QBONLI32.DLL
11:50:13.0000 0272 C:\Program Files\Intuit\QuickBooks 2011\QBONLI32.DLL - ok
11:50:13.0000 0272 [ 55E58677EF4B3509EF64ABD2ACCC7A6E ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\ClientApi.dll
11:50:13.0000 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\ClientApi.dll - ok
11:50:13.0015 0272 [ A25263ADBBE40D64BA2AE9FF0E74B2FF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll
11:50:13.0015 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll - ok
11:50:13.0015 0272 [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINDOWS\system32\perfnet.dll
11:50:13.0015 0272 C:\WINDOWS\system32\perfnet.dll - ok
11:50:13.0031 0272 [ 0D38D30976A7FBC37FA50B1B50789C25 ] C:\Program Files\Intuit\QuickBooks 2011\QBCHAO32.DLL
11:50:13.0031 0272 C:\Program Files\Intuit\QuickBooks 2011\QBCHAO32.DLL - ok
11:50:13.0031 0272 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll
11:50:13.0031 0272 C:\WINDOWS\system32\rasctrs.dll - ok
11:50:13.0031 0272 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
11:50:13.0031 0272 C:\WINDOWS\system32\rsvpperf.dll - ok
11:50:13.0046 0272 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
11:50:13.0046 0272 C:\WINDOWS\system32\tapiperf.dll - ok
11:50:13.0046 0272 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
11:50:13.0046 0272 C:\WINDOWS\system32\perfctrs.dll - ok
11:50:13.0062 0272 [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINDOWS\system32\perfts.dll
11:50:13.0062 0272 C:\WINDOWS\system32\perfts.dll - ok
11:50:13.0062 0272 [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\system32\utildll.dll
11:50:13.0062 0272 C:\WINDOWS\system32\utildll.dll - ok
11:50:13.0078 0272 [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINDOWS\system32\wbem\wmiaprpl.dll
11:50:13.0078 0272 C:\WINDOWS\system32\wbem\wmiaprpl.dll - ok
11:50:13.0078 0272 [ 15C9740D1C7ABC9CF37125F1262A7E0D ] C:\Program Files\Intuit\QuickBooks 2011\QBOESD32.DLL
11:50:13.0078 0272 C:\Program Files\Intuit\QuickBooks 2011\QBOESD32.DLL - ok
11:50:13.0093 0272 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll
11:50:13.0093 0272 C:\WINDOWS\system32\loadperf.dll - ok
11:50:13.0093 0272 [ E0673F1106E62A68D2257E376079F821 ] C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:50:13.0093 0272 C:\WINDOWS\system32\wbem\wmiapsrv.exe - ok
11:50:13.0109 0272 [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\system32\wbem\wmiapres.dll
11:50:13.0109 0272 C:\WINDOWS\system32\wbem\wmiapres.dll - ok
11:50:13.0109 0272 [ C5A9554406507AB2AB341B221D97519D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
11:50:13.0109 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll - ok
11:50:13.0125 0272 [ 70F1E9FEFBDFC4896DA2D9F9F691463A ] C:\Program Files\Intuit\QuickBooks 2011\qbbrow32.DLL
11:50:13.0125 0272 C:\Program Files\Intuit\QuickBooks 2011\qbbrow32.DLL - ok
11:50:13.0125 0272 [ D25CA96A2E3835BA38A469E4042F4083 ] C:\Program Files\Intuit\QuickBooks 2011\PREFS.DLL
11:50:13.0125 0272 C:\Program Files\Intuit\QuickBooks 2011\PREFS.DLL - ok
11:50:13.0140 0272 [ 595F89529018391D82295F3F70648E68 ] C:\Program Files\Intuit\QuickBooks 2011\TEJ32.DLL
11:50:13.0140 0272 C:\Program Files\Intuit\QuickBooks 2011\TEJ32.DLL - ok
11:50:13.0140 0272 [ 67300502643AAECDC8CED7A33FADBF07 ] C:\Program Files\Intuit\QuickBooks 2011\qbtxn32.DLL
11:50:13.0140 0272 C:\Program Files\Intuit\QuickBooks 2011\qbtxn32.DLL - ok
11:50:13.0156 0272 [ 783EE51A049F95FD761839A105BC665D ] C:\Program Files\Intuit\QuickBooks 2011\QBQWUT32.dll
11:50:13.0156 0272 C:\Program Files\Intuit\QuickBooks 2011\QBQWUT32.dll - ok
11:50:13.0156 0272 [ 382668323400BD3BCFE9FFF249515975 ] C:\WINDOWS\system32\avifil32.dll
11:50:13.0156 0272 C:\WINDOWS\system32\avifil32.dll - ok
11:50:13.0171 0272 [ A39DE3F1802DF116FCF4C3CC12E191D4 ] C:\Program Files\Intuit\QuickBooks 2011\txncore.DLL
11:50:13.0171 0272 C:\Program Files\Intuit\QuickBooks 2011\txncore.DLL - ok
11:50:13.0171 0272 [ D3FD345018209AB2E19606B0BED60686 ] C:\Program Files\Intuit\QuickBooks 2011\TXNFORM.DLL
11:50:13.0171 0272 C:\Program Files\Intuit\QuickBooks 2011\TXNFORM.DLL - ok
11:50:13.0187 0272 [ 2206BC05A1060F7A9218260102426870 ] C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.BackupServer.dll
11:50:13.0187 0272 C:\Documents and Settings\user\Local Settings\Application Data\Strongvault Online Backup\SOS.Contracts.BackupServer.dll - ok
11:50:13.0187 0272 [ 7F8319BB501BD0A67AAD167D1EF8F951 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
11:50:13.0187 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll - ok
11:50:13.0203 0272 [ 64A377D9499C3AB30F5FAC2564AF4542 ] C:\Program Files\Intuit\QuickBooks 2011\APPCORE.DLL
11:50:13.0203 0272 C:\Program Files\Intuit\QuickBooks 2011\APPCORE.DLL - ok
11:50:13.0203 0272 [ E3DA9F0B9B67484A9EC3D3E0711684CE ] C:\Program Files\Intuit\QuickBooks 2011\ELCORE.DLL
11:50:13.0203 0272 C:\Program Files\Intuit\QuickBooks 2011\ELCORE.DLL - ok
11:50:13.0218 0272 [ 0F2F3D8826957EA21E68DDCE13ACF8BC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll
11:50:13.0218 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll - ok
11:50:13.0218 0272 [ 51AC03B99A7F435344C40B44A1AB0CE1 ] C:\Program Files\Intuit\QuickBooks 2011\FEATURES.DLL
11:50:13.0218 0272 C:\Program Files\Intuit\QuickBooks 2011\FEATURES.DLL - ok
11:50:13.0234 0272 [ 13BE601DD9AF4B726C8EF1DC337271CC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
11:50:13.0234 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll - ok
11:50:13.0234 0272 [ 321A4EFC7739ED6947CA2AC661637228 ] C:\Program Files\Intuit\QuickBooks 2011\QBITools.dll
11:50:13.0234 0272 C:\Program Files\Intuit\QuickBooks 2011\QBITools.dll - ok
11:50:13.0250 0272 [ 969D707095331ABE791ACC5AB07FC43C ] C:\Program Files\Intuit\QuickBooks 2011\skucore.dll
11:50:13.0250 0272 C:\Program Files\Intuit\QuickBooks 2011\skucore.dll - ok
11:50:13.0250 0272 [ B3BCBB5ECE36F5304006760598632BAD ] C:\Program Files\Intuit\QuickBooks 2011\abmapi.DLL
11:50:13.0250 0272 C:\Program Files\Intuit\QuickBooks 2011\abmapi.DLL - ok
11:50:13.0265 0272 [ 3982E5020F443EC8899FABC405E36AFC ] C:\Program Files\Intuit\QuickBooks 2011\BizUtil.dll
11:50:13.0265 0272 C:\Program Files\Intuit\QuickBooks 2011\BizUtil.dll - ok
11:50:13.0265 0272 [ 3454630DDF222A3364828D8EED636635 ] C:\Program Files\Intuit\QuickBooks 2011\DMAUDIT.DLL
11:50:13.0265 0272 C:\Program Files\Intuit\QuickBooks 2011\DMAUDIT.DLL - ok
11:50:13.0281 0272 [ 5DD3A6712AF44E757187B173219B0D9B ] C:\Program Files\Intuit\QuickBooks 2011\DMCore.dll
11:50:13.0281 0272 C:\Program Files\Intuit\QuickBooks 2011\DMCore.dll - ok
11:50:13.0281 0272 [ 560ED36D57EB1468121ECD358CD3731A ] C:\Program Files\Intuit\QuickBooks 2011\DatabaseManager.DLL
11:50:13.0281 0272 C:\Program Files\Intuit\QuickBooks 2011\DatabaseManager.DLL - ok
11:50:13.0281 0272 [ BF815ED8082A7AD0F80BAD2A55A4C3D6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll
11:50:13.0281 0272 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll - ok
11:50:13.0296 0272 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
11:50:13.0296 0272 C:\WINDOWS\system32\tapisrv.dll - ok
11:50:13.0296 0272 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
11:50:13.0296 0272 C:\WINDOWS\system32\rasmans.dll - ok
11:50:13.0312 0272 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
11:50:13.0312 0272 C:\WINDOWS\system32\rastapi.dll - ok
11:50:13.0312 0272 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
11:50:13.0312 0272 C:\WINDOWS\system32\unimdm.tsp - ok
11:50:13.0328 0272 [ E0ADE91C23E5402E70D5D1A8FD3FFDD2 ] C:\Program Files\Intuit\QuickBooks 2011\dblib11.dll
11:50:13.0328 0272 C:\Program Files\Intuit\QuickBooks 2011\dblib11.dll - ok
11:50:13.0328 0272 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
11:50:13.0328 0272 C:\WINDOWS\system32\uniplat.dll - ok
11:50:13.0343 0272 [ 5F4CEBF8FEBB68378B58369F3774DFBC ] C:\Program Files\Intuit\QuickBooks 2011\dbtool11.dll
11:50:13.0343 0272 C:\Program Files\Intuit\QuickBooks 2011\dbtool11.dll - ok
11:50:13.0343 0272 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
11:50:13.0343 0272 C:\WINDOWS\system32\kmddsp.tsp - ok
11:50:13.0359 0272 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
11:50:13.0359 0272 C:\WINDOWS\system32\ndptsp.tsp - ok
11:50:13.0359 0272 [ D1B3F49E146310CDD3CCA18DBBB69767 ] C:\Program Files\Intuit\QuickBooks 2011\DMdqe.DLL
11:50:13.0359 0272 C:\Program Files\Intuit\QuickBooks 2011\DMdqe.DLL - ok
11:50:13.0375 0272 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
11:50:13.0375 0272 C:\WINDOWS\system32\ipconf.tsp - ok
11:50:13.0375 0272 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
11:50:13.0375 0272 C:\WINDOWS\system32\h323.tsp - ok
11:50:13.0390 0272 [ BC834A9D41CE61D9762F258D41245730 ] C:\Program Files\Intuit\QuickBooks 2011\OPAQUEBUFFER.DLL
11:50:13.0390 0272 C:\Program Files\Intuit\QuickBooks 2011\OPAQUEBUFFER.DLL - ok
11:50:13.0390 0272 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
11:50:13.0390 0272 C:\WINDOWS\system32\hidphone.tsp - ok
11:50:13.0406 0272 [ 5B3944E858B9CA487800665B0F484AA2 ] C:\Program Files\Intuit\QuickBooks 2011\QBMAS32.DLL
11:50:13.0406 0272 C:\Program Files\Intuit\QuickBooks 2011\QBMAS32.DLL - ok
11:50:13.0406 0272 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
11:50:13.0406 0272 C:\WINDOWS\system32\rasppp.dll - ok
11:50:13.0421 0272 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
11:50:13.0421 0272 C:\WINDOWS\system32\ntlsapi.dll - ok
11:50:13.0421 0272 [ C60AEC6AFBB3E97E1C4A795FBB51557A ] C:\Program Files\Intuit\QuickBooks 2011\ACE.DLL
11:50:13.0421 0272 C:\Program Files\Intuit\QuickBooks 2011\ACE.DLL - ok
11:50:13.0437 0272 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
11:50:13.0437 0272 C:\WINDOWS\system32\rasqec.dll - ok
11:50:13.0437 0272 [ 5FB0DEDE719456661F6F5D3E55605646 ] C:\Program Files\Intuit\QuickBooks 2011\QBATTR32.DLL
11:50:13.0437 0272 C:\Program Files\Intuit\QuickBooks 2011\QBATTR32.DLL - ok
11:50:13.0453 0272 [ 119F70145D2F76EFE836437B72647BCA ] C:\Program Files\Intuit\QuickBooks 2011\Accountant.DLL
11:50:13.0453 0272 C:\Program Files\Intuit\QuickBooks 2011\Accountant.DLL - ok
11:50:13.0453 0272 [ E1136C7D7BEF1C8171FEE912F21679EB ] C:\Program Files\Intuit\QuickBooks 2011\DMAccountant.DLL
11:50:13.0453 0272 C:\Program Files\Intuit\QuickBooks 2011\DMAccountant.DLL - ok
11:50:13.0468 0272 [ 35EC95143BF8F2F4B525F70C72D82ED3 ] C:\Program Files\Intuit\QuickBooks 2011\PortFile.DLL
11:50:13.0468 0272 C:\Program Files\Intuit\QuickBooks 2011\PortFile.DLL - ok
11:50:13.0468 0272 [ 4CE3AC82EA672B74153DCDA0176E7360 ] C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL
11:50:13.0468 0272 C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL - ok
11:50:13.0484 0272 [ 80E41408F6D641DC1C0F5353A0CC8125 ] C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll
11:50:13.0484 0272 C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll - ok
11:50:13.0484 0272 [ 3C6AEC537DC3F7F6427B926923B5F093 ] C:\Program Files\Intuit\QuickBooks 2011\DMGenPrefs.DLL
11:50:13.0484 0272 C:\Program Files\Intuit\QuickBooks 2011\DMGenPrefs.DLL - ok
11:50:13.0500 0272 [ 2D311328B1560D60E145E9A6BCA785F5 ] C:\Program Files\Intuit\QuickBooks 2011\DocumentManagement.DLL
11:50:13.0500 0272 C:\Program Files\Intuit\QuickBooks 2011\DocumentManagement.DLL - ok
11:50:13.0500 0272 [ F1DE3E4A745BCFFA57A4D3913F73E4AA ] C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll
11:50:13.0500 0272 C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll - ok
11:50:13.0515 0272 [ 6E54A1AF1942B1D8962E85180FD55EA8 ] C:\Program Files\Intuit\QuickBooks 2011\DMBUDGET.DLL
11:50:13.0515 0272 C:\Program Files\Intuit\QuickBooks 2011\DMBUDGET.DLL - ok
11:50:13.0515 0272 [ F18D4850B94FD82AE9702EEA4844A827 ] C:\Program Files\Intuit\QuickBooks 2011\FileManifest.DLL
11:50:13.0515 0272 C:\Program Files\Intuit\QuickBooks 2011\FileManifest.DLL - ok
11:50:13.0531 0272 [ B301355FD50E6EE9FBB9286467626DFE ] C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll
11:50:13.0531 0272 C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll - ok
11:50:13.0531 0272 [ 671A7D5294A555DC31A1458EF8EF4131 ] C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll
11:50:13.0531 0272 C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll - ok
11:50:13.0531 0272 [ E99A5296D66DFAC54B0AB3C35AFADDE1 ] C:\Program Files\Intuit\QuickBooks 2011\DMEDL.dll
11:50:13.0531 0272 C:\Program Files\Intuit\QuickBooks 2011\DMEDL.dll - ok
11:50:13.0546 0272 [ 846EA4B9713CF90376322D875443BD36 ] C:\Program Files\Intuit\QuickBooks 2011\DMDATASYNC.DLL
11:50:13.0546 0272 C:\Program Files\Intuit\QuickBooks 2011\DMDATASYNC.DLL - ok
11:50:13.0546 0272 [ A3FDBF8C0D3EFE65BB28EC44E1A084F2 ] C:\Program Files\Intuit\QuickBooks 2011\QBSDKNotify.DLL
11:50:13.0546 0272 C:\Program Files\Intuit\QuickBooks 2011\QBSDKNotify.DLL - ok
11:50:13.0562 0272 [ F0F449A970CE81DB48127A083649C770 ] C:\Program Files\Intuit\QuickBooks 2011\sdkutil.dll
11:50:13.0562 0272 C:\Program Files\Intuit\QuickBooks 2011\sdkutil.dll - ok
11:50:13.0578 0272 [ B1A1BCFD965B200DD54916BCE1C7CA5C ] C:\Program Files\Intuit\QuickBooks 2011\dmtxn.dll
11:50:13.0578 0272 C:\Program Files\Intuit\QuickBooks 2011\dmtxn.dll - ok
11:50:13.0578 0272 [ 819A27665DF1D47353506725DDD9B2BD ] C:\Program Files\Intuit\QuickBooks 2011\FeatureMgr.DLL
11:50:13.0578 0272 C:\Program Files\Intuit\QuickBooks 2011\FeatureMgr.DLL - ok
11:50:13.0593 0272 [ BFA912A1019F73413D29C305B00BCA0C ] C:\Program Files\Intuit\QuickBooks 2011\ESHELL.DLL
11:50:13.0593 0272 C:\Program Files\Intuit\QuickBooks 2011\ESHELL.DLL - ok
11:50:13.0593 0272 [ B69A02524D9BA76613B9FDA7C74F6A9B ] C:\Program Files\Intuit\QuickBooks 2011\UM.DLL
11:50:13.0593 0272 C:\Program Files\Intuit\QuickBooks 2011\UM.DLL - ok
11:50:13.0609 0272 [ 936A44CE07019B775AE3FACEC118B94F ] C:\Program Files\Intuit\QuickBooks 2011\PM.DLL
11:50:13.0609 0272 C:\Program Files\Intuit\QuickBooks 2011\PM.DLL - ok
11:50:13.0609 0272 [ DA2C86749052750B8C61FEAC99D2CCAF ] C:\Program Files\Intuit\QuickBooks 2011\DMUSERS.dll
11:50:13.0609 0272 C:\Program Files\Intuit\QuickBooks 2011\DMUSERS.dll - ok
11:50:13.0625 0272 [ 004BB1B8AA103AF0A3CCDDCBF6897E3E ] C:\Program Files\Intuit\QuickBooks 2011\QBSendError20.dll
11:50:13.0625 0272 C:\Program Files\Intuit\QuickBooks 2011\QBSendError20.dll - ok
11:50:13.0625 0272 [ F5DD097058C147CDE4C5AA476B2F3F2C ] C:\Program Files\Intuit\QuickBooks 2011\dbghelp.dll
11:50:13.0625 0272 C:\Program Files\Intuit\QuickBooks 2011\dbghelp.dll - ok
11:50:13.0640 0272 [ 05941EC839D80183AF6333DF504F83D6 ] C:\Program Files\Intuit\QuickBooks 2011\qbdomain.DLL
11:50:13.0640 0272 C:\Program Files\Intuit\QuickBooks 2011\qbdomain.DLL - ok
11:50:13.0640 0272 [ 86B1989A6A973584DEC2E26D6CA4C8A9 ] C:\Program Files\Intuit\QuickBooks 2011\DMUI.DLL
11:50:13.0640 0272 C:\Program Files\Intuit\QuickBooks 2011\DMUI.DLL - ok
11:50:13.0656 0272 [ CE4FDB6C960581143A64F014B50BF49B ] C:\Program Files\Intuit\QuickBooks 2011\payxsgen.DLL
11:50:13.0656 0272 C:\Program Files\Intuit\QuickBooks 2011\payxsgen.DLL - ok
11:50:13.0656 0272 [ AC1F4AB2766B1A2B6E9AB683EE575F5F ] C:\Program Files\Intuit\QuickBooks 2011\DMInventory.DLL
11:50:13.0656 0272 C:\Program Files\Intuit\QuickBooks 2011\DMInventory.DLL - ok
11:50:13.0671 0272 [ 5C6ADA93F6724DA1840592B11A5F1992 ] C:\Program Files\Intuit\QuickBooks 2011\DMTIME.DLL
11:50:13.0671 0272 C:\Program Files\Intuit\QuickBooks 2011\DMTIME.DLL - ok
11:50:13.0671 0272 [ E95E40C674C90E911A13B4E0B63E059B ] C:\Program Files\Intuit\QuickBooks 2011\DMPAYROLL.DLL
11:50:13.0671 0272 C:\Program Files\Intuit\QuickBooks 2011\DMPAYROLL.DLL - ok
11:50:13.0687 0272 [ F70B82B7E8E669FDEEE64E4268F5F4FF ] C:\Program Files\Intuit\QuickBooks 2011\DMALIAS.DLL
11:50:13.0687 0272 C:\Program Files\Intuit\QuickBooks 2011\DMALIAS.DLL - ok
11:50:13.0687 0272 [ 9313A06362657EC9C7A675687275DC22 ] C:\Program Files\Intuit\QuickBooks 2011\QBMFCT32.DLL
11:50:13.0687 0272 C:\Program Files\Intuit\QuickBooks 2011\QBMFCT32.DLL - ok
11:50:13.0703 0272 [ 0A0549028579FE27187168F2873FC17F ] C:\Program Files\Intuit\QuickBooks 2011\qbci32.dll
11:50:13.0703 0272 C:\Program Files\Intuit\QuickBooks 2011\qbci32.dll - ok
11:50:13.0703 0272 [ 487E2BD213A47DB2366044190D59DAA3 ] C:\Program Files\Intuit\QuickBooks 2011\dmolb.dll
11:50:13.0703 0272 C:\Program Files\Intuit\QuickBooks 2011\dmolb.dll - ok
11:50:13.0718 0272 [ 5885F1A26AAA4D432D3ECD7E08F5AEF1 ] C:\Program Files\Intuit\QuickBooks 2011\SSCE5232.dll
11:50:13.0718 0272 C:\Program Files\Intuit\QuickBooks 2011\SSCE5232.dll - ok
11:50:13.0718 0272 [ B96E584BD491D2BEC2FB2F86855B9E63 ] C:\Program Files\Intuit\QuickBooks 2011\cindexdb.dll
11:50:13.0718 0272 C:\Program Files\Intuit\QuickBooks 2011\cindexdb.dll - ok
11:50:13.0734 0272 [ 96053C7DFCC241344A3C2AC4C0E182C6 ] C:\Program Files\Intuit\QuickBooks 2011\DMPREFS.DLL
11:50:13.0734 0272 C:\Program Files\Intuit\QuickBooks 2011\DMPREFS.DLL - ok
11:50:13.0734 0272 [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
11:50:13.0734 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
11:50:13.0750 0272 [ 7F83F3380B0265ECED742387697E6181 ] C:\Program Files\Intuit\QuickBooks 2011\dbicu11.dll
11:50:13.0750 0272 C:\Program Files\Intuit\QuickBooks 2011\dbicu11.dll - ok
11:50:13.0750 0272 [ DFE34774A89F456A99D386B14AD68E41 ] C:\Program Files\Intuit\QuickBooks 2011\dbicudt11.dll
11:50:13.0750 0272 C:\Program Files\Intuit\QuickBooks 2011\dbicudt11.dll - ok
11:50:13.0765 0272 [ 4CE12678FC577B462E07130ECC6276CC ] C:\Program Files\Common Files\Intuit\QuickBooks\QBInstanceFinder.dll
11:50:13.0765 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBInstanceFinder.dll - ok
11:50:13.0765 0272 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
11:50:13.0765 0272 C:\WINDOWS\system32\riched32.dll - ok
11:50:13.0765 0272 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
11:50:13.0781 0272 C:\WINDOWS\system32\msxml4.dll - ok
11:50:13.0781 0272 [ 65E4BFC416F58B68D09BF2001C656679 ] C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Client\EntitlementClientBootstrap.dll
11:50:13.0781 0272 C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Client\EntitlementClientBootstrap.dll - ok
11:50:13.0781 0272 [ B2D1748AAD5B5162229BD1B2ADCE02C3 ] C:\Program Files\Intuit\QuickBooks 2011\ADR.DLL
11:50:13.0781 0272 C:\Program Files\Intuit\QuickBooks 2011\ADR.DLL - ok
11:50:13.0796 0272 [ E94B458B0E223665268785754D9237DE ] C:\Program Files\Intuit\QuickBooks 2011\ACM.DLL
11:50:13.0796 0272 C:\Program Files\Intuit\QuickBooks 2011\ACM.DLL - ok
11:50:13.0796 0272 [ 2C288AA87E4723AC9FF4D76A192EC3F8 ] C:\WINDOWS\system32\odbccp32.dll
11:50:13.0796 0272 C:\WINDOWS\system32\odbccp32.dll - ok
11:50:13.0812 0272 [ EA5FB736F9437A99F39D9AA53498F5BE ] C:\Program Files\Intuit\QuickBooks 2011\dblgen11.dll
11:50:13.0812 0272 C:\Program Files\Intuit\QuickBooks 2011\dblgen11.dll - ok
11:50:13.0812 0272 [ EA3AF33A9341B88D23FDC20D6EC826FE ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
11:50:13.0812 0272 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll - ok
11:50:13.0828 0272 [ 53A6E62372997E5A8882ADE55B0D16E3 ] C:\Program Files\Common Files\Intuit\QuickBooks\CoLocator2.dll
11:50:13.0828 0272 C:\Program Files\Common Files\Intuit\QuickBooks\CoLocator2.dll - ok
11:50:13.0828 0272 [ CDB8F1976FB88683B660AD2D57F641BF ] C:\Program Files\Intuit\QuickBooks 2011\qbot.dll
11:50:13.0828 0272 C:\Program Files\Intuit\QuickBooks 2011\qbot.dll - ok
11:50:13.0843 0272 [ 031D4CD24E4DC3EDF1593308F7EFE400 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUServiceMgr.dll
11:50:13.0843 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUServiceMgr.dll - ok
11:50:13.0843 0272 [ 28FB6FE4F138F08ECE87588079B31920 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll
11:50:13.0843 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll - ok
11:50:13.0859 0272 [ 6C69EA6A0C308A0FB81992CAC9F39C59 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\fusion.dll
11:50:13.0859 0272 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\fusion.dll - ok
11:50:13.0859 0272 [ 29FCFF6704DE3F603BF0538D562A1A03 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgr.exe
11:50:13.0859 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgr.exe - ok
11:50:13.0875 0272 [ 1C8167B07BA5C59A0AE171D55D0ECC74 ] C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll
11:50:13.0875 0272 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll - ok
11:50:13.0875 0272 [ 7DD7E2ED2297BE5F361BC7545F6E8A6C ] C:\Program Files\Intuit\QuickBooks 2011\qbwfls32.dll
11:50:13.0875 0272 C:\Program Files\Intuit\QuickBooks 2011\qbwfls32.dll - ok
11:50:13.0890 0272 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
11:50:13.0890 0272 C:\WINDOWS\system32\hhctrl.ocx - ok
11:50:13.0890 0272 [ AD7271D93F956010508D26B6C6A1B3D4 ] C:\Program Files\Intuit\QuickBooks 2011\TRACKING.DLL
11:50:13.0890 0272 C:\Program Files\Intuit\QuickBooks 2011\TRACKING.DLL - ok
11:50:13.0906 0272 [ 19643CB460796338B198FD377EB0F859 ] C:\Program Files\Common Files\Intuit\QuickBooks\addinmgr2.dll
11:50:13.0906 0272 C:\Program Files\Common Files\Intuit\QuickBooks\addinmgr2.dll - ok
11:50:13.0906 0272 [ 21DCAA1708DBA4822B1228883BBC4016 ] C:\Program Files\Intuit\QuickBooks 2011\msgDBAddIn.dll
11:50:13.0906 0272 C:\Program Files\Intuit\QuickBooks 2011\msgDBAddIn.dll - ok
11:50:13.0921 0272 [ 7DF18E94D6E741E71E4DE5A0ABB7BF36 ] C:\Program Files\Intuit\QuickBooks 2011\NAAuthTool.dll
11:50:13.0921 0272 C:\Program Files\Intuit\QuickBooks 2011\NAAuthTool.dll - ok
11:50:13.0937 0272 [ D679279E9F654310DC0EB2A54979B294 ] C:\Program Files\Intuit\QuickBooks 2011\QBInbox.dll
11:50:13.0937 0272 C:\Program Files\Intuit\QuickBooks 2011\QBInbox.dll - ok
11:50:13.0937 0272 [ ED366B3C8EF9AE45AABC52D800377ED6 ] C:\Program Files\Intuit\QuickBooks 2011\QBXLAdin.dll
11:50:13.0937 0272 C:\Program Files\Intuit\QuickBooks 2011\QBXLAdin.dll - ok
11:50:13.0953 0272 [ 64B33CC5BF131DEF2721394CF9B3F8ED ] C:\WINDOWS\system32\msvbvm60.dll
11:50:13.0953 0272 C:\WINDOWS\system32\msvbvm60.dll - ok
11:50:13.0953 0272 [ 81EDC923F15BBB846C9BF008E9D6F9E1 ] C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll
11:50:13.0953 0272 C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll - ok
11:50:13.0968 0272 [ 63FDD36D380B22166E29A48A2C4DA5EB ] C:\Program Files\Intuit\QuickBooks 2011\PRNotificationLoader.dll
11:50:13.0968 0272 C:\Program Files\Intuit\QuickBooks 2011\PRNotificationLoader.dll - ok
11:50:13.0968 0272 [ A7D5304AFBC71EF73CBD9A57D7F0A985 ] C:\Program Files\Intuit\QuickBooks 2011\qbwpsrun.dll
11:50:13.0968 0272 C:\Program Files\Intuit\QuickBooks 2011\qbwpsrun.dll - ok
11:50:13.0984 0272 [ FC5910111DEC27B62D9B1751DB57ADBB ] C:\Program Files\Intuit\QuickBooks 2011\qbmsintg.DLL
11:50:13.0984 0272 C:\Program Files\Intuit\QuickBooks 2011\qbmsintg.DLL - ok
11:50:13.0984 0272 ============================================================
11:50:13.0984 0272 Scan finished
11:50:13.0984 0272 ============================================================
11:50:14.0125 3180 Detected object count: 8
11:50:14.0125 3180 Actual detected object count: 8
11:50:42.0187 3180 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 nvatabus ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 nvatabus ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 nvraid ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 nvraid ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:50:42.0187 3180 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
11:50:42.0187 3180 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip

#18
gringo_pr

Posted 15 March 2013 - 10:24 AM

Trusted Helper

Malware Removal
7,268 posts

how are things running at this time?

gringo

#19
PBHRescue

Posted 15 March 2013 - 11:04 AM

Member

Topic Starter
Member
96 posts

Things seem to be running fine!! Seems faster too!! Although, I haven't tried "Uninstalling" any programs through the "Add or Remove" Programs part of the Control Panel... I know it kept freezing the PC any time I attempted to uninstall any programs.

Malwarebytes Anti-Rootkit... scan completed and it didn't detect any infections... I ran it twice to be sure.... both came back with no infections found.

#20
gringo_pr

Posted 15 March 2013 - 11:31 AM

Trusted Helper

Malware Removal
7,268 posts

Hello PBHRescue

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following

report from Combofix
let me know of any problems you may have had
How is the computer doing now after running the script?

Gringo

#21
PBHRescue

Posted 15 March 2013 - 11:54 AM

Member

Topic Starter
Member
96 posts

1. ComboFix Log:

ComboFix 13-03-15.01 - Administrator 03/15/2013 13:39:46.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.508 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
.
((((((((((((((((((((((((( Files Created from 2013-02-15 to 2013-03-15 )))))))))))))))))))))))))))))))
.
.
2013-03-15 15:45 . 2013-03-15 15:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Motorola
2013-03-15 04:49 . 2013-02-07 20:45 6954968 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E3093B2E-12E3-4C0B-89FE-5AAA32A225F3}\mpengine.dll
2013-03-15 04:47 . 2013-03-15 04:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2013-03-15 04:11 . 2013-03-15 04:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2013-03-14 18:56 . 2013-03-14 18:56 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Eastman Kodak Company
2013-03-14 18:20 . 2013-03-14 18:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Intuit
2013-03-14 18:20 . 2013-03-14 18:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\OnlineArmor
2013-03-14 18:20 . 2013-03-14 18:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer
2013-03-14 18:19 . 2013-03-14 18:19 -------- d-----w- c:\documents and settings\Administrator\Application Data\Motorola
2013-03-14 18:13 . 2013-03-14 18:13 -------- d-----w- c:\documents and settings\Eric Emminger\Local Settings\Application Data\Identities
2013-03-14 18:13 . 2013-03-14 18:13 -------- d-----w- c:\documents and settings\Eric Emminger\Application Data\Windows Desktop Search
2013-03-14 18:13 . 2013-03-14 18:13 -------- d-----w- c:\documents and settings\Eric Emminger\Application Data\OnlineArmor
2013-03-14 17:22 . 2013-03-14 17:22 -------- d-----w- c:\program files\ImgBurn
2013-03-14 17:20 . 2013-03-14 17:20 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-03-14 17:20 . 2013-03-14 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Strongvault Online Backup
2013-03-14 17:20 . 2013-03-14 17:21 -------- d-----w- c:\program files\Strongvault Online Backup
2013-03-14 17:19 . 2013-03-14 17:20 -------- d-----w- C:\AI_RecycleBin
2013-03-14 17:17 . 2013-03-14 17:18 -------- d-----w- c:\program files\Deal Spy
2013-03-14 04:28 . 2013-03-14 04:32 -------- d-----w- C:\RK_Quarantine
2013-03-14 04:27 . 2013-02-07 20:45 6954968 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-13 15:34 . 2013-03-13 17:52 -------- d-----w- c:\program files\Auslogics
2013-03-12 22:10 . 2013-03-12 22:10 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-03-12 22:08 . 2013-03-12 22:08 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-03-12 22:08 . 2013-03-12 22:08 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-03-12 22:08 . 2013-03-12 22:08 -------- d-----w- c:\documents and settings\All Users\Microsoft
2013-03-12 22:06 . 2013-03-12 22:06 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-03-12 22:04 . 2013-03-12 22:04 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-03-12 22:03 . 2013-03-12 22:16 -------- d-----w- c:\windows\SHELLNEW
2013-03-12 22:00 . 2013-03-12 22:00 -------- d-----r- C:\MSOCache
2013-03-12 21:54 . 2009-02-24 22:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2013-03-12 21:54 . 2013-03-12 21:54 -------- d-----w- c:\program files\MagicDisc
2013-03-12 21:24 . 2013-03-12 21:24 -------- d-----w- c:\program files\Elaborate Bytes
2013-03-11 03:48 . 2013-03-11 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2013-03-11 03:46 . 2012-10-02 19:03 44992 ----a-w- c:\windows\system32\drivers\oahlp32.sys
2013-03-11 03:46 . 2012-10-02 19:02 31920 ----a-w- c:\windows\system32\drivers\OAnet.sys
2013-03-11 03:46 . 2012-10-02 19:02 27648 ----a-w- c:\windows\system32\drivers\OAmon.sys
2013-03-11 03:46 . 2012-10-02 19:02 208320 ----a-w- c:\windows\system32\drivers\OADriver.sys
2013-03-11 03:45 . 2013-03-14 05:27 -------- d-----w- c:\program files\Online Armor
2013-03-11 03:40 . 2013-01-30 10:53 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-03-11 03:38 . 2013-03-11 03:38 -------- d-----w- c:\program files\Microsoft Security Client
2013-03-11 03:23 . 2013-03-11 03:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Licenses
2013-03-11 02:42 . 2013-03-11 02:42 -------- d-----w- c:\program files\Common Files\Java
2013-03-11 02:42 . 2013-03-11 02:41 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-11 02:42 . 2013-03-11 02:41 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 22:07 . 2013-03-10 22:07 -------- d-----w- c:\windows\system32\wbem\Repository
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 04:31 . 2012-05-24 16:33 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 04:31 . 2012-01-19 19:28 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 02:41 . 2012-10-19 21:52 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-11 02:41 . 2012-01-17 02:11 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-05 20:05 . 2008-08-21 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:05 . 2008-08-21 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-02-05 20:05 . 2008-08-21 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2008-08-21 12:00 385024 ------w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2008-08-21 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 19:59 . 2013-01-20 19:59 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-07 01:16 . 2008-08-21 12:00 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36 . 2008-04-14 00:01 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2008-08-21 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2008-08-21 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2008-08-21 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-16 12:23 . 2008-08-21 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-10-27 18:04 . 2012-10-27 18:03 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{25DA541F-6ACF-4052-A8AA-1D58284729C7}]
2010-03-18 18:09 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-20 296056]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-08-15 1404928]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-09-30 2215768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"Conime"="c:\windows\system32\conime.exe" [2008-08-21 27648]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"EKStatusMonitor"="c:\program files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"@OnlineArmor GUI"="c:\program files\Online Armor\OAui.exe" [2012-10-02 2415104]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2012-10-08 2804224]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SMessaging"="c:\documents and settings\user\Local Settings\Application Data\Strongvault Online Backup\SMessaging.exe" [2012-04-04 31664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Intuit Data Protect.lnk - c:\program files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-11-9 5940056]
NETGEAR WNDA3100v2 Genie.lnk - c:\program files\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2012-10-29 8453376]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-11-9 1156968]
QuickBooks_Standard_21.lnk - c:\program files\Intuit\QuickBooks 2011\QBW32.EXE [2011-11-9 1178984]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-27 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\ONLINE~2\oaevent.dll" [2012-10-02 366440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOPrinterTools.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Inkjet.AdminUtility.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinter64Util.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHostDirector.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOTransfer.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\EKAiOHostService.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9323:TCP"= 9323:TCP:EKDiscovery
"5353:UDP"= 5353:UDP:Bonjour Port 5353
"9322:TCP"= 9322:TCP:EKDiscovery
.
R1 ccSet_NST;Norton Safe Web Lite Settings Manager;c:\windows\system32\drivers\NST\0200000.010\ccSetx86.sys [1/18/2012 2:22 AM 132744]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [5/3/2012 12:07 PM 89792]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [3/10/2013 11:46 PM 208320]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [3/10/2013 11:46 PM 27648]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [3/10/2013 11:46 PM 31920]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [8/11/2011 7:38 PM 116608]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\Lite\NServiceEntry.exe [6/16/2011 11:40 PM 87368]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [10/19/2012 3:51 PM 395200]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [10/15/2012 12:58 PM 779200]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [5/3/2012 12:07 PM 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [5/3/2012 10:37 AM 151880]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [12/6/2011 5:00 PM 214896]
R2 NSL;Norton Safe Web Lite;c:\program files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [1/18/2012 2:22 AM 138760]
R2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\oacat.exe [3/10/2013 11:45 PM 216072]
R2 QBVSS;QBIDPService;c:\program files\Common Files\Intuit\DataProtect\QBIDPService.exe [11/9/2011 11:59 AM 1248256]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [5/3/2012 12:07 PM 340920]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [5/3/2012 12:07 PM 83856]
S1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [3/10/2013 11:46 PM 44992]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [?]
S2 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\oasrv.exe [3/10/2013 11:45 PM 4463864]
S2 WSWNDA3100v2;WSWNDA3100v2;c:\program files\NETGEAR\WNDA3100v2\WifiSvc.exe [10/29/2012 6:17 PM 303360]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [10/29/2012 6:18 PM 1034240]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2/28/2012 10:33 PM 6016]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [5/3/2012 12:07 PM 57600]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [5/3/2012 12:07 PM 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [5/3/2012 12:07 PM 87656]
S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2/28/2012 10:33 PM 25856]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2/28/2012 10:33 PM 20480]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2/28/2012 10:33 PM 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2/28/2012 10:33 PM 23424]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2/28/2012 10:33 PM 11008]
S4 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [1/22/2011 2:58 AM 189968]
S4 atiide;atiide;c:\windows\system32\drivers\atiide.sys [1/22/2011 2:58 AM 6016]
S4 viapdsk;VIA ATA/ATAPI Host Controller;c:\windows\system32\drivers\viapdsk.sys [1/22/2011 2:58 AM 29184]
S4 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [1/22/2011 2:58 AM 17968]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 63516716
*NewlyCreated* - 66934085
*Deregistered* - 63516716
*Deregistered* - 66934085
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-12 22:08 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 04:31]
.
2013-03-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-15 15:17]
.
2013-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-15 15:17]
.
2013-03-15 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 15:11]
.
2012-11-25 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2013-03-15 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-11-25 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2013-03-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1873647745-624764526-1125205251-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]
.
2013-03-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1873647745-624764526-1125205251-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-63516716.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-15 13:46
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NSL]
"ImagePath"="\"c:\program files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(788)
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'explorer.exe'(3492)
c:\windows\system32\WININET.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~4\Office14\1033\GrooveIntlResource.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-03-15 13:49:39
ComboFix-quarantined-files.txt 2013-03-15 17:49
ComboFix2.txt 2013-03-15 04:47
ComboFix3.txt 2013-03-14 05:45
.
Pre-Run: 40,916,262,912 bytes free
Post-Run: 40,904,380,416 bytes free
.
- - End Of File - - 5ED6BA7381E5E13FED41A27FEC2CFECC

2. No known issues or problems!

3. Computer seems to be running great!!! A lot faster too!! I'm going to reboot the computer now to see how quickly it Windows comes back... ALSO, after I re-boot... I'm going to go into my Control Panel, Add and Remove Programs, and Uninstall a Program to see if it is still causing any major issues...

#22
gringo_pr

Posted 15 March 2013 - 11:56 AM

Trusted Helper

Malware Removal
7,268 posts

Hello PBHRescue

I would like to see a report that combofix makes.

extra combofix report

push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
please copy and past the following into the box

C:\Qoobox\Add-Remove Programs.txt

click ok

copy and paste the report into this topic for me to review

Gringo

#23
PBHRescue

Posted 15 March 2013 - 12:16 PM

Member

Topic Starter
Member
96 posts

Okay... thus far everything is running great! I'm back on my normal "Computer Adminstrator" "user" account now too... not the hidden "Administrator" account... Here's the report you just requested I think... please be advised, I just uninstalled a few programs, two of which not sure I got... they snuck in probably from when I installed another program probably some sort of "add on" Anyways, those two were "Deal Spy" and the "Strong Vault" one... the third program I uninstalled was the Virtual Clone (Virtual ISO drive)

Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Age of Empires III
Ailt BMP JPG JPEG to Word Converter 5.7
aioprnt
aioscnnr
Apple Application Support
Apple Software Update
Auslogics Disk Defrag
Bonjour
C4USelfUpdater
center
CleanUp!
Deal Spy
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
essentials
Foxit Reader
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
ImgBurn
Intel® Extreme Graphics 2 Driver
Java 7 Update 17
Java Auto Updater
Kodak AIO Printer
KODAK AiO Software
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows XP Video Decoder Checkup Utility
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
MOTOROLA MEDIA LINK
Motorola Mobile Drivers Installation 5.4.0
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
Norton Safe Web Lite
NVIDIA Drivers
ocr
Online Armor 6.0
PreReq
PrintProjects
QuickBooks
QuickBooks Premier: Nonprofit Edition 2011
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SpywareBlaster 5.0
Strongvault Online Backup
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0

#24
gringo_pr

Posted 15 March 2013 - 12:59 PM

Trusted Helper

Malware Removal
7,268 posts

Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Adobe Reader X (10.1.6)
Java 7 Update 17
Strongvault Online Backup

[/list]

Please download and install Revo Uninstaller Free

Double click Revo Uninstaller to run it.
From the list of programs double click on The Program to remove
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
when the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
when prompted click on Yes and then on next.
put a check on any folders that are found and select delete
when prompted select yes then on next
Once done click Finish.

.

Clean Out Temp Files

This small application you may want to keep and use once a week to keep the computer clean.

Download CCleaner from here http://www.ccleaner.com/
Run the installer to install the application.
When it gives you the option to install Yahoo toolbar uncheck the box next to it.
Run CCleaner. default settings are fine
Click Run Cleaner.
Close CCleaner.

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan

Double-click mbam icon
go to the update tab at the top
click on check for updates
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If you accidentally close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

Go Here to download HijackThis program
Save HijackThis to your desktop.
Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
copy and paste hijackthis report into the topic

"information and logs"

In your next post I need the following

Log From MBAM
report from Hijackthis
let me know of any problems you may have had
How is the computer doing now?

Gringo

#25
PBHRescue

Posted 15 March 2013 - 01:38 PM

Member

Topic Starter
Member
96 posts

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.15.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user :: PBHRESCUE [administrator]

3/15/2013 3:27:56 PM
mbam-log-2013-03-15 (15-27-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244842
Time elapsed: 7 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: e00c264a9743a794d00a23409cdee021 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#26
gringo_pr

Posted 15 March 2013 - 07:43 PM

Trusted Helper

Malware Removal
7,268 posts

Hello PBHRescue

did you run the hijackthis program?

#27
PBHRescue

Posted 15 March 2013 - 10:55 PM

Member

Topic Starter
Member
96 posts

Hello Gringo,
I'm sorry... I was rushing around today tending to dogs and then running out to do some rescue work... I over looked the HijackThis part of your post... Here it is!!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:30 AM, on 3/16/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Online Armor\OAcat.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628034334.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: NETGEAR WNDA3100v2 Genie.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1293325203218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1342920748906
O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
O23 - Service: WSWNDA3100v2 - Unknown owner - C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe

--
End of file - 11714 bytes

#28
gringo_pr

Posted 15 March 2013 - 11:12 PM

Trusted Helper

Malware Removal
7,268 posts

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

Run HijackThis (rightclick and run as admin)
Click on the Scan button
Put a check beside all of the items listed below (if present):
- O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
  O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
  O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
  O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
  O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
  O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
  O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
  O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE
  O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.

NOTE**You can research each of those lines >here< and see if you want to keep them or not
just copy the name between the brackets and paste into the search space
O4 - HKLM\..\Run: [IntelliPoint]

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
- Click Start
When asked, allow the add/on to be installed
- Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

When the scan is complete

If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

If threats were found
click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish
close program
copy and paste the report here

Gringo

#29
PBHRescue

Posted 16 March 2013 - 07:53 PM

Member

Topic Starter
Member
96 posts

Hello Gringo,
I've removed the start up programs you recommended.

Here is the ESET SCAN Results:

C:\Documents and Settings\user\Local Settings\temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-ImgBurn-SEO-10847481.exe Win32/DownloadAdmin.G application
C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-Virtual_CloneDrive-SEO-173879 (1).exe Win32/DownloadAdmin.G application
C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-Virtual_CloneDrive-SEO-173879.exe Win32/DownloadAdmin.G application
C:\Documents and Settings\user\My Documents\Downloads\disk-defrag-setup.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\user\My Documents\Downloads\FoxitReader531.0606_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\user\My Documents\Downloads\FoxitReader545.0124_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\user\My Documents\Downloads\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\System Volume Information\_restore{AE02EB0C-DBB2-49A3-B4A0-5CF583FE101C}\RP324\A0162812.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\System Volume Information\_restore{AE02EB0C-DBB2-49A3-B4A0-5CF583FE101C}\RP328\A0175554.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\System Volume Information\_restore{AE02EB0C-DBB2-49A3-B4A0-5CF583FE101C}\RP342\A0186041.dll a variant of Win32/Toolbar.CrossRider.A application
C:\System Volume Information\_restore{AE02EB0C-DBB2-49A3-B4A0-5CF583FE101C}\RP342\A0186045.exe multiple threats
C:\System Volume Information\_restore{AE02EB0C-DBB2-49A3-B4A0-5CF583FE101C}\RP342\A0186046.exe a variant of Win32/Toolbar.CrossRider.C application

#30
gringo_pr

Posted 16 March 2013 - 07:59 PM

Trusted Helper

Malware Removal
7,268 posts

Hello PBHRescue

There are some minor things in your online scan that should be removed.

delete files

Copy all text in the code box (below)...to Notepad.

@echo off
del /f /s /q "C:\Documents and Settings\user\Local Settings\temp\AskSLib.dll"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-ImgBurn-SEO-10847481.exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-Virtual_CloneDrive-SEO-173879 (1).exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\cbsidlm-tr1_11-Virtual_CloneDrive-SEO-173879.exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\disk-defrag-setup.exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\FoxitReader531.0606_enu_Setup.exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\FoxitReader545.0124_enu_Setup.exe"
del /f /s /q "C:\Documents and Settings\user\My Documents\Downloads\SetupImgBurn_2.5.7.0.exe"
del %0

Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
It should look like this: <--XP<--vista
Double click on delfile.bat to execute it.
A black CMD window will flash, then disappear...this is normal.
The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.

Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.

:Why we need to remove some of our tools:

Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.
They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.

To re-enable your Emulation drivers, double click DeFogger to run the tool.
The application window will appear
Click the Re-enable button to re-enable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK.

Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

turn off all active protection software
push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
please copy and past the following into the box ComboFix /Uninstall and click OK.
Note the space between the X and the /Uninstall, it needs to be there.

:Remove the rest of our tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.

Double-click OTCleanIt.exe.
Click the CleanUp! button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes, if not delete it by yourself.
If asked to restart the computer, please do so

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

About Java

During the cleaning process if I found that Java was installed I asked for it to be uninstalled, Many home users will not miss it. If you use OpenOffice, play online games or use business applications which require Java, Then you need to install the latest version and make sure to disable it in your web browsers.

If an application or website requires it, you should receive a notification indicating that when you attempt to launch that application or access that website.

Link to download latest version. - install Java

How to disable java in your web browsers - Disable Java

:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.

Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

Malwarebytes' Anti-Malware The Gold standerd today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.

Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)

Note** If you decide to install MSE you will need to uninstall your present Antivirus

:Security awareness:

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internet

internetsafety

Internet Safety for Kids

Here is some more reading for you from some of my colleges

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum

COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

quoted from Tech Support Forum

Conclusion

There is no such thing as 'perfect security'. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->