Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Malware problems [Solved]

Started by raps1355 , Aug 17 2013 03:29 PM

Page 4 of 6
2
3
4
5
6

This topic is locked

#46
raps1355

Posted 24 August 2013 - 11:55 AM

Member

Topic Starter
Member
39 posts

Thats exactly what i did, let it run and did not use or move comp for over couple hours

#47
Phel

Posted 24 August 2013 - 12:02 PM

Trusted Helper

Malware Removal
1,386 posts

OK, I have one idea for you, but it should be approved by my teacher first. Please, wait for some time, I will post to you soon.

#48
Phel

Posted 24 August 2013 - 04:04 PM

Trusted Helper

Malware Removal
1,386 posts

Okay, try to do so:

Launch ServicesRepair.com on your Desktop.
Click Yes to start repair.
When finished, click Yes to reboot you computer.

Try to run ComboFix after that.

#49
raps1355

Posted 24 August 2013 - 07:12 PM

Member

Topic Starter
Member
39 posts

Done it but it didnt work still sticks on stage 49

#50
Phel

Posted 25 August 2013 - 03:42 AM

Trusted Helper

Malware Removal
1,386 posts

Press this key sequence:

Win+R
Run window should appear. Type there the following:

Combofix /uninstall
Reboot your computer.
After reboot download ComboFix from here.
Rename it to winlogon.exe (don't forget to change extension!) and try to run it.
If ComboFix still hangs, do the following:
- When ComboFix is hanging, launch Task Manager.
- See if there are following processes:
  
  FindStr.exe
  GREP.exe
  CFXXXX.exe(XXXX are random numbers)
Terminate these processes (select process and click End Process button). ComboFix should countinue to run now till the end.

#51
raps1355

Posted 25 August 2013 - 09:30 AM

Member

Topic Starter
Member
39 posts

Hi,

Ok i did it after a few tries. Those processes were there in the task manager but when i closed them it would close combofix. After a few goes of retrying i got it to stage 50 then it completed. Here is the log it made.

ComboFix 13-08-25.01 - Joe 25/08/2013 16:14:34.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1546 [GMT 1:00]
Running from: c:\documents and settings\Joe\Desktop\winlogon.exe.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Joe\Local Settings\Application Data\aiboxfbr.log
c:\documents and settings\Joe\Local Settings\Application Data\assembly\tmp
c:\documents and settings\Joe\Local Settings\Application Data\hrhupcvn.log
c:\documents and settings\Joe\Local Settings\Application Data\jkxrcbaq.log
c:\documents and settings\Joe\Local Settings\Application Data\nyqhekwo.log
c:\documents and settings\Joe\Local Settings\Application Data\uygqvmkw.log
c:\documents and settings\Joe\Local Settings\Application Data\vpneojrw.log
c:\documents and settings\Joe\Local Settings\Application Data\wpdwmqun.log
C:\install.exe
c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
c:\program files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-07-25 to 2013-08-25 )))))))))))))))))))))))))))))))
.
.
2013-08-23 22:51 . 2013-08-23 22:51 -------- d-----w- c:\program files\Conduit
2013-08-23 22:51 . 2013-08-23 22:57 -------- d-----w- c:\documents and settings\Joe\Local Settings\Application Data\Conduit
2013-08-20 23:03 . 2013-08-20 23:03 -------- d-----w- c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm
2013-08-19 16:32 . 2013-08-19 16:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\Hotspot Shield
2013-08-18 13:53 . 2013-08-18 13:53 -------- d-----w- C:\_OTL
2013-08-17 19:37 . 2013-08-17 19:37 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-31 16:27 . 2013-07-31 16:27 -------- d-----w- c:\documents and settings\fbwuser\Application Data\Hotspot Shield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-12 23:06 . 2013-06-21 01:05 44744 ----a-w- c:\windows\system32\drivers\hssdrv.sys
2013-07-05 18:20 . 2004-08-04 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-01 19:50 . 2013-07-01 19:50 664 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\d3d9caps.tmp
2013-06-21 00:19 . 2013-06-21 00:19 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
2011-03-18 17:57 . 2011-04-05 09:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TvtXdnsd"="c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe" [2013-08-17 131036]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe" [2007-08-08 148760]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-06-03 296056]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Joe\Start Menu\Programs\Startup\
tvtxdnsd.exe [2013-8-17 131036]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WN111v2\WN111V2.exe [2009-11-4 1507431]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Joe^Start Menu^Programs^Startup^MacroMaker.lnk]
path=c:\documents and settings\Joe\Start Menu\Programs\Startup\MacroMaker.lnk
backup=c:\windows\pss\MacroMaker.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-08-08 16:31 148760 ----a-w- c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 04:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2007-04-09 14:49 1423360 ----a-w- c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 15:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 15:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-07-07 22:52 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-03-21 06:49 16126464 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-04-04 22:38 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TvtXdnsd]
2013-08-17 14:24 131036 --s-a-w- c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2009-09-30 16:57 718688 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"AcrSch2Svc"=2 (0x2)
"Sony PC Companion"=3 (0x3)
"HssWd"=2 (0x2)
"HssTrayService"=3 (0x3)
"hshld"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [31/01/2009 03:55 33824]
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\cmw_srv.exe [16/08/2013 22:47 852264]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [16/08/2013 22:43 555304]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [01/11/2007 01:56 36864]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [01/10/2008 16:45 57440]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [24/07/2003 12:10 17149]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [27/02/2008 11:54 360547]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [17/08/2013 20:37 40776]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2.sys [20/04/2010 05:12 601088]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27/10/2010 16:36 691696]
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
2013-08-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hotmail.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Joe\Application Data\Mozilla\Firefox\Profiles\n2jy7rr2.default\
FF - user.js: browser.newtab.url -
.
- - - - ORPHANS REMOVED - - - -
.
Notify-AtiExtEvent - (no file)
SafeBoot-73272381.sys
MSConfigStartUp-ISUSPM Startup - c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
MSConfigStartUp-ISUSScheduler - c:\program files\Common Files\InstallShield\UpdateService\issch.exe
MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe
MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe
MSConfigStartUp-SSBkgdUpdate - c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-25 16:23
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwQueryDirectoryFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-08-25 16:25:54
ComboFix-quarantined-files.txt 2013-08-25 15:25
.
Pre-Run: 198,023,786,496 bytes free
Post-Run: 198,004,334,592 bytes free
.
- - End Of File - - 885C02E26B54DF8B66D9BB0C0759E5BC
8F558EB6672622401DA993E1E865C861

#52
Phel

Posted 25 August 2013 - 11:03 AM

Trusted Helper

Malware Removal
1,386 posts

Open notepad and copy/paste the text in the quotebox below into it:

KillAll::

Folder::
c:\program files\Conduit
c:\documents and settings\Joe\Local Settings\Application Data\Conduit
c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm

File::
c:\documents and settings\LocalService\Local Settings\Application Data\d3d9caps.tmp
c:\documents and settings\Joe\Start Menu\Programs\Startup\tvtxdnsd.exe

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TvtXdnsd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TvtXdnsd"=-

Save this as CFScript.txt

Posted Image

Refering to the picture above, drag CFScript.txt into winlogon.exe.exe

When finished, it shall produce a log for you. Post that log in your next reply.

#53
raps1355

Posted 25 August 2013 - 12:08 PM

Member

Topic Starter
Member
39 posts

ComboFix 13-08-25.01 - Joe 25/08/2013 18:49:49.8.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1545 [GMT 1:00]
Running from: c:\documents and settings\Joe\Desktop\winlogon.exe.exe
Command switches used :: c:\documents and settings\Joe\Desktop\CFScript.txt
.
FILE ::
"c:\documents and settings\Joe\Start Menu\Programs\Startup\tvtxdnsd.exe"
"c:\documents and settings\LocalService\Local Settings\Application Data\d3d9caps.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Joe\Local Settings\Application Data\aiboxfbr.log
c:\documents and settings\Joe\Local Settings\Application Data\hrhupcvn.log
c:\documents and settings\Joe\Local Settings\Application Data\jkxrcbaq.log
c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm
c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe
c:\documents and settings\Joe\Local Settings\Application Data\nyqhekwo.log
c:\documents and settings\Joe\Local Settings\Application Data\uygqvmkw.log
c:\documents and settings\Joe\Local Settings\Application Data\vpneojrw.log
c:\documents and settings\Joe\Local Settings\Application Data\wpdwmqun.log
c:\program files\Conduit
.
.
((((((((((((((((((((((((( Files Created from 2013-07-25 to 2013-08-25 )))))))))))))))))))))))))))))))
.
.
2013-08-19 16:32 . 2013-08-19 16:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\Hotspot Shield
2013-08-18 13:53 . 2013-08-18 13:53 -------- d-----w- C:\_OTL
2013-08-17 19:37 . 2013-08-17 19:37 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-31 16:27 . 2013-07-31 16:27 -------- d-----w- c:\documents and settings\fbwuser\Application Data\Hotspot Shield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-05 18:20 . 2004-08-04 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-01 19:50 . 2013-07-01 19:50 664 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\d3d9caps.tmp
2013-06-21 00:19 . 2013-06-21 00:19 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
2011-03-18 17:57 . 2011-04-05 09:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe" [2007-08-08 148760]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-06-03 296056]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WN111v2\WN111V2.exe [2009-11-4 1507431]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,,c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Joe^Start Menu^Programs^Startup^MacroMaker.lnk]
path=c:\documents and settings\Joe\Start Menu\Programs\Startup\MacroMaker.lnk
backup=c:\windows\pss\MacroMaker.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-08-08 16:31 148760 ----a-w- c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 04:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2007-04-09 14:49 1423360 ----a-w- c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 15:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 15:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-07-07 22:52 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-03-21 06:49 16126464 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-04-04 22:38 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2009-09-30 16:57 718688 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"AcrSch2Svc"=2 (0x2)
"Sony PC Companion"=3 (0x3)
"HssWd"=2 (0x2)
"HssTrayService"=3 (0x3)
"hshld"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [31/01/2009 03:55 33824]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [01/11/2007 01:56 36864]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [01/10/2008 16:45 57440]
S2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\cmw_srv.exe --> c:\program files\Hotspot Shield\bin\cmw_srv.exe [?]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [24/07/2003 12:10 17149]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [27/02/2008 11:54 360547]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [17/08/2013 20:37 40776]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2.sys [20/04/2010 05:12 601088]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27/10/2010 16:36 691696]
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
2013-08-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hotmail.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Joe\Application Data\Mozilla\Firefox\Profiles\n2jy7rr2.default\
FF - user.js: browser.newtab.url -
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-TvtXdnsd - c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe
AddRemove-HotspotShield - c:\program files\Hotspot Shield\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-25 19:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2392)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\acs.exe
c:\windows\system32\HPZipm12.exe
.
**************************************************************************
.
Completion time: 2013-08-25 19:07:44 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-25 18:07
ComboFix2.txt 2013-08-25 15:25
.
Pre-Run: 197,982,162,944 bytes free
Post-Run: 197,981,581,312 bytes free
.
- - End Of File - - 98B84E803440DA7539DD369185102E50
8F558EB6672622401DA993E1E865C861

#54
Phel

Posted 25 August 2013 - 01:27 PM

Trusted Helper

Malware Removal
1,386 posts

Are you able to access antivirus sites now?

#55
raps1355

Posted 25 August 2013 - 02:14 PM

Member

Topic Starter
Member
39 posts

No, after the first combofix scan completed i could run spybot which i did and i had to restart. When it rebooted a command box spammed for abit and then it wouldnt work anymore.

#56
Phel

Posted 25 August 2013 - 02:16 PM

Trusted Helper

Malware Removal
1,386 posts

Can you please run ComboFix scan once more?

#57
raps1355

Posted 25 August 2013 - 02:32 PM

Member

Topic Starter
Member
39 posts

ComboFix 13-08-25.01 - Joe 25/08/2013 21:18:55.9.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1177 [GMT 1:00]
Running from: c:\documents and settings\Joe\Desktop\winlogon.exe.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Joe\Local Settings\Application Data\aiboxfbr.log
c:\documents and settings\Joe\Local Settings\Application Data\hrhupcvn.log
c:\documents and settings\Joe\Local Settings\Application Data\jkxrcbaq.log
c:\documents and settings\Joe\Local Settings\Application Data\nyqhekwo.log
c:\documents and settings\Joe\Local Settings\Application Data\uygqvmkw.log
c:\documents and settings\Joe\Local Settings\Application Data\vpneojrw.log
c:\documents and settings\Joe\Local Settings\Application Data\wpdwmqun.log
.
.
((((((((((((((((((((((((( Files Created from 2013-07-25 to 2013-08-25 )))))))))))))))))))))))))))))))
.
.
2013-08-25 18:03 . 2013-08-25 18:03 -------- d-----w- c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm
2013-08-19 16:32 . 2013-08-19 16:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\Hotspot Shield
2013-08-18 13:53 . 2013-08-18 13:53 -------- d-----w- C:\_OTL
2013-08-17 19:37 . 2013-08-17 19:37 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-31 16:27 . 2013-07-31 16:27 -------- d-----w- c:\documents and settings\fbwuser\Application Data\Hotspot Shield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-05 18:20 . 2004-08-04 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-01 19:50 . 2013-07-01 19:50 664 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\d3d9caps.tmp
2013-06-21 00:19 . 2013-06-21 00:19 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
2011-03-18 17:57 . 2011-04-05 09:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TvtXdnsd"="c:\documents and settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe" [2013-08-17 131036]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe" [2007-08-08 148760]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-06-03 296056]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Joe\Start Menu\Programs\Startup\
tvtxdnsd.exe [2013-8-17 131036]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WN111v2\WN111V2.exe [2009-11-4 1507431]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Joe^Start Menu^Programs^Startup^MacroMaker.lnk]
path=c:\documents and settings\Joe\Start Menu\Programs\Startup\MacroMaker.lnk
backup=c:\windows\pss\MacroMaker.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-08-08 16:31 148760 ----a-w- c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 04:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2007-04-09 14:49 1423360 ----a-w- c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 15:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 15:24 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-07-07 22:52 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-03-21 06:49 16126464 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-04-04 22:38 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2009-09-30 16:57 718688 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"AcrSch2Svc"=2 (0x2)
"Sony PC Companion"=3 (0x3)
"HssWd"=2 (0x2)
"HssTrayService"=3 (0x3)
"hshld"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [31/01/2009 03:55 33824]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [01/11/2007 01:56 36864]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [01/10/2008 16:45 57440]
S2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\cmw_srv.exe --> c:\program files\Hotspot Shield\bin\cmw_srv.exe [?]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [24/07/2003 12:10 17149]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [27/02/2008 11:54 360547]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [17/08/2013 20:37 40776]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2.sys [20/04/2010 05:12 601088]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27/10/2010 16:36 691696]
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-19 19:54]
.
2013-08-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
2013-08-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-515967899-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 17:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hotmail.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Joe\Application Data\Mozilla\Firefox\Profiles\n2jy7rr2.default\
FF - user.js: browser.newtab.url -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-25 21:29
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwQueryDirectoryFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-08-25 21:31:27
ComboFix-quarantined-files.txt 2013-08-25 20:31
ComboFix2.txt 2013-08-25 18:07
ComboFix3.txt 2013-08-25 15:25
.
Pre-Run: 197,978,238,976 bytes free
Post-Run: 197,980,184,576 bytes free
.
- - End Of File - - AB4D30AE2008E902841EED061D89E644
8F558EB6672622401DA993E1E865C861

#58
Phel

Posted 26 August 2013 - 03:44 AM

Trusted Helper

Malware Removal
1,386 posts

then it wouldnt work anymore.

Yes, now I see that from ComboFix log too. Seems that I know, whose entries are preventing you from accessing antivirus websites. I have tried to remove them several times, but they are coming back. So, I suspect that something is hiding in your system and reverting deleted malware back.

Okay, let's run rootkit (malware, which is hidden and can hide another malware) scan now:

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application (if that won't run rename it to winlogon.exe), then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

#59
raps1355

Posted 26 August 2013 - 07:11 AM

Member

Topic Starter
Member
39 posts

14:06:00.0265 2368 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:06:00.0656 2368 ============================================================
14:06:00.0656 2368 Current date / time: 2013/08/26 14:06:00.0656
14:06:00.0656 2368 SystemInfo:
14:06:00.0656 2368
14:06:00.0656 2368 OS Version: 5.1.2600 ServicePack: 3.0
14:06:00.0656 2368 Product type: Workstation
14:06:00.0656 2368 ComputerName: ASUSP5K-SE
14:06:00.0656 2368 UserName: Joe
14:06:00.0656 2368 Windows directory: C:\WINDOWS
14:06:00.0656 2368 System windows directory: C:\WINDOWS
14:06:00.0656 2368 Processor architecture: Intel x86
14:06:00.0656 2368 Number of processors: 2
14:06:00.0656 2368 Page size: 0x1000
14:06:00.0656 2368 Boot type: Normal boot
14:06:00.0656 2368 ============================================================
14:06:02.0500 2368 BG loaded
14:06:02.0984 2368 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:06:03.0046 2368 ============================================================
14:06:03.0046 2368 \Device\Harddisk0\DR0:
14:06:03.0078 2368 MBR partitions:
14:06:03.0078 2368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
14:06:03.0078 2368 ============================================================
14:06:03.0421 2368 C: <-> \Device\Harddisk0\DR0\Partition1
14:06:03.0437 2368 ============================================================
14:06:03.0437 2368 Initialize success
14:06:03.0437 2368 ============================================================
14:06:12.0296 3260 ============================================================
14:06:12.0296 3260 Scan started
14:06:12.0296 3260 Mode: Manual; SigCheck; TDLFS;
14:06:12.0296 3260 ============================================================
14:06:12.0500 3260 ================ Scan system memory ========================
14:06:12.0500 3260 System memory - ok
14:06:12.0500 3260 ================ Scan services =============================
14:06:12.0703 3260 Abiosdsk - ok
14:06:12.0703 3260 abp480n5 - ok
14:06:12.0750 3260 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:06:14.0515 3260 ACPI - ok
14:06:14.0546 3260 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:06:14.0671 3260 ACPIEC - ok
14:06:14.0796 3260 [ 6443FF94D64C7D007A588EEC44B2058F ] AcrSch2Svc C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
14:06:14.0828 3260 AcrSch2Svc - ok
14:06:14.0906 3260 [ 8CDDBFCDAC7226FE0202C7338107725B ] ACS C:\WINDOWS\system32\acs.exe
14:06:14.0953 3260 ACS ( UnsignedFile.Multi.Generic ) - warning
14:06:14.0953 3260 ACS - detected UnsignedFile.Multi.Generic (1)
14:06:14.0968 3260 adpu160m - ok
14:06:15.0015 3260 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:06:15.0125 3260 aec - ok
14:06:15.0171 3260 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:06:15.0328 3260 AFD - ok
14:06:15.0328 3260 Aha154x - ok
14:06:15.0328 3260 aic78u2 - ok
14:06:15.0328 3260 aic78xx - ok
14:06:15.0421 3260 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:06:15.0484 3260 Alerter - ok
14:06:15.0484 3260 AliIde - ok
14:06:15.0484 3260 amsint - ok
14:06:15.0562 3260 AppMgmt - ok
14:06:15.0562 3260 asc - ok
14:06:15.0562 3260 asc3350p - ok
14:06:15.0562 3260 asc3550 - ok
14:06:15.0609 3260 [ 663F2FB92608073824EE3106886120F3 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
14:06:15.0640 3260 AsIO - ok
14:06:15.0750 3260 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:06:15.0781 3260 aspnet_state - ok
14:06:15.0828 3260 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:06:15.0921 3260 AsyncMac - ok
14:06:15.0953 3260 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:06:16.0062 3260 atapi - ok
14:06:16.0093 3260 [ 0907A12341E56DDA7B22F8FD116A981D ] AtcL001 C:\WINDOWS\system32\DRIVERS\l151x86.sys
14:06:16.0296 3260 AtcL001 - ok
14:06:16.0296 3260 Atdisk - ok
14:06:16.0359 3260 [ AF800321680EB915D8F03014B94FF3D3 ] ATIAVAIW C:\WINDOWS\system32\DRIVERS\atinavt2.sys
14:06:16.0406 3260 ATIAVAIW ( UnsignedFile.Multi.Generic ) - warning
14:06:16.0406 3260 ATIAVAIW - detected UnsignedFile.Multi.Generic (1)
14:06:16.0406 3260 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:06:16.0468 3260 Atmarpc - ok
14:06:16.0515 3260 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:06:16.0625 3260 AudioSrv - ok
14:06:16.0687 3260 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:06:16.0750 3260 audstub - ok
14:06:16.0828 3260 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:06:16.0890 3260 Beep - ok
14:06:16.0937 3260 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:06:17.0296 3260 BITS - ok
14:06:17.0343 3260 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
14:06:17.0500 3260 Browser - ok
14:06:17.0578 3260 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
14:06:17.0625 3260 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
14:06:17.0625 3260 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
14:06:17.0625 3260 catchme - ok
14:06:17.0687 3260 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:06:17.0812 3260 cbidf2k - ok
14:06:17.0859 3260 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:06:17.0984 3260 CCDECODE - ok
14:06:17.0984 3260 cd20xrnt - ok
14:06:18.0078 3260 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:06:18.0140 3260 Cdaudio - ok
14:06:18.0203 3260 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:06:18.0265 3260 Cdfs - ok
14:06:18.0312 3260 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:06:18.0375 3260 Cdrom - ok
14:06:18.0375 3260 Changer - ok
14:06:18.0453 3260 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:06:18.0546 3260 CiSvc - ok
14:06:18.0625 3260 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:06:18.0734 3260 ClipSrv - ok
14:06:18.0843 3260 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:18.0968 3260 clr_optimization_v2.0.50727_32 - ok
14:06:19.0015 3260 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:19.0109 3260 clr_optimization_v4.0.30319_32 - ok
14:06:19.0125 3260 CmdIde - ok
14:06:19.0125 3260 COMSysApp - ok
14:06:19.0125 3260 Cpqarray - ok
14:06:19.0250 3260 cpuz132 - ok
14:06:19.0296 3260 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:06:19.0406 3260 CryptSvc - ok
14:06:19.0406 3260 dac2w2k - ok
14:06:19.0406 3260 dac960nt - ok
14:06:19.0484 3260 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:06:19.0531 3260 DcomLaunch - ok
14:06:19.0578 3260 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:06:19.0687 3260 Dhcp - ok
14:06:19.0718 3260 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:06:19.0828 3260 Disk - ok
14:06:19.0828 3260 dmadmin - ok
14:06:19.0859 3260 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:06:20.0000 3260 dmboot - ok
14:06:20.0000 3260 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:06:20.0125 3260 dmio - ok
14:06:20.0218 3260 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:06:20.0281 3260 dmload - ok
14:06:20.0328 3260 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:06:20.0390 3260 dmserver - ok
14:06:20.0421 3260 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:06:20.0531 3260 DMusic - ok
14:06:20.0609 3260 [ D2EE54CDBCED01D48F2B18642BE79A98 ] DNINDIS5 C:\WINDOWS\system32\DNINDIS5.SYS
14:06:20.0625 3260 DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
14:06:20.0625 3260 DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
14:06:20.0703 3260 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:06:20.0906 3260 Dnscache - ok
14:06:20.0968 3260 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:06:21.0031 3260 Dot3svc - ok
14:06:21.0031 3260 dpti2o - ok
14:06:21.0046 3260 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:06:21.0156 3260 drmkaud - ok
14:06:21.0187 3260 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:06:21.0312 3260 EapHost - ok
14:06:21.0343 3260 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:06:21.0453 3260 ERSvc - ok
14:06:21.0531 3260 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:06:21.0578 3260 Eventlog - ok
14:06:21.0671 3260 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
14:06:21.0734 3260 EventSystem - ok
14:06:21.0843 3260 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:06:21.0906 3260 Fastfat - ok
14:06:21.0953 3260 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:06:22.0156 3260 FastUserSwitchingCompatibility - ok
14:06:22.0156 3260 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:06:22.0281 3260 Fdc - ok
14:06:22.0328 3260 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:06:22.0437 3260 Fips - ok
14:06:22.0453 3260 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:06:22.0515 3260 Flpydisk - ok
14:06:22.0578 3260 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:06:22.0687 3260 FltMgr - ok
14:06:22.0812 3260 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:06:22.0828 3260 FontCache3.0.0.0 - ok
14:06:22.0843 3260 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:06:22.0937 3260 Fs_Rec - ok
14:06:22.0968 3260 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:06:23.0078 3260 Ftdisk - ok
14:06:23.0156 3260 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:06:23.0265 3260 Gpc - ok
14:06:23.0375 3260 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:06:23.0375 3260 gupdate - ok
14:06:23.0375 3260 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:06:23.0390 3260 gupdatem - ok
14:06:23.0406 3260 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:06:23.0500 3260 HDAudBus - ok
14:06:23.0625 3260 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:06:23.0687 3260 helpsvc - ok
14:06:23.0750 3260 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:06:23.0812 3260 HidServ - ok
14:06:23.0890 3260 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:06:23.0953 3260 hidusb - ok
14:06:24.0031 3260 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:06:24.0156 3260 hkmsvc - ok
14:06:24.0156 3260 hpn - ok
14:06:24.0234 3260 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:06:24.0250 3260 HPZid412 ( UnsignedFile.Multi.Generic ) - warning
14:06:24.0250 3260 HPZid412 - detected UnsignedFile.Multi.Generic (1)
14:06:24.0312 3260 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:06:24.0312 3260 HPZipr12 ( UnsignedFile.Multi.Generic ) - warning
14:06:24.0312 3260 HPZipr12 - detected UnsignedFile.Multi.Generic (1)
14:06:24.0328 3260 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:06:24.0453 3260 HPZius12 - ok
14:06:24.0453 3260 hshld - ok
14:06:24.0453 3260 HssDrv - ok
14:06:24.0500 3260 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:06:24.0593 3260 HTTP - ok
14:06:24.0640 3260 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:06:24.0734 3260 HTTPFilter - ok
14:06:24.0734 3260 i2omgmt - ok
14:06:24.0750 3260 i2omp - ok
14:06:24.0781 3260 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:06:24.0843 3260 i8042prt - ok
14:06:25.0062 3260 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:06:25.0125 3260 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:06:25.0125 3260 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:06:25.0312 3260 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:06:25.0359 3260 idsvc - ok
14:06:25.0390 3260 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:06:25.0500 3260 Imapi - ok
14:06:25.0546 3260 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:06:25.0656 3260 ImapiService - ok
14:06:25.0656 3260 ini910u - ok
14:06:25.0765 3260 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:06:25.0984 3260 IntcAzAudAddService - ok
14:06:25.0984 3260 IntelIde - ok
14:06:26.0031 3260 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:06:26.0093 3260 intelppm - ok
14:06:26.0156 3260 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:06:26.0218 3260 Ip6Fw - ok
14:06:26.0281 3260 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:06:26.0343 3260 IpFilterDriver - ok
14:06:26.0343 3260 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:06:26.0406 3260 IpInIp - ok
14:06:26.0453 3260 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:06:26.0562 3260 IpNat - ok
14:06:26.0609 3260 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:06:26.0718 3260 IPSec - ok
14:06:26.0796 3260 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:06:26.0843 3260 IRENUM - ok
14:06:26.0890 3260 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:06:27.0000 3260 isapnp - ok
14:06:27.0187 3260 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:06:27.0250 3260 JavaQuickStarterService - ok
14:06:27.0515 3260 [ 396C4DBCF101BED7487219025FFDBF75 ] jswpsapi C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
14:06:27.0640 3260 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
14:06:27.0640 3260 jswpsapi - detected UnsignedFile.Multi.Generic (1)
14:06:27.0765 3260 [ AD67795900AA8C05CC4570F5349E0639 ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys
14:06:27.0984 3260 JSWSCIMD - ok
14:06:28.0015 3260 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:06:28.0125 3260 Kbdclass - ok
14:06:28.0140 3260 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:06:28.0203 3260 kbdhid - ok
14:06:28.0265 3260 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:06:28.0359 3260 kmixer - ok
14:06:28.0437 3260 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:06:28.0609 3260 KSecDD - ok
14:06:28.0656 3260 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:06:28.0828 3260 lanmanserver - ok
14:06:28.0921 3260 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:06:29.0031 3260 lanmanworkstation - ok
14:06:29.0031 3260 lbrtfdc - ok
14:06:29.0062 3260 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:06:29.0171 3260 LmHosts - ok
14:06:29.0187 3260 lmimirr - ok
14:06:29.0218 3260 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
14:06:29.0234 3260 MBAMSwissArmy - ok
14:06:29.0281 3260 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:06:29.0375 3260 Messenger - ok
14:06:29.0437 3260 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:06:29.0453 3260 Microsoft Office Groove Audit Service - ok
14:06:29.0484 3260 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:06:29.0593 3260 mnmdd - ok
14:06:29.0656 3260 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:06:29.0765 3260 mnmsrvc - ok
14:06:29.0890 3260 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:06:29.0953 3260 Modem - ok
14:06:29.0984 3260 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
14:06:30.0000 3260 motmodem - ok
14:06:30.0031 3260 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:06:30.0093 3260 Mouclass - ok
14:06:30.0203 3260 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:06:30.0250 3260 mouhid - ok
14:06:30.0312 3260 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:06:30.0406 3260 MountMgr - ok
14:06:30.0421 3260 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
14:06:30.0484 3260 MPE - ok
14:06:30.0484 3260 mraid35x - ok
14:06:30.0546 3260 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:06:30.0609 3260 MRxDAV - ok
14:06:30.0671 3260 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:06:30.0812 3260 MRxSmb - ok
14:06:30.0890 3260 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:06:30.0984 3260 MSDTC - ok
14:06:31.0015 3260 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:06:31.0125 3260 Msfs - ok
14:06:31.0125 3260 MSIServer - ok
14:06:31.0218 3260 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:06:31.0265 3260 MSKSSRV - ok
14:06:31.0281 3260 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:06:31.0406 3260 MSPCLOCK - ok
14:06:31.0406 3260 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:06:31.0531 3260 MSPQM - ok
14:06:31.0562 3260 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:06:31.0625 3260 mssmbios - ok
14:06:31.0625 3260 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:06:31.0703 3260 MSTEE - ok
14:06:31.0781 3260 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:06:31.0921 3260 MTsensor - ok
14:06:31.0968 3260 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:06:32.0031 3260 Mup - ok
14:06:32.0140 3260 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:06:32.0203 3260 NABTSFEC - ok
14:06:32.0234 3260 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:06:32.0359 3260 napagent - ok
14:06:32.0390 3260 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:06:32.0500 3260 NDIS - ok
14:06:32.0500 3260 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:06:32.0609 3260 NdisIP - ok
14:06:32.0640 3260 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:06:32.0703 3260 NdisTapi - ok
14:06:32.0781 3260 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:06:32.0875 3260 Ndisuio - ok
14:06:32.0890 3260 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:06:32.0953 3260 NdisWan - ok
14:06:32.0984 3260 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:06:33.0250 3260 NDProxy - ok
14:06:33.0296 3260 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:06:33.0406 3260 NetBIOS - ok
14:06:33.0421 3260 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:06:33.0531 3260 NetBT - ok
14:06:33.0562 3260 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:06:33.0625 3260 NetDDE - ok
14:06:33.0656 3260 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:06:33.0718 3260 NetDDEdsdm - ok
14:06:33.0765 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:06:33.0859 3260 Netlogon - ok
14:06:33.0906 3260 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:06:33.0968 3260 Netman - ok
14:06:33.0984 3260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:06:34.0031 3260 NetTcpPortSharing - ok
14:06:34.0078 3260 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:06:34.0125 3260 Nla - ok
14:06:34.0218 3260 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:06:34.0312 3260 Npfs - ok
14:06:34.0328 3260 npggsvc - ok
14:06:34.0421 3260 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:06:34.0500 3260 Ntfs - ok
14:06:34.0546 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:06:34.0609 3260 NtLmSsp - ok
14:06:34.0656 3260 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:06:34.0765 3260 NtmsSvc - ok
14:06:34.0796 3260 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:06:34.0906 3260 Null - ok
14:06:35.0140 3260 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:06:35.0468 3260 nv - ok
14:06:35.0515 3260 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:06:35.0515 3260 NVSvc - ok
14:06:35.0593 3260 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:06:35.0671 3260 NwlnkFlt - ok
14:06:35.0671 3260 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:06:35.0750 3260 NwlnkFwd - ok
14:06:35.0875 3260 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:06:35.0890 3260 odserv - ok
14:06:35.0921 3260 [ 21DC5B289DCE2D32A32BAAB7BCF29A6A ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys
14:06:35.0984 3260 oreans32 ( UnsignedFile.Multi.Generic ) - warning
14:06:35.0984 3260 oreans32 - detected UnsignedFile.Multi.Generic (1)
14:06:36.0046 3260 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:36.0062 3260 ose - ok
14:06:36.0109 3260 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:06:36.0218 3260 Parport - ok
14:06:36.0234 3260 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:06:36.0328 3260 PartMgr - ok
14:06:36.0421 3260 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:06:36.0484 3260 ParVdm - ok
14:06:36.0484 3260 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:06:36.0609 3260 PCI - ok
14:06:36.0609 3260 PCIDump - ok
14:06:36.0625 3260 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:06:36.0687 3260 PCIIde - ok
14:06:36.0750 3260 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:06:36.0812 3260 Pcmcia - ok
14:06:36.0812 3260 PDCOMP - ok
14:06:36.0812 3260 PDFRAME - ok
14:06:36.0812 3260 PDRELI - ok
14:06:36.0812 3260 PDRFRAME - ok
14:06:36.0812 3260 perc2 - ok
14:06:36.0828 3260 perc2hib - ok
14:06:36.0859 3260 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:06:36.0921 3260 PlugPlay - ok
14:06:37.0000 3260 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
14:06:37.0000 3260 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:06:37.0000 3260 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:06:37.0000 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:06:37.0062 3260 PolicyAgent - ok
14:06:37.0093 3260 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:06:37.0203 3260 PptpMiniport - ok
14:06:37.0250 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:06:37.0312 3260 ProtectedStorage - ok
14:06:37.0312 3260 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:06:37.0421 3260 PSched - ok
14:06:37.0468 3260 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:06:37.0593 3260 Ptilink - ok
14:06:37.0593 3260 ql1080 - ok
14:06:37.0593 3260 Ql10wnt - ok
14:06:37.0593 3260 ql12160 - ok
14:06:37.0593 3260 ql1240 - ok
14:06:37.0609 3260 ql1280 - ok
14:06:37.0640 3260 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:06:37.0703 3260 RasAcd - ok
14:06:37.0750 3260 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:06:37.0859 3260 RasAuto - ok
14:06:37.0906 3260 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:06:37.0968 3260 Rasl2tp - ok
14:06:38.0015 3260 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:06:38.0078 3260 RasMan - ok
14:06:38.0156 3260 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:06:38.0265 3260 RasPppoe - ok
14:06:38.0312 3260 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:06:38.0359 3260 Raspti - ok
14:06:38.0421 3260 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:06:38.0531 3260 Rdbss - ok
14:06:38.0578 3260 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:06:38.0640 3260 RDPCDD - ok
14:06:38.0750 3260 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:06:38.0859 3260 RDPWD - ok
14:06:38.0953 3260 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:06:39.0015 3260 RDSessMgr - ok
14:06:39.0046 3260 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:06:39.0156 3260 redbook - ok
14:06:39.0218 3260 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:06:39.0265 3260 RemoteAccess - ok
14:06:39.0343 3260 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:06:39.0406 3260 RpcLocator - ok
14:06:39.0421 3260 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:06:39.0484 3260 RpcSs - ok
14:06:39.0484 3260 RPSKT - ok
14:06:39.0546 3260 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:06:39.0671 3260 RSVP - ok
14:06:39.0703 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:06:39.0765 3260 SamSs - ok
14:06:39.0796 3260 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:06:39.0906 3260 SCardSvr - ok
14:06:39.0953 3260 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:06:40.0062 3260 Schedule - ok
14:06:40.0140 3260 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:06:40.0187 3260 Secdrv - ok
14:06:40.0250 3260 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:06:40.0343 3260 seclogon - ok
14:06:40.0343 3260 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:06:40.0515 3260 SENS - ok
14:06:40.0593 3260 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:06:40.0687 3260 serenum - ok
14:06:40.0703 3260 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:06:40.0750 3260 Serial - ok
14:06:40.0796 3260 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:06:40.0906 3260 Sfloppy - ok
14:06:40.0921 3260 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:06:40.0968 3260 ShellHWDetection - ok
14:06:40.0984 3260 Simbad - ok
14:06:40.0984 3260 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:06:41.0062 3260 SLIP - ok
14:06:41.0062 3260 Sparrow - ok
14:06:41.0078 3260 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:06:41.0187 3260 splitter - ok
14:06:41.0234 3260 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:06:41.0296 3260 Spooler - ok
14:06:41.0390 3260 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
14:06:41.0406 3260 sptd - ok
14:06:41.0437 3260 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:06:41.0515 3260 sr - ok
14:06:41.0609 3260 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:06:41.0687 3260 srservice - ok
14:06:41.0765 3260 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:06:41.0859 3260 Srv - ok
14:06:41.0906 3260 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:06:41.0937 3260 SSDPSRV - ok
14:06:41.0953 3260 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:06:42.0015 3260 stisvc - ok
14:06:42.0078 3260 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:06:42.0140 3260 streamip - ok
14:06:42.0187 3260 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:06:42.0281 3260 swenum - ok
14:06:42.0328 3260 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:06:42.0437 3260 swmidi - ok
14:06:42.0437 3260 SwPrv - ok
14:06:42.0437 3260 symc810 - ok
14:06:42.0437 3260 symc8xx - ok
14:06:42.0437 3260 sym_hi - ok
14:06:42.0453 3260 sym_u3 - ok
14:06:42.0468 3260 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:06:42.0531 3260 sysaudio - ok
14:06:42.0609 3260 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:06:42.0671 3260 SysmonLog - ok
14:06:42.0734 3260 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
14:06:42.0734 3260 taphss - ok
14:06:42.0750 3260 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:06:42.0859 3260 TapiSrv - ok
14:06:42.0937 3260 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:06:42.0953 3260 Tcpip - ok
14:06:43.0046 3260 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:06:43.0125 3260 TDPIPE - ok
14:06:43.0125 3260 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:06:43.0234 3260 TDTCP - ok
14:06:43.0265 3260 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:06:43.0375 3260 TermDD - ok
14:06:43.0453 3260 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:06:43.0562 3260 TermService - ok
14:06:43.0609 3260 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
14:06:43.0625 3260 Themes - ok
14:06:43.0625 3260 TosIde - ok
14:06:43.0625 3260 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:06:43.0734 3260 TrkWks - ok
14:06:43.0796 3260 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:06:43.0875 3260 Udfs - ok
14:06:43.0875 3260 ultra - ok
14:06:43.0906 3260 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:06:44.0031 3260 Update - ok
14:06:44.0078 3260 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:06:44.0140 3260 upnphost - ok
14:06:44.0203 3260 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:06:44.0312 3260 UPS - ok
14:06:44.0312 3260 USBAAPL - ok
14:06:44.0390 3260 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:06:44.0468 3260 usbaudio - ok
14:06:44.0500 3260 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:06:44.0609 3260 usbccgp - ok
14:06:44.0640 3260 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:06:44.0703 3260 usbehci - ok
14:06:44.0734 3260 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:06:44.0843 3260 usbhub - ok
14:06:44.0937 3260 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:06:45.0000 3260 usbprint - ok
14:06:45.0031 3260 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:06:45.0156 3260 usbscan - ok
14:06:45.0171 3260 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:06:45.0281 3260 USBSTOR - ok
14:06:45.0328 3260 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:06:45.0390 3260 usbuhci - ok
14:06:45.0484 3260 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:06:45.0546 3260 VgaSave - ok
14:06:45.0546 3260 ViaIde - ok
14:06:45.0593 3260 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:06:45.0703 3260 VolSnap - ok
14:06:45.0781 3260 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:06:45.0875 3260 VSS - ok
14:06:45.0906 3260 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:06:46.0015 3260 W32Time - ok
14:06:46.0046 3260 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:06:46.0156 3260 Wanarp - ok
14:06:46.0250 3260 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:06:46.0265 3260 Wdf01000 - ok
14:06:46.0265 3260 WDICA - ok
14:06:46.0343 3260 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:06:46.0390 3260 wdmaud - ok
14:06:46.0468 3260 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:06:46.0578 3260 WebClient - ok
14:06:46.0703 3260 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:06:46.0765 3260 winmgmt - ok
14:06:46.0828 3260 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:06:46.0984 3260 WmdmPmSN - ok
14:06:47.0046 3260 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:06:47.0109 3260 Wmi - ok
14:06:47.0203 3260 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:06:47.0296 3260 WmiApSrv - ok
14:06:47.0406 3260 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:06:47.0500 3260 WMPNetworkSvc - ok
14:06:47.0531 3260 [ F1857F0A8E48DABF792C71692606D638 ] WN111v2 C:\WINDOWS\system32\DRIVERS\WN111v2.sys
14:06:47.0640 3260 WN111v2 - ok
14:06:47.0656 3260 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:06:47.0718 3260 WpdUsb - ok
14:06:47.0843 3260 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:06:47.0921 3260 WPFFontCache_v0400 - ok
14:06:47.0937 3260 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:06:48.0046 3260 WS2IFSL - ok
14:06:48.0125 3260 [ 43F767D59BFC25D8F4FC2EB42043EC1E ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
14:06:48.0156 3260 WSIMD ( UnsignedFile.Multi.Generic ) - warning
14:06:48.0156 3260 WSIMD - detected UnsignedFile.Multi.Generic (1)
14:06:48.0156 3260 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:06:48.0234 3260 WSTCODEC - ok
14:06:48.0312 3260 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:06:48.0390 3260 wuauserv - ok
14:06:48.0437 3260 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:06:48.0546 3260 WudfPf - ok
14:06:48.0546 3260 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:06:48.0546 3260 WudfRd - ok
14:06:48.0578 3260 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:06:48.0687 3260 WudfSvc - ok
14:06:48.0781 3260 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:06:48.0843 3260 WZCSVC - ok
14:06:48.0859 3260 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:06:48.0937 3260 xmlprov - ok
14:06:49.0015 3260 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
14:06:49.0015 3260 xusb21 - ok
14:06:49.0015 3260 ================ Scan global ===============================
14:06:49.0109 3260 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:06:49.0156 3260 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:06:49.0156 3260 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:06:49.0171 3260 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:06:49.0171 3260 [Global] - ok
14:06:49.0171 3260 ================ Scan MBR ==================================
14:06:49.0187 3260 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:06:49.0625 3260 \Device\Harddisk0\DR0 - ok
14:06:49.0625 3260 ================ Scan VBR ==================================
14:06:49.0625 3260 [ 547B97760E538C357BB4BD56B6FF3D85 ] \Device\Harddisk0\DR0\Partition1
14:06:49.0625 3260 \Device\Harddisk0\DR0\Partition1 - ok
14:06:49.0625 3260 ================ Scan active images ========================
14:06:49.0625 3260 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:06:49.0625 3260 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:06:49.0625 3260 [ ED9816DBAF6689542EA7D022631906A1 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
14:06:49.0625 3260 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:06:49.0625 3260 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\usbport.sys - ok
14:06:49.0625 3260 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:06:49.0625 3260 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
14:06:49.0625 3260 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\imapi.sys - ok
14:06:49.0625 3260 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:06:49.0625 3260 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
14:06:49.0625 3260 C:\WINDOWS\system32\drivers\ks.sys - ok
14:06:49.0640 3260 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\redbook.sys - ok
14:06:49.0640 3260 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
14:06:49.0640 3260 [ 0907A12341E56DDA7B22F8FD116A981D ] C:\WINDOWS\system32\drivers\l151x86.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\l151x86.sys - ok
14:06:49.0640 3260 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\serial.sys - ok
14:06:49.0640 3260 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:06:49.0640 3260 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\serenum.sys - ok
14:06:49.0640 3260 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:06:49.0640 3260 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:06:49.0640 3260 [ AD67795900AA8C05CC4570F5349E0639 ] C:\WINDOWS\system32\drivers\jswscimd.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\jswscimd.sys - ok
14:06:49.0640 3260 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\audstub.sys - ok
14:06:49.0640 3260 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:06:49.0640 3260 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:06:49.0656 3260 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:06:49.0656 3260 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:06:49.0656 3260 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:06:49.0656 3260 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:06:49.0656 3260 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\tdi.sys - ok
14:06:49.0656 3260 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\psched.sys - ok
14:06:49.0656 3260 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:06:49.0656 3260 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:06:49.0656 3260 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\raspti.sys - ok
14:06:49.0656 3260 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\swenum.sys - ok
14:06:49.0656 3260 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] C:\WINDOWS\system32\drivers\taphss.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\taphss.sys - ok
14:06:49.0656 3260 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
14:06:49.0656 3260 C:\WINDOWS\system32\drivers\termdd.sys - ok
14:06:49.0671 3260 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\update.sys - ok
14:06:49.0671 3260 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:06:49.0671 3260 [ 43F767D59BFC25D8F4FC2EB42043EC1E ] C:\WINDOWS\system32\drivers\wsimd.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\wsimd.sys - ok
14:06:49.0671 3260 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:06:49.0671 3260 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\usbd.sys - ok
14:06:49.0671 3260 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:06:49.0671 3260 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\drmk.sys - ok
14:06:49.0671 3260 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\portcls.sys - ok
14:06:49.0671 3260 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
14:06:49.0671 3260 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\beep.sys - ok
14:06:49.0671 3260 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:06:49.0671 3260 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:06:49.0671 3260 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:06:49.0687 3260 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\hidparse.sys - ok
14:06:49.0687 3260 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
14:06:49.0687 3260 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:06:49.0687 3260 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\null.sys - ok
14:06:49.0687 3260 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:06:49.0687 3260 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\vga.sys - ok
14:06:49.0687 3260 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:06:49.0687 3260 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\msfs.sys - ok
14:06:49.0687 3260 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\npfs.sys - ok
14:06:49.0687 3260 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:06:49.0687 3260 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:06:49.0687 3260 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:06:49.0703 3260 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\netbt.sys - ok
14:06:49.0703 3260 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:06:49.0703 3260 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:06:49.0703 3260 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
14:06:49.0703 3260 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\afd.sys - ok
14:06:49.0703 3260 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\netbios.sys - ok
14:06:49.0703 3260 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:06:49.0703 3260 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:06:49.0703 3260 [ 21DC5B289DCE2D32A32BAAB7BCF29A6A ] C:\WINDOWS\system32\drivers\oreans32.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\oreans32.sys - ok
14:06:49.0703 3260 [ 663F2FB92608073824EE3106886120F3 ] C:\WINDOWS\system32\drivers\AsIO.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\AsIO.sys - ok
14:06:49.0703 3260 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
14:06:49.0703 3260 C:\WINDOWS\system32\drivers\fips.sys - ok
14:06:49.0703 3260 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
14:06:49.0703 3260 C:\WINDOWS\system32\ntdll.dll - ok
14:06:49.0718 3260 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
14:06:49.0718 3260 C:\WINDOWS\system32\smss.exe - ok
14:06:49.0718 3260 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
14:06:49.0718 3260 C:\WINDOWS\system32\autochk.exe - ok
14:06:49.0718 3260 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
14:06:49.0718 3260 C:\WINDOWS\system32\sfcfiles.dll - ok
14:06:49.0718 3260 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:06:49.0718 3260 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
14:06:49.0718 3260 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\hidclass.sys - ok
14:06:49.0718 3260 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\hidusb.sys - ok
14:06:49.0718 3260 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\mouhid.sys - ok
14:06:49.0718 3260 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:06:49.0718 3260 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\atapi.sys - ok
14:06:49.0718 3260 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:06:49.0718 3260 C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:06:49.0718 3260 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
14:06:49.0718 3260 C:\WINDOWS\system32\csrsrv.dll - ok
14:06:49.0734 3260 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
14:06:49.0734 3260 C:\WINDOWS\system32\csrss.exe - ok
14:06:49.0734 3260 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
14:06:49.0734 3260 C:\WINDOWS\system32\watchdog.sys - ok
14:06:49.0734 3260 [ FC8A1F72A8097910A11D5184BC3F887B ] C:\WINDOWS\system32\win32k.sys
14:06:49.0734 3260 C:\WINDOWS\system32\win32k.sys - ok
14:06:49.0734 3260 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:06:49.0734 3260 C:\WINDOWS\system32\basesrv.dll - ok
14:06:49.0734 3260 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
14:06:49.0734 3260 C:\WINDOWS\system32\gdi32.dll - ok
14:06:49.0734 3260 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
14:06:49.0734 3260 C:\WINDOWS\system32\kernel32.dll - ok
14:06:49.0734 3260 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:06:49.0734 3260 C:\WINDOWS\system32\winsrv.dll - ok
14:06:49.0734 3260 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
14:06:49.0734 3260 C:\WINDOWS\system32\user32.dll - ok
14:06:49.0734 3260 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
14:06:49.0734 3260 C:\WINDOWS\system32\drivers\dxg.sys - ok
14:06:49.0734 3260 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:06:49.0734 3260 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:06:49.0734 3260 [ 2C9A151701878E18563447EB2C2B0516 ] C:\WINDOWS\system32\nv4_disp.dll
14:06:49.0734 3260 C:\WINDOWS\system32\nv4_disp.dll - ok
14:06:49.0734 3260 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:06:49.0734 3260 C:\WINDOWS\system32\vga.dll - ok
14:06:49.0750 3260 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
14:06:49.0750 3260 C:\WINDOWS\system32\winlogon.exe - ok
14:06:49.0750 3260 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
14:06:49.0750 3260 C:\WINDOWS\system32\advapi32.dll - ok
14:06:49.0750 3260 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
14:06:49.0750 3260 C:\WINDOWS\system32\rpcrt4.dll - ok
14:06:49.0750 3260 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
14:06:49.0750 3260 C:\WINDOWS\system32\secur32.dll - ok
14:06:49.0750 3260 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
14:06:49.0750 3260 C:\WINDOWS\system32\authz.dll - ok
14:06:49.0750 3260 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
14:06:49.0750 3260 C:\WINDOWS\system32\msvcrt.dll - ok
14:06:49.0750 3260 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
14:06:49.0750 3260 C:\WINDOWS\system32\crypt32.dll - ok
14:06:49.0750 3260 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
14:06:49.0750 3260 C:\WINDOWS\system32\msasn1.dll - ok
14:06:49.0750 3260 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
14:06:49.0750 3260 C:\WINDOWS\system32\nddeapi.dll - ok
14:06:49.0750 3260 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
14:06:49.0750 3260 C:\WINDOWS\system32\netapi32.dll - ok
14:06:49.0750 3260 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
14:06:49.0750 3260 C:\WINDOWS\system32\profmap.dll - ok
14:06:49.0765 3260 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
14:06:49.0765 3260 C:\WINDOWS\system32\userenv.dll - ok
14:06:49.0765 3260 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
14:06:49.0765 3260 C:\WINDOWS\system32\psapi.dll - ok
14:06:49.0765 3260 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
14:06:49.0765 3260 C:\WINDOWS\system32\regapi.dll - ok
14:06:49.0765 3260 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
14:06:49.0765 3260 C:\WINDOWS\system32\setupapi.dll - ok
14:06:49.0765 3260 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
14:06:49.0765 3260 C:\WINDOWS\system32\version.dll - ok
14:06:49.0765 3260 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
14:06:49.0765 3260 C:\WINDOWS\system32\winsta.dll - ok
14:06:49.0765 3260 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
14:06:49.0765 3260 C:\WINDOWS\system32\wintrust.dll - ok
14:06:49.0765 3260 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
14:06:49.0765 3260 C:\WINDOWS\system32\imagehlp.dll - ok
14:06:49.0765 3260 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
14:06:49.0765 3260 C:\WINDOWS\system32\imm32.dll - ok
14:06:49.0765 3260 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
14:06:49.0765 3260 C:\WINDOWS\system32\ws2help.dll - ok
14:06:49.0765 3260 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
14:06:49.0765 3260 C:\WINDOWS\system32\ws2_32.dll - ok
14:06:49.0765 3260 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
14:06:49.0765 3260 C:\WINDOWS\system32\kbduk.dll - ok
14:06:49.0781 3260 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
14:06:49.0781 3260 C:\WINDOWS\system32\msgina.dll - ok
14:06:49.0781 3260 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
14:06:49.0781 3260 C:\WINDOWS\system32\comctl32.dll - ok
14:06:49.0781 3260 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
14:06:49.0781 3260 C:\WINDOWS\system32\odbc32.dll - ok
14:06:49.0781 3260 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
14:06:49.0781 3260 C:\WINDOWS\system32\comdlg32.dll - ok
14:06:49.0781 3260 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
14:06:49.0781 3260 C:\WINDOWS\system32\shell32.dll - ok
14:06:49.0781 3260 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
14:06:49.0781 3260 C:\WINDOWS\system32\shlwapi.dll - ok
14:06:49.0781 3260 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
14:06:49.0781 3260 C:\WINDOWS\system32\sxs.dll - ok
14:06:49.0781 3260 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:06:49.0781 3260 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:06:49.0781 3260 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
14:06:49.0781 3260 C:\WINDOWS\system32\odbcint.dll - ok
14:06:49.0781 3260 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
14:06:49.0781 3260 C:\WINDOWS\system32\ole32.dll - ok
14:06:49.0781 3260 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
14:06:49.0781 3260 C:\WINDOWS\system32\sfc.dll - ok
14:06:49.0781 3260 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
14:06:49.0781 3260 C:\WINDOWS\system32\sfc_os.dll - ok
14:06:49.0796 3260 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
14:06:49.0796 3260 C:\WINDOWS\system32\shsvcs.dll - ok
14:06:49.0796 3260 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
14:06:49.0796 3260 C:\WINDOWS\system32\apphelp.dll - ok
14:06:49.0796 3260 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
14:06:49.0796 3260 C:\WINDOWS\system32\lsass.exe - ok
14:06:49.0796 3260 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:06:49.0796 3260 C:\WINDOWS\system32\services.exe - ok
14:06:49.0796 3260 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
14:06:49.0796 3260 C:\WINDOWS\system32\lsasrv.dll - ok
14:06:49.0796 3260 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
14:06:49.0796 3260 C:\WINDOWS\system32\msvcp60.dll - ok
14:06:49.0796 3260 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
14:06:49.0796 3260 C:\WINDOWS\system32\ncobjapi.dll - ok
14:06:49.0796 3260 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
14:06:49.0796 3260 C:\WINDOWS\system32\scesrv.dll - ok
14:06:49.0796 3260 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
14:06:49.0796 3260 C:\WINDOWS\system32\mpr.dll - ok
14:06:49.0796 3260 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
14:06:49.0796 3260 C:\WINDOWS\system32\ntdsapi.dll - ok
14:06:49.0796 3260 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
14:06:49.0796 3260 C:\WINDOWS\system32\umpnpmgr.dll - ok
14:06:49.0796 3260 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
14:06:49.0796 3260 C:\WINDOWS\system32\dnsapi.dll - ok
14:06:49.0812 3260 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
14:06:49.0812 3260 C:\WINDOWS\system32\shimeng.dll - ok
14:06:49.0812 3260 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
14:06:49.0812 3260 C:\WINDOWS\AppPatch\acadproc.dll - ok
14:06:49.0812 3260 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
14:06:49.0812 3260 C:\WINDOWS\system32\wldap32.dll - ok
14:06:49.0812 3260 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
14:06:49.0812 3260 C:\WINDOWS\system32\samlib.dll - ok
14:06:49.0812 3260 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
14:06:49.0812 3260 C:\WINDOWS\system32\samsrv.dll - ok
14:06:49.0812 3260 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
14:06:49.0812 3260 C:\WINDOWS\AppPatch\acgenral.dll - ok
14:06:49.0812 3260 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
14:06:49.0812 3260 C:\WINDOWS\system32\cryptdll.dll - ok
14:06:49.0812 3260 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
14:06:49.0812 3260 C:\WINDOWS\system32\oleaut32.dll - ok
14:06:49.0812 3260 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
14:06:49.0812 3260 C:\WINDOWS\system32\winmm.dll - ok
14:06:49.0812 3260 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
14:06:49.0812 3260 C:\WINDOWS\system32\msacm32.dll - ok
14:06:49.0812 3260 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
14:06:49.0812 3260 C:\WINDOWS\system32\uxtheme.dll - ok
14:06:49.0812 3260 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
14:06:49.0812 3260 C:\WINDOWS\system32\digest.dll - ok
14:06:49.0828 3260 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
14:06:49.0828 3260 C:\WINDOWS\system32\msapsspc.dll - ok
14:06:49.0828 3260 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
14:06:49.0828 3260 C:\WINDOWS\system32\msctfime.ime - ok
14:06:49.0828 3260 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
14:06:49.0828 3260 C:\WINDOWS\system32\msnsspc.dll - ok
14:06:49.0828 3260 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
14:06:49.0828 3260 C:\WINDOWS\system32\msprivs.dll - ok
14:06:49.0828 3260 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
14:06:49.0828 3260 C:\WINDOWS\system32\msvcrt40.dll - ok
14:06:49.0828 3260 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
14:06:49.0828 3260 C:\WINDOWS\system32\schannel.dll - ok
14:06:49.0828 3260 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
14:06:49.0828 3260 C:\WINDOWS\system32\kerberos.dll - ok
14:06:49.0828 3260 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
14:06:49.0828 3260 C:\WINDOWS\system32\msv1_0.dll - ok
14:06:49.0828 3260 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
14:06:49.0828 3260 C:\WINDOWS\system32\atmfd.dll - ok
14:06:49.0828 3260 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
14:06:49.0828 3260 C:\WINDOWS\system32\iphlpapi.dll - ok
14:06:49.0828 3260 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
14:06:49.0828 3260 C:\WINDOWS\system32\netlogon.dll - ok
14:06:49.0828 3260 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
14:06:49.0828 3260 C:\WINDOWS\system32\w32time.dll - ok
14:06:49.0843 3260 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
14:06:49.0843 3260 C:\WINDOWS\system32\rsaenh.dll - ok
14:06:49.0843 3260 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
14:06:49.0843 3260 C:\WINDOWS\system32\wdigest.dll - ok
14:06:49.0843 3260 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
14:06:49.0843 3260 C:\WINDOWS\system32\winscard.dll - ok
14:06:49.0843 3260 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
14:06:49.0843 3260 C:\WINDOWS\system32\wtsapi32.dll - ok
14:06:49.0843 3260 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
14:06:49.0843 3260 C:\WINDOWS\system32\scecli.dll - ok
14:06:49.0843 3260 [ 58A517026E5C8674A70B9B6650691EFE ] C:\WINDOWS\system32\nvcpl.dll
14:06:49.0843 3260 C:\WINDOWS\system32\nvcpl.dll - ok
14:06:49.0843 3260 [ A2322C6207EBB0761A6C8CC9003EBACF ] C:\WINDOWS\system32\nvsvc32.exe
14:06:49.0843 3260 C:\WINDOWS\system32\nvsvc32.exe - ok
14:06:49.0843 3260 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
14:06:49.0843 3260 C:\WINDOWS\system32\powrprof.dll - ok
14:06:49.0843 3260 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
14:06:49.0843 3260 C:\WINDOWS\system32\winspool.drv - ok
14:06:49.0843 3260 [ 933CB1A7E0AF34C63F4B1F3B9C149286 ] C:\WINDOWS\system32\nvrseng.dll
14:06:49.0843 3260 C:\WINDOWS\system32\nvrseng.dll - ok
14:06:49.0843 3260 [ 6A65DA7325CF33ACAA112DC2F70B0934 ] C:\WINDOWS\system32\nvapi.dll
14:06:49.0843 3260 C:\WINDOWS\system32\nvapi.dll - ok
14:06:49.0859 3260 [ 0AD786CEEFBD6D51B7D35788D83857B9 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
14:06:49.0859 3260 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
14:06:49.0859 3260 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
14:06:49.0859 3260 C:\WINDOWS\system32\logonui.exe - ok
14:06:49.0859 3260 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
14:06:49.0859 3260 C:\WINDOWS\system32\duser.dll - ok
14:06:49.0859 3260 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
14:06:49.0859 3260 C:\WINDOWS\system32\msimg32.dll - ok
14:06:49.0859 3260 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
14:06:49.0859 3260 C:\WINDOWS\system32\oleacc.dll - ok
14:06:49.0859 3260 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
14:06:49.0859 3260 C:\WINDOWS\system32\clbcatq.dll - ok
14:06:49.0859 3260 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
14:06:49.0859 3260 C:\WINDOWS\system32\comres.dll - ok
14:06:49.0859 3260 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
14:06:49.0859 3260 C:\WINDOWS\system32\shgina.dll - ok
14:06:49.0859 3260 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
14:06:49.0859 3260 C:\WINDOWS\system32\svchost.exe - ok
14:06:49.0859 3260 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
14:06:49.0859 3260 C:\WINDOWS\system32\ntmarta.dll - ok
14:06:49.0859 3260 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
14:06:49.0859 3260 C:\WINDOWS\system32\rpcss.dll - ok
14:06:49.0859 3260 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
14:06:49.0859 3260 C:\WINDOWS\system32\xpsp2res.dll - ok
14:06:49.0875 3260 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
14:06:49.0875 3260 C:\WINDOWS\system32\eventlog.dll - ok
14:06:49.0875 3260 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
14:06:49.0875 3260 C:\WINDOWS\system32\hnetcfg.dll - ok
14:06:49.0875 3260 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
14:06:49.0875 3260 C:\WINDOWS\system32\mswsock.dll - ok
14:06:49.0875 3260 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
14:06:49.0875 3260 C:\WINDOWS\system32\rasadhlp.dll - ok
14:06:49.0875 3260 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
14:06:49.0875 3260 C:\WINDOWS\system32\winrnr.dll - ok
14:06:49.0875 3260 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
14:06:49.0875 3260 C:\WINDOWS\system32\wshtcpip.dll - ok
14:06:49.0875 3260 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
14:06:49.0875 3260 C:\WINDOWS\system32\WudfSvc.dll - ok
14:06:49.0875 3260 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
14:06:49.0875 3260 C:\WINDOWS\system32\cscdll.dll - ok
14:06:49.0875 3260 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
14:06:49.0875 3260 C:\WINDOWS\system32\dimsntfy.dll - ok
14:06:49.0875 3260 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
14:06:49.0875 3260 C:\WINDOWS\system32\wlnotify.dll - ok
14:06:49.0875 3260 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
14:06:49.0875 3260 C:\WINDOWS\system32\WudfPlatform.dll - ok
14:06:49.0875 3260 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:06:49.0875 3260 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:06:49.0890 3260 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
14:06:49.0890 3260 C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:06:49.0890 3260 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
14:06:49.0890 3260 C:\WINDOWS\system32\dnsrslvr.dll - ok
14:06:49.0890 3260 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
14:06:49.0890 3260 C:\WINDOWS\system32\lmhsvc.dll - ok
14:06:49.0890 3260 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
14:06:49.0890 3260 C:\WINDOWS\system32\wzcsvc.dll - ok
14:06:49.0890 3260 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
14:06:49.0890 3260 C:\WINDOWS\system32\atl.dll - ok
14:06:49.0890 3260 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
14:06:49.0890 3260 C:\WINDOWS\system32\eapolqec.dll - ok
14:06:49.0890 3260 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
14:06:49.0890 3260 C:\WINDOWS\system32\qutil.dll - ok
14:06:49.0890 3260 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
14:06:49.0890 3260 C:\WINDOWS\system32\rtutils.dll - ok
14:06:49.0890 3260 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
14:06:49.0890 3260 C:\WINDOWS\system32\wmi.dll - ok
14:06:49.0890 3260 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
14:06:49.0890 3260 C:\WINDOWS\system32\dot3api.dll - ok
14:06:49.0890 3260 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
14:06:49.0890 3260 C:\WINDOWS\system32\esent.dll - ok
14:06:49.0906 3260 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
14:06:49.0906 3260 C:\WINDOWS\system32\cryptui.dll - ok
14:06:49.0906 3260 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
14:06:49.0906 3260 C:\WINDOWS\system32\rastls.dll - ok
14:06:49.0906 3260 [ CE5BA470204A3176E60721C4B63B8DF3 ] C:\WINDOWS\system32\wininet.dll
14:06:49.0906 3260 C:\WINDOWS\system32\wininet.dll - ok
14:06:49.0906 3260 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
14:06:49.0906 3260 C:\WINDOWS\system32\normaliz.dll - ok
14:06:49.0906 3260 [ F2ED64D23C94ACF512A81142F3431F4C ] C:\WINDOWS\system32\urlmon.dll
14:06:49.0906 3260 C:\WINDOWS\system32\urlmon.dll - ok
14:06:49.0906 3260 [ F81E2C10BD6C4BE3B9A242018CEF7A98 ] C:\WINDOWS\system32\iertutil.dll
14:06:49.0906 3260 C:\WINDOWS\system32\iertutil.dll - ok
14:06:49.0906 3260 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
14:06:49.0906 3260 C:\WINDOWS\system32\activeds.dll - ok
14:06:49.0906 3260 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
14:06:49.0906 3260 C:\WINDOWS\system32\adsldpc.dll - ok
14:06:49.0906 3260 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
14:06:49.0906 3260 C:\WINDOWS\system32\mprapi.dll - ok
14:06:49.0906 3260 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
14:06:49.0906 3260 C:\WINDOWS\system32\rasapi32.dll - ok
14:06:49.0906 3260 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
14:06:49.0906 3260 C:\WINDOWS\system32\rasman.dll - ok
14:06:49.0906 3260 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
14:06:49.0906 3260 C:\WINDOWS\system32\riched20.dll - ok
14:06:49.0921 3260 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
14:06:49.0921 3260 C:\WINDOWS\system32\tapi32.dll - ok
14:06:49.0921 3260 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
14:06:49.0921 3260 C:\WINDOWS\system32\msidle.dll - ok
14:06:49.0921 3260 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
14:06:49.0921 3260 C:\WINDOWS\system32\raschap.dll - ok
14:06:49.0921 3260 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
14:06:49.0921 3260 C:\WINDOWS\system32\schedsvc.dll - ok
14:06:49.0921 3260 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
14:06:49.0921 3260 C:\WINDOWS\system32\spoolsv.exe - ok
14:06:49.0921 3260 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
14:06:49.0921 3260 C:\WINDOWS\system32\audiosrv.dll - ok
14:06:49.0921 3260 [ 8CDDBFCDAC7226FE0202C7338107725B ] C:\WINDOWS\system32\acs.exe
14:06:49.0921 3260 C:\WINDOWS\system32\acs.exe - ok
14:06:49.0921 3260 [ 87C2C8E5D929A9997C0E1414F8F62DC1 ] C:\WINDOWS\system32\athcfg20U.dll
14:06:49.0921 3260 C:\WINDOWS\system32\athcfg20U.dll - ok
14:06:49.0921 3260 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
14:06:49.0921 3260 C:\WINDOWS\system32\cfgmgr32.dll - ok
14:06:49.0921 3260 [ 91D3AC41DF7920CF051FAE571AFF7DEF ] C:\WINDOWS\system32\athcfg20resU.dll
14:06:49.0921 3260 C:\WINDOWS\system32\athcfg20resU.dll - ok
14:06:49.0921 3260 [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
14:06:49.0921 3260 C:\WINDOWS\system32\mfc42u.dll - ok
14:06:49.0921 3260 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
14:06:49.0921 3260 C:\WINDOWS\system32\wsock32.dll - ok
14:06:49.0937 3260 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
14:06:49.0937 3260 C:\WINDOWS\system32\msvcirt.dll - ok
14:06:49.0937 3260 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
14:06:49.0937 3260 C:\WINDOWS\system32\odbcbcp.dll - ok
14:06:49.0937 3260 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
14:06:49.0937 3260 C:\WINDOWS\system32\pdh.dll - ok
14:06:49.0937 3260 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
14:06:49.0937 3260 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
14:06:49.0937 3260 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
14:06:49.0937 3260 C:\WINDOWS\system32\wkssvc.dll - ok
14:06:49.0937 3260 [ A639A3C4F22436A0A08A07CE5CE3E4C9 ] C:\WINDOWS\system32\wsfwDS.dll
14:06:49.0937 3260 C:\WINDOWS\system32\wsfwDS.dll - ok
14:06:49.0937 3260 [ F0403497A69B94D8CA9CC9BD4CE56559 ] C:\WINDOWS\system32\dsa.dll
14:06:49.0937 3260 C:\WINDOWS\system32\dsa.dll - ok
14:06:49.0937 3260 [ F9E7AAA2E5B876A2E9ED9325131FF554 ] C:\WINDOWS\system32\wsimd.dll
14:06:49.0937 3260 C:\WINDOWS\system32\wsimd.dll - ok
14:06:49.0937 3260 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
14:06:49.0937 3260 C:\WINDOWS\system32\webclnt.dll - ok
14:06:49.0937 3260 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
14:06:49.0937 3260 C:\WINDOWS\system32\cscui.dll - ok
14:06:49.0937 3260 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
14:06:49.0937 3260 C:\WINDOWS\system32\wdmaud.drv - ok
14:06:49.0937 3260 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
14:06:49.0937 3260 C:\WINDOWS\system32\dpcdll.dll - ok
14:06:49.0953 3260 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:06:49.0953 3260 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:06:49.0953 3260 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\aec.sys - ok
14:06:49.0953 3260 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\splitter.sys - ok
14:06:49.0953 3260 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:06:49.0953 3260 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:06:49.0953 3260 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:06:49.0953 3260 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:06:49.0953 3260 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:06:49.0953 3260 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:06:49.0953 3260 C:\WINDOWS\system32\msacm32.drv - ok
14:06:49.0953 3260 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
14:06:49.0953 3260 C:\WINDOWS\system32\midimap.dll - ok
14:06:49.0953 3260 [ DBFE1E91701B530DAA56178C50F15B4C ] C:\Documents and Settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe
14:06:49.0953 3260 C:\Documents and Settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe - ok
14:06:49.0968 3260 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
14:06:49.0968 3260 C:\WINDOWS\system32\userinit.exe - ok
14:06:49.0968 3260 [ 64B33CC5BF131DEF2721394CF9B3F8ED ] C:\WINDOWS\system32\msvbvm60.dll
14:06:49.0968 3260 C:\WINDOWS\system32\msvbvm60.dll - ok
14:06:49.0968 3260 [ D412AC27FE3C9F8BC19741DAC0E0329D ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
14:06:49.0968 3260 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
14:06:49.0968 3260 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
14:06:49.0968 3260 C:\WINDOWS\explorer.exe - ok
14:06:49.0968 3260 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
14:06:49.0968 3260 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
14:06:49.0968 3260 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
14:06:49.0968 3260 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
14:06:49.0968 3260 [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files\Google\Update\1.3.21.153\goopdate.dll
14:06:49.0968 3260 C:\Program Files\Google\Update\1.3.21.153\goopdate.dll - ok
14:06:49.0968 3260 [ 12517C9BB249B072A3179C786A0DD32F ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
14:06:49.0968 3260 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
14:06:49.0968 3260 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
14:06:49.0968 3260 C:\WINDOWS\system32\browseui.dll - ok
14:06:49.0968 3260 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
14:06:49.0968 3260 C:\WINDOWS\system32\msi.dll - ok
14:06:49.0968 3260 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
14:06:49.0968 3260 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
14:06:49.0968 3260 [ 7D5A8BD7548FB8EE039F3F3B45B1FCC8 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
14:06:49.0968 3260 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
14:06:49.0984 3260 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
14:06:49.0984 3260 C:\WINDOWS\system32\shdocvw.dll - ok
14:06:49.0984 3260 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
14:06:49.0984 3260 C:\WINDOWS\system32\dbghelp.dll - ok
14:06:49.0984 3260 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
14:06:49.0984 3260 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
14:06:49.0984 3260 [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
14:06:49.0984 3260 C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
14:06:49.0984 3260 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
14:06:49.0984 3260 C:\WINDOWS\system32\mstask.dll - ok
14:06:49.0984 3260 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
14:06:49.0984 3260 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
14:06:49.0984 3260 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
14:06:49.0984 3260 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
14:06:49.0984 3260 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
14:06:49.0984 3260 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
14:06:49.0984 3260 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
14:06:49.0984 3260 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll - ok
14:06:49.0984 3260 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
14:06:49.0984 3260 C:\WINDOWS\system32\desk.cpl - ok
14:06:49.0984 3260 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
14:06:49.0984 3260 C:\WINDOWS\system32\themeui.dll - ok
14:06:50.0000 3260 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
14:06:50.0000 3260 C:\WINDOWS\system32\actxprxy.dll - ok
14:06:50.0000 3260 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
14:06:50.0000 3260 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
14:06:50.0000 3260 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
14:06:50.0000 3260 C:\WINDOWS\system32\msxml3.dll - ok
14:06:50.0000 3260 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
14:06:50.0000 3260 C:\WINDOWS\system32\cmd.exe - ok
14:06:50.0000 3260 [ 4E98097C6DAF780D145FB702C6EA625F ] C:\WINDOWS\system32\ieframe.dll
14:06:50.0000 3260 C:\WINDOWS\system32\ieframe.dll - ok
14:06:50.0000 3260 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
14:06:50.0000 3260 C:\WINDOWS\system32\drivers\parport.sys - ok
14:06:50.0000 3260 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:50.0000 3260 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:06:50.0000 3260 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
14:06:50.0000 3260 C:\WINDOWS\system32\mscoree.dll - ok
14:06:50.0000 3260 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
14:06:50.0000 3260 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
14:06:50.0000 3260 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
14:06:50.0000 3260 C:\WINDOWS\system32\certcli.dll - ok
14:06:50.0000 3260 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
14:06:50.0000 3260 C:\WINDOWS\system32\cryptsvc.dll - ok
14:06:50.0000 3260 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
14:06:50.0000 3260 C:\WINDOWS\system32\ersvc.dll - ok
14:06:50.0015 3260 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
14:06:50.0015 3260 C:\WINDOWS\system32\es.dll - ok
14:06:50.0015 3260 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
14:06:50.0015 3260 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
14:06:50.0015 3260 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
14:06:50.0015 3260 C:\WINDOWS\system32\hidserv.dll - ok
14:06:50.0015 3260 [ 9D84376931440F3679BEEF2A414FA493 ] C:\WINDOWS\system32\HPZipm12.exe
14:06:50.0015 3260 C:\WINDOWS\system32\HPZipm12.exe - ok
14:06:50.0015 3260 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
14:06:50.0015 3260 C:\WINDOWS\system32\hid.dll - ok
14:06:50.0015 3260 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
14:06:50.0015 3260 C:\WINDOWS\system32\srvsvc.dll - ok
14:06:50.0015 3260 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
14:06:50.0015 3260 C:\WINDOWS\system32\ipsecsvc.dll - ok
14:06:50.0015 3260 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
14:06:50.0015 3260 C:\WINDOWS\system32\netmsg.dll - ok
14:06:50.0015 3260 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
14:06:50.0015 3260 C:\WINDOWS\system32\oakley.dll - ok
14:06:50.0015 3260 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
14:06:50.0015 3260 C:\WINDOWS\system32\seclogon.dll - ok
14:06:50.0015 3260 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
14:06:50.0015 3260 C:\WINDOWS\system32\sens.dll - ok
14:06:50.0015 3260 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
14:06:50.0015 3260 C:\WINDOWS\system32\wiaservc.dll - ok
14:06:50.0031 3260 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
14:06:50.0031 3260 C:\WINDOWS\system32\srsvc.dll - ok
14:06:50.0031 3260 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
14:06:50.0031 3260 C:\WINDOWS\system32\winipsec.dll - ok
14:06:50.0031 3260 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
14:06:50.0031 3260 C:\WINDOWS\system32\pstorsvc.dll - ok
14:06:50.0031 3260 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
14:06:50.0031 3260 C:\WINDOWS\system32\trkwks.dll - ok
14:06:50.0031 3260 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
14:06:50.0031 3260 C:\WINDOWS\system32\psbase.dll - ok
14:06:50.0031 3260 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
14:06:50.0031 3260 C:\WINDOWS\system32\drivers\srv.sys - ok
14:06:50.0031 3260 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
14:06:50.0031 3260 C:\WINDOWS\system32\dssenh.dll - ok
14:06:50.0031 3260 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:06:50.0031 3260 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:06:50.0031 3260 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
14:06:50.0031 3260 C:\WINDOWS\system32\mscms.dll - ok
14:06:50.0031 3260 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
14:06:50.0031 3260 C:\WINDOWS\system32\vssapi.dll - ok
14:06:50.0031 3260 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
14:06:50.0031 3260 C:\WINDOWS\system32\spoolss.dll - ok
14:06:50.0031 3260 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
14:06:50.0046 3260 C:\WINDOWS\system32\comsvcs.dll - ok
14:06:50.0046 3260 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
14:06:50.0046 3260 C:\WINDOWS\system32\localspl.dll - ok
14:06:50.0046 3260 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
14:06:50.0046 3260 C:\WINDOWS\system32\cnbjmon.dll - ok
14:06:50.0046 3260 [ CDF2B849DDFA0EA40739814A3BA4B533 ] C:\WINDOWS\system32\hpz3l3xu.dll
14:06:50.0046 3260 C:\WINDOWS\system32\hpz3l3xu.dll - ok
14:06:50.0046 3260 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
14:06:50.0046 3260 C:\WINDOWS\system32\pjlmon.dll - ok
14:06:50.0046 3260 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
14:06:50.0046 3260 C:\WINDOWS\system32\msonpmon.dll - ok
14:06:50.0046 3260 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
14:06:50.0046 3260 C:\WINDOWS\system32\tcpmon.dll - ok
14:06:50.0046 3260 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
14:06:50.0046 3260 C:\WINDOWS\system32\clusapi.dll - ok
14:06:50.0046 3260 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
14:06:50.0046 3260 C:\WINDOWS\system32\colbact.dll - ok
14:06:50.0046 3260 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
14:06:50.0046 3260 C:\WINDOWS\system32\mtxclu.dll - ok
14:06:50.0046 3260 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
14:06:50.0046 3260 C:\WINDOWS\system32\usbmon.dll - ok
14:06:50.0046 3260 [ 488F0C74A6E9D5CAE865255600D214F4 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xu.dll
14:06:50.0046 3260 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xu.dll - ok
14:06:50.0062 3260 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
14:06:50.0062 3260 C:\WINDOWS\system32\resutils.dll - ok
14:06:50.0062 3260 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:06:50.0062 3260 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:06:50.0062 3260 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
14:06:50.0062 3260 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
14:06:50.0062 3260 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
14:06:50.0062 3260 C:\WINDOWS\system32\cryptnet.dll - ok
14:06:50.0062 3260 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
14:06:50.0062 3260 C:\WINDOWS\system32\sensapi.dll - ok
14:06:50.0062 3260 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
14:06:50.0062 3260 C:\WINDOWS\system32\win32spl.dll - ok
14:06:50.0062 3260 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
14:06:50.0062 3260 C:\WINDOWS\system32\winhttp.dll - ok
14:06:50.0062 3260 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
14:06:50.0062 3260 C:\WINDOWS\system32\netrap.dll - ok
14:06:50.0062 3260 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
14:06:50.0062 3260 C:\WINDOWS\system32\inetpp.dll - ok
14:06:50.0062 3260 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
14:06:50.0062 3260 C:\WINDOWS\system32\cabinet.dll - ok
14:06:50.0062 3260 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
14:06:50.0062 3260 C:\WINDOWS\system32\browser.dll - ok
14:06:50.0062 3260 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
14:06:50.0062 3260 C:\WINDOWS\system32\termsrv.dll - ok
14:06:50.0078 3260 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
14:06:50.0078 3260 C:\WINDOWS\system32\icaapi.dll - ok
14:06:50.0078 3260 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
14:06:50.0078 3260 C:\WINDOWS\system32\mstlsapi.dll - ok
14:06:50.0078 3260 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
14:06:50.0078 3260 C:\WINDOWS\system32\rundll32.exe - ok
14:06:50.0078 3260 [ DBFE1E91701B530DAA56178C50F15B4C ] C:\DOCUME~1\Joe\LOCALS~1\temp\lbrsflgk.exe
14:06:50.0078 3260 C:\DOCUME~1\Joe\LOCALS~1\temp\lbrsflgk.exe - ok
14:06:50.0078 3260 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
14:06:50.0078 3260 C:\WINDOWS\system32\faultrep.dll - ok
14:06:50.0078 3260 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Joe\LOCALS~1\temp\41BC28B2-B650-4F89-B99E-56999221381C.exe
14:06:50.0078 3260 C:\DOCUME~1\Joe\LOCALS~1\temp\41BC28B2-B650-4F89-B99E-56999221381C.exe - ok
14:06:50.0078 3260 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
14:06:50.0078 3260 C:\WINDOWS\system32\linkinfo.dll - ok
14:06:50.0078 3260 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
14:06:50.0078 3260 C:\WINDOWS\system32\ntshrui.dll - ok
14:06:50.0078 3260 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
14:06:50.0078 3260 C:\WINDOWS\system32\verclsid.exe - ok
14:06:50.0078 3260 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
14:06:50.0078 3260 C:\WINDOWS\system32\netshell.dll - ok
14:06:50.0078 3260 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\18688571.sys
14:06:50.0078 3260 C:\WINDOWS\system32\drivers\18688571.sys - ok
14:06:50.0078 3260 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
14:06:50.0078 3260 C:\WINDOWS\system32\credui.dll - ok
14:06:50.0093 3260 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
14:06:50.0093 3260 C:\WINDOWS\system32\dot3dlg.dll - ok
14:06:50.0093 3260 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
14:06:50.0093 3260 C:\WINDOWS\system32\eappcfg.dll - ok
14:06:50.0093 3260 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
14:06:50.0093 3260 C:\WINDOWS\system32\eappprxy.dll - ok
14:06:50.0093 3260 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
14:06:50.0093 3260 C:\WINDOWS\system32\onex.dll - ok
14:06:50.0093 3260 [ 6BC096230DB4FCA0B9CDAFD4B461DF41 ] C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
14:06:50.0093 3260 C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe - ok
14:06:50.0093 3260 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
14:06:50.0093 3260 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
14:06:50.0093 3260 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
14:06:50.0093 3260 C:\WINDOWS\system32\netman.dll - ok
14:06:50.0093 3260 [ 8E53B67FA3816E854B07C5DC66E10730 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
14:06:50.0093 3260 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
14:06:50.0093 3260 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
14:06:50.0093 3260 C:\WINDOWS\system32\ctfmon.exe - ok
14:06:50.0093 3260 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
14:06:50.0093 3260 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
14:06:50.0093 3260 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
14:06:50.0093 3260 C:\WINDOWS\system32\msctf.dll - ok
14:06:50.0109 3260 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
14:06:50.0109 3260 C:\WINDOWS\system32\wzcsapi.dll - ok
14:06:50.0109 3260 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
14:06:50.0109 3260 C:\WINDOWS\system32\msutb.dll - ok
14:06:50.0109 3260 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
14:06:50.0109 3260 C:\WINDOWS\system32\msisip.dll - ok
14:06:50.0109 3260 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
14:06:50.0109 3260 C:\WINDOWS\system32\upnp.dll - ok
14:06:50.0109 3260 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
14:06:50.0109 3260 C:\WINDOWS\system32\wshext.dll - ok
14:06:50.0109 3260 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
14:06:50.0109 3260 C:\WINDOWS\system32\ssdpapi.dll - ok
14:06:50.0109 3260 [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
14:06:50.0109 3260 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
14:06:50.0109 3260 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
14:06:50.0109 3260 C:\WINDOWS\ime\sptip.dll - ok
14:06:50.0109 3260 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
14:06:50.0109 3260 C:\WINDOWS\system32\drivers\http.sys - ok
14:06:50.0109 3260 [ A03F767B2B38AAD9563B2648DCFEE9F0 ] C:\Program Files\NETGEAR\WN111v2\WN111V2.exe
14:06:50.0109 3260 C:\Program Files\NETGEAR\WN111v2\WN111V2.exe - ok
14:06:50.0109 3260 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
14:06:50.0109 3260 C:\WINDOWS\system32\ssdpsrv.dll - ok
14:06:50.0109 3260 [ 7C8D7FBCD3A8BD0AD121522526344180 ] C:\WINDOWS\system32\wcapi.dll
14:06:50.0109 3260 C:\WINDOWS\system32\wcapi.dll - ok
14:06:50.0125 3260 [ 5305DDF7BB6A7C532E7E0BECAE22D9AB ] C:\WINDOWS\system32\athcfg20.dll
14:06:50.0125 3260 C:\WINDOWS\system32\athcfg20.dll - ok
14:06:50.0125 3260 [ A430FAAE0A4DB973500B6C882F8848E5 ] C:\Program Files\NETGEAR\WN111v2\MFC42.DLL
14:06:50.0125 3260 C:\Program Files\NETGEAR\WN111v2\MFC42.DLL - ok
14:06:50.0125 3260 [ 3DF8D76576A0AD5F82E541C6F4903A85 ] C:\Program Files\Real\RealPlayer\Update\setu3270.dll
14:06:50.0125 3260 C:\Program Files\Real\RealPlayer\Update\setu3270.dll - ok
14:06:50.0125 3260 [ 17B3640005398694B20B7EAF5A73E8ED ] C:\WINDOWS\system32\DNIN50.dll
14:06:50.0125 3260 C:\WINDOWS\system32\DNIN50.dll - ok
14:06:50.0125 3260 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:06:50.0125 3260 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:06:50.0125 3260 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:06:50.0125 3260 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:06:50.0125 3260 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
14:06:50.0125 3260 C:\WINDOWS\system32\olepro32.dll - ok
14:06:50.0125 3260 [ 32288D2A44C99A769A8D3B6D627D7227 ] C:\Program Files\Real\RealPlayer\realplay.exe
14:06:50.0125 3260 C:\Program Files\Real\RealPlayer\realplay.exe - ok
14:06:50.0125 3260 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:06:50.0125 3260 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:06:50.0125 3260 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
14:06:50.0125 3260 C:\WINDOWS\system32\riched32.dll - ok
14:06:50.0125 3260 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
14:06:50.0125 3260 C:\WINDOWS\system32\wbem\esscli.dll - ok
14:06:50.0125 3260 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
14:06:50.0125 3260 C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:06:50.0140 3260 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:06:50.0140 3260 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:06:50.0140 3260 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
14:06:50.0140 3260 C:\WINDOWS\system32\webcheck.dll - ok
14:06:50.0140 3260 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
14:06:50.0140 3260 C:\WINDOWS\system32\mlang.dll - ok
14:06:50.0140 3260 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:06:50.0140 3260 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:06:50.0140 3260 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:06:50.0140 3260 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:06:50.0140 3260 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:06:50.0140 3260 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:06:50.0140 3260 [ 255423C760AE5A9D81A44873923B116D ] C:\Program Files\Real\RealPlayer\rpwa3260.dll
14:06:50.0140 3260 C:\Program Files\Real\RealPlayer\rpwa3260.dll - ok
14:06:50.0140 3260 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
14:06:50.0140 3260 C:\WINDOWS\system32\imapi.exe - ok
14:06:50.0140 3260 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
14:06:50.0140 3260 C:\WINDOWS\system32\stobject.dll - ok
14:06:50.0140 3260 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
14:06:50.0140 3260 C:\WINDOWS\system32\httpapi.dll - ok
14:06:50.0140 3260 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:06:50.0140 3260 C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:06:50.0140 3260 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
14:06:50.0140 3260 C:\WINDOWS\system32\batmeter.dll - ok
14:06:50.0156 3260 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
14:06:50.0156 3260 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
14:06:50.0156 3260 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
14:06:50.0156 3260 C:\WINDOWS\system32\mydocs.dll - ok
14:06:50.0156 3260 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
14:06:50.0156 3260 C:\WINDOWS\system32\netcfgx.dll - ok
14:06:50.0156 3260 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
14:06:50.0156 3260 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
14:06:50.0156 3260 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
14:06:50.0156 3260 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
14:06:50.0156 3260 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
14:06:50.0156 3260 C:\WINDOWS\system32\w3ssl.dll - ok
14:06:50.0156 3260 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
14:06:50.0156 3260 C:\WINDOWS\system32\strmfilt.dll - ok
14:06:50.0156 3260 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
14:06:50.0156 3260 C:\WINDOWS\system32\rasmans.dll - ok
14:06:50.0156 3260 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
14:06:50.0156 3260 C:\WINDOWS\system32\tapisrv.dll - ok
14:06:50.0156 3260 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
14:06:50.0156 3260 C:\WINDOWS\system32\rastapi.dll - ok
14:06:50.0156 3260 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
14:06:50.0156 3260 C:\WINDOWS\system32\unimdm.tsp - ok
14:06:50.0171 3260 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
14:06:50.0171 3260 C:\WINDOWS\system32\uniplat.dll - ok
14:06:50.0171 3260 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
14:06:50.0171 3260 C:\WINDOWS\system32\h323.tsp - ok
14:06:50.0171 3260 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
14:06:50.0171 3260 C:\WINDOWS\system32\hidphone.tsp - ok
14:06:50.0171 3260 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
14:06:50.0171 3260 C:\WINDOWS\system32\ipconf.tsp - ok
14:06:50.0171 3260 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
14:06:50.0171 3260 C:\WINDOWS\system32\kmddsp.tsp - ok
14:06:50.0171 3260 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
14:06:50.0171 3260 C:\WINDOWS\system32\ndptsp.tsp - ok
14:06:50.0171 3260 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
14:06:50.0171 3260 C:\WINDOWS\system32\rasppp.dll - ok
14:06:50.0171 3260 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
14:06:50.0171 3260 C:\WINDOWS\system32\ntlsapi.dll - ok
14:06:50.0171 3260 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
14:06:50.0171 3260 C:\WINDOWS\system32\rasqec.dll - ok
14:06:50.0171 3260 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
14:06:50.0171 3260 C:\WINDOWS\system32\rasdlg.dll - ok
14:06:50.0171 3260 ============================================================
14:06:50.0171 3260 Scan finished
14:06:50.0171 3260 ============================================================
14:06:50.0281 3252 Detected object count: 11
14:06:50.0281 3252 Actual detected object count: 11
14:07:05.0093 3252 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0093 3252 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0093 3252 ATIAVAIW ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0093 3252 ATIAVAIW ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0093 3252 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0093 3252 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0093 3252 DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0093 3252 DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 HPZid412 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 HPZid412 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 HPZipr12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 HPZipr12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:05.0109 3252 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:05.0109 3252 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:40.0093 3480 ============================================================
14:07:40.0093 3480 Scan started
14:07:40.0093 3480 Mode: Manual; SigCheck; TDLFS;
14:07:40.0093 3480 ============================================================
14:07:40.0203 3480 ================ Scan system memory ========================
14:07:40.0203 3480 System memory - ok
14:07:40.0203 3480 ================ Scan services =============================
14:07:40.0312 3480 Abiosdsk - ok
14:07:40.0312 3480 abp480n5 - ok
14:07:40.0343 3480 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:07:40.0421 3480 ACPI - ok
14:07:40.0546 3480 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:07:40.0656 3480 ACPIEC - ok
14:07:40.0781 3480 [ 6443FF94D64C7D007A588EEC44B2058F ] AcrSch2Svc C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
14:07:40.0796 3480 AcrSch2Svc - ok
14:07:40.0890 3480 [ 8CDDBFCDAC7226FE0202C7338107725B ] ACS C:\WINDOWS\system32\acs.exe
14:07:40.0937 3480 ACS ( UnsignedFile.Multi.Generic ) - warning
14:07:40.0937 3480 ACS - detected UnsignedFile.Multi.Generic (1)
14:07:40.0937 3480 adpu160m - ok
14:07:40.0984 3480 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:07:41.0046 3480 aec - ok
14:07:41.0093 3480 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:07:41.0156 3480 AFD - ok
14:07:41.0156 3480 Aha154x - ok
14:07:41.0156 3480 aic78u2 - ok
14:07:41.0156 3480 aic78xx - ok
14:07:41.0218 3480 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:07:41.0281 3480 Alerter - ok
14:07:41.0281 3480 AliIde - ok
14:07:41.0281 3480 amsint - ok
14:07:41.0281 3480 AppMgmt - ok
14:07:41.0281 3480 asc - ok
14:07:41.0281 3480 asc3350p - ok
14:07:41.0281 3480 asc3550 - ok
14:07:41.0359 3480 [ 663F2FB92608073824EE3106886120F3 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
14:07:41.0375 3480 AsIO - ok
14:07:41.0500 3480 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:07:41.0500 3480 aspnet_state - ok
14:07:41.0546 3480 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:07:41.0656 3480 AsyncMac - ok
14:07:41.0703 3480 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:07:41.0765 3480 atapi - ok
14:07:41.0796 3480 [ 0907A12341E56DDA7B22F8FD116A981D ] AtcL001 C:\WINDOWS\system32\DRIVERS\l151x86.sys
14:07:41.0843 3480 AtcL001 - ok
14:07:41.0859 3480 Atdisk - ok
14:07:41.0953 3480 [ AF800321680EB915D8F03014B94FF3D3 ] ATIAVAIW C:\WINDOWS\system32\DRIVERS\atinavt2.sys
14:07:41.0984 3480 ATIAVAIW ( UnsignedFile.Multi.Generic ) - warning
14:07:41.0984 3480 ATIAVAIW - detected UnsignedFile.Multi.Generic (1)
14:07:42.0000 3480 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:07:42.0062 3480 Atmarpc - ok
14:07:42.0109 3480 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:07:42.0203 3480 AudioSrv - ok
14:07:42.0250 3480 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:07:42.0312 3480 audstub - ok
14:07:42.0421 3480 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:07:42.0484 3480 Beep - ok
14:07:42.0546 3480 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:07:42.0671 3480 BITS - ok
14:07:42.0671 3480 Scan interrupted by user!
14:07:42.0671 3480 ================ Scan global ===============================
14:07:42.0671 3480 Scan interrupted by user!
14:07:42.0671 3480 ================ Scan MBR ==================================
14:07:42.0671 3480 Scan interrupted by user!
14:07:42.0671 3480 ================ Scan VBR ==================================
14:07:42.0671 3480 Scan interrupted by user!
14:07:42.0671 3480 ================ Scan active images ========================
14:07:42.0671 3480 Scan interrupted by user!
14:07:42.0671 3480 ============================================================
14:07:42.0671 3480 Scan finished
14:07:42.0671 3480 ============================================================
14:07:42.0671 3472 Detected object count: 2
14:07:42.0671 3472 Actual detected object count: 2
14:07:44.0687 3472 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:44.0687 3472 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:44.0687 3472 ATIAVAIW ( UnsignedFile.Multi.Generic ) - skipped by user
14:07:44.0687 3472 ATIAVAIW ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:07:47.0296 3508 ============================================================
14:07:47.0296 3508 Scan started
14:07:47.0296 3508 Mode: Manual; SigCheck; TDLFS;
14:07:47.0296 3508 ============================================================
14:07:47.0390 3508 ================ Scan system memory ========================
14:07:47.0390 3508 System memory - ok
14:07:47.0390 3508 ================ Scan services =============================
14:07:47.0531 3508 Abiosdsk - ok
14:07:47.0531 3508 abp480n5 - ok
14:07:47.0578 3508 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:07:47.0640 3508 ACPI - ok
14:07:47.0703 3508 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:07:47.0750 3508 ACPIEC - ok
14:07:47.0812 3508 [ 6443FF94D64C7D007A588EEC44B2058F ] AcrSch2Svc C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
14:07:47.0828 3508 AcrSch2Svc - ok
14:07:47.0875 3508 [ 8CDDBFCDAC7226FE0202C7338107725B ] ACS C:\WINDOWS\system32\acs.exe
14:07:47.0875 3508 ACS ( UnsignedFile.Multi.Generic ) - warning
14:07:47.0875 3508 ACS - detected UnsignedFile.Multi.Generic (1)
14:07:47.0890 3508 adpu160m - ok
14:07:47.0921 3508 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:07:47.0984 3508 aec - ok
14:07:48.0015 3508 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:07:48.0015 3508 AFD - ok
14:07:48.0015 3508 Aha154x - ok
14:07:48.0015 3508 aic78u2 - ok
14:07:48.0015 3508 aic78xx - ok
14:07:48.0046 3508 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:07:48.0109 3508 Alerter - ok
14:07:48.0109 3508 AliIde - ok
14:07:48.0109 3508 amsint - ok
14:07:48.0109 3508 AppMgmt - ok
14:07:48.0109 3508 asc - ok
14:07:48.0109 3508 asc3350p - ok
14:07:48.0109 3508 asc3550 - ok
14:07:48.0171 3508 [ 663F2FB92608073824EE3106886120F3 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
14:07:48.0171 3508 AsIO - ok
14:07:48.0296 3508 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:07:48.0312 3508 aspnet_state - ok
14:07:48.0328 3508 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:07:48.0375 3508 AsyncMac - ok
14:07:48.0390 3508 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:07:48.0453 3508 atapi - ok
14:07:48.0484 3508 [ 0907A12341E56DDA7B22F8FD116A981D ] AtcL001 C:\WINDOWS\system32\DRIVERS\l151x86.sys
14:07:48.0500 3508 AtcL001 - ok
14:07:48.0500 3508 Atdisk - ok
14:07:48.0546 3508 [ AF800321680EB915D8F03014B94FF3D3 ] ATIAVAIW C:\WINDOWS\system32\DRIVERS\atinavt2.sys
14:07:48.0562 3508 ATIAVAIW ( UnsignedFile.Multi.Generic ) - warning
14:07:48.0562 3508 ATIAVAIW - detected UnsignedFile.Multi.Generic (1)
14:07:48.0562 3508 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:07:48.0625 3508 Atmarpc - ok
14:07:48.0671 3508 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:07:48.0734 3508 AudioSrv - ok
14:07:48.0765 3508 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:07:48.0812 3508 audstub - ok
14:07:48.0859 3508 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:07:48.0921 3508 Beep - ok
14:07:48.0953 3508 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:07:49.0015 3508 BITS - ok
14:07:49.0062 3508 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
14:07:49.0109 3508 Browser - ok
14:07:49.0203 3508 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
14:07:49.0250 3508 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
14:07:49.0250 3508 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
14:07:49.0250 3508 catchme - ok
14:07:49.0312 3508 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:07:49.0421 3508 cbidf2k - ok
14:07:49.0484 3508 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:07:49.0593 3508 CCDECODE - ok
14:07:49.0593 3508 cd20xrnt - ok
14:07:49.0671 3508 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:07:49.0734 3508 Cdaudio - ok
14:07:49.0765 3508 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:07:49.0828 3508 Cdfs - ok
14:07:49.0875 3508 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:07:49.0968 3508 Cdrom - ok
14:07:49.0984 3508 Changer - ok
14:07:50.0031 3508 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:07:50.0093 3508 CiSvc - ok
14:07:50.0140 3508 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:07:50.0234 3508 ClipSrv - ok
14:07:50.0328 3508 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:07:50.0328 3508 clr_optimization_v2.0.50727_32 - ok
14:07:50.0375 3508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:07:50.0390 3508 clr_optimization_v4.0.30319_32 - ok
14:07:50.0390 3508 CmdIde - ok
14:07:50.0390 3508 COMSysApp - ok
14:07:50.0390 3508 Cpqarray - ok
14:07:50.0546 3508 cpuz132 - ok
14:07:50.0578 3508 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:07:50.0687 3508 CryptSvc - ok
14:07:50.0687 3508 dac2w2k - ok
14:07:50.0687 3508 dac960nt - ok
14:07:50.0734 3508 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:07:50.0750 3508 DcomLaunch - ok
14:07:50.0796 3508 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:07:50.0890 3508 Dhcp - ok
14:07:50.0906 3508 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:07:51.0015 3508 Disk - ok
14:07:51.0015 3508 dmadmin - ok
14:07:51.0109 3508 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:07:51.0171 3508 dmboot - ok
14:07:51.0171 3508 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:07:51.0296 3508 dmio - ok
14:07:51.0406 3508 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:07:51.0468 3508 dmload - ok
14:07:51.0562 3508 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:07:51.0609 3508 dmserver - ok
14:07:51.0687 3508 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:07:51.0796 3508 DMusic - ok
14:07:51.0859 3508 [ D2EE54CDBCED01D48F2B18642BE79A98 ] DNINDIS5 C:\WINDOWS\system32\DNINDIS5.SYS
14:07:51.0875 3508 DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
14:07:51.0875 3508 DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
14:07:51.0953 3508 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:07:52.0000 3508 Dnscache - ok
14:07:52.0062 3508 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:07:52.0125 3508 Dot3svc - ok
14:07:52.0125 3508 dpti2o - ok
14:07:52.0140 3508 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:07:52.0203 3508 drmkaud - ok
14:07:52.0234 3508 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:07:52.0343 3508 EapHost - ok
14:07:52.0421 3508 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:07:52.0531 3508 ERSvc - ok
14:07:52.0609 3508 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:07:52.0609 3508 Eventlog - ok
14:07:52.0656 3508 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
14:07:52.0671 3508 EventSystem - ok
14:07:52.0750 3508 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:07:52.0812 3508 Fastfat - ok
14:07:52.0890 3508 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:07:52.0906 3508 FastUserSwitchingCompatibility - ok
14:07:52.0906 3508 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:07:53.0015 3508 Fdc - ok
14:07:53.0031 3508 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:07:53.0093 3508 Fips - ok
14:07:53.0140 3508 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:07:53.0218 3508 Flpydisk - ok
14:07:53.0296 3508 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:07:53.0390 3508 FltMgr - ok
14:07:53.0531 3508 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:07:53.0531 3508 FontCache3.0.0.0 - ok
14:07:53.0546 3508 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:07:53.0640 3508 Fs_Rec - ok
14:07:53.0687 3508 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:07:53.0750 3508 Ftdisk - ok
14:07:53.0781 3508 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:07:53.0890 3508 Gpc - ok
14:07:54.0000 3508 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:07:54.0000 3508 gupdate - ok
14:07:54.0000 3508 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:07:54.0015 3508 gupdatem - ok
14:07:54.0046 3508 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:07:54.0156 3508 HDAudBus - ok
14:07:54.0234 3508 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:07:54.0343 3508 helpsvc - ok
14:07:54.0406 3508 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:07:54.0468 3508 HidServ - ok
14:07:54.0515 3508 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:07:54.0609 3508 hidusb - ok
14:07:54.0640 3508 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:07:54.0687 3508 hkmsvc - ok
14:07:54.0687 3508 hpn - ok
14:07:54.0765 3508 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:07:54.0781 3508 HPZid412 ( UnsignedFile.Multi.Generic ) - warning
14:07:54.0781 3508 HPZid412 - detected UnsignedFile.Multi.Generic (1)
14:07:54.0843 3508 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:07:54.0843 3508 HPZipr12 ( UnsignedFile.Multi.Generic ) - warning
14:07:54.0843 3508 HPZipr12 - detected UnsignedFile.Multi.Generic (1)
14:07:54.0859 3508 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:07:54.0921 3508 HPZius12 - ok
14:07:54.0921 3508 hshld - ok
14:07:54.0921 3508 HssDrv - ok
14:07:55.0015 3508 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:07:55.0062 3508 HTTP - ok
14:07:55.0140 3508 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:07:55.0250 3508 HTTPFilter - ok
14:07:55.0250 3508 i2omgmt - ok
14:07:55.0250 3508 i2omp - ok
14:07:55.0265 3508 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:07:55.0359 3508 i8042prt - ok
14:07:55.0562 3508 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:07:55.0625 3508 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:07:55.0625 3508 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:07:55.0828 3508 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:07:55.0843 3508 idsvc - ok
14:07:55.0875 3508 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:07:55.0968 3508 Imapi - ok
14:07:56.0031 3508 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:07:56.0140 3508 ImapiService - ok
14:07:56.0140 3508 ini910u - ok
14:07:56.0250 3508 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:07:56.0343 3508 IntcAzAudAddService - ok
14:07:56.0343 3508 IntelIde - ok
14:07:56.0390 3508 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:07:56.0453 3508 intelppm - ok
14:07:56.0484 3508 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:07:56.0562 3508 Ip6Fw - ok
14:07:56.0625 3508 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:07:56.0671 3508 IpFilterDriver - ok
14:07:56.0687 3508 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:07:56.0734 3508 IpInIp - ok
14:07:56.0781 3508 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:07:56.0890 3508 IpNat - ok
14:07:56.0906 3508 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:07:57.0015 3508 IPSec - ok
14:07:57.0109 3508 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:07:57.0140 3508 IRENUM - ok
14:07:57.0203 3508 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:07:57.0312 3508 isapnp - ok
14:07:57.0453 3508 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:07:57.0468 3508 JavaQuickStarterService - ok
14:07:57.0562 3508 [ 396C4DBCF101BED7487219025FFDBF75 ] jswpsapi C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
14:07:57.0609 3508 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
14:07:57.0609 3508 jswpsapi - detected UnsignedFile.Multi.Generic (1)
14:07:57.0656 3508 [ AD67795900AA8C05CC4570F5349E0639 ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys
14:07:57.0718 3508 JSWSCIMD - ok
14:07:57.0765 3508 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:07:57.0859 3508 Kbdclass - ok
14:07:57.0906 3508 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:07:57.0968 3508 kbdhid - ok
14:07:58.0015 3508 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:07:58.0109 3508 kmixer - ok
14:07:58.0187 3508 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:07:58.0250 3508 KSecDD - ok
14:07:58.0328 3508 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:07:58.0328 3508 lanmanserver - ok
14:07:58.0453 3508 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:07:58.0500 3508 lanmanworkstation - ok
14:07:58.0500 3508 lbrtfdc - ok
14:07:58.0578 3508 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:07:58.0640 3508 LmHosts - ok
14:07:58.0640 3508 lmimirr - ok
14:07:58.0703 3508 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
14:07:58.0718 3508 MBAMSwissArmy - ok
14:07:58.0781 3508 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:07:58.0828 3508 Messenger - ok
14:07:58.0921 3508 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:07:58.0921 3508 Microsoft Office Groove Audit Service - ok
14:07:58.0968 3508 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:07:59.0031 3508 mnmdd - ok
14:07:59.0062 3508 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:07:59.0125 3508 mnmsrvc - ok
14:07:59.0203 3508 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:07:59.0281 3508 Modem - ok
14:07:59.0390 3508 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
14:07:59.0406 3508 motmodem - ok
14:07:59.0468 3508 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:07:59.0515 3508 Mouclass - ok
14:07:59.0593 3508 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:07:59.0656 3508 mouhid - ok
14:07:59.0703 3508 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:07:59.0796 3508 MountMgr - ok
14:07:59.0812 3508 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
14:07:59.0875 3508 MPE - ok
14:07:59.0890 3508 mraid35x - ok
14:07:59.0906 3508 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:08:00.0000 3508 MRxDAV - ok
14:08:00.0062 3508 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:08:00.0109 3508 MRxSmb - ok
14:08:00.0187 3508 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:08:00.0250 3508 MSDTC - ok
14:08:00.0250 3508 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:08:00.0359 3508 Msfs - ok
14:08:00.0375 3508 MSIServer - ok
14:08:00.0453 3508 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:08:00.0515 3508 MSKSSRV - ok
14:08:00.0515 3508 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:08:00.0640 3508 MSPCLOCK - ok
14:08:00.0640 3508 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:08:00.0718 3508 MSPQM - ok
14:08:00.0796 3508 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:08:00.0859 3508 mssmbios - ok
14:08:00.0859 3508 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:08:00.0921 3508 MSTEE - ok
14:08:00.0968 3508 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:08:01.0015 3508 MTsensor - ok
14:08:01.0093 3508 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:08:01.0109 3508 Mup - ok
14:08:01.0171 3508 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:08:01.0234 3508 NABTSFEC - ok
14:08:01.0281 3508 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:08:01.0390 3508 napagent - ok
14:08:01.0421 3508 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:08:01.0531 3508 NDIS - ok
14:08:01.0531 3508 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:08:01.0656 3508 NdisIP - ok
14:08:01.0703 3508 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:08:01.0703 3508 NdisTapi - ok
14:08:01.0750 3508 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:08:01.0843 3508 Ndisuio - ok
14:08:01.0843 3508 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:08:01.0906 3508 NdisWan - ok
14:08:01.0953 3508 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:08:02.0000 3508 NDProxy - ok
14:08:02.0046 3508 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:08:02.0156 3508 NetBIOS - ok
14:08:02.0203 3508 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:08:02.0265 3508 NetBT - ok
14:08:02.0328 3508 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:08:02.0437 3508 NetDDE - ok
14:08:02.0437 3508 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:08:02.0500 3508 NetDDEdsdm - ok
14:08:02.0531 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:08:02.0593 3508 Netlogon - ok
14:08:02.0640 3508 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:08:02.0750 3508 Netman - ok
14:08:02.0812 3508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:08:02.0812 3508 NetTcpPortSharing - ok
14:08:02.0843 3508 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:08:02.0906 3508 Nla - ok
14:08:02.0984 3508 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:08:03.0078 3508 Npfs - ok
14:08:03.0078 3508 npggsvc - ok
14:08:03.0109 3508 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:08:03.0171 3508 Ntfs - ok
14:08:03.0187 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:08:03.0250 3508 NtLmSsp - ok
14:08:03.0296 3508 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:08:03.0421 3508 NtmsSvc - ok
14:08:03.0453 3508 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:08:03.0562 3508 Null - ok
14:08:03.0828 3508 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:08:04.0031 3508 nv - ok
14:08:04.0140 3508 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:08:04.0156 3508 NVSvc - ok
14:08:04.0234 3508 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:08:04.0296 3508 NwlnkFlt - ok
14:08:04.0296 3508 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:08:04.0375 3508 NwlnkFwd - ok
14:08:04.0500 3508 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:08:04.0515 3508 odserv - ok
14:08:04.0562 3508 [ 21DC5B289DCE2D32A32BAAB7BCF29A6A ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys
14:08:04.0609 3508 oreans32 ( UnsignedFile.Multi.Generic ) - warning
14:08:04.0609 3508 oreans32 - detected UnsignedFile.Multi.Generic (1)
14:08:04.0671 3508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:08:04.0687 3508 ose - ok
14:08:04.0718 3508 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:08:04.0781 3508 Parport - ok
14:08:04.0781 3508 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:08:04.0890 3508 PartMgr - ok
14:08:04.0984 3508 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:08:05.0046 3508 ParVdm - ok
14:08:05.0046 3508 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:08:05.0140 3508 PCI - ok
14:08:05.0140 3508 PCIDump - ok
14:08:05.0203 3508 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:08:05.0250 3508 PCIIde - ok
14:08:05.0390 3508 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:08:05.0453 3508 Pcmcia - ok
14:08:05.0453 3508 PDCOMP - ok
14:08:05.0453 3508 PDFRAME - ok
14:08:05.0453 3508 PDRELI - ok
14:08:05.0453 3508 PDRFRAME - ok
14:08:05.0453 3508 perc2 - ok
14:08:05.0453 3508 perc2hib - ok
14:08:05.0515 3508 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:08:05.0515 3508 PlugPlay - ok
14:08:05.0546 3508 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
14:08:05.0562 3508 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:08:05.0562 3508 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:08:05.0562 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:08:05.0609 3508 PolicyAgent - ok
14:08:05.0656 3508 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:08:05.0765 3508 PptpMiniport - ok
14:08:05.0812 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:08:05.0859 3508 ProtectedStorage - ok
14:08:05.0875 3508 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:08:05.0984 3508 PSched - ok
14:08:06.0015 3508 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:08:06.0125 3508 Ptilink - ok
14:08:06.0125 3508 ql1080 - ok
14:08:06.0140 3508 Ql10wnt - ok
14:08:06.0140 3508 ql12160 - ok
14:08:06.0140 3508 ql1240 - ok
14:08:06.0140 3508 ql1280 - ok
14:08:06.0187 3508 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:08:06.0234 3508 RasAcd - ok
14:08:06.0265 3508 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:08:06.0390 3508 RasAuto - ok
14:08:06.0437 3508 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:08:06.0500 3508 Rasl2tp - ok
14:08:06.0578 3508 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:08:06.0671 3508 RasMan - ok
14:08:06.0687 3508 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:08:06.0828 3508 RasPppoe - ok
14:08:06.0828 3508 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:08:06.0890 3508 Raspti - ok
14:08:06.0890 3508 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:08:07.0000 3508 Rdbss - ok
14:08:07.0046 3508 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:08:07.0093 3508 RDPCDD - ok
14:08:07.0187 3508 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:08:07.0203 3508 RDPWD - ok
14:08:07.0281 3508 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:08:07.0328 3508 RDSessMgr - ok
14:08:07.0375 3508 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:08:07.0484 3508 redbook - ok
14:08:07.0546 3508 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:08:07.0609 3508 RemoteAccess - ok
14:08:07.0671 3508 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:08:07.0734 3508 RpcLocator - ok
14:08:07.0750 3508 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:08:07.0750 3508 RpcSs - ok
14:08:07.0765 3508 RPSKT - ok
14:08:07.0781 3508 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:08:07.0843 3508 RSVP - ok
14:08:07.0859 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:08:07.0921 3508 SamSs - ok
14:08:07.0937 3508 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:08:08.0046 3508 SCardSvr - ok
14:08:08.0125 3508 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:08:08.0234 3508 Schedule - ok
14:08:08.0343 3508 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:08:08.0390 3508 Secdrv - ok
14:08:08.0421 3508 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:08:08.0531 3508 seclogon - ok
14:08:08.0531 3508 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:08:08.0703 3508 SENS - ok
14:08:08.0765 3508 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:08:08.0875 3508 serenum - ok
14:08:08.0875 3508 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:08:08.0984 3508 Serial - ok
14:08:09.0031 3508 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:08:09.0140 3508 Sfloppy - ok
14:08:09.0203 3508 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:08:09.0203 3508 ShellHWDetection - ok
14:08:09.0203 3508 Simbad - ok
14:08:09.0250 3508 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:08:09.0328 3508 SLIP - ok
14:08:09.0328 3508 Sparrow - ok
14:08:09.0343 3508 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:08:09.0390 3508 splitter - ok
14:08:09.0437 3508 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:08:09.0453 3508 Spooler - ok
14:08:09.0578 3508 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
14:08:09.0593 3508 sptd - ok
14:08:09.0625 3508 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:08:09.0703 3508 sr - ok
14:08:09.0796 3508 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:08:09.0875 3508 srservice - ok
14:08:09.0953 3508 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:08:09.0968 3508 Srv - ok
14:08:10.0078 3508 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:08:10.0109 3508 SSDPSRV - ok
14:08:10.0140 3508 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:08:10.0203 3508 stisvc - ok
14:08:10.0218 3508 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:08:10.0281 3508 streamip - ok
14:08:10.0343 3508 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:08:10.0437 3508 swenum - ok
14:08:10.0453 3508 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:08:10.0562 3508 swmidi - ok
14:08:10.0562 3508 SwPrv - ok
14:08:10.0562 3508 symc810 - ok
14:08:10.0562 3508 symc8xx - ok
14:08:10.0578 3508 sym_hi - ok
14:08:10.0578 3508 sym_u3 - ok
14:08:10.0609 3508 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:08:10.0671 3508 sysaudio - ok
14:08:10.0781 3508 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:08:10.0843 3508 SysmonLog - ok
14:08:10.0890 3508 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
14:08:10.0906 3508 taphss - ok
14:08:10.0937 3508 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:08:11.0046 3508 TapiSrv - ok
14:08:11.0125 3508 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:08:11.0140 3508 Tcpip - ok
14:08:11.0234 3508 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:08:11.0296 3508 TDPIPE - ok
14:08:11.0312 3508 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:08:11.0468 3508 TDTCP - ok
14:08:11.0515 3508 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:08:11.0625 3508 TermDD - ok
14:08:11.0703 3508 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:08:11.0812 3508 TermService - ok
14:08:11.0859 3508 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
14:08:11.0875 3508 Themes - ok
14:08:11.0875 3508 TosIde - ok
14:08:11.0875 3508 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:08:11.0984 3508 TrkWks - ok
14:08:12.0062 3508 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:08:12.0125 3508 Udfs - ok
14:08:12.0125 3508 ultra - ok
14:08:12.0218 3508 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:08:12.0312 3508 Update - ok
14:08:12.0375 3508 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:08:12.0437 3508 upnphost - ok
14:08:12.0484 3508 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:08:12.0578 3508 UPS - ok
14:08:12.0578 3508 USBAAPL - ok
14:08:12.0703 3508 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:08:12.0765 3508 usbaudio - ok
14:08:12.0843 3508 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:08:12.0937 3508 usbccgp - ok
14:08:12.0984 3508 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:08:13.0078 3508 usbehci - ok
14:08:13.0156 3508 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:08:13.0218 3508 usbhub - ok
14:08:13.0234 3508 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:08:13.0296 3508 usbprint - ok
14:08:13.0359 3508 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:08:13.0468 3508 usbscan - ok
14:08:13.0531 3508 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:08:13.0640 3508 USBSTOR - ok
14:08:13.0687 3508 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:08:13.0734 3508 usbuhci - ok
14:08:13.0781 3508 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:08:13.0843 3508 VgaSave - ok
14:08:13.0843 3508 ViaIde - ok
14:08:13.0906 3508 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:08:14.0015 3508 VolSnap - ok
14:08:14.0062 3508 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:08:14.0078 3508 VSS - ok
14:08:14.0187 3508 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:08:14.0296 3508 W32Time - ok
14:08:14.0343 3508 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:08:14.0437 3508 Wanarp - ok
14:08:14.0562 3508 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:08:14.0578 3508 Wdf01000 - ok
14:08:14.0578 3508 WDICA - ok
14:08:14.0625 3508 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:08:14.0734 3508 wdmaud - ok
14:08:14.0781 3508 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:08:14.0843 3508 WebClient - ok
14:08:14.0968 3508 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:08:15.0031 3508 winmgmt - ok
14:08:15.0062 3508 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:08:15.0125 3508 WmdmPmSN - ok
14:08:15.0203 3508 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:08:15.0265 3508 Wmi - ok
14:08:15.0312 3508 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:08:15.0375 3508 WmiApSrv - ok
14:08:15.0546 3508 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:08:15.0625 3508 WMPNetworkSvc - ok
14:08:15.0656 3508 [ F1857F0A8E48DABF792C71692606D638 ] WN111v2 C:\WINDOWS\system32\DRIVERS\WN111v2.sys
14:08:15.0781 3508 WN111v2 - ok
14:08:15.0796 3508 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:08:15.0812 3508 WpdUsb - ok
14:08:15.0937 3508 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:08:15.0953 3508 WPFFontCache_v0400 - ok
14:08:15.0984 3508 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:08:16.0093 3508 WS2IFSL - ok
14:08:16.0171 3508 [ 43F767D59BFC25D8F4FC2EB42043EC1E ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
14:08:16.0171 3508 WSIMD ( UnsignedFile.Multi.Generic ) - warning
14:08:16.0171 3508 WSIMD - detected UnsignedFile.Multi.Generic (1)
14:08:16.0187 3508 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:08:16.0234 3508 WSTCODEC - ok
14:08:16.0359 3508 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:08:16.0437 3508 wuauserv - ok
14:08:16.0500 3508 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:08:16.0562 3508 WudfPf - ok
14:08:16.0562 3508 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:08:16.0578 3508 WudfRd - ok
14:08:16.0625 3508 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:08:16.0625 3508 WudfSvc - ok
14:08:16.0687 3508 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:08:16.0796 3508 WZCSVC - ok
14:08:16.0828 3508 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:08:16.0875 3508 xmlprov - ok
14:08:16.0984 3508 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
14:08:16.0984 3508 xusb21 - ok
14:08:16.0984 3508 ================ Scan global ===============================
14:08:17.0078 3508 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:08:17.0125 3508 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:08:17.0125 3508 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:08:17.0156 3508 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:08:17.0156 3508 [Global] - ok
14:08:17.0171 3508 ================ Scan MBR ==================================
14:08:17.0187 3508 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:08:17.0500 3508 \Device\Harddisk0\DR0 - ok
14:08:17.0500 3508 ================ Scan VBR ==================================
14:08:17.0500 3508 [ 547B97760E538C357BB4BD56B6FF3D85 ] \Device\Harddisk0\DR0\Partition1
14:08:17.0500 3508 \Device\Harddisk0\DR0\Partition1 - ok
14:08:17.0500 3508 ================ Scan active images ========================
14:08:17.0500 3508 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
14:08:17.0500 3508 C:\WINDOWS\system32\drivers\intelppm.sys - ok
14:08:17.0500 3508 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
14:08:17.0500 3508 C:\WINDOWS\system32\drivers\videoprt.sys - ok
14:08:17.0515 3508 [ ED9816DBAF6689542EA7D022631906A1 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
14:08:17.0515 3508 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\usbehci.sys - ok
14:08:17.0515 3508 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\usbport.sys - ok
14:08:17.0515 3508 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
14:08:17.0515 3508 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
14:08:17.0515 3508 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\imapi.sys - ok
14:08:17.0515 3508 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\cdrom.sys - ok
14:08:17.0515 3508 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\ks.sys - ok
14:08:17.0515 3508 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\redbook.sys - ok
14:08:17.0515 3508 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
14:08:17.0515 3508 [ 0907A12341E56DDA7B22F8FD116A981D ] C:\WINDOWS\system32\drivers\l151x86.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\l151x86.sys - ok
14:08:17.0515 3508 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
14:08:17.0515 3508 C:\WINDOWS\system32\drivers\serial.sys - ok
14:08:17.0531 3508 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
14:08:17.0531 3508 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\serenum.sys - ok
14:08:17.0531 3508 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
14:08:17.0531 3508 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\mouclass.sys - ok
14:08:17.0531 3508 [ AD67795900AA8C05CC4570F5349E0639 ] C:\WINDOWS\system32\drivers\jswscimd.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\jswscimd.sys - ok
14:08:17.0531 3508 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\audstub.sys - ok
14:08:17.0531 3508 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
14:08:17.0531 3508 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
14:08:17.0531 3508 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
14:08:17.0531 3508 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
14:08:17.0531 3508 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\raspptp.sys - ok
14:08:17.0531 3508 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
14:08:17.0531 3508 C:\WINDOWS\system32\drivers\tdi.sys - ok
14:08:17.0546 3508 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\psched.sys - ok
14:08:17.0546 3508 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\msgpc.sys - ok
14:08:17.0546 3508 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\ptilink.sys - ok
14:08:17.0546 3508 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\raspti.sys - ok
14:08:17.0546 3508 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\swenum.sys - ok
14:08:17.0546 3508 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] C:\WINDOWS\system32\drivers\taphss.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\taphss.sys - ok
14:08:17.0546 3508 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\termdd.sys - ok
14:08:17.0546 3508 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\update.sys - ok
14:08:17.0546 3508 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
14:08:17.0546 3508 [ 43F767D59BFC25D8F4FC2EB42043EC1E ] C:\WINDOWS\system32\drivers\wsimd.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\wsimd.sys - ok
14:08:17.0546 3508 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
14:08:17.0546 3508 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
14:08:17.0562 3508 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\usbd.sys - ok
14:08:17.0562 3508 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\usbhub.sys - ok
14:08:17.0562 3508 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\drmk.sys - ok
14:08:17.0562 3508 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\portcls.sys - ok
14:08:17.0562 3508 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
14:08:17.0562 3508 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\beep.sys - ok
14:08:17.0562 3508 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
14:08:17.0562 3508 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
14:08:17.0562 3508 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\hidparse.sys - ok
14:08:17.0562 3508 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
14:08:17.0562 3508 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
14:08:17.0562 3508 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
14:08:17.0562 3508 C:\WINDOWS\system32\drivers\null.sys - ok
14:08:17.0578 3508 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
14:08:17.0578 3508 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\vga.sys - ok
14:08:17.0578 3508 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\ipsec.sys - ok
14:08:17.0578 3508 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\msfs.sys - ok
14:08:17.0578 3508 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\npfs.sys - ok
14:08:17.0578 3508 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\rasacd.sys - ok
14:08:17.0578 3508 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
14:08:17.0578 3508 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\netbt.sys - ok
14:08:17.0578 3508 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\tcpip.sys - ok
14:08:17.0578 3508 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\wanarp.sys - ok
14:08:17.0578 3508 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
14:08:17.0578 3508 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
14:08:17.0578 3508 C:\WINDOWS\system32\drivers\afd.sys - ok
14:08:17.0593 3508 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\netbios.sys - ok
14:08:17.0593 3508 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\rdbss.sys - ok
14:08:17.0593 3508 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
14:08:17.0593 3508 [ 21DC5B289DCE2D32A32BAAB7BCF29A6A ] C:\WINDOWS\system32\drivers\oreans32.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\oreans32.sys - ok
14:08:17.0593 3508 [ 663F2FB92608073824EE3106886120F3 ] C:\WINDOWS\system32\drivers\AsIO.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\AsIO.sys - ok
14:08:17.0593 3508 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\fips.sys - ok
14:08:17.0593 3508 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
14:08:17.0593 3508 C:\WINDOWS\system32\ntdll.dll - ok
14:08:17.0593 3508 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
14:08:17.0593 3508 C:\WINDOWS\system32\smss.exe - ok
14:08:17.0593 3508 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
14:08:17.0593 3508 C:\WINDOWS\system32\autochk.exe - ok
14:08:17.0593 3508 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
14:08:17.0593 3508 C:\WINDOWS\system32\sfcfiles.dll - ok
14:08:17.0593 3508 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
14:08:17.0593 3508 C:\WINDOWS\system32\drivers\cdfs.sys - ok
14:08:17.0609 3508 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
14:08:17.0609 3508 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\hidclass.sys - ok
14:08:17.0609 3508 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\hidusb.sys - ok
14:08:17.0609 3508 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\mouhid.sys - ok
14:08:17.0609 3508 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\wmilib.sys - ok
14:08:17.0609 3508 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\atapi.sys - ok
14:08:17.0609 3508 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
14:08:17.0609 3508 C:\WINDOWS\system32\drivers\dxapi.sys - ok
14:08:17.0609 3508 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
14:08:17.0609 3508 C:\WINDOWS\system32\csrsrv.dll - ok
14:08:17.0609 3508 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
14:08:17.0609 3508 C:\WINDOWS\system32\csrss.exe - ok
14:08:17.0609 3508 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
14:08:17.0609 3508 C:\WINDOWS\system32\watchdog.sys - ok
14:08:17.0609 3508 [ FC8A1F72A8097910A11D5184BC3F887B ] C:\WINDOWS\system32\win32k.sys
14:08:17.0609 3508 C:\WINDOWS\system32\win32k.sys - ok
14:08:17.0609 3508 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:08:17.0609 3508 C:\WINDOWS\system32\basesrv.dll - ok
14:08:17.0625 3508 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
14:08:17.0625 3508 C:\WINDOWS\system32\gdi32.dll - ok
14:08:17.0625 3508 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
14:08:17.0625 3508 C:\WINDOWS\system32\kernel32.dll - ok
14:08:17.0625 3508 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
14:08:17.0625 3508 C:\WINDOWS\system32\winsrv.dll - ok
14:08:17.0625 3508 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
14:08:17.0625 3508 C:\WINDOWS\system32\user32.dll - ok
14:08:17.0625 3508 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
14:08:17.0625 3508 C:\WINDOWS\system32\drivers\dxg.sys - ok
14:08:17.0625 3508 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
14:08:17.0625 3508 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
14:08:17.0625 3508 [ 2C9A151701878E18563447EB2C2B0516 ] C:\WINDOWS\system32\nv4_disp.dll
14:08:17.0625 3508 C:\WINDOWS\system32\nv4_disp.dll - ok
14:08:17.0625 3508 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
14:08:17.0625 3508 C:\WINDOWS\system32\vga.dll - ok
14:08:17.0625 3508 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
14:08:17.0625 3508 C:\WINDOWS\system32\winlogon.exe - ok
14:08:17.0625 3508 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
14:08:17.0625 3508 C:\WINDOWS\system32\advapi32.dll - ok
14:08:17.0625 3508 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
14:08:17.0625 3508 C:\WINDOWS\system32\rpcrt4.dll - ok
14:08:17.0625 3508 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
14:08:17.0625 3508 C:\WINDOWS\system32\secur32.dll - ok
14:08:17.0640 3508 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
14:08:17.0640 3508 C:\WINDOWS\system32\authz.dll - ok
14:08:17.0640 3508 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
14:08:17.0640 3508 C:\WINDOWS\system32\msvcrt.dll - ok
14:08:17.0640 3508 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
14:08:17.0640 3508 C:\WINDOWS\system32\crypt32.dll - ok
14:08:17.0640 3508 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
14:08:17.0640 3508 C:\WINDOWS\system32\msasn1.dll - ok
14:08:17.0640 3508 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
14:08:17.0640 3508 C:\WINDOWS\system32\nddeapi.dll - ok
14:08:17.0640 3508 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
14:08:17.0640 3508 C:\WINDOWS\system32\netapi32.dll - ok
14:08:17.0640 3508 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
14:08:17.0640 3508 C:\WINDOWS\system32\profmap.dll - ok
14:08:17.0640 3508 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
14:08:17.0640 3508 C:\WINDOWS\system32\userenv.dll - ok
14:08:17.0640 3508 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
14:08:17.0640 3508 C:\WINDOWS\system32\psapi.dll - ok
14:08:17.0640 3508 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
14:08:17.0640 3508 C:\WINDOWS\system32\regapi.dll - ok
14:08:17.0640 3508 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
14:08:17.0640 3508 C:\WINDOWS\system32\setupapi.dll - ok
14:08:17.0640 3508 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
14:08:17.0640 3508 C:\WINDOWS\system32\version.dll - ok
14:08:17.0656 3508 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
14:08:17.0656 3508 C:\WINDOWS\system32\winsta.dll - ok
14:08:17.0656 3508 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
14:08:17.0656 3508 C:\WINDOWS\system32\wintrust.dll - ok
14:08:17.0656 3508 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
14:08:17.0656 3508 C:\WINDOWS\system32\imagehlp.dll - ok
14:08:17.0656 3508 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
14:08:17.0656 3508 C:\WINDOWS\system32\imm32.dll - ok
14:08:17.0656 3508 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
14:08:17.0656 3508 C:\WINDOWS\system32\ws2help.dll - ok
14:08:17.0656 3508 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
14:08:17.0656 3508 C:\WINDOWS\system32\ws2_32.dll - ok
14:08:17.0656 3508 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
14:08:17.0656 3508 C:\WINDOWS\system32\kbduk.dll - ok
14:08:17.0656 3508 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
14:08:17.0656 3508 C:\WINDOWS\system32\msgina.dll - ok
14:08:17.0656 3508 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
14:08:17.0656 3508 C:\WINDOWS\system32\comctl32.dll - ok
14:08:17.0656 3508 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
14:08:17.0656 3508 C:\WINDOWS\system32\odbc32.dll - ok
14:08:17.0656 3508 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
14:08:17.0656 3508 C:\WINDOWS\system32\comdlg32.dll - ok
14:08:17.0671 3508 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
14:08:17.0671 3508 C:\WINDOWS\system32\shell32.dll - ok
14:08:17.0671 3508 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
14:08:17.0671 3508 C:\WINDOWS\system32\shlwapi.dll - ok
14:08:17.0671 3508 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
14:08:17.0671 3508 C:\WINDOWS\system32\sxs.dll - ok
14:08:17.0671 3508 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
14:08:17.0671 3508 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
14:08:17.0671 3508 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
14:08:17.0671 3508 C:\WINDOWS\system32\odbcint.dll - ok
14:08:17.0671 3508 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
14:08:17.0671 3508 C:\WINDOWS\system32\ole32.dll - ok
14:08:17.0671 3508 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
14:08:17.0671 3508 C:\WINDOWS\system32\sfc.dll - ok
14:08:17.0671 3508 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
14:08:17.0671 3508 C:\WINDOWS\system32\sfc_os.dll - ok
14:08:17.0671 3508 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
14:08:17.0671 3508 C:\WINDOWS\system32\shsvcs.dll - ok
14:08:17.0671 3508 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
14:08:17.0671 3508 C:\WINDOWS\system32\apphelp.dll - ok
14:08:17.0671 3508 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
14:08:17.0671 3508 C:\WINDOWS\system32\lsass.exe - ok
14:08:17.0671 3508 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:08:17.0671 3508 C:\WINDOWS\system32\services.exe - ok
14:08:17.0687 3508 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
14:08:17.0687 3508 C:\WINDOWS\system32\lsasrv.dll - ok
14:08:17.0687 3508 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
14:08:17.0687 3508 C:\WINDOWS\system32\msvcp60.dll - ok
14:08:17.0687 3508 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
14:08:17.0687 3508 C:\WINDOWS\system32\ncobjapi.dll - ok
14:08:17.0687 3508 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
14:08:17.0687 3508 C:\WINDOWS\system32\scesrv.dll - ok
14:08:17.0687 3508 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
14:08:17.0687 3508 C:\WINDOWS\system32\mpr.dll - ok
14:08:17.0687 3508 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
14:08:17.0687 3508 C:\WINDOWS\system32\ntdsapi.dll - ok
14:08:17.0687 3508 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
14:08:17.0687 3508 C:\WINDOWS\system32\umpnpmgr.dll - ok
14:08:17.0687 3508 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
14:08:17.0687 3508 C:\WINDOWS\system32\dnsapi.dll - ok
14:08:17.0687 3508 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
14:08:17.0687 3508 C:\WINDOWS\system32\shimeng.dll - ok
14:08:17.0687 3508 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
14:08:17.0687 3508 C:\WINDOWS\AppPatch\acadproc.dll - ok
14:08:17.0687 3508 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
14:08:17.0687 3508 C:\WINDOWS\system32\wldap32.dll - ok
14:08:17.0687 3508 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
14:08:17.0687 3508 C:\WINDOWS\system32\samlib.dll - ok
14:08:17.0703 3508 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
14:08:17.0703 3508 C:\WINDOWS\system32\samsrv.dll - ok
14:08:17.0703 3508 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
14:08:17.0703 3508 C:\WINDOWS\AppPatch\acgenral.dll - ok
14:08:17.0703 3508 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
14:08:17.0703 3508 C:\WINDOWS\system32\cryptdll.dll - ok
14:08:17.0703 3508 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
14:08:17.0703 3508 C:\WINDOWS\system32\oleaut32.dll - ok
14:08:17.0703 3508 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
14:08:17.0703 3508 C:\WINDOWS\system32\winmm.dll - ok
14:08:17.0703 3508 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
14:08:17.0703 3508 C:\WINDOWS\system32\msacm32.dll - ok
14:08:17.0703 3508 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
14:08:17.0703 3508 C:\WINDOWS\system32\uxtheme.dll - ok
14:08:17.0703 3508 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
14:08:17.0703 3508 C:\WINDOWS\system32\digest.dll - ok
14:08:17.0703 3508 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
14:08:17.0703 3508 C:\WINDOWS\system32\msapsspc.dll - ok
14:08:17.0703 3508 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
14:08:17.0703 3508 C:\WINDOWS\system32\msctfime.ime - ok
14:08:17.0703 3508 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
14:08:17.0703 3508 C:\WINDOWS\system32\msnsspc.dll - ok
14:08:17.0703 3508 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
14:08:17.0703 3508 C:\WINDOWS\system32\msprivs.dll - ok
14:08:17.0718 3508 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
14:08:17.0718 3508 C:\WINDOWS\system32\msvcrt40.dll - ok
14:08:17.0718 3508 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
14:08:17.0718 3508 C:\WINDOWS\system32\schannel.dll - ok
14:08:17.0718 3508 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
14:08:17.0718 3508 C:\WINDOWS\system32\kerberos.dll - ok
14:08:17.0718 3508 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
14:08:17.0718 3508 C:\WINDOWS\system32\msv1_0.dll - ok
14:08:17.0718 3508 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
14:08:17.0718 3508 C:\WINDOWS\system32\atmfd.dll - ok
14:08:17.0718 3508 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
14:08:17.0718 3508 C:\WINDOWS\system32\iphlpapi.dll - ok
14:08:17.0718 3508 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
14:08:17.0718 3508 C:\WINDOWS\system32\netlogon.dll - ok
14:08:17.0718 3508 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
14:08:17.0718 3508 C:\WINDOWS\system32\w32time.dll - ok
14:08:17.0718 3508 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
14:08:17.0718 3508 C:\WINDOWS\system32\rsaenh.dll - ok
14:08:17.0718 3508 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
14:08:17.0718 3508 C:\WINDOWS\system32\wdigest.dll - ok
14:08:17.0718 3508 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
14:08:17.0718 3508 C:\WINDOWS\system32\winscard.dll - ok
14:08:17.0734 3508 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
14:08:17.0734 3508 C:\WINDOWS\system32\wtsapi32.dll - ok
14:08:17.0734 3508 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
14:08:17.0734 3508 C:\WINDOWS\system32\scecli.dll - ok
14:08:17.0734 3508 [ 58A517026E5C8674A70B9B6650691EFE ] C:\WINDOWS\system32\nvcpl.dll
14:08:17.0734 3508 C:\WINDOWS\system32\nvcpl.dll - ok
14:08:17.0734 3508 [ A2322C6207EBB0761A6C8CC9003EBACF ] C:\WINDOWS\system32\nvsvc32.exe
14:08:17.0734 3508 C:\WINDOWS\system32\nvsvc32.exe - ok
14:08:17.0734 3508 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
14:08:17.0734 3508 C:\WINDOWS\system32\powrprof.dll - ok
14:08:17.0734 3508 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
14:08:17.0734 3508 C:\WINDOWS\system32\winspool.drv - ok
14:08:17.0734 3508 [ 933CB1A7E0AF34C63F4B1F3B9C149286 ] C:\WINDOWS\system32\nvrseng.dll
14:08:17.0734 3508 C:\WINDOWS\system32\nvrseng.dll - ok
14:08:17.0734 3508 [ 6A65DA7325CF33ACAA112DC2F70B0934 ] C:\WINDOWS\system32\nvapi.dll
14:08:17.0734 3508 C:\WINDOWS\system32\nvapi.dll - ok
14:08:17.0734 3508 [ 0AD786CEEFBD6D51B7D35788D83857B9 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
14:08:17.0734 3508 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
14:08:17.0734 3508 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
14:08:17.0734 3508 C:\WINDOWS\system32\logonui.exe - ok
14:08:17.0734 3508 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
14:08:17.0734 3508 C:\WINDOWS\system32\duser.dll - ok
14:08:17.0734 3508 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
14:08:17.0734 3508 C:\WINDOWS\system32\msimg32.dll - ok
14:08:17.0750 3508 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
14:08:17.0750 3508 C:\WINDOWS\system32\oleacc.dll - ok
14:08:17.0750 3508 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
14:08:17.0750 3508 C:\WINDOWS\system32\clbcatq.dll - ok
14:08:17.0750 3508 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
14:08:17.0750 3508 C:\WINDOWS\system32\comres.dll - ok
14:08:17.0750 3508 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
14:08:17.0750 3508 C:\WINDOWS\system32\shgina.dll - ok
14:08:17.0750 3508 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
14:08:17.0750 3508 C:\WINDOWS\system32\svchost.exe - ok
14:08:17.0750 3508 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
14:08:17.0750 3508 C:\WINDOWS\system32\ntmarta.dll - ok
14:08:17.0750 3508 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
14:08:17.0750 3508 C:\WINDOWS\system32\rpcss.dll - ok
14:08:17.0750 3508 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
14:08:17.0750 3508 C:\WINDOWS\system32\xpsp2res.dll - ok
14:08:17.0750 3508 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
14:08:17.0750 3508 C:\WINDOWS\system32\eventlog.dll - ok
14:08:17.0750 3508 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
14:08:17.0750 3508 C:\WINDOWS\system32\hnetcfg.dll - ok
14:08:17.0750 3508 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
14:08:17.0750 3508 C:\WINDOWS\system32\mswsock.dll - ok
14:08:17.0750 3508 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
14:08:17.0750 3508 C:\WINDOWS\system32\rasadhlp.dll - ok
14:08:17.0765 3508 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
14:08:17.0765 3508 C:\WINDOWS\system32\winrnr.dll - ok
14:08:17.0765 3508 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
14:08:17.0765 3508 C:\WINDOWS\system32\wshtcpip.dll - ok
14:08:17.0765 3508 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
14:08:17.0765 3508 C:\WINDOWS\system32\WudfSvc.dll - ok
14:08:17.0765 3508 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
14:08:17.0765 3508 C:\WINDOWS\system32\cscdll.dll - ok
14:08:17.0765 3508 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
14:08:17.0765 3508 C:\WINDOWS\system32\dimsntfy.dll - ok
14:08:17.0765 3508 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
14:08:17.0765 3508 C:\WINDOWS\system32\wlnotify.dll - ok
14:08:17.0765 3508 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
14:08:17.0765 3508 C:\WINDOWS\system32\WudfPlatform.dll - ok
14:08:17.0765 3508 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
14:08:17.0765 3508 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
14:08:17.0765 3508 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
14:08:17.0765 3508 C:\WINDOWS\system32\dhcpcsvc.dll - ok
14:08:17.0765 3508 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
14:08:17.0765 3508 C:\WINDOWS\system32\dnsrslvr.dll - ok
14:08:17.0765 3508 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
14:08:17.0765 3508 C:\WINDOWS\system32\lmhsvc.dll - ok
14:08:17.0781 3508 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
14:08:17.0781 3508 C:\WINDOWS\system32\wzcsvc.dll - ok
14:08:17.0781 3508 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
14:08:17.0781 3508 C:\WINDOWS\system32\atl.dll - ok
14:08:17.0781 3508 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
14:08:17.0781 3508 C:\WINDOWS\system32\eapolqec.dll - ok
14:08:17.0781 3508 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
14:08:17.0781 3508 C:\WINDOWS\system32\qutil.dll - ok
14:08:17.0781 3508 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
14:08:17.0781 3508 C:\WINDOWS\system32\rtutils.dll - ok
14:08:17.0781 3508 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
14:08:17.0781 3508 C:\WINDOWS\system32\wmi.dll - ok
14:08:17.0781 3508 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
14:08:17.0781 3508 C:\WINDOWS\system32\dot3api.dll - ok
14:08:17.0781 3508 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
14:08:17.0781 3508 C:\WINDOWS\system32\esent.dll - ok
14:08:17.0781 3508 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
14:08:17.0781 3508 C:\WINDOWS\system32\cryptui.dll - ok
14:08:17.0781 3508 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
14:08:17.0781 3508 C:\WINDOWS\system32\rastls.dll - ok
14:08:17.0781 3508 [ CE5BA470204A3176E60721C4B63B8DF3 ] C:\WINDOWS\system32\wininet.dll
14:08:17.0781 3508 C:\WINDOWS\system32\wininet.dll - ok
14:08:17.0781 3508 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
14:08:17.0781 3508 C:\WINDOWS\system32\normaliz.dll - ok
14:08:17.0781 3508 [ F2ED64D23C94ACF512A81142F3431F4C ] C:\WINDOWS\system32\urlmon.dll
14:08:17.0781 3508 C:\WINDOWS\system32\urlmon.dll - ok
14:08:17.0796 3508 [ F81E2C10BD6C4BE3B9A242018CEF7A98 ] C:\WINDOWS\system32\iertutil.dll
14:08:17.0796 3508 C:\WINDOWS\system32\iertutil.dll - ok
14:08:17.0796 3508 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
14:08:17.0796 3508 C:\WINDOWS\system32\activeds.dll - ok
14:08:17.0796 3508 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
14:08:17.0796 3508 C:\WINDOWS\system32\adsldpc.dll - ok
14:08:17.0796 3508 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
14:08:17.0796 3508 C:\WINDOWS\system32\mprapi.dll - ok
14:08:17.0796 3508 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
14:08:17.0796 3508 C:\WINDOWS\system32\rasapi32.dll - ok
14:08:17.0796 3508 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
14:08:17.0796 3508 C:\WINDOWS\system32\rasman.dll - ok
14:08:17.0796 3508 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
14:08:17.0796 3508 C:\WINDOWS\system32\riched20.dll - ok
14:08:17.0796 3508 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
14:08:17.0796 3508 C:\WINDOWS\system32\tapi32.dll - ok
14:08:17.0796 3508 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
14:08:17.0796 3508 C:\WINDOWS\system32\msidle.dll - ok
14:08:17.0796 3508 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
14:08:17.0796 3508 C:\WINDOWS\system32\raschap.dll - ok
14:08:17.0796 3508 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
14:08:17.0796 3508 C:\WINDOWS\system32\schedsvc.dll - ok
14:08:17.0812 3508 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
14:08:17.0812 3508 C:\WINDOWS\system32\spoolsv.exe - ok
14:08:17.0812 3508 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
14:08:17.0812 3508 C:\WINDOWS\system32\audiosrv.dll - ok
14:08:17.0812 3508 [ 8CDDBFCDAC7226FE0202C7338107725B ] C:\WINDOWS\system32\acs.exe
14:08:17.0812 3508 C:\WINDOWS\system32\acs.exe - ok
14:08:17.0812 3508 [ 87C2C8E5D929A9997C0E1414F8F62DC1 ] C:\WINDOWS\system32\athcfg20U.dll
14:08:17.0812 3508 C:\WINDOWS\system32\athcfg20U.dll - ok
14:08:17.0812 3508 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
14:08:17.0812 3508 C:\WINDOWS\system32\cfgmgr32.dll - ok
14:08:17.0812 3508 [ 91D3AC41DF7920CF051FAE571AFF7DEF ] C:\WINDOWS\system32\athcfg20resU.dll
14:08:17.0812 3508 C:\WINDOWS\system32\athcfg20resU.dll - ok
14:08:17.0812 3508 [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll
14:08:17.0812 3508 C:\WINDOWS\system32\mfc42u.dll - ok
14:08:17.0812 3508 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
14:08:17.0812 3508 C:\WINDOWS\system32\wsock32.dll - ok
14:08:17.0812 3508 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
14:08:17.0812 3508 C:\WINDOWS\system32\msvcirt.dll - ok
14:08:17.0812 3508 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
14:08:17.0812 3508 C:\WINDOWS\system32\odbcbcp.dll - ok
14:08:17.0812 3508 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
14:08:17.0812 3508 C:\WINDOWS\system32\pdh.dll - ok
14:08:17.0812 3508 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
14:08:17.0812 3508 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
14:08:17.0828 3508 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
14:08:17.0828 3508 C:\WINDOWS\system32\wkssvc.dll - ok
14:08:17.0828 3508 [ A639A3C4F22436A0A08A07CE5CE3E4C9 ] C:\WINDOWS\system32\wsfwDS.dll
14:08:17.0828 3508 C:\WINDOWS\system32\wsfwDS.dll - ok
14:08:17.0828 3508 [ F0403497A69B94D8CA9CC9BD4CE56559 ] C:\WINDOWS\system32\dsa.dll
14:08:17.0828 3508 C:\WINDOWS\system32\dsa.dll - ok
14:08:17.0828 3508 [ F9E7AAA2E5B876A2E9ED9325131FF554 ] C:\WINDOWS\system32\wsimd.dll
14:08:17.0828 3508 C:\WINDOWS\system32\wsimd.dll - ok
14:08:17.0828 3508 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
14:08:17.0828 3508 C:\WINDOWS\system32\webclnt.dll - ok
14:08:17.0828 3508 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
14:08:17.0828 3508 C:\WINDOWS\system32\cscui.dll - ok
14:08:17.0828 3508 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
14:08:17.0828 3508 C:\WINDOWS\system32\wdmaud.drv - ok
14:08:17.0828 3508 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
14:08:17.0828 3508 C:\WINDOWS\system32\dpcdll.dll - ok
14:08:17.0828 3508 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
14:08:17.0828 3508 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
14:08:17.0828 3508 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
14:08:17.0828 3508 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
14:08:17.0828 3508 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
14:08:17.0828 3508 C:\WINDOWS\system32\drivers\aec.sys - ok
14:08:17.0828 3508 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
14:08:17.0828 3508 C:\WINDOWS\system32\drivers\splitter.sys - ok
14:08:17.0843 3508 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
14:08:17.0843 3508 C:\WINDOWS\system32\drivers\swmidi.sys - ok
14:08:17.0843 3508 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
14:08:17.0843 3508 C:\WINDOWS\system32\drivers\dmusic.sys - ok
14:08:17.0843 3508 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
14:08:17.0843 3508 C:\WINDOWS\system32\drivers\kmixer.sys - ok
14:08:17.0843 3508 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
14:08:17.0843 3508 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
14:08:17.0843 3508 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
14:08:17.0843 3508 C:\WINDOWS\system32\msacm32.drv - ok
14:08:17.0843 3508 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
14:08:17.0843 3508 C:\WINDOWS\system32\midimap.dll - ok
14:08:17.0843 3508 [ DBFE1E91701B530DAA56178C50F15B4C ] C:\Documents and Settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe
14:08:17.0843 3508 C:\Documents and Settings\Joe\Local Settings\Application Data\lpclpkjm\tvtxdnsd.exe - ok
14:08:17.0843 3508 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
14:08:17.0843 3508 C:\WINDOWS\system32\userinit.exe - ok
14:08:17.0843 3508 [ 64B33CC5BF131DEF2721394CF9B3F8ED ] C:\WINDOWS\system32\msvbvm60.dll
14:08:17.0843 3508 C:\WINDOWS\system32\msvbvm60.dll - ok
14:08:17.0843 3508 [ D412AC27FE3C9F8BC19741DAC0E0329D ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
14:08:17.0843 3508 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
14:08:17.0843 3508 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
14:08:17.0843 3508 C:\WINDOWS\explorer.exe - ok
14:08:17.0859 3508 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
14:08:17.0859 3508 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
14:08:17.0859 3508 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
14:08:17.0859 3508 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
14:08:17.0859 3508 [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files\Google\Update\1.3.21.153\goopdate.dll
14:08:17.0859 3508 C:\Program Files\Google\Update\1.3.21.153\goopdate.dll - ok
14:08:17.0859 3508 [ 12517C9BB249B072A3179C786A0DD32F ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
14:08:17.0859 3508 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
14:08:17.0859 3508 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
14:08:17.0859 3508 C:\WINDOWS\system32\browseui.dll - ok
14:08:17.0859 3508 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
14:08:17.0859 3508 C:\WINDOWS\system32\msi.dll - ok
14:08:17.0859 3508 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
14:08:17.0859 3508 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
14:08:17.0859 3508 [ 7D5A8BD7548FB8EE039F3F3B45B1FCC8 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
14:08:17.0859 3508 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
14:08:17.0859 3508 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
14:08:17.0859 3508 C:\WINDOWS\system32\shdocvw.dll - ok
14:08:17.0859 3508 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
14:08:17.0859 3508 C:\WINDOWS\system32\dbghelp.dll - ok
14:08:17.0859 3508 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
14:08:17.0859 3508 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
14:08:17.0859 3508 [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
14:08:17.0859 3508 C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
14:08:17.0875 3508 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
14:08:17.0875 3508 C:\WINDOWS\system32\mstask.dll - ok
14:08:17.0875 3508 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
14:08:17.0875 3508 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
14:08:17.0875 3508 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
14:08:17.0875 3508 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
14:08:17.0875 3508 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
14:08:17.0875 3508 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
14:08:17.0875 3508 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
14:08:17.0875 3508 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll - ok
14:08:17.0875 3508 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
14:08:17.0875 3508 C:\WINDOWS\system32\desk.cpl - ok
14:08:17.0875 3508 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
14:08:17.0875 3508 C:\WINDOWS\system32\themeui.dll - ok
14:08:17.0875 3508 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
14:08:17.0875 3508 C:\WINDOWS\system32\actxprxy.dll - ok
14:08:17.0875 3508 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
14:08:17.0875 3508 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
14:08:17.0875 3508 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
14:08:17.0875 3508 C:\WINDOWS\system32\msxml3.dll - ok
14:08:17.0875 3508 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
14:08:17.0875 3508 C:\WINDOWS\system32\cmd.exe - ok
14:08:17.0875 3508 [ 4E98097C6DAF780D145FB702C6EA625F ] C:\WINDOWS\system32\ieframe.dll
14:08:17.0875 3508 C:\WINDOWS\system32\ieframe.dll - ok
14:08:17.0890 3508 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
14:08:17.0890 3508 C:\WINDOWS\system32\drivers\parport.sys - ok
14:08:17.0890 3508 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:08:17.0890 3508 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:08:17.0890 3508 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
14:08:17.0890 3508 C:\WINDOWS\system32\mscoree.dll - ok
14:08:17.0890 3508 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
14:08:17.0890 3508 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
14:08:17.0890 3508 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
14:08:17.0890 3508 C:\WINDOWS\system32\certcli.dll - ok
14:08:17.0890 3508 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
14:08:17.0890 3508 C:\WINDOWS\system32\cryptsvc.dll - ok
14:08:17.0890 3508 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
14:08:17.0890 3508 C:\WINDOWS\system32\ersvc.dll - ok
14:08:17.0890 3508 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
14:08:17.0890 3508 C:\WINDOWS\system32\es.dll - ok
14:08:17.0890 3508 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
14:08:17.0890 3508 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
14:08:17.0890 3508 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
14:08:17.0890 3508 C:\WINDOWS\system32\hidserv.dll - ok
14:08:17.0890 3508 [ 9D84376931440F3679BEEF2A414FA493 ] C:\WINDOWS\system32\HPZipm12.exe
14:08:17.0890 3508 C:\WINDOWS\system32\HPZipm12.exe - ok
14:08:17.0906 3508 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
14:08:17.0906 3508 C:\WINDOWS\system32\hid.dll - ok
14:08:17.0906 3508 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
14:08:17.0906 3508 C:\WINDOWS\system32\srvsvc.dll - ok
14:08:17.0906 3508 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
14:08:17.0906 3508 C:\WINDOWS\system32\ipsecsvc.dll - ok
14:08:17.0906 3508 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
14:08:17.0906 3508 C:\WINDOWS\system32\netmsg.dll - ok
14:08:17.0906 3508 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
14:08:17.0906 3508 C:\WINDOWS\system32\oakley.dll - ok
14:08:17.0906 3508 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
14:08:17.0906 3508 C:\WINDOWS\system32\seclogon.dll - ok
14:08:17.0906 3508 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
14:08:17.0906 3508 C:\WINDOWS\system32\sens.dll - ok
14:08:17.0906 3508 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
14:08:17.0906 3508 C:\WINDOWS\system32\wiaservc.dll - ok
14:08:17.0906 3508 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
14:08:17.0906 3508 C:\WINDOWS\system32\srsvc.dll - ok
14:08:17.0906 3508 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
14:08:17.0906 3508 C:\WINDOWS\system32\winipsec.dll - ok
14:08:17.0906 3508 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
14:08:17.0906 3508 C:\WINDOWS\system32\pstorsvc.dll - ok
14:08:17.0906 3508 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
14:08:17.0906 3508 C:\WINDOWS\system32\trkwks.dll - ok
14:08:17.0921 3508 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
14:08:17.0921 3508 C:\WINDOWS\system32\psbase.dll - ok
14:08:17.0921 3508 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
14:08:17.0921 3508 C:\WINDOWS\system32\drivers\srv.sys - ok
14:08:17.0921 3508 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
14:08:17.0921 3508 C:\WINDOWS\system32\dssenh.dll - ok
14:08:17.0921 3508 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
14:08:17.0921 3508 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
14:08:17.0921 3508 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
14:08:17.0921 3508 C:\WINDOWS\system32\mscms.dll - ok
14:08:17.0921 3508 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
14:08:17.0921 3508 C:\WINDOWS\system32\vssapi.dll - ok
14:08:17.0921 3508 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
14:08:17.0921 3508 C:\WINDOWS\system32\spoolss.dll - ok
14:08:17.0921 3508 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
14:08:17.0921 3508 C:\WINDOWS\system32\comsvcs.dll - ok
14:08:17.0921 3508 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
14:08:17.0921 3508 C:\WINDOWS\system32\localspl.dll - ok
14:08:17.0921 3508 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
14:08:17.0921 3508 C:\WINDOWS\system32\cnbjmon.dll - ok
14:08:17.0921 3508 [ CDF2B849DDFA0EA40739814A3BA4B533 ] C:\WINDOWS\system32\hpz3l3xu.dll
14:08:17.0921 3508 C:\WINDOWS\system32\hpz3l3xu.dll - ok
14:08:17.0921 3508 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
14:08:17.0921 3508 C:\WINDOWS\system32\pjlmon.dll - ok
14:08:17.0937 3508 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
14:08:17.0937 3508 C:\WINDOWS\system32\msonpmon.dll - ok
14:08:17.0937 3508 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
14:08:17.0937 3508 C:\WINDOWS\system32\tcpmon.dll - ok
14:08:17.0937 3508 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
14:08:17.0937 3508 C:\WINDOWS\system32\clusapi.dll - ok
14:08:17.0937 3508 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
14:08:17.0937 3508 C:\WINDOWS\system32\colbact.dll - ok
14:08:17.0937 3508 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
14:08:17.0937 3508 C:\WINDOWS\system32\mtxclu.dll - ok
14:08:17.0937 3508 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
14:08:17.0937 3508 C:\WINDOWS\system32\usbmon.dll - ok
14:08:17.0937 3508 [ 488F0C74A6E9D5CAE865255600D214F4 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xu.dll
14:08:17.0937 3508 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xu.dll - ok
14:08:17.0937 3508 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
14:08:17.0937 3508 C:\WINDOWS\system32\resutils.dll - ok
14:08:17.0937 3508 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
14:08:17.0937 3508 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
14:08:17.0937 3508 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
14:08:17.0937 3508 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
14:08:17.0937 3508 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
14:08:17.0937 3508 C:\WINDOWS\system32\cryptnet.dll - ok
14:08:17.0937 3508 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
14:08:17.0953 3508 C:\WINDOWS\system32\sensapi.dll - ok
14:08:17.0953 3508 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
14:08:17.0953 3508 C:\WINDOWS\system32\win32spl.dll - ok
14:08:17.0953 3508 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
14:08:17.0953 3508 C:\WINDOWS\system32\winhttp.dll - ok
14:08:17.0953 3508 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
14:08:17.0953 3508 C:\WINDOWS\system32\netrap.dll - ok
14:08:17.0953 3508 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
14:08:17.0953 3508 C:\WINDOWS\system32\inetpp.dll - ok
14:08:17.0953 3508 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
14:08:17.0953 3508 C:\WINDOWS\system32\cabinet.dll - ok
14:08:17.0953 3508 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
14:08:17.0953 3508 C:\WINDOWS\system32\browser.dll - ok
14:08:17.0953 3508 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
14:08:17.0953 3508 C:\WINDOWS\system32\termsrv.dll - ok
14:08:17.0953 3508 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
14:08:17.0953 3508 C:\WINDOWS\system32\icaapi.dll - ok
14:08:17.0953 3508 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
14:08:17.0953 3508 C:\WINDOWS\system32\mstlsapi.dll - ok
14:08:17.0953 3508 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
14:08:17.0953 3508 C:\WINDOWS\system32\rundll32.exe - ok
14:08:17.0953 3508 [ DBFE1E91701B530DAA56178C50F15B4C ] C:\DOCUME~1\Joe\LOCALS~1\temp\lbrsflgk.exe
14:08:17.0953 3508 C:\DOCUME~1\Joe\LOCALS~1\temp\lbrsflgk.exe - ok
14:08:17.0968 3508 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
14:08:17.0968 3508 C:\WINDOWS\system32\faultrep.dll - ok
14:08:17.0968 3508 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Joe\LOCALS~1\temp\41BC28B2-B650-4F89-B99E-56999221381C.exe
14:08:17.0968 3508 C:\DOCUME~1\Joe\LOCALS~1\temp\41BC28B2-B650-4F89-B99E-56999221381C.exe - ok
14:08:17.0968 3508 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
14:08:17.0968 3508 C:\WINDOWS\system32\linkinfo.dll - ok
14:08:17.0968 3508 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
14:08:17.0968 3508 C:\WINDOWS\system32\ntshrui.dll - ok
14:08:17.0968 3508 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
14:08:17.0968 3508 C:\WINDOWS\system32\verclsid.exe - ok
14:08:17.0968 3508 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
14:08:17.0968 3508 C:\WINDOWS\system32\netshell.dll - ok
14:08:17.0968 3508 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\18688571.sys
14:08:17.0968 3508 C:\WINDOWS\system32\drivers\18688571.sys - ok
14:08:17.0968 3508 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
14:08:17.0968 3508 C:\WINDOWS\system32\credui.dll - ok
14:08:17.0968 3508 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
14:08:17.0968 3508 C:\WINDOWS\system32\dot3dlg.dll - ok
14:08:17.0968 3508 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
14:08:17.0968 3508 C:\WINDOWS\system32\eappcfg.dll - ok
14:08:17.0968 3508 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
14:08:17.0968 3508 C:\WINDOWS\system32\eappprxy.dll - ok
14:08:17.0968 3508 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
14:08:17.0968 3508 C:\WINDOWS\system32\onex.dll - ok
14:08:17.0984 3508 [ 6BC096230DB4FCA0B9CDAFD4B461DF41 ] C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
14:08:17.0984 3508 C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe - ok
14:08:17.0984 3508 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
14:08:17.0984 3508 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
14:08:17.0984 3508 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
14:08:17.0984 3508 C:\WINDOWS\system32\netman.dll - ok
14:08:17.0984 3508 [ 8E53B67FA3816E854B07C5DC66E10730 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
14:08:17.0984 3508 C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
14:08:17.0984 3508 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
14:08:17.0984 3508 C:\WINDOWS\system32\ctfmon.exe - ok
14:08:17.0984 3508 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
14:08:17.0984 3508 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
14:08:17.0984 3508 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
14:08:17.0984 3508 C:\WINDOWS\system32\msctf.dll - ok
14:08:17.0984 3508 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
14:08:17.0984 3508 C:\WINDOWS\system32\wzcsapi.dll - ok
14:08:17.0984 3508 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
14:08:17.0984 3508 C:\WINDOWS\system32\msutb.dll - ok
14:08:17.0984 3508 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
14:08:17.0984 3508 C:\WINDOWS\system32\msisip.dll - ok
14:08:17.0984 3508 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
14:08:17.0984 3508 C:\WINDOWS\system32\upnp.dll - ok
14:08:18.0000 3508 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
14:08:18.0000 3508 C:\WINDOWS\system32\wshext.dll - ok
14:08:18.0000 3508 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
14:08:18.0000 3508 C:\WINDOWS\system32\ssdpapi.dll - ok
14:08:18.0000 3508 [ F36BC7FB3A87DE9138AAECC40F7BC116 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
14:08:18.0000 3508 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
14:08:18.0000 3508 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
14:08:18.0000 3508 C:\WINDOWS\ime\sptip.dll - ok
14:08:18.0000 3508 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
14:08:18.0000 3508 C:\WINDOWS\system32\drivers\http.sys - ok
14:08:18.0000 3508 [ A03F767B2B38AAD9563B2648DCFEE9F0 ] C:\Program Files\NETGEAR\WN111v2\WN111V2.exe
14:08:18.0000 3508 C:\Program Files\NETGEAR\WN111v2\WN111V2.exe - ok
14:08:18.0000 3508 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
14:08:18.0000 3508 C:\WINDOWS\system32\ssdpsrv.dll - ok
14:08:18.0000 3508 [ 7C8D7FBCD3A8BD0AD121522526344180 ] C:\WINDOWS\system32\wcapi.dll
14:08:18.0000 3508 C:\WINDOWS\system32\wcapi.dll - ok
14:08:18.0000 3508 [ 5305DDF7BB6A7C532E7E0BECAE22D9AB ] C:\WINDOWS\system32\athcfg20.dll
14:08:18.0000 3508 C:\WINDOWS\system32\athcfg20.dll - ok
14:08:18.0000 3508 [ A430FAAE0A4DB973500B6C882F8848E5 ] C:\Program Files\NETGEAR\WN111v2\MFC42.DLL
14:08:18.0000 3508 C:\Program Files\NETGEAR\WN111v2\MFC42.DLL - ok
14:08:18.0000 3508 [ 3DF8D76576A0AD5F82E541C6F4903A85 ] C:\Program Files\Real\RealPlayer\Update\setu3270.dll
14:08:18.0000 3508 C:\Program Files\Real\RealPlayer\Update\setu3270.dll - ok
14:08:18.0000 3508 [ 17B3640005398694B20B7EAF5A73E8ED ] C:\WINDOWS\system32\DNIN50.dll
14:08:18.0000 3508 C:\WINDOWS\system32\DNIN50.dll - ok
14:08:18.0015 3508 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
14:08:18.0015 3508 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
14:08:18.0015 3508 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
14:08:18.0015 3508 C:\WINDOWS\system32\olepro32.dll - ok
14:08:18.0015 3508 [ 32288D2A44C99A769A8D3B6D627D7227 ] C:\Program Files\Real\RealPlayer\realplay.exe
14:08:18.0015 3508 C:\Program Files\Real\RealPlayer\realplay.exe - ok
14:08:18.0015 3508 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
14:08:18.0015 3508 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
14:08:18.0015 3508 C:\WINDOWS\system32\riched32.dll - ok
14:08:18.0015 3508 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\esscli.dll - ok
14:08:18.0015 3508 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\fastprox.dll - ok
14:08:18.0015 3508 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
14:08:18.0015 3508 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
14:08:18.0015 3508 C:\WINDOWS\system32\webcheck.dll - ok
14:08:18.0015 3508 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
14:08:18.0015 3508 C:\WINDOWS\system32\mlang.dll - ok
14:08:18.0015 3508 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
14:08:18.0015 3508 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
14:08:18.0031 3508 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
14:08:18.0031 3508 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
14:08:18.0031 3508 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
14:08:18.0031 3508 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
14:08:18.0031 3508 [ 255423C760AE5A9D81A44873923B116D ] C:\Program Files\Real\RealPlayer\rpwa3260.dll
14:08:18.0031 3508 C:\Program Files\Real\RealPlayer\rpwa3260.dll - ok
14:08:18.0031 3508 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
14:08:18.0031 3508 C:\WINDOWS\system32\imapi.exe - ok
14:08:18.0031 3508 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
14:08:18.0031 3508 C:\WINDOWS\system32\stobject.dll - ok
14:08:18.0031 3508 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
14:08:18.0031 3508 C:\WINDOWS\system32\httpapi.dll - ok
14:08:18.0031 3508 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
14:08:18.0031 3508 C:\WINDOWS\system32\wbem\wbemess.dll - ok
14:08:18.0031 3508 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
14:08:18.0031 3508 C:\WINDOWS\system32\batmeter.dll - ok
14:08:18.0031 3508 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
14:08:18.0031 3508 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
14:08:18.0031 3508 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
14:08:18.0031 3508 C:\WINDOWS\system32\mydocs.dll - ok
14:08:18.0031 3508 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
14:08:18.0031 3508 C:\WINDOWS\system32\netcfgx.dll - ok
14:08:18.0031 3508 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
14:08:18.0031 3508 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
14:08:18.0046 3508 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
14:08:18.0046 3508 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
14:08:18.0046 3508 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
14:08:18.0046 3508 C:\WINDOWS\system32\w3ssl.dll - ok
14:08:18.0046 3508 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
14:08:18.0046 3508 C:\WINDOWS\system32\strmfilt.dll - ok
14:08:18.0046 3508 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
14:08:18.0046 3508 C:\WINDOWS\system32\rasmans.dll - ok
14:08:18.0046 3508 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
14:08:18.0046 3508 C:\WINDOWS\system32\tapisrv.dll - ok
14:08:18.0046 3508 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
14:08:18.0046 3508 C:\WINDOWS\system32\rastapi.dll - ok
14:08:18.0046 3508 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
14:08:18.0046 3508 C:\WINDOWS\system32\unimdm.tsp - ok
14:08:18.0046 3508 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
14:08:18.0046 3508 C:\WINDOWS\system32\uniplat.dll - ok
14:08:18.0046 3508 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
14:08:18.0046 3508 C:\WINDOWS\system32\h323.tsp - ok
14:08:18.0046 3508 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
14:08:18.0046 3508 C:\WINDOWS\system32\hidphone.tsp - ok
14:08:18.0046 3508 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
14:08:18.0046 3508 C:\WINDOWS\system32\ipconf.tsp - ok
14:08:18.0046 3508 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
14:08:18.0046 3508 C:\WINDOWS\system32\kmddsp.tsp - ok
14:08:18.0062 3508 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
14:08:18.0062 3508 C:\WINDOWS\system32\ndptsp.tsp - ok
14:08:18.0062 3508 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
14:08:18.0062 3508 C:\WINDOWS\system32\rasppp.dll - ok
14:08:18.0062 3508 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
14:08:18.0062 3508 C:\WINDOWS\system32\ntlsapi.dll - ok
14:08:18.0062 3508 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
14:08:18.0062 3508 C:\WINDOWS\system32\rasqec.dll - ok
14:08:18.0062 3508 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
14:08:18.0062 3508 C:\WINDOWS\system32\rasdlg.dll - ok
14:08:18.0062 3508 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
14:08:18.0062 3508 C:\WINDOWS\system32\wbem\ncprov.dll - ok
14:08:18.0062 3508 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
14:08:18.0062 3508 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
14:08:18.0062 3508 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
14:08:18.0062 3508 C:\WINDOWS\system32\drprov.dll - ok
14:08:18.0062 3508 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
14:08:18.0062 3508 C:\WINDOWS\system32\ntlanman.dll - ok
14:08:18.0062 3508 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
14:08:18.0062 3508 C:\WINDOWS\system32\netui0.dll - ok
14:08:18.0062 3508 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
14:08:18.0062 3508 C:\WINDOWS\system32\netui1.dll - ok
14:08:18.0078 3508 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
14:08:18.0078 3508 C:\WINDOWS\system32\davclnt.dll - ok
14:08:18.0078 3508 ============================================================
14:08:18.0078 3508 Scan finished
14:08:18.0078 3508 ============================================================
14:08:18.0078 3500 Detected object count: 11
14:08:18.0078 3500 Actual detected object count: 11
14:08:53.0843 3500 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0843 3500 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 ATIAVAIW ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 ATIAVAIW ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 HPZid412 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 HPZid412 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 HPZipr12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 HPZipr12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:08:53.0859 3500 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
14:08:53.0859 3500 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip

#60
Phel

Posted 26 August 2013 - 08:30 AM

Trusted Helper

Malware Removal
1,386 posts

I don't see any rootkit infection on your computer. let's try to remove this malware outside the Windows environment.

Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select English as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select English as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]