My anti-virus program indicates the desktop.ini trojan is found on my PC, but when I complete a scan, the virus is not removed. Each time I search the internet, my websites search results get redirected. Please help!
Please help remove desktop.ini trojan virus [Closed]
Started by
whitewater
, Sep 29 2013 07:24 AM
-
This topic is locked
#1
Posted 29 September 2013 - 07:24 AM
whitewater
-
- Member
-
- 49 posts
Member
My anti-virus program indicates the desktop.ini trojan is found on my PC, but when I complete a scan, the virus is not removed. Each time I search the internet, my websites search results get redirected. Please help!
#2
Posted 29 September 2013 - 07:52 AM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Hello, whitewater and welcome to GeeksToGo!
You can call me Phel and this time I will try to help you with your trouble.
Please, spend some time to read these instructions carefully before we start. They contain very useful information.
You can call me Phel and this time I will try to help you with your trouble.
Please, spend some time to read these instructions carefully before we start. They contain very useful information.
- Please, stay with us until the end. I know, Malware Removal isn't very fast procedure, it usually has multiple steps, but you should stay here till your computer will be absolutely clean from malware. If your main problem is solved, that doesn't mean that another malware isn't left in your computer. Your patience will be rewarded with absolutely clean computer.
- Please, let me know, if you don't understand something. It is really important to understand every instruction. If you are in doubt, how to follow one or another instruction - feel free to ask me, how to do that. I am always glad to help you with that.
- Please, don't fix anything by yourself. Please, don't run any tools unless they are required. Trying multiple tools in hope that one of them will help can lead to unrecoverable consequences. Sometimes malware removal tools, used without supervision, can harm your computer more than malware itself.
- Please, feel free to notify me about changes in your PC's behavior. It's really interesting for me to know, how your computer is running after each portion of fixes.
- Finally, enjoy the fight!
- Download OTL to your Desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click on Scan All Users checkbox, which is located near Quick Scan button.
- Find in the OTL window Extra Registry section and change radiobutton there to the Use SafeList.
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
BASESERVICES set /c
- Then click the Run Scan button at the top.
- Let the program run unhindered.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
#3
Posted 29 September 2013 - 04:28 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
He Phel, thanks for your help. Here's the OTL files:
OTL logfile created on: 9/29/2013 6:14:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.47% Memory free
3.84 Gb Paging File | 3.63 Gb Available in Paging File | 94.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.86 Gb Free Space | 93.61% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (etadpug) -- C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe <] File not found
SRV - (UtilityChest_49Service) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe (COMPANYVERS_NAME)
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope = {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program Files\UtilityChest_49\bar\1.bin [2013/04/21 08:47:15 | 000,000,000 | ---D | M]
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2010/11/07 23:02:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Assistant BHO) - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files\GFI Software\VIPRE\SBRC.exe (GFI Software)
O4 - HKLM..\Run: [Utility Chest Search Scope Monitor] C:\Program Files\UtilityChest_49\bar\1.bin\49SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [UtilityChest_49 Browser Plugin Loader] C:\Program Files\UtilityChest_49\bar\1.bin\49brmon.exe (VER_COMPANY_NAME)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O8 - Extra context menu item: &Search - http://tbedits.utili...2013042108&cv=2 File not found
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: NameServer = 8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 90 Days ==========
[2013/09/29 18:05:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/17 12:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/13 08:15:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/13 08:10:57 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/13 08:10:57 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
========== Files - Modified Within 90 Days ==========
[2013/09/29 18:05:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 18:02:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/29 18:02:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/29 09:00:11 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/09/29 08:57:58 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2013/09/29 08:57:25 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/29 08:57:11 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/09/28 22:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/25 12:44:48 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/08/08 21:56:45 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\themeui.dll
[2013/08/08 05:32:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/08/08 05:32:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/08/08 02:05:59 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/08/08 02:05:59 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/08/08 02:05:59 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/08/08 02:05:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/08/08 02:05:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/08/08 02:05:59 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/08/08 02:05:59 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/08/08 02:05:59 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/08/08 02:05:59 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/08/08 02:05:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/08/08 02:05:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/08/08 02:05:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/08/08 02:05:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/08/08 02:05:59 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/08/08 02:05:59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/08/08 02:05:59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/08/08 02:05:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/08/08 02:05:59 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/08/08 02:05:59 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/08/08 02:05:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/08/08 02:05:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/08/08 02:05:59 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/08/08 02:05:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/08/08 02:05:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/08/08 02:05:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/08/08 02:05:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/08/08 02:05:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/08/08 02:05:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/08/08 02:05:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2013/08/08 02:05:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013/08/07 21:27:48 | 001,877,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/08/07 21:27:48 | 001,877,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2013/08/07 20:02:34 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/08/05 09:30:32 | 001,289,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2013/08/03 14:18:38 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdecod.dll
[2013/07/14 08:08:38 | 000,194,996 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\2013-14-huntingapplication.pdf
[2013/07/13 08:10:57 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/13 08:10:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/07/10 06:37:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2013/07/03 23:03:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/07/03 23:03:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/07/03 22:59:11 | 002,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/07/03 22:08:30 | 002,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/07/03 22:08:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/07/03 22:08:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
========== Files Created - No Company Name ==========
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/28 16:17:00 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2013/08/25 12:44:48 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/07/14 08:08:38 | 000,194,996 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\2013-14-huntingapplication.pdf
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2013/09/29 08:57:52 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
No service found with a name of wuauserv
No service found with a name of BITS
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
No service found with a name of SharedAccess
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< set /c >
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Dan\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Dan
LOGONSERVER=\\HOME
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
TMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
USERDOMAIN=HOME
USERNAME=Dan
USERPROFILE=C:\Documents and Settings\Dan
windir=C:\WINDOWS
< End of report >
OTL Extras logfile created on: 9/29/2013 6:14:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.47% Memory free
3.84 Gb Paging File | 3.63 Gb Available in Paging File | 94.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.86 Gb Free Space | 93.61% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiSpywareOverride" = 0
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1AB60EB-989A-45CD-964E-3163639AF84A}" = TRI.Net Data Engine
"{A46F7968-271D-48D5-BCE9-568624123A48}" = VIPRE Internet Security
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Internet Security
"{C7DACB79-D0BE-477B-B63F-4BBF33F39B7A}" = TWC Client ActiveX Controls
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"sp6" = Logitech SetPoint 6.32
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"Trusted Software Assistant_is1" = File Type Assistant
"UtilityChest_49bar Uninstall" = Utility Chest Toolbar
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/19/2013 7:42:36 AM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 6/6/2013 10:50:26 AM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Outlook.
Error - 6/6/2013 2:28:19 PM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application outlook.exe, version 10.0.2616.0, faulting module
outllib.dll, version 10.0.2627.0, fault address 0x0010b468.
Error - 6/12/2013 7:01:16 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/8/2013 10:10:52 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2013 5:19:44 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/27/2013 5:13:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/25/2013 8:51:49 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00064d02.
[ System Events ]
Error - 9/29/2013 8:58:50 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 9/29/2013 8:58:50 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 9:15:16 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 9:16:22 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 9:16:22 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 9/29/2013 9:25:19 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 6:03:27 PM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 6:04:19 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 6:04:19 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 9/29/2013 6:07:15 PM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
< End of report >
OTL logfile created on: 9/29/2013 6:14:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.47% Memory free
3.84 Gb Paging File | 3.63 Gb Available in Paging File | 94.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.86 Gb Free Space | 93.61% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (etadpug) -- C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe < [WARNING: C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe <] File not found
SRV - (UtilityChest_49Service) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe (COMPANYVERS_NAME)
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope = {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program Files\UtilityChest_49\bar\1.bin [2013/04/21 08:47:15 | 000,000,000 | ---D | M]
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2010/11/07 23:02:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Assistant BHO) - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files\GFI Software\VIPRE\SBRC.exe (GFI Software)
O4 - HKLM..\Run: [Utility Chest Search Scope Monitor] C:\Program Files\UtilityChest_49\bar\1.bin\49SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [UtilityChest_49 Browser Plugin Loader] C:\Program Files\UtilityChest_49\bar\1.bin\49brmon.exe (VER_COMPANY_NAME)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O8 - Extra context menu item: &Search - http://tbedits.utili...2013042108&cv=2 File not found
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: NameServer = 8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 90 Days ==========
[2013/09/29 18:05:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/17 12:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/13 08:15:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/13 08:10:57 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/13 08:10:57 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
========== Files - Modified Within 90 Days ==========
[2013/09/29 18:05:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 18:02:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/29 18:02:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/29 09:00:11 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/09/29 08:57:58 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2013/09/29 08:57:25 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/29 08:57:11 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/09/28 22:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/25 12:44:48 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/08/08 21:56:45 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\themeui.dll
[2013/08/08 05:32:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/08/08 05:32:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/08/08 02:05:59 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/08/08 02:05:59 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/08/08 02:05:59 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/08/08 02:05:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/08/08 02:05:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/08/08 02:05:59 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/08/08 02:05:59 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/08/08 02:05:59 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/08/08 02:05:59 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/08/08 02:05:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/08/08 02:05:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/08/08 02:05:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/08/08 02:05:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/08/08 02:05:59 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/08/08 02:05:59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/08/08 02:05:59 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/08/08 02:05:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/08/08 02:05:59 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/08/08 02:05:59 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/08/08 02:05:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/08/08 02:05:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/08/08 02:05:59 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/08/08 02:05:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/08/08 02:05:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/08/08 02:05:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/08/08 02:05:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/08/08 02:05:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/08/08 02:05:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/08/08 02:05:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2013/08/08 02:05:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013/08/07 21:27:48 | 001,877,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/08/07 21:27:48 | 001,877,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2013/08/07 20:02:34 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/08/05 09:30:32 | 001,289,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2013/08/03 14:18:38 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdecod.dll
[2013/07/14 08:08:38 | 000,194,996 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\2013-14-huntingapplication.pdf
[2013/07/13 08:10:57 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/13 08:10:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/07/10 06:37:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2013/07/03 23:03:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/07/03 23:03:25 | 002,149,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/07/03 22:59:11 | 002,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/07/03 22:08:30 | 002,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/07/03 22:08:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/07/03 22:08:30 | 002,028,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
========== Files Created - No Company Name ==========
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/28 16:17:00 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2013/08/25 12:44:48 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/07/14 08:08:38 | 000,194,996 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\2013-14-huntingapplication.pdf
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2013/09/29 08:57:52 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
No service found with a name of wuauserv
No service found with a name of BITS
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
No service found with a name of SharedAccess
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< set /c >
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Dan\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Dan
LOGONSERVER=\\HOME
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
TMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
USERDOMAIN=HOME
USERNAME=Dan
USERPROFILE=C:\Documents and Settings\Dan
windir=C:\WINDOWS
< End of report >
OTL Extras logfile created on: 9/29/2013 6:14:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.47% Memory free
3.84 Gb Paging File | 3.63 Gb Available in Paging File | 94.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.86 Gb Free Space | 93.61% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiSpywareOverride" = 0
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1AB60EB-989A-45CD-964E-3163639AF84A}" = TRI.Net Data Engine
"{A46F7968-271D-48D5-BCE9-568624123A48}" = VIPRE Internet Security
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Internet Security
"{C7DACB79-D0BE-477B-B63F-4BBF33F39B7A}" = TWC Client ActiveX Controls
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"sp6" = Logitech SetPoint 6.32
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"Trusted Software Assistant_is1" = File Type Assistant
"UtilityChest_49bar Uninstall" = Utility Chest Toolbar
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/19/2013 7:42:36 AM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 6/6/2013 10:50:26 AM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Outlook.
Error - 6/6/2013 2:28:19 PM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application outlook.exe, version 10.0.2616.0, faulting module
outllib.dll, version 10.0.2627.0, fault address 0x0010b468.
Error - 6/12/2013 7:01:16 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/8/2013 10:10:52 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2013 5:19:44 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/27/2013 5:13:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/25/2013 8:51:49 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00064d02.
[ System Events ]
Error - 9/29/2013 8:58:50 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 9/29/2013 8:58:50 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 9:15:16 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 9:16:22 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 9:16:22 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 9/29/2013 9:25:19 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 6:03:27 PM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 9/29/2013 6:04:19 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060
Error - 9/29/2013 6:04:19 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 9/29/2013 6:07:15 PM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
< End of report >
#4
Posted 30 September 2013 - 07:25 AM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Okay, I see this infection. It's ZeroAcces and for it's removal we'll need a seperate tool.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Put a checkmark beside loaded modules.
- A reboot will be needed to apply the changes. Do it.
- TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
- Then click on Change parameters in TDSSKiller.
- Check all boxes then click OK.
- Click the Start Scan button.
- The scan should take no longer than 2 minutes.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed. - A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
#5
Posted 30 September 2013 - 04:14 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
Hi Phel, here's the log file you requested:
18:05:37.0500 0x07a0 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
18:05:38.0046 0x07a0 ============================================================
18:05:38.0046 0x07a0 Current date / time: 2013/09/30 18:05:38.0046
18:05:38.0046 0x07a0 SystemInfo:
18:05:38.0046 0x07a0
18:05:38.0046 0x07a0 OS Version: 5.1.2600 ServicePack: 3.0
18:05:38.0046 0x07a0 Product type: Workstation
18:05:38.0046 0x07a0 ComputerName: HOME
18:05:38.0046 0x07a0 UserName: Dan
18:05:38.0046 0x07a0 Windows directory: C:\WINDOWS
18:05:38.0046 0x07a0 System windows directory: C:\WINDOWS
18:05:38.0046 0x07a0 Processor architecture: Intel x86
18:05:38.0046 0x07a0 Number of processors: 4
18:05:38.0046 0x07a0 Page size: 0x1000
18:05:38.0046 0x07a0 Boot type: Safe boot with network
18:05:38.0046 0x07a0 ============================================================
18:05:38.0062 0x07a0 BG loaded
18:05:38.0203 0x07a0 System UUID: {DB817CD4-B020-F4E6-637C-35B22BA8EF59}
18:05:38.0625 0x07a0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:05:38.0625 0x07a0 ============================================================
18:05:38.0625 0x07a0 \Device\Harddisk0\DR0:
18:05:38.0625 0x07a0 MBR partitions:
18:05:38.0625 0x07a0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39CCEE0B
18:05:38.0625 0x07a0 ============================================================
18:05:38.0656 0x07a0 C: <-> \Device\Harddisk0\DR0\Partition1
18:05:38.0656 0x07a0 ============================================================
18:05:38.0656 0x07a0 Initialize success
18:05:38.0656 0x07a0 ============================================================
18:05:52.0671 0x0254 ============================================================
18:05:52.0671 0x0254 Scan started
18:05:52.0671 0x0254 Mode: Manual; SigCheck; TDLFS;
18:05:52.0671 0x0254 ============================================================
18:05:52.0671 0x0254 KSN ping started
18:05:55.0109 0x0254 KSN ping finished: true
18:05:55.0718 0x0254 ================ Scan system memory ========================
18:05:55.0718 0x0254 System memory - ok
18:05:55.0718 0x0254 ================ Scan services =============================
18:05:55.0812 0x0254 Abiosdsk - ok
18:05:55.0843 0x0254 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:05:55.0953 0x0254 abp480n5 - ok
18:05:56.0046 0x0254 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:05:56.0125 0x0254 ACPI - ok
18:05:56.0156 0x0254 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:05:56.0234 0x0254 ACPIEC - ok
18:05:56.0265 0x0254 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:05:56.0343 0x0254 adpu160m - ok
18:05:56.0390 0x0254 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:05:56.0468 0x0254 aec - ok
18:05:56.0500 0x0254 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:05:56.0515 0x0254 AFD - ok
18:05:56.0546 0x0254 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:05:56.0640 0x0254 agp440 - ok
18:05:56.0640 0x0254 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:05:56.0718 0x0254 agpCPQ - ok
18:05:56.0734 0x0254 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:05:56.0765 0x0254 Aha154x - ok
18:05:56.0781 0x0254 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:05:56.0859 0x0254 aic78u2 - ok
18:05:56.0859 0x0254 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:05:56.0953 0x0254 aic78xx - ok
18:05:57.0000 0x0254 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:05:57.0062 0x0254 Alerter - ok
18:05:57.0078 0x0254 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
18:05:57.0156 0x0254 ALG - ok
18:05:57.0187 0x0254 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:05:57.0265 0x0254 AliIde - ok
18:05:57.0296 0x0254 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:05:57.0375 0x0254 alim1541 - ok
18:05:57.0406 0x0254 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:05:57.0484 0x0254 amdagp - ok
18:05:57.0500 0x0254 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:05:57.0531 0x0254 amsint - ok
18:05:57.0578 0x0254 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:05:57.0640 0x0254 AppMgmt - ok
18:05:57.0671 0x0254 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:05:57.0734 0x0254 asc - ok
18:05:57.0765 0x0254 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:05:57.0796 0x0254 asc3350p - ok
18:05:57.0828 0x0254 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:05:57.0921 0x0254 asc3550 - ok
18:05:57.0984 0x0254 [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
18:05:58.0000 0x0254 aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
18:06:00.0578 0x0254 Detect skipped due to KSN trusted
18:06:00.0578 0x0254 aspnet_state - ok
18:06:00.0609 0x0254 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:06:00.0687 0x0254 AsyncMac - ok
18:06:00.0734 0x0254 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:06:00.0796 0x0254 atapi - ok
18:06:00.0812 0x0254 Atdisk - ok
18:06:00.0843 0x0254 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:06:00.0921 0x0254 Atmarpc - ok
18:06:00.0953 0x0254 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:06:01.0031 0x0254 AudioSrv - ok
18:06:01.0078 0x0254 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:06:01.0156 0x0254 audstub - ok
18:06:01.0218 0x0254 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
18:06:01.0281 0x0254 BCM43XX - ok
18:06:01.0328 0x0254 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:06:01.0406 0x0254 Beep - ok
18:06:01.0437 0x0254 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
18:06:01.0453 0x0254 Browser - ok
18:06:01.0484 0x0254 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:06:01.0546 0x0254 cbidf - ok
18:06:01.0562 0x0254 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:06:01.0640 0x0254 cbidf2k - ok
18:06:01.0656 0x0254 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:06:01.0687 0x0254 cd20xrnt - ok
18:06:01.0718 0x0254 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:06:01.0781 0x0254 Cdaudio - ok
18:06:01.0812 0x0254 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:06:01.0890 0x0254 Cdfs - ok
18:06:01.0921 0x0254 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:06:02.0000 0x0254 Cdrom - ok
18:06:02.0000 0x0254 Changer - ok
18:06:02.0046 0x0254 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:06:02.0109 0x0254 CiSvc - ok
18:06:02.0125 0x0254 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:06:02.0187 0x0254 ClipSrv - ok
18:06:02.0218 0x0254 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:06:02.0296 0x0254 CmdIde - ok
18:06:02.0312 0x0254 COMSysApp - ok
18:06:02.0359 0x0254 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:06:02.0437 0x0254 Cpqarray - ok
18:06:02.0484 0x0254 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:06:02.0562 0x0254 CryptSvc - ok
18:06:02.0593 0x0254 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:06:02.0656 0x0254 dac2w2k - ok
18:06:02.0687 0x0254 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:06:02.0765 0x0254 dac960nt - ok
18:06:02.0812 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:06:02.0843 0x0254 DcomLaunch - ok
18:06:02.0875 0x0254 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:06:02.0984 0x0254 Dhcp - ok
18:06:03.0000 0x0254 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:06:03.0062 0x0254 Disk - ok
18:06:03.0078 0x0254 dmadmin - ok
18:06:03.0140 0x0254 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:06:03.0234 0x0254 dmboot - ok
18:06:03.0250 0x0254 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:06:03.0328 0x0254 dmio - ok
18:06:03.0359 0x0254 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:06:03.0421 0x0254 dmload - ok
18:06:03.0468 0x0254 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
18:06:03.0531 0x0254 dmserver - ok
18:06:03.0546 0x0254 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:06:03.0609 0x0254 DMusic - ok
18:06:03.0656 0x0254 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:06:03.0687 0x0254 Dnscache - ok
18:06:03.0718 0x0254 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:06:03.0781 0x0254 Dot3svc - ok
18:06:03.0796 0x0254 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:06:03.0875 0x0254 dpti2o - ok
18:06:03.0906 0x0254 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:06:03.0968 0x0254 drmkaud - ok
18:06:04.0000 0x0254 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:06:04.0093 0x0254 E100B - ok
18:06:04.0125 0x0254 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
18:06:04.0140 0x0254 e1express - ok
18:06:04.0187 0x0254 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:06:04.0265 0x0254 EapHost - ok
18:06:04.0312 0x0254 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:06:04.0375 0x0254 ERSvc - ok
18:06:04.0421 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
18:06:04.0437 0x0254 Eventlog - ok
18:06:04.0484 0x0254 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
18:06:04.0500 0x0254 EventSystem - ok
18:06:04.0531 0x0254 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:06:04.0593 0x0254 Fastfat - ok
18:06:04.0640 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:06:04.0656 0x0254 FastUserSwitchingCompatibility - ok
18:06:04.0687 0x0254 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:06:04.0750 0x0254 Fdc - ok
18:06:04.0781 0x0254 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:06:04.0843 0x0254 Fips - ok
18:06:04.0859 0x0254 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:06:04.0937 0x0254 Flpydisk - ok
18:06:04.0968 0x0254 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:06:05.0046 0x0254 FltMgr - ok
18:06:05.0078 0x0254 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:06:05.0140 0x0254 Fs_Rec - ok
18:06:05.0171 0x0254 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:06:05.0265 0x0254 Ftdisk - ok
18:06:05.0296 0x0254 [ 035EAF9A18B84F9560984BCF41F52E99, D449A010FF46D43333799B4F282F779ACEC7671D326BA7B8234AF5D9DE48A07A ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys
18:06:05.0312 0x0254 gfiark - detected UnsignedFile.Multi.Generic ( 1 )
18:06:07.0843 0x0254 Detect skipped due to KSN trusted
18:06:07.0843 0x0254 gfiark - ok
18:06:07.0875 0x0254 [ 4594A3BB131B027E8D6590B9035B7DAC, EBCEDE824D98A6D6E805CA0F8360640AB44BF1E18D225868AFE9954BB083D5B8 ] gfiutil C:\WINDOWS\system32\drivers\gfiutil.sys
18:06:07.0875 0x0254 gfiutil - detected UnsignedFile.Multi.Generic ( 1 )
18:06:10.0406 0x0254 Detect skipped due to KSN trusted
18:06:10.0406 0x0254 gfiutil - ok
18:06:10.0531 0x0254 [ AD826942E10F8D18C29E365CE426A21B, 54AA8C21AAA495B4E6D15651A50F3FB4E585834875DF230EB551BC1BD0BE3484 ] gfi_lanss10_attservice C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
18:06:10.0546 0x0254 gfi_lanss10_attservice - ok
18:06:10.0609 0x0254 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
18:06:10.0625 0x0254 GoToAssist - ok
18:06:10.0656 0x0254 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:06:10.0718 0x0254 Gpc - ok
18:06:10.0765 0x0254 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:06:10.0781 0x0254 gupdate - ok
18:06:10.0796 0x0254 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:06:10.0796 0x0254 gupdatem - ok
18:06:10.0843 0x0254 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:06:10.0921 0x0254 HDAudBus - ok
18:06:10.0984 0x0254 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:06:11.0062 0x0254 helpsvc - ok
18:06:11.0062 0x0254 HidServ - ok
18:06:11.0093 0x0254 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:06:11.0156 0x0254 HidUsb - ok
18:06:11.0187 0x0254 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:06:11.0265 0x0254 hkmsvc - ok
18:06:11.0281 0x0254 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:06:11.0359 0x0254 hpn - ok
18:06:11.0390 0x0254 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:06:11.0421 0x0254 HTTP - ok
18:06:11.0453 0x0254 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:06:11.0531 0x0254 HTTPFilter - ok
18:06:11.0578 0x0254 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:06:11.0640 0x0254 i2omgmt - ok
18:06:11.0671 0x0254 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:06:11.0750 0x0254 i2omp - ok
18:06:11.0765 0x0254 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:06:11.0843 0x0254 i8042prt - ok
18:06:12.0062 0x0254 [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:06:12.0281 0x0254 ialm - ok
18:06:12.0312 0x0254 [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:06:12.0328 0x0254 iaStor - ok
18:06:12.0359 0x0254 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:06:12.0437 0x0254 Imapi - ok
18:06:12.0468 0x0254 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
18:06:12.0562 0x0254 ImapiService - ok
18:06:12.0593 0x0254 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:06:12.0687 0x0254 ini910u - ok
18:06:12.0859 0x0254 [ 17BBBABB21F86B650B2626045A9D016C, 01C1F7711B037844CF325C60A2ABEFBB84DD00B3F048E08D7D056E506334624B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:06:13.0015 0x0254 IntcAzAudAddService - ok
18:06:13.0046 0x0254 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:06:13.0125 0x0254 IntelIde - ok
18:06:13.0140 0x0254 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:06:13.0203 0x0254 intelppm - ok
18:06:13.0250 0x0254 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:06:13.0312 0x0254 Ip6Fw - ok
18:06:13.0359 0x0254 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:06:13.0437 0x0254 IpFilterDriver - ok
18:06:13.0484 0x0254 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:06:13.0546 0x0254 IpInIp - ok
18:06:13.0578 0x0254 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:06:13.0656 0x0254 IpNat - ok
18:06:13.0687 0x0254 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:06:13.0765 0x0254 IPSec - ok
18:06:13.0781 0x0254 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:06:13.0843 0x0254 IRENUM - ok
18:06:13.0875 0x0254 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:06:13.0953 0x0254 isapnp - ok
18:06:14.0062 0x0254 [ 32192B4EBE8720ED8D49A455C962CB91, 00EEFA0E6FCF329DE0A9D98F1231A9F23D059A4CF41460F7728C3DD0CD1746C4 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
18:06:14.0078 0x0254 JavaQuickStarterService - ok
18:06:14.0093 0x0254 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:06:14.0156 0x0254 Kbdclass - ok
18:06:14.0187 0x0254 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:06:14.0250 0x0254 kbdhid - ok
18:06:14.0312 0x0254 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:06:14.0375 0x0254 kmixer - ok
18:06:14.0406 0x0254 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:06:14.0406 0x0254 KSecDD - ok
18:06:14.0453 0x0254 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:06:14.0468 0x0254 lanmanserver - ok
18:06:14.0515 0x0254 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:06:14.0531 0x0254 lanmanworkstation - ok
18:06:14.0562 0x0254 [ BE2DC24D403643A2D1D98F33C7087B38, 0E72CAABFD41A30E6BD8E8EC7C75CAC6F96C4C32D578B58913686F1326116678 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
18:06:14.0578 0x0254 LBeepKE - ok
18:06:14.0578 0x0254 lbrtfdc - ok
18:06:14.0687 0x0254 [ 910344E2A984010435AE84783B25E5EB, 0A547AA691EE89383A8DDF5191943C9AB4021BFD55B51504E81308C52EBE5130 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:06:14.0703 0x0254 LBTServ - ok
18:06:14.0750 0x0254 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
18:06:14.0765 0x0254 LHidFilt - ok
18:06:14.0812 0x0254 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:06:14.0875 0x0254 LmHosts - ok
18:06:14.0890 0x0254 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
18:06:14.0906 0x0254 LMouFilt - ok
18:06:14.0937 0x0254 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:06:15.0015 0x0254 Messenger - ok
18:06:15.0046 0x0254 [ 41FE2F288E05A6C8AB85DD56770FFBAD, 75AB2C2882DEDB85DFCB313C0F469723AD252CA8D0D4C73D5CA72D7DDCA1B0E7 ] mferkdk C:\WINDOWS\system32\drivers\mferkdk.sys
18:06:15.0046 0x0254 mferkdk - ok
18:06:15.0078 0x0254 [ 096B52EA918AA909BA5903D79E129005, A34B7E5DA4053B0C9A01EEAA1538B2950287DD56BC602D2E35365ABA6E7AA4DC ] mfesmfk C:\WINDOWS\system32\drivers\mfesmfk.sys
18:06:15.0078 0x0254 mfesmfk - ok
18:06:15.0109 0x0254 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:06:15.0187 0x0254 mnmdd - ok
18:06:15.0218 0x0254 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:06:15.0281 0x0254 mnmsrvc - ok
18:06:15.0312 0x0254 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:06:15.0390 0x0254 Modem - ok
18:06:15.0406 0x0254 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:06:15.0484 0x0254 Mouclass - ok
18:06:15.0515 0x0254 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:06:15.0578 0x0254 mouhid - ok
18:06:15.0593 0x0254 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:06:15.0671 0x0254 MountMgr - ok
18:06:15.0687 0x0254 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:06:15.0781 0x0254 mraid35x - ok
18:06:15.0781 0x0254 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:06:15.0859 0x0254 MRxDAV - ok
18:06:15.0906 0x0254 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:06:15.0921 0x0254 MRxSmb - ok
18:06:15.0968 0x0254 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:06:16.0046 0x0254 MSDTC - ok
18:06:16.0078 0x0254 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:06:16.0140 0x0254 Msfs - ok
18:06:16.0156 0x0254 MSIServer - ok
18:06:16.0187 0x0254 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:06:16.0250 0x0254 MSKSSRV - ok
18:06:16.0281 0x0254 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:06:16.0343 0x0254 MSPCLOCK - ok
18:06:16.0375 0x0254 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:06:16.0453 0x0254 MSPQM - ok
18:06:16.0484 0x0254 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:06:16.0546 0x0254 mssmbios - ok
18:06:16.0578 0x0254 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:06:16.0593 0x0254 Mup - ok
18:06:16.0640 0x0254 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:06:16.0734 0x0254 napagent - ok
18:06:16.0781 0x0254 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:06:16.0859 0x0254 NDIS - ok
18:06:16.0890 0x0254 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:06:16.0906 0x0254 NdisTapi - ok
18:06:16.0937 0x0254 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:06:17.0000 0x0254 Ndisuio - ok
18:06:17.0015 0x0254 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:06:17.0093 0x0254 NdisWan - ok
18:06:17.0140 0x0254 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:06:17.0140 0x0254 NDProxy - ok
18:06:17.0187 0x0254 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:06:17.0250 0x0254 NetBIOS - ok
18:06:17.0281 0x0254 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:06:17.0359 0x0254 NetBT - ok
18:06:17.0390 0x0254 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
18:06:17.0468 0x0254 NetDDE - ok
18:06:17.0484 0x0254 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:06:17.0562 0x0254 NetDDEdsdm - ok
18:06:17.0593 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:06:17.0656 0x0254 Netlogon - ok
18:06:17.0671 0x0254 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
18:06:17.0750 0x0254 Netman - ok
18:06:17.0765 0x0254 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
18:06:17.0781 0x0254 Nla - ok
18:06:17.0828 0x0254 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:06:17.0890 0x0254 Npfs - ok
18:06:17.0953 0x0254 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:06:18.0031 0x0254 Ntfs - ok
18:06:18.0046 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:06:18.0109 0x0254 NtLmSsp - ok
18:06:18.0156 0x0254 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:06:18.0250 0x0254 NtmsSvc - ok
18:06:18.0281 0x0254 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:06:18.0359 0x0254 Null - ok
18:06:18.0453 0x0254 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:06:18.0593 0x0254 nv - ok
18:06:18.0625 0x0254 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:06:18.0703 0x0254 NwlnkFlt - ok
18:06:18.0718 0x0254 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:06:18.0812 0x0254 NwlnkFwd - ok
18:06:18.0843 0x0254 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:06:18.0906 0x0254 Parport - ok
18:06:18.0921 0x0254 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:06:19.0000 0x0254 PartMgr - ok
18:06:19.0031 0x0254 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:06:19.0109 0x0254 ParVdm - ok
18:06:19.0125 0x0254 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:06:19.0187 0x0254 PCI - ok
18:06:19.0203 0x0254 PCIDump - ok
18:06:19.0218 0x0254 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:06:19.0281 0x0254 PCIIde - ok
18:06:19.0312 0x0254 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:06:19.0390 0x0254 Pcmcia - ok
18:06:19.0390 0x0254 PDCOMP - ok
18:06:19.0406 0x0254 PDFRAME - ok
18:06:19.0421 0x0254 PDRELI - ok
18:06:19.0437 0x0254 PDRFRAME - ok
18:06:19.0468 0x0254 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:06:19.0531 0x0254 perc2 - ok
18:06:19.0562 0x0254 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:06:19.0625 0x0254 perc2hib - ok
18:06:19.0671 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
18:06:19.0687 0x0254 PlugPlay - ok
18:06:19.0703 0x0254 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:06:19.0765 0x0254 PptpMiniport - ok
18:06:19.0781 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:06:19.0843 0x0254 ProtectedStorage - ok
18:06:19.0859 0x0254 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:06:19.0921 0x0254 PSched - ok
18:06:19.0953 0x0254 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:06:20.0031 0x0254 Ptilink - ok
18:06:20.0078 0x0254 [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:06:20.0078 0x0254 PxHelp20 - ok
18:06:20.0109 0x0254 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:06:20.0171 0x0254 ql1080 - ok
18:06:20.0187 0x0254 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:06:20.0250 0x0254 Ql10wnt - ok
18:06:20.0250 0x0254 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:06:20.0343 0x0254 ql12160 - ok
18:06:20.0359 0x0254 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:06:20.0437 0x0254 ql1240 - ok
18:06:20.0468 0x0254 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:06:20.0531 0x0254 ql1280 - ok
18:06:20.0546 0x0254 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:06:20.0609 0x0254 RasAcd - ok
18:06:20.0656 0x0254 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:06:20.0734 0x0254 RasAuto - ok
18:06:20.0750 0x0254 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:06:20.0828 0x0254 Rasl2tp - ok
18:06:20.0875 0x0254 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:06:20.0953 0x0254 RasMan - ok
18:06:20.0953 0x0254 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:06:21.0031 0x0254 RasPppoe - ok
18:06:21.0046 0x0254 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:06:21.0109 0x0254 Raspti - ok
18:06:21.0140 0x0254 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:06:21.0218 0x0254 Rdbss - ok
18:06:21.0234 0x0254 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:06:21.0296 0x0254 RDPCDD - ok
18:06:21.0343 0x0254 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:06:21.0406 0x0254 rdpdr - ok
18:06:21.0468 0x0254 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:06:21.0484 0x0254 RDPWD - ok
18:06:21.0531 0x0254 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:06:21.0609 0x0254 RDSessMgr - ok
18:06:21.0640 0x0254 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:06:21.0718 0x0254 redbook - ok
18:06:21.0750 0x0254 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:06:21.0828 0x0254 RemoteRegistry - ok
18:06:21.0843 0x0254 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:06:21.0921 0x0254 RpcLocator - ok
18:06:21.0953 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:06:21.0968 0x0254 RpcSs - ok
18:06:22.0015 0x0254 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:06:22.0078 0x0254 RSVP - ok
18:06:22.0109 0x0254 SABKUTIL - ok
18:06:22.0140 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
18:06:22.0203 0x0254 SamSs - ok
18:06:22.0359 0x0254 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
18:06:22.0515 0x0254 SBAMSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:06:25.0046 0x0254 Detect skipped due to KSN trusted
18:06:25.0046 0x0254 SBAMSvc - ok
18:06:25.0078 0x0254 [ 40AA51F794921683CA143EE27F2F4171, CCA16D40D33B1C5A9E8366031EA3BC2F55FFEA30960ED46C0D24A8CA947195DD ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
18:06:25.0078 0x0254 sbaphd - detected UnsignedFile.Multi.Generic ( 1 )
18:06:31.0062 0x0254 Detect skipped due to KSN trusted
18:06:31.0062 0x0254 sbaphd - ok
18:06:31.0093 0x0254 [ 701109A92E144182E262BCC8DD898DC5, 549B78444E178632C260DC1DF10CB6F831787440E34EA50E02CFEF7CACB08C39 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
18:06:31.0109 0x0254 sbapifs - detected UnsignedFile.Multi.Generic ( 1 )
18:06:33.0625 0x0254 Detect skipped due to KSN trusted
18:06:33.0625 0x0254 sbapifs - ok
18:06:33.0671 0x0254 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
18:06:33.0687 0x0254 SbFw - detected UnsignedFile.Multi.Generic ( 1 )
18:06:36.0218 0x0254 Detect skipped due to KSN trusted
18:06:36.0218 0x0254 SbFw - ok
18:06:36.0250 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
18:06:36.0265 0x0254 SBFWIMCL - ok
18:06:36.0281 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCLMP C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
18:06:36.0296 0x0254 SBFWIMCLMP - ok
18:06:36.0328 0x0254 [ 3DE92A1DFB2E7D8812B13DDF10131472, 3E2690B68A1844D6B2C1FA35285191397F4987FA8F6CD61B6B8455B529433061 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
18:06:36.0343 0x0254 sbhips - detected UnsignedFile.Multi.Generic ( 1 )
18:06:38.0875 0x0254 Detect skipped due to KSN trusted
18:06:38.0875 0x0254 sbhips - ok
18:06:38.0921 0x0254 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
18:06:38.0937 0x0254 SBPIMSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:06:41.0484 0x0254 Detect skipped due to KSN trusted
18:06:41.0484 0x0254 SBPIMSvc - ok
18:06:41.0484 0x0254 SBRE - ok
18:06:41.0531 0x0254 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
18:06:41.0546 0x0254 sbtis - detected UnsignedFile.Multi.Generic ( 1 )
18:06:44.0062 0x0254 Detect skipped due to KSN trusted
18:06:44.0062 0x0254 sbtis - ok
18:06:44.0093 0x0254 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:06:44.0171 0x0254 SCardSvr - ok
18:06:44.0218 0x0254 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:06:44.0281 0x0254 Schedule - ok
18:06:44.0328 0x0254 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:06:44.0406 0x0254 Secdrv - ok
18:06:44.0421 0x0254 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:06:44.0484 0x0254 seclogon - ok
18:06:44.0515 0x0254 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
18:06:44.0578 0x0254 SENS - ok
18:06:44.0609 0x0254 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:06:44.0687 0x0254 serenum - ok
18:06:44.0703 0x0254 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:06:44.0781 0x0254 Serial - ok
18:06:44.0796 0x0254 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:06:44.0875 0x0254 Sfloppy - ok
18:06:44.0906 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:06:44.0921 0x0254 ShellHWDetection - ok
18:06:44.0921 0x0254 Simbad - ok
18:06:44.0968 0x0254 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:06:45.0031 0x0254 sisagp - ok
18:06:45.0062 0x0254 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:06:45.0140 0x0254 SONYPVU1 - ok
18:06:45.0171 0x0254 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:06:45.0218 0x0254 Sparrow - ok
18:06:45.0250 0x0254 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:06:45.0328 0x0254 splitter - ok
18:06:45.0359 0x0254 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:06:45.0375 0x0254 Spooler - ok
18:06:45.0406 0x0254 sprtsvc_dellsupportcenter - ok
18:06:45.0437 0x0254 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:06:45.0500 0x0254 sr - ok
18:06:45.0546 0x0254 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
18:06:45.0609 0x0254 srservice - ok
18:06:45.0640 0x0254 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:06:45.0656 0x0254 Srv - ok
18:06:45.0687 0x0254 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:06:45.0765 0x0254 SSDPSRV - ok
18:06:45.0828 0x0254 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:06:45.0906 0x0254 stisvc - ok
18:06:45.0953 0x0254 [ 7489520E98A119B5A9A00857F4F87D16, 818E070C16A85DD641A865CF439FF862A0D05B1E18B2329C24E8983074E0354E ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:06:45.0968 0x0254 stllssvr - ok
18:06:46.0015 0x0254 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
18:06:46.0031 0x0254 SupportSoft RemoteAssist - ok
18:06:46.0062 0x0254 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:06:46.0140 0x0254 swenum - ok
18:06:46.0156 0x0254 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:06:46.0218 0x0254 swmidi - ok
18:06:46.0234 0x0254 SwPrv - ok
18:06:46.0265 0x0254 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:06:46.0328 0x0254 symc810 - ok
18:06:46.0343 0x0254 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:06:46.0421 0x0254 symc8xx - ok
18:06:46.0453 0x0254 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:06:46.0531 0x0254 sym_hi - ok
18:06:46.0546 0x0254 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:06:46.0625 0x0254 sym_u3 - ok
18:06:46.0671 0x0254 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:06:46.0734 0x0254 sysaudio - ok
18:06:46.0781 0x0254 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:06:46.0859 0x0254 SysmonLog - ok
18:06:46.0890 0x0254 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:06:46.0968 0x0254 TapiSrv - ok
18:06:47.0015 0x0254 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:06:47.0046 0x0254 Tcpip - ok
18:06:47.0062 0x0254 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:06:47.0140 0x0254 TDPIPE - ok
18:06:47.0171 0x0254 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:06:47.0234 0x0254 TDTCP - ok
18:06:47.0250 0x0254 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:06:47.0328 0x0254 TermDD - ok
18:06:47.0375 0x0254 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
18:06:47.0453 0x0254 TermService - ok
18:06:47.0468 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
18:06:47.0484 0x0254 Themes - ok
18:06:47.0515 0x0254 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:06:47.0609 0x0254 TlntSvr - ok
18:06:47.0625 0x0254 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:06:47.0703 0x0254 TosIde - ok
18:06:47.0734 0x0254 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:06:47.0812 0x0254 TrkWks - ok
18:06:47.0875 0x0254 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:06:47.0953 0x0254 Udfs - ok
18:06:47.0984 0x0254 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:06:48.0031 0x0254 ultra - ok
18:06:48.0078 0x0254 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:06:48.0156 0x0254 Update - ok
18:06:48.0203 0x0254 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
18:06:48.0281 0x0254 upnphost - ok
18:06:48.0296 0x0254 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
18:06:48.0375 0x0254 UPS - ok
18:06:48.0437 0x0254 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:06:48.0500 0x0254 usbccgp - ok
18:06:48.0515 0x0254 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:06:48.0593 0x0254 usbehci - ok
18:06:48.0625 0x0254 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:06:48.0687 0x0254 usbhub - ok
18:06:48.0718 0x0254 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:06:48.0796 0x0254 usbscan - ok
18:06:48.0812 0x0254 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:06:48.0890 0x0254 USBSTOR - ok
18:06:48.0906 0x0254 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:06:48.0968 0x0254 usbuhci - ok
18:06:49.0031 0x0254 [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] UtilityChest_49Service C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
18:06:49.0046 0x0254 UtilityChest_49Service - ok
18:06:49.0078 0x0254 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:06:49.0156 0x0254 VgaSave - ok
18:06:49.0203 0x0254 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:06:49.0265 0x0254 viaagp - ok
18:06:49.0281 0x0254 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:06:49.0359 0x0254 ViaIde - ok
18:06:49.0406 0x0254 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:06:49.0468 0x0254 VolSnap - ok
18:06:49.0500 0x0254 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
18:06:49.0578 0x0254 VSS - ok
18:06:49.0609 0x0254 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
18:06:49.0671 0x0254 w32time - ok
18:06:49.0703 0x0254 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:06:49.0781 0x0254 Wanarp - ok
18:06:49.0843 0x0254 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:06:49.0859 0x0254 Wdf01000 - ok
18:06:49.0859 0x0254 WDICA - ok
18:06:49.0906 0x0254 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:06:49.0984 0x0254 wdmaud - ok
18:06:50.0015 0x0254 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
18:06:50.0093 0x0254 WebClient - ok
18:06:50.0171 0x0254 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:06:50.0250 0x0254 winmgmt - ok
18:06:50.0281 0x0254 wltrysvc - ok
18:06:50.0312 0x0254 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:06:50.0312 0x0254 WmdmPmSN - ok
18:06:50.0375 0x0254 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:06:50.0437 0x0254 Wmi - ok
18:06:50.0484 0x0254 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:06:50.0546 0x0254 WmiApSrv - ok
18:06:50.0640 0x0254 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:06:50.0703 0x0254 WMPNetworkSvc - ok
18:06:50.0734 0x0254 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:06:50.0750 0x0254 WpdUsb - ok
18:06:50.0781 0x0254 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:06:50.0781 0x0254 WudfPf - ok
18:06:50.0828 0x0254 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:06:50.0843 0x0254 WudfRd - ok
18:06:50.0875 0x0254 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:06:50.0875 0x0254 WudfSvc - ok
18:06:50.0921 0x0254 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:06:51.0015 0x0254 WZCSVC - ok
18:06:51.0062 0x0254 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:06:51.0125 0x0254 xmlprov - ok
18:06:51.0187 0x0254 [ 4071B83E29445A3A9F812F8846A6AB1D, 9F865A37F9BBB7A33DF50189170155C17905C5AE68AD7CD2A6B8C71139B6524A ] etadpug C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe
18:06:51.0187 0x0254 etadpug - detected Rootkit.Win32.PMax.gen ( 0 )
18:06:53.0843 0x0254 etadpug ( Rootkit.Win32.PMax.gen ) - infected
18:06:53.0843 0x0254 Force sending object to P2P due to detect: C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe
18:06:56.0640 0x0254 Object send P2P result: true
18:06:59.0343 0x0254 ================ Scan global ===============================
18:06:59.0359 0x0254 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:06:59.0390 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:06:59.0406 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:06:59.0421 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:06:59.0437 0x0254 [ Global ] - ok
18:06:59.0437 0x0254 ================ Scan MBR ==================================
18:06:59.0453 0x0254 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
18:06:59.0640 0x0254 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:06:59.0640 0x0254 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:07:02.0171 0x0254 ================ Scan VBR ==================================
18:07:02.0171 0x0254 [ 12CE34B8E9AE5B4A01F54B49AA6C4FEA ] \Device\Harddisk0\DR0\Partition1
18:07:02.0171 0x0254 \Device\Harddisk0\DR0\Partition1 - ok
18:07:02.0187 0x0254 ================ Scan active images ========================
18:07:02.0187 0x0254 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] C:\WINDOWS\system32\drivers\e1e5132.sys
18:07:02.0187 0x0254 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
18:07:02.0203 0x0254 [ 791912E524CC2CC6F50B5F2B52D1EB71, 2B269372E5B39B03089F781CC69AE519D1C840A80ADBE15EA3787FBCDE97F1A8 ] C:\WINDOWS\system32\drivers\usbport.sys
18:07:02.0203 0x0254 C:\WINDOWS\system32\drivers\usbport.sys - ok
18:07:02.0218 0x0254 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] C:\WINDOWS\system32\drivers\usbehci.sys
18:07:02.0218 0x0254 C:\WINDOWS\system32\drivers\usbehci.sys - ok
18:07:02.0234 0x0254 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
18:07:02.0234 0x0254 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
18:07:02.0250 0x0254 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
18:07:02.0250 0x0254 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
18:07:02.0265 0x0254 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
18:07:02.0265 0x0254 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
18:07:02.0281 0x0254 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
18:07:02.0281 0x0254 C:\WINDOWS\system32\drivers\fdc.sys - ok
18:07:02.0296 0x0254 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
18:07:02.0296 0x0254 C:\WINDOWS\system32\drivers\cdrom.sys - ok
18:07:02.0312 0x0254 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
18:07:02.0312 0x0254 C:\WINDOWS\system32\drivers\imapi.sys - ok
18:07:02.0312 0x0254 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
18:07:02.0312 0x0254 C:\WINDOWS\system32\drivers\ks.sys - ok
18:07:02.0328 0x0254 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
18:07:02.0328 0x0254 C:\WINDOWS\system32\drivers\redbook.sys - ok
18:07:02.0343 0x0254 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
18:07:02.0343 0x0254 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
18:07:02.0359 0x0254 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
18:07:02.0359 0x0254 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
18:07:02.0375 0x0254 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
18:07:02.0375 0x0254 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
18:07:02.0390 0x0254 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
18:07:02.0390 0x0254 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
18:07:02.0406 0x0254 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
18:07:02.0406 0x0254 C:\WINDOWS\system32\drivers\psched.sys - ok
18:07:02.0421 0x0254 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
18:07:02.0421 0x0254 C:\WINDOWS\system32\drivers\raspptp.sys - ok
18:07:02.0421 0x0254 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
18:07:02.0421 0x0254 C:\WINDOWS\system32\drivers\tdi.sys - ok
18:07:02.0437 0x0254 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
18:07:02.0437 0x0254 C:\WINDOWS\system32\drivers\msgpc.sys - ok
18:07:02.0453 0x0254 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
18:07:02.0453 0x0254 C:\WINDOWS\system32\drivers\ptilink.sys - ok
18:07:02.0468 0x0254 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
18:07:02.0468 0x0254 C:\WINDOWS\system32\drivers\raspti.sys - ok
18:07:02.0484 0x0254 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
18:07:02.0484 0x0254 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
18:07:02.0500 0x0254 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
18:07:02.0500 0x0254 C:\WINDOWS\system32\drivers\termdd.sys - ok
18:07:02.0515 0x0254 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
18:07:02.0515 0x0254 C:\WINDOWS\system32\drivers\mouclass.sys - ok
18:07:02.0531 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] C:\WINDOWS\system32\drivers\SbFwIm.sys
18:07:02.0531 0x0254 C:\WINDOWS\system32\drivers\SbFwIm.sys - ok
18:07:02.0546 0x0254 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
18:07:02.0546 0x0254 C:\WINDOWS\system32\drivers\swenum.sys - ok
18:07:02.0562 0x0254 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
18:07:02.0562 0x0254 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
18:07:02.0578 0x0254 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
18:07:02.0578 0x0254 C:\WINDOWS\system32\drivers\update.sys - ok
18:07:02.0593 0x0254 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
18:07:02.0593 0x0254 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
18:07:02.0609 0x0254 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
18:07:02.0609 0x0254 C:\WINDOWS\system32\drivers\usbd.sys - ok
18:07:02.0625 0x0254 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
18:07:02.0625 0x0254 C:\WINDOWS\system32\drivers\usbhub.sys - ok
18:07:02.0640 0x0254 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
18:07:02.0640 0x0254 C:\WINDOWS\system32\drivers\beep.sys - ok
18:07:02.0656 0x0254 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
18:07:02.0656 0x0254 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
18:07:02.0656 0x0254 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
18:07:02.0656 0x0254 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
18:07:02.0671 0x0254 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys
18:07:02.0671 0x0254 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
18:07:02.0687 0x0254 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
18:07:02.0687 0x0254 C:\WINDOWS\system32\drivers\null.sys - ok
18:07:02.0703 0x0254 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
18:07:02.0703 0x0254 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
18:07:02.0718 0x0254 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
18:07:02.0718 0x0254 C:\WINDOWS\system32\drivers\videoprt.sys - ok
18:07:02.0734 0x0254 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
18:07:02.0734 0x0254 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
18:07:02.0750 0x0254 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
18:07:02.0750 0x0254 C:\WINDOWS\system32\drivers\vga.sys - ok
18:07:02.0765 0x0254 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
18:07:02.0765 0x0254 C:\WINDOWS\system32\drivers\ipsec.sys - ok
18:07:02.0765 0x0254 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
18:07:02.0765 0x0254 C:\WINDOWS\system32\drivers\msfs.sys - ok
18:07:02.0781 0x0254 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
18:07:02.0781 0x0254 C:\WINDOWS\system32\drivers\npfs.sys - ok
18:07:02.0796 0x0254 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
18:07:02.0796 0x0254 C:\WINDOWS\system32\drivers\rasacd.sys - ok
18:07:02.0812 0x0254 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
18:07:02.0812 0x0254 C:\WINDOWS\system32\drivers\tcpip.sys - ok
18:07:02.0828 0x0254 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] C:\WINDOWS\system32\drivers\SbFw.sys
18:07:02.0828 0x0254 C:\WINDOWS\system32\drivers\SbFw.sys - ok
18:07:02.0843 0x0254 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] C:\WINDOWS\system32\drivers\sbtis.sys
18:07:02.0843 0x0254 C:\WINDOWS\system32\drivers\sbtis.sys - ok
18:07:02.0859 0x0254 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
18:07:02.0859 0x0254 C:\WINDOWS\system32\drivers\netbt.sys - ok
18:07:02.0875 0x0254 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
18:07:02.0875 0x0254 C:\WINDOWS\system32\drivers\afd.sys - ok
18:07:02.0890 0x0254 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
18:07:02.0890 0x0254 C:\WINDOWS\system32\drivers\netbios.sys - ok
18:07:02.0906 0x0254 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
18:07:02.0906 0x0254 C:\WINDOWS\system32\drivers\rdbss.sys - ok
18:07:02.0906 0x0254 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
18:07:02.0906 0x0254 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
18:07:02.0921 0x0254 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
18:07:02.0921 0x0254 C:\WINDOWS\system32\ntdll.dll - ok
18:07:02.0937 0x0254 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
18:07:02.0937 0x0254 C:\WINDOWS\system32\smss.exe - ok
18:07:02.0953 0x0254 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
18:07:02.0953 0x0254 C:\WINDOWS\system32\autochk.exe - ok
18:07:02.0968 0x0254 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
18:07:02.0968 0x0254 C:\WINDOWS\system32\sfcfiles.dll - ok
18:07:02.0984 0x0254 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
18:07:02.0984 0x0254 C:\WINDOWS\system32\drivers\hidclass.sys - ok
18:07:03.0000 0x0254 [ 96ECCF28FDBF1B2CC12725818A63628D, 0F25069EE8A44B6F4B18F82F384D404CC1776A2AFC5032D9ED19CE36FF2A61DC ] C:\WINDOWS\system32\drivers\hidparse.sys
18:07:03.0000 0x0254 C:\WINDOWS\system32\drivers\hidparse.sys - ok
18:07:03.0015 0x0254 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
18:07:03.0015 0x0254 C:\WINDOWS\system32\drivers\hidusb.sys - ok
18:07:03.0031 0x0254 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
18:07:03.0031 0x0254 C:\WINDOWS\system32\drivers\mouhid.sys - ok
18:07:03.0046 0x0254 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
18:07:03.0046 0x0254 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
18:07:03.0062 0x0254 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
18:07:03.0062 0x0254 C:\WINDOWS\system32\drivers\cdfs.sys - ok
18:07:03.0078 0x0254 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] C:\WINDOWS\system32\drivers\usbccgp.sys
18:07:03.0078 0x0254 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
18:07:03.0093 0x0254 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
18:07:03.0093 0x0254 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
18:07:03.0109 0x0254 [ 399C974DDA25FD3E59F22BAB787F662B, D2D9B91438D5CC4915D1E24AE2727C9210153F48CC09339351744E465FD491FD ] C:\WINDOWS\system32\drivers\wdfldr.sys
18:07:03.0109 0x0254 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
18:07:03.0109 0x0254 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
18:07:03.0109 0x0254 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
18:07:03.0125 0x0254 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
18:07:03.0125 0x0254 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
18:07:03.0140 0x0254 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
18:07:03.0140 0x0254 C:\WINDOWS\system32\drivers\atapi.sys - ok
18:07:03.0156 0x0254 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
18:07:03.0156 0x0254 C:\WINDOWS\system32\drivers\wmilib.sys - ok
18:07:03.0171 0x0254 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
18:07:03.0171 0x0254 C:\WINDOWS\system32\drivers\dxapi.sys - ok
18:07:03.0187 0x0254 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
18:07:03.0187 0x0254 C:\WINDOWS\system32\watchdog.sys - ok
18:07:03.0203 0x0254 [ 63FA0F8D9CC1F24DC5D93FA8806228CD, 0C9C02393F159571BE58B1517D4809AB5F263BB8A04828463EEB50E8A949C421 ] C:\WINDOWS\system32\win32k.sys
18:07:03.0203 0x0254 C:\WINDOWS\system32\win32k.sys - ok
18:07:03.0218 0x0254 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
18:07:03.0218 0x0254 C:\WINDOWS\system32\csrss.exe - ok
18:07:03.0218 0x0254 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:07:03.0218 0x0254 C:\WINDOWS\system32\basesrv.dll - ok
18:07:03.0234 0x0254 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
18:07:03.0234 0x0254 C:\WINDOWS\system32\csrsrv.dll - ok
18:07:03.0250 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:07:03.0250 0x0254 C:\WINDOWS\system32\winsrv.dll - ok
18:07:03.0265 0x0254 [ 8B1F3320AEBB536E021A5014409862DE, AF87414100C16882B5CB6852C94205EC646A42B2616C5EC8AD5010611427FAF1 ] C:\WINDOWS\system32\gdi32.dll
18:07:03.0265 0x0254 C:\WINDOWS\system32\gdi32.dll - ok
18:07:03.0281 0x0254 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
18:07:03.0281 0x0254 C:\WINDOWS\system32\kernel32.dll - ok
18:07:03.0296 0x0254 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
18:07:03.0296 0x0254 C:\WINDOWS\system32\user32.dll - ok
18:07:03.0312 0x0254 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
18:07:03.0312 0x0254 C:\WINDOWS\system32\drivers\dxg.sys - ok
18:07:03.0328 0x0254 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
18:07:03.0328 0x0254 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
18:07:03.0343 0x0254 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
18:07:03.0343 0x0254 C:\WINDOWS\system32\vga.dll - ok
18:07:03.0359 0x0254 [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
18:07:03.0359 0x0254 C:\WINDOWS\system32\framebuf.dll - ok
18:07:03.0375 0x0254 [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
18:07:03.0375 0x0254 C:\WINDOWS\system32\vga256.dll - ok
18:07:03.0390 0x0254 [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
18:07:03.0390 0x0254 C:\WINDOWS\system32\vga64k.dll - ok
18:07:03.0406 0x0254 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
18:07:03.0406 0x0254 C:\WINDOWS\system32\winlogon.exe - ok
18:07:03.0406 0x0254 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
18:07:03.0406 0x0254 C:\WINDOWS\system32\advapi32.dll - ok
18:07:03.0421 0x0254 [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
18:07:03.0421 0x0254 C:\WINDOWS\system32\rpcrt4.dll - ok
18:07:03.0437 0x0254 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
18:07:03.0437 0x0254 C:\WINDOWS\system32\secur32.dll - ok
18:07:03.0453 0x0254 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
18:07:03.0453 0x0254 C:\WINDOWS\system32\authz.dll - ok
18:07:03.0468 0x0254 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
18:07:03.0468 0x0254 C:\WINDOWS\system32\msvcrt.dll - ok
18:07:03.0484 0x0254 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1, EA90CA8DC82F2273B4CD8F8C3B7C5AB9856AE0E8B5AC0CA2604776CDC9FE40B2 ] C:\WINDOWS\system32\crypt32.dll
18:07:03.0484 0x0254 C:\WINDOWS\system32\crypt32.dll - ok
18:07:03.0500 0x0254 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
18:07:03.0500 0x0254 C:\WINDOWS\system32\msasn1.dll - ok
18:07:03.0515 0x0254 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
18:07:03.0515 0x0254 C:\WINDOWS\system32\nddeapi.dll - ok
18:07:03.0531 0x0254 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
18:07:03.0531 0x0254 C:\WINDOWS\system32\profmap.dll - ok
18:07:03.0546 0x0254 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
18:07:03.0546 0x0254 C:\WINDOWS\system32\netapi32.dll - ok
18:07:03.0546 0x0254 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
18:07:03.0546 0x0254 C:\WINDOWS\system32\userenv.dll - ok
18:07:03.0562 0x0254 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
18:07:03.0562 0x0254 C:\WINDOWS\system32\psapi.dll - ok
18:07:03.0578 0x0254 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
18:07:03.0578 0x0254 C:\WINDOWS\system32\regapi.dll - ok
18:07:03.0593 0x0254 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
18:07:03.0593 0x0254 C:\WINDOWS\system32\setupapi.dll - ok
18:07:03.0609 0x0254 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
18:07:03.0609 0x0254 C:\WINDOWS\system32\version.dll - ok
18:07:03.0625 0x0254 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
18:07:03.0625 0x0254 C:\WINDOWS\system32\winsta.dll - ok
18:07:03.0640 0x0254 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
18:07:03.0640 0x0254 C:\WINDOWS\system32\wintrust.dll - ok
18:07:03.0656 0x0254 [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
18:07:03.0656 0x0254 C:\WINDOWS\system32\imagehlp.dll - ok
18:07:03.0656 0x0254 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
18:07:03.0656 0x0254 C:\WINDOWS\system32\ws2_32.dll - ok
18:07:03.0671 0x0254 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
18:07:03.0671 0x0254 C:\WINDOWS\system32\ws2help.dll - ok
18:07:03.0687 0x0254 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
18:07:03.0687 0x0254 C:\WINDOWS\system32\imm32.dll - ok
18:07:03.0703 0x0254 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
18:07:03.0703 0x0254 C:\WINDOWS\system32\kbdus.dll - ok
18:07:03.0718 0x0254 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
18:07:03.0718 0x0254 C:\WINDOWS\system32\msgina.dll - ok
18:07:03.0734 0x0254 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
18:07:03.0734 0x0254 C:\WINDOWS\system32\comctl32.dll - ok
18:07:03.0750 0x0254 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
18:07:03.0750 0x0254 C:\WINDOWS\system32\odbc32.dll - ok
18:07:03.0765 0x0254 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
18:07:03.0765 0x0254 C:\WINDOWS\system32\comdlg32.dll - ok
18:07:03.0781 0x0254 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
18:07:03.0781 0x0254 C:\WINDOWS\system32\shell32.dll - ok
18:07:03.0796 0x0254 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
18:07:03.0796 0x0254 C:\WINDOWS\system32\shlwapi.dll - ok
18:07:03.0812 0x0254 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
18:07:03.0812 0x0254 C:\WINDOWS\system32\sxs.dll - ok
18:07:03.0828 0x0254 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
18:07:03.0828 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
18:07:03.0843 0x0254 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
18:07:03.0843 0x0254 C:\WINDOWS\system32\odbcint.dll - ok
18:07:03.0859 0x0254 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
18:07:03.0859 0x0254 C:\WINDOWS\system32\ole32.dll - ok
18:07:03.0875 0x0254 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
18:07:03.0875 0x0254 C:\WINDOWS\system32\sfc.dll - ok
18:07:03.0875 0x0254 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
18:07:03.0875 0x0254 C:\WINDOWS\system32\sfc_os.dll - ok
18:07:03.0890 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
18:07:03.0890 0x0254 C:\WINDOWS\system32\shsvcs.dll - ok
18:07:03.0906 0x0254 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
18:07:03.0906 0x0254 C:\WINDOWS\system32\apphelp.dll - ok
18:07:03.0921 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:07:03.0921 0x0254 C:\WINDOWS\system32\services.exe - ok
18:07:03.0937 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
18:07:03.0937 0x0254 C:\WINDOWS\system32\lsass.exe - ok
18:07:03.0953 0x0254 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
18:07:03.0953 0x0254 C:\WINDOWS\system32\ncobjapi.dll - ok
18:07:03.0968 0x0254 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
18:07:03.0968 0x0254 C:\WINDOWS\system32\lsasrv.dll - ok
18:07:03.0984 0x0254 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
18:07:03.0984 0x0254 C:\WINDOWS\system32\msvcp60.dll - ok
18:07:04.0000 0x0254 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
18:07:04.0000 0x0254 C:\WINDOWS\system32\scesrv.dll - ok
18:07:04.0000 0x0254 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
18:07:04.0000 0x0254 C:\WINDOWS\system32\mpr.dll - ok
18:07:04.0015 0x0254 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
18:07:04.0015 0x0254 C:\WINDOWS\system32\umpnpmgr.dll - ok
18:07:04.0031 0x0254 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
18:07:04.0031 0x0254 C:\WINDOWS\system32\shimeng.dll - ok
18:07:04.0046 0x0254 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
18:07:04.0046 0x0254 C:\WINDOWS\system32\ntdsapi.dll - ok
18:07:04.0062 0x0254 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
18:07:04.0062 0x0254 C:\WINDOWS\AppPatch\acadproc.dll - ok
18:07:04.0078 0x0254 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
18:07:04.0078 0x0254 C:\WINDOWS\system32\dnsapi.dll - ok
18:07:04.0093 0x0254 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
18:07:04.0093 0x0254 C:\WINDOWS\system32\wldap32.dll - ok
18:07:04.0109 0x0254 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
18:07:04.0109 0x0254 C:\WINDOWS\system32\samlib.dll - ok
18:07:04.0125 0x0254 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
18:07:04.0125 0x0254 C:\WINDOWS\system32\samsrv.dll - ok
18:07:04.0140 0x0254 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
18:07:04.0140 0x0254 C:\WINDOWS\AppPatch\acgenral.dll - ok
18:07:04.0156 0x0254 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
18:07:04.0156 0x0254 C:\WINDOWS\system32\cryptdll.dll - ok
18:07:04.0156 0x0254 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
18:07:04.0156 0x0254 C:\WINDOWS\system32\winmm.dll - ok
18:07:04.0171 0x0254 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
18:07:04.0171 0x0254 C:\WINDOWS\system32\oleaut32.dll - ok
18:07:04.0187 0x0254 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
18:07:04.0187 0x0254 C:\WINDOWS\system32\msacm32.dll - ok
18:07:04.0203 0x0254 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
18:07:04.0203 0x0254 C:\WINDOWS\system32\uxtheme.dll - ok
18:07:04.0218 0x0254 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
18:07:04.0218 0x0254 C:\WINDOWS\system32\msapsspc.dll - ok
18:07:04.0234 0x0254 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
18:07:04.0234 0x0254 C:\WINDOWS\system32\msvcrt40.dll - ok
18:07:04.0250 0x0254 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
18:07:04.0250 0x0254 C:\WINDOWS\system32\digest.dll - ok
18:07:04.0265 0x0254 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
18:07:04.0265 0x0254 C:\WINDOWS\system32\schannel.dll - ok
18:07:04.0281 0x0254 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
18:07:04.0281 0x0254 C:\WINDOWS\system32\msnsspc.dll - ok
18:07:04.0296 0x0254 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
18:07:04.0296 0x0254 C:\WINDOWS\system32\msctfime.ime - ok
18:07:04.0312 0x0254 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
18:07:04.0312 0x0254 C:\WINDOWS\system32\msprivs.dll - ok
18:07:04.0328 0x0254 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
18:07:04.0328 0x0254 C:\WINDOWS\system32\kerberos.dll - ok
18:07:04.0328 0x0254 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
18:07:04.0328 0x0254 C:\WINDOWS\system32\msv1_0.dll - ok
18:07:04.0343 0x0254 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
18:07:04.0343 0x0254 C:\WINDOWS\system32\iphlpapi.dll - ok
18:07:04.0359 0x0254 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
18:07:04.0359 0x0254 C:\WINDOWS\system32\netlogon.dll - ok
18:07:04.0375 0x0254 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
18:07:04.0375 0x0254 C:\WINDOWS\system32\w32time.dll - ok
18:07:04.0390 0x0254 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
18:07:04.0390 0x0254 C:\WINDOWS\system32\wdigest.dll - ok
18:07:04.0406 0x0254 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
18:07:04.0406 0x0254 C:\WINDOWS\system32\rsaenh.dll - ok
18:07:04.0421 0x0254 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
18:07:04.0421 0x0254 C:\WINDOWS\system32\winscard.dll - ok
18:07:04.0437 0x0254 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
18:07:04.0437 0x0254 C:\WINDOWS\system32\wtsapi32.dll - ok
18:07:04.0453 0x0254 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
18:07:04.0453 0x0254 C:\WINDOWS\system32\scecli.dll - ok
18:07:04.0453 0x0254 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
18:07:04.0453 0x0254 C:\WINDOWS\system32\svchost.exe - ok
18:07:04.0468 0x0254 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
18:07:04.0468 0x0254 C:\WINDOWS\system32\ntmarta.dll - ok
18:07:04.0484 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
18:07:04.0484 0x0254 C:\WINDOWS\system32\rpcss.dll - ok
18:07:04.0500 0x0254 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
18:07:04.0500 0x0254 C:\WINDOWS\system32\xpsp2res.dll - ok
18:07:04.0515 0x0254 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
18:07:04.0515 0x0254 C:\WINDOWS\system32\eventlog.dll - ok
18:07:04.0531 0x0254 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
18:07:04.0531 0x0254 C:\WINDOWS\system32\mswsock.dll - ok
18:07:04.0546 0x0254 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
18:07:04.0546 0x0254 C:\WINDOWS\system32\hnetcfg.dll - ok
18:07:04.0562 0x0254 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
18:07:04.0562 0x0254 C:\WINDOWS\system32\winrnr.dll - ok
18:07:04.0578 0x0254 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
18:07:04.0578 0x0254 C:\WINDOWS\system32\wshtcpip.dll - ok
18:07:04.0593 0x0254 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
18:07:04.0593 0x0254 C:\WINDOWS\system32\rasadhlp.dll - ok
18:07:04.0609 0x0254 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
18:07:04.0609 0x0254 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
18:07:04.0625 0x0254 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
18:07:04.0625 0x0254 C:\WINDOWS\system32\dhcpcsvc.dll - ok
18:07:04.0640 0x0254 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
18:07:04.0640 0x0254 C:\WINDOWS\system32\dnsrslvr.dll - ok
18:07:04.0656 0x0254 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
18:07:04.0656 0x0254 C:\WINDOWS\system32\lmhsvc.dll - ok
18:07:04.0656 0x0254 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
18:07:04.0656 0x0254 C:\WINDOWS\system32\wzcsvc.dll - ok
18:07:04.0671 0x0254 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
18:07:04.0671 0x0254 C:\WINDOWS\system32\rtutils.dll - ok
18:07:04.0687 0x0254 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
18:07:04.0687 0x0254 C:\WINDOWS\system32\wmi.dll - ok
18:07:04.0703 0x0254 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
18:07:04.0703 0x0254 C:\WINDOWS\system32\eapolqec.dll - ok
18:07:04.0718 0x0254 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
18:07:04.0718 0x0254 C:\WINDOWS\system32\atl.dll - ok
18:07:04.0734 0x0254 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
18:07:04.0734 0x0254 C:\WINDOWS\system32\dot3api.dll - ok
18:07:04.0750 0x0254 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
18:07:04.0750 0x0254 C:\WINDOWS\system32\qutil.dll - ok
18:07:04.0765 0x0254 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
18:07:04.0765 0x0254 C:\WINDOWS\system32\esent.dll - ok
18:07:04.0781 0x0254 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
18:07:04.0781 0x0254 C:\WINDOWS\system32\logonui.exe - ok
18:07:04.0796 0x0254 [ 482E8F6FD557D5A0DF7363F72DF145FE, BCD5D1A9C715CCCFE93E21145EF8AC924BC5726F53D0BA86A938B01EF5B37C7D ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
18:07:04.0796 0x0254 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
18:07:04.0796 0x0254 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
18:07:04.0796 0x0254 C:\WINDOWS\system32\duser.dll - ok
18:07:04.0812 0x0254 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
18:07:04.0812 0x0254 C:\WINDOWS\system32\clbcatq.dll - ok
18:07:04.0828 0x0254 [ F1BD516A4446B737BAEFB9FBAA92F01A, D4FBFFA2AE1F77F9E40C7DD8F415C6BD7690BA6B747F0B22C4B866C68F76D1AF ] C:\WINDOWS\system32\wininet.dll
18:07:04.0828 0x0254 C:\WINDOWS\system32\wininet.dll - ok
18:07:04.0843 0x0254 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
18:07:04.0843 0x0254 C:\WINDOWS\system32\msimg32.dll - ok
18:07:04.0859 0x0254 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
18:07:04.0859 0x0254 C:\WINDOWS\system32\oleacc.dll - ok
18:07:04.0875 0x0254 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
18:07:04.0875 0x0254 C:\WINDOWS\system32\comres.dll - ok
18:07:04.0890 0x0254 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
18:07:04.0890 0x0254 C:\WINDOWS\system32\normaliz.dll - ok
18:07:04.0906 0x0254 [ 5288BC366FDABFA94D5C4577DAF85387, D51AD3B26E4F1256B91DBB270E5B713D1FE53FBDF97E1CF9179EB293AA9490F2 ] C:\WINDOWS\system32\urlmon.dll
18:07:04.0906 0x0254 C:\WINDOWS\system32\urlmon.dll - ok
18:07:04.0906 0x0254 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
18:07:04.0906 0x0254 C:\WINDOWS\system32\wkssvc.dll - ok
18:07:04.0921 0x0254 [ 6195004BF2586FAA3B22F3CAC9E5CC15, DF6611C7710FA1D1199B05D7FFF8A511B12278867EA4062BB2E21B3A553C96D8 ] C:\WINDOWS\system32\iertutil.dll
18:07:04.0921 0x0254 C:\WINDOWS\system32\iertutil.dll - ok
18:07:04.0937 0x0254 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
18:07:04.0937 0x0254 C:\WINDOWS\system32\shgina.dll - ok
18:07:04.0953 0x0254 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
18:07:04.0953 0x0254 C:\WINDOWS\system32\rastls.dll - ok
18:07:04.0968 0x0254 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
18:07:04.0968 0x0254 C:\WINDOWS\system32\cryptui.dll - ok
18:07:04.0984 0x0254 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
18:07:04.0984 0x0254 C:\WINDOWS\system32\mprapi.dll - ok
18:07:05.0000 0x0254 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
18:07:05.0000 0x0254 C:\WINDOWS\system32\activeds.dll - ok
18:07:05.0015 0x0254 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
18:07:05.0015 0x0254 C:\WINDOWS\system32\adsldpc.dll - ok
18:07:05.0031 0x0254 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
18:07:05.0031 0x0254 C:\WINDOWS\system32\rasapi32.dll - ok
18:07:05.0046 0x0254 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
18:07:05.0046 0x0254 C:\WINDOWS\system32\rasman.dll - ok
18:07:05.0062 0x0254 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
18:07:05.0062 0x0254 C:\WINDOWS\system32\tapi32.dll - ok
18:07:05.0078 0x0254 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
18:07:05.0078 0x0254 C:\WINDOWS\system32\riched20.dll - ok
18:07:05.0093 0x0254 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
18:07:05.0093 0x0254 C:\WINDOWS\system32\raschap.dll - ok
18:07:05.0109 0x0254 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
18:07:05.0109 0x0254 C:\WINDOWS\system32\cscdll.dll - ok
18:07:05.0125 0x0254 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
18:07:05.0125 0x0254 C:\WINDOWS\system32\dimsntfy.dll - ok
18:07:05.0125 0x0254 [ 02A450FB1B4131B63F0782B3B626BF3D, 1DDCD4A0DA234D8919C8EA9180BF943FEAFBE59E546598E60E9963C3FA970AD3 ] C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
18:07:05.0125 0x0254 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll - ok
18:07:05.0140 0x0254 [ E530E95DBFE0EA51159D1F7C81DB6B98, D13948DB19752995A7B684396047DABAFF64F239462C25E27A1765124A522DF3 ] C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
18:07:05.0140 0x0254 C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll - ok
18:07:05.0156 0x0254 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
18:07:05.0156 0x0254 C:\WINDOWS\system32\wlnotify.dll - ok
18:07:05.0171 0x0254 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
18:07:05.0171 0x0254 C:\WINDOWS\system32\winspool.drv - ok
18:07:05.0187 0x0254 [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll
18:07:05.0187 0x0254 C:\WINDOWS\system32\WgaLogon.dll - ok
18:07:05.0203 0x0254 [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
18:07:05.0203 0x0254 C:\WINDOWS\system32\msxml3.dll - ok
18:07:05.0218 0x0254 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
18:07:05.0218 0x0254 C:\WINDOWS\system32\cryptsvc.dll - ok
18:07:05.0234 0x0254 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
18:07:05.0234 0x0254 C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe - ok
18:07:05.0234 0x0254 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
18:07:05.0234 0x0254 C:\WINDOWS\system32\certcli.dll - ok
18:07:05.0250 0x0254 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
18:07:05.0250 0x0254 C:\WINDOWS\system32\dmserver.dll - ok
18:07:05.0265 0x0254 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
18:07:05.0265 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
18:07:05.0281 0x0254 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
18:07:05.0281 0x0254 C:\WINDOWS\system32\srvsvc.dll - ok
18:07:05.0296 0x0254 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
18:07:05.0296 0x0254 C:\WINDOWS\system32\netmsg.dll - ok
18:07:05.0312 0x0254 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
18:07:05.0312 0x0254 C:\WINDOWS\system32\drivers\srv.sys - ok
18:07:05.0328 0x0254 [ 8C7B50B5725FF49B891CA25B16C0C3A9, A4CB6DE2629971325E91CE3F55E2409904C7967324ADF5845F1ABBF24675D16D ] C:\Program Files\GFI Software\VIPRE\SpursDownload.dll
18:07:05.0328 0x0254 C:\Program Files\GFI Software\VIPRE\SpursDownload.dll - ok
18:07:05.0343 0x0254 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
18:07:05.0343 0x0254 C:\WINDOWS\system32\winhttp.dll - ok
18:07:05.0359 0x0254 [ A2E10A48CA23A2A347273B6C16DD8A8B, 78FC684C26B327895F44D409817523B48B8359AF903CC272A1B5CB3B464E6FB2 ] C:\Program Files\GFI Software\VIPRE\SBTE.dll
18:07:05.0359 0x0254 C:\Program Files\GFI Software\VIPRE\SBTE.dll - ok
18:07:05.0375 0x0254 [ D2C26AF280C00EBD8D27E35C8FF71DF4, FFD4B8826ECA24B9C44FE8BACF1A6B3D3F1ED8D33580F70FC4F21218B11FD9BF ] C:\Program Files\GFI Software\VIPRE\sbap.dll
18:07:05.0375 0x0254 C:\Program Files\GFI Software\VIPRE\sbap.dll - ok
18:07:05.0390 0x0254 [ 56AE49FABF0397C0AC6B289C56DA7E36, 65E36D5D372BC9C4343A1DD321F22AB4790CE50AFAD6525C82DE7BE1EFFB5529 ] C:\Program Files\GFI Software\VIPRE\SBArva.dll
18:07:05.0390 0x0254 C:\Program Files\GFI Software\VIPRE\SBArva.dll - ok
18:07:05.0406 0x0254 [ 9CE7BD04EDF43A81685030FF09E7F4D7, 964470B01D1974851358D018C35DD7AB5A2B59DCB6E7961E4DC77C4EE8BCC4FF ] C:\Program Files\GFI Software\VIPRE\mimepp.dll
18:07:05.0406 0x0254 C:\Program Files\GFI Software\VIPRE\mimepp.dll - ok
18:07:05.0406 0x0254 [ A4DB5188924D7101F8A0159E3B82987A, 6F1747525409AADC04E063D9F8A5675DD99DCF52E9625518221592CFA35A8714 ] C:\Program Files\GFI Software\VIPRE\SbHips.dll
18:07:05.0406 0x0254 C:\Program Files\GFI Software\VIPRE\SbHips.dll - ok
18:07:05.0421 0x0254 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
18:07:05.0421 0x0254 C:\WINDOWS\system32\msi.dll - ok
18:07:05.0437 0x0254 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
18:07:05.0437 0x0254 C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe - ok
18:07:05.0453 0x0254 [ D985A5DD14104EDA5D57EC3FE5C7204E, 1E25361B88631F45A4372332CAC28339FA5683FECA5E3382059F66420DCAB622 ] C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll
18:07:05.0453 0x0254 C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll - ok
18:07:05.0468 0x0254 [ A5FE51B8CE661A935A165803C65A4BF1, 5A190418B2F5E7FC18AD27AC315B21DF185BBA8C0E33DC0B3CE60FE07EF34441 ] C:\Program Files\GFI Software\VIPRE\unrar.dll
18:07:05.0468 0x0254 C:\Program Files\GFI Software\VIPRE\unrar.dll - ok
18:07:05.0484 0x0254 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
18:07:05.0484 0x0254 C:\WINDOWS\system32\srsvc.dll - ok
18:07:05.0500 0x0254 [ 22F0A21055416B77724CDF7D3D184266, 2B91A278043D38D2BA6BA1A3D61A0DE912589AD5693640AD6D55CEBAAE35F94E ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll
18:07:05.0500 0x0254 C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll - ok
18:07:05.0515 0x0254 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
18:07:05.0515 0x0254 C:\Program Files\Common Files\supportsoft\bin\ssrc.exe - ok
18:07:05.0531 0x0254 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
18:07:05.0531 0x0254 C:\WINDOWS\system32\powrprof.dll - ok
18:07:05.0546 0x0254 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
18:07:05.0546 0x0254 C:\WINDOWS\system32\wsock32.dll - ok
18:07:05.0562 0x0254 [ D7CE4BF406BB32DA938A03419BFC0F92, 71CB6A5A06375EC9A9B0250AB58FDB6AE1E6E9AD31E9757B4085043D24E1A944 ] C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll
18:07:05.0562 0x0254 C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll - ok
18:07:05.0578 0x0254 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
18:07:05.0578 0x0254 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
18:07:05.0578 0x0254 [ 0CC8C487FB84CB3C53DB71E3979FA450, A7C611D37FFF4C399C43B75490E089FCC587A73694385DAF7B8A087A6BE21BC9 ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll
18:07:05.0578 0x0254 C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll - ok
18:07:05.0593 0x0254 [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
18:07:05.0593 0x0254 C:\WINDOWS\system32\regsvr32.exe - ok
18:07:05.0609 0x0254 [ 46D2D7FDED46379E6D051633640AF8D3, 02C7D4B8CC7B95B5CA3F4FBB0EC5CD123167CA9864AAF93D9C67EE1ACAF1C7C0 ] C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
18:07:05.0609 0x0254 C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe - ok
18:07:05.0625 0x0254 [ F2A12BE9CEB441655BDABF9601CBFE4D, DF24F97716F97AA14EF76484C592DDFE92AC5EA32396A101BD889F96D452D9E5 ] C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE
18:07:05.0625 0x0254 C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE - ok
18:07:05.0640 0x0254 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
18:07:05.0640 0x0254 C:\WINDOWS\system32\vssapi.dll - ok
18:07:05.0656 0x0254 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
18:07:05.0656 0x0254 C:\WINDOWS\system32\browser.dll - ok
18:07:05.0671 0x0254 [ 1DA97713C483C4E000955F52224D8733, 56046551936AF1E876EEC3AACC8099E1AC502B6BA83560811E1F6A1FFD532484 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe
18:07:05.0671 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe - ok
18:07:05.0687 0x0254 [ 140B8FBF6850B61F86515470850CF972, CB170A866CB69512F90017B6BABABA1EEFD643CEF5CBC3DBE3554C07D933F825 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll
18:07:05.0687 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll - ok
18:07:05.0703 0x0254 [ 72F1995653E66CBABC9332711DFF966D, 295AFCD30CE82BADCF5B61458FE2FB6B97139A2A136DACB06CEBC48B3772CB35 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll
18:07:05.0703 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll - ok
18:07:05.0703 0x0254 [ 47857DF83C1BD9755AFD1C7F0AE65465, 967AD7C178348FCE215F2AD1FCF19676CB0A483288CD155A8899D1AF3469F6BC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
18:07:05.0703 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll - ok
18:07:05.0718 0x0254 [ 871F979D70414C900B35E56222932DAF, 91FD46D7335C9990A20F215B9F6F53BC59551420A9C99AD8110AE2F9FF7598F0 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
18:07:05.0718 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
18:07:05.0734 0x0254 [ 4D03CA609E68F4C90CF66515218017F8, CF420ACED0D810E1D75F6811DD986F2D9FDED2FBB8D61FC9A7024520C475FEBB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
18:07:05.0734 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
18:07:05.0750 0x0254 [ 88F2EC4D51D72A87D804D0E6E041F534, 53DE55870D3FB5F9ED5164BBE17CC33E6E692D1F6E07E0EBF11C3617D557CC95 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll
18:07:05.0750 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll - ok
18:07:05.0765 0x0254 [ C610485022BDAF12F3836B6955470B69, 69E053FBF9B37A0E8D0FE20AB2474AF1F1AA325FAA6C67B212ECABC8E85F7F0C ] C:\Program Files\GFI Software\VIPRE\vipre.dll
18:07:05.0765 0x0254 C:\Program Files\GFI Software\VIPRE\vipre.dll - ok
18:07:05.0781 0x0254 [ 5D2BE16A06CF09B2952C85503A89C28E, 0A98709D8C96AF58B8A9711576DD7610CE849D487DBACA6ECF01A3F0AA42BF8E ] C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll
18:07:05.0781 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll - ok
18:07:05.0796 0x0254 [ 763D69C5A9DE7BCF670D9CDA9EC3CEC0, D2A261B1C2727EE188834A69129418C50F3525D25BC47FB8F87B2ADCA5DB2811 ] C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll
18:07:05.0796 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll - ok
18:07:05.0812 0x0254 [ D1B01B7933F26211E80EAC667A909E1B, 9515F423FC74D84CB9B8CFDCB94017697D85ADBDFCECC9BE70D755D253EA7F27 ] C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll
18:07:05.0812 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll - ok
18:07:05.0828 0x0254 [ 19350C72F956CB7ADBA0F5EC6FDE6846, 61EBB1C358EB3DE3D5D84BBCA4BF09570B31E7F842FC1D3BA68221EBDB21A662 ] C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll
18:07:05.0828 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll - ok
18:07:05.0843 0x0254 [ 0748D7C015A09EC9C0539130259736FE, 3AB581FC911C41966A18F459394E27B32DA34E56A3E1D34BF9A8856349274742 ] C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll
18:07:05.0843 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll - ok
18:07:05.0859 0x0254 [ C9A63111931F99F41D1ADF01895C4B4F, F869BE843A5D6ECD86D5837DB3BC3C3D38821EAA0828AD119BC69273DF510ECD ] C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll
18:07:05.0859 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll - ok
18:07:05.0875 0x0254 [ B46A091F4B9B2472A9C07EC402829A0B, 3A3F3448E935A6A5966B8F45F23595F8846C01ABBB7A706439141F4CE67E4A7B ] C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll
18:07:05.0875 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll - ok
18:07:05.0890 0x0254 [ 5B3FD19F792F926080689DC42EBE2503, 8E8F9748136E10F7BFCEFF2642EA33870BBA320BF6D0047CDB5502C706C64055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll
18:07:05.0890 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll - ok
18:07:05.0906 0x0254 [ E8865E926E750F7C71AA93CAACA1C352, 4D8354D2FA45D63564696FA2ED4CC9475F1848194E52CF243F10FB70C5EF416B ] C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll
18:07:05.0906 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll - ok
18:07:05.0906 0x0254 [ 8A6877EBFB19471C6DCDBC128BA92997, 8B3BDBE922D57A4E6EB198F8CE95C9960AF9C49EE553ABA886FD14703193CFEC ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll
18:07:05.0906 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll - ok
18:07:05.0921 0x0254 [ 3A61DF5B7A4791336367B9BAB3BE3113, 193BC11EE4B7064F5B73D4F6F7455B1A7BC088C8CB3BCB0B2FA9401496557055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll
18:07:05.0921 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll - ok
18:07:05.0937 0x0254 [ C3D0DB2B67E8E77CA5DE82CC5A044B38, 944F8588F882080772304E88243EA19F566165DAEB3044583774EA19389BAD75 ] C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll
18:07:05.0937 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll - ok
18:07:05.0953 0x0254 [ 41A8DF69920FB5349288C083577325F2, 71D35130D8A33E436E7686949AFAF9EC58864B2EB737B0AD9563B33C783D6A83 ] C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll
18:07:05.0953 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll - ok
18:07:05.0968 0x0254 [ 3C2E428944BE3E8908BCEB6F86572C39, F7E5675A7F0BD12C6B4F6D609E4FEE14128EF773B248D4F9A2F52F30D8212ECE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll
18:07:05.0968 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll - ok
18:07:05.0984 0x0254 [ 08C8482A1D4326F9AE1A5BF3A1E46086, FF9F4E86EC63F7C481C429BFCF38C3D25F25B052412537AC668351EF496989FE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll
18:07:05.0984 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll - ok
18:07:06.0000 0x0254 [ 93BE04A5C3DC07B5A3D79D97E231630A, 3C3997E7F3E0FFA20DCC6361F6389DE9B3307E97D133B5B1CD49D5D63AA38E0A ] C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll
18:07:06.0000 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll - ok
18:07:06.0015 0x0254 [ F109D57D63B480953FC5F5998D0B4186, 3D52B491C76E37E547BA5F3F2EE1952DF50EC6723D0DEA9E49A7CEB04C74F1F2 ] C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll
18:07:06.0015 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll - ok
18:07:06.0031 0x0254 [ EC9178C60133C6007C9D613050910D2C, D1553802066831E2E388DE12EA7AA8E65C38F9F9C7F841EDE82D3E2E82EDCEB5 ] C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll
18:07:06.0031 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll - ok
18:07:06.0046 0x0254 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
18:07:06.0046 0x0254 C:\WINDOWS\system32\shfolder.dll - ok
18:07:06.0062 0x0254 [ 315ABC478715CEBB404D6E2187B95214, F66A1DBA21A0365DB5F9E7D85EAA5DF4FD9168A78F34AE15F656A492A084DBCE ] C:\Program Files\GFI Software\VIPRE\gfiarksh.dll
18:07:06.0062 0x0254 C:\Program Files\GFI Software\VIPRE\gfiarksh.dll - ok
18:07:06.0078 0x0254 [ 508BADE9FAC071330D3CA3E6BFB40A04, E926D60638A6003FA67DD36D85065DBCDB51C7607B6CBB459793A321CFF03F18 ] C:\Program Files\GFI Software\VIPRE\gfiutil.dll
18:07:06.0078 0x0254 C:\Program Files\GFI Software\VIPRE\gfiutil.dll - ok
18:07:06.0093 0x0254 [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
18:07:06.0093 0x0254 C:\WINDOWS\system32\fltlib.dll - ok
18:07:06.0109 0x0254 [ 75938F0CA410AC4B3FD388FD88792B8F, F84120B7EB0D185D88C90368F8AC48AF7E6FBB74726336D6991B0618AF0303B2 ] C:\Program Files\GFI Software\VIPRE\cmclient1.dll
18:07:06.0109 0x0254 C:\Program Files\GFI Software\VIPRE\cmclient1.dll - ok
18:07:06.0125 0x0254 [ E513C28C4F8650F3B2A20F7878337415, B3CF0BB145FD80621C1B695B23026DE49125530A937927C6956AA0D7E6170C08 ] C:\Program Files\GFI Software\VIPRE\SbFwe.dll
18:07:06.0125 0x0254 C:\Program Files\GFI Software\VIPRE\SbFwe.dll - ok
18:07:06.0125 0x0254 [ 6B59E42D12D76455E1657DF2BFD47C90, 3057284AACA7C33BD78A7980BA44DFA796A365423EE994CD9B62E8E8CEFF2760 ] C:\Program Files\GFI Software\VIPRE\kbu.dll
18:07:06.0125 0x0254 C:\Program Files\GFI Software\VIPRE\kbu.dll - ok
18:07:06.0140 0x0254 [ 80B23666B6458A24AFC0AFD4E20BBBB7, 58CF7F963CE21860639E392AEAFDB484EF8105B1C6CED00062C6A2A92D0C46A9 ] C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll
18:07:06.0140 0x0254 C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll - ok
18:07:06.0156 0x0254 [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
18:07:06.0156 0x0254 C:\WINDOWS\system32\mpnotify.exe - ok
18:07:06.0171 0x0254 [ F49DABE4B824B9BF35E5F541A6CAAF26, B306E86362380B5922672527FC4548AA9623757DA5533D22DE44D81126E3DCFD ] C:\WINDOWS\system32\BCMLogon.dll
18:07:06.0171 0x0254 C:\WINDOWS\system32\BCMLogon.dll - ok
18:07:06.0187 0x0254 [ 25DE4FB4312B50B992E134E51F982A1F, 2384044EB3AC154A5AE39A479048A8850836775337E6802F7CECE8A0E1BA0C60 ] C:\Program Files\GFI Software\VIPRE\SBTIS.dll
18:07:06.0187 0x0254 C:\Program Files\GFI Software\VIPRE\SBTIS.dll - ok
18:07:06.0203 0x0254 [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\MFC71.DLL
18:07:06.0203 0x0254 C:\WINDOWS\system32\MFC71.DLL - ok
18:07:06.0218 0x0254 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\MSVCR71.DLL
18:07:06.0218 0x0254 C:\WINDOWS\system32\MSVCR71.DLL - ok
18:07:06.0234 0x0254 [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\MSVCP71.DLL
18:07:06.0234 0x0254 C:\WINDOWS\system32\MSVCP71.DLL - ok
18:07:06.0250 0x0254 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
18:07:06.0250 0x0254 C:\WINDOWS\system32\cscui.dll - ok
18:07:06.0265 0x0254 [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
18:07:06.0265 0x0254 C:\WINDOWS\system32\dpcdll.dll - ok
18:07:06.0265 0x0254 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
18:07:06.0265 0x0254 C:\WINDOWS\system32\termsrv.dll - ok
18:07:06.0281 0x0254 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
18:07:06.0281 0x0254 C:\WINDOWS\system32\userinit.exe - ok
18:07:06.0296 0x0254 [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe
18:07:06.0296 0x0254 C:\WINDOWS\system32\WgaTray.exe - ok
18:07:06.0312 0x0254 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
18:07:06.0312 0x0254 C:\WINDOWS\system32\icaapi.dll - ok
18:07:06.0328 0x0254 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
18:07:06.0328 0x0254 C:\WINDOWS\explorer.exe - ok
18:07:06.0343 0x0254 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
18:07:06.0343 0x0254 C:\WINDOWS\system32\mstlsapi.dll - ok
18:07:06.0359 0x0254 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
18:07:06.0359 0x0254 C:\WINDOWS\system32\browseui.dll - ok
18:07:06.0375 0x0254 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
18:07:06.0375 0x0254 C:\WINDOWS\system32\shdocvw.dll - ok
18:07:06.0390 0x0254 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
18:07:06.0390 0x0254 C:\WINDOWS\system32\cryptnet.dll - ok
18:07:06.0406 0x0254 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
18:07:06.0406 0x0254 C:\WINDOWS\system32\sensapi.dll - ok
18:07:06.0406 0x0254 [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll
18:07:06.0421 0x0254 C:\WINDOWS\system32\LegitCheckControl.dll - ok
18:07:06.0421 0x0254 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
18:07:06.0421 0x0254 C:\WINDOWS\system32\desk.cpl - ok
18:07:06.0437 0x0254 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
18:07:06.0437 0x0254 C:\WINDOWS\system32\themeui.dll - ok
18:07:06.0453 0x0254 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
18:07:06.0453 0x0254 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
18:07:06.0468 0x0254 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
18:07:06.0468 0x0254 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
18:07:06.0484 0x0254 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
18:07:06.0484 0x0254 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
18:07:06.0500 0x0254 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
18:07:06.0500 0x0254 C:\WINDOWS\system32\wbem\esscli.dll - ok
18:07:06.0515 0x0254 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
18:07:06.0515 0x0254 C:\WINDOWS\system32\wbem\fastprox.dll - ok
18:07:06.0531 0x0254 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
18:07:06.0531 0x0254 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
18:07:06.0546 0x0254 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
18:07:06.0546 0x0254 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
18:07:06.0562 0x0254 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
18:07:06.0562 0x0254 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
18:07:06.0578 0x0254 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
18:07:06.0578 0x0254 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
18:07:06.0593 0x0254 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
18:07:06.0593 0x0254 C:\WINDOWS\system32\wbem\wbemess.dll - ok
18:07:06.0609 0x0254 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
18:07:06.0609 0x0254 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
18:07:06.0625 0x0254 [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
18:07:06.0625 0x0254 C:\WINDOWS\system32\licwmi.dll - ok
18:07:06.0640 0x0254 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
18:07:06.0640 0x0254 C:\WINDOWS\system32\linkinfo.dll - ok
18:07:06.0656 0x0254 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
18:07:06.0656 0x0254 C:\WINDOWS\system32\wbem\framedyn.dll - ok
18:07:06.0671 0x0254 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
18:07:06.0671 0x0254 C:\WINDOWS\system32\ntshrui.dll - ok
18:07:06.0687 0x0254 [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
18:07:06.0687 0x0254 C:\WINDOWS\system32\licdll.dll - ok
18:07:06.0703 0x0254 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
18:07:06.0703 0x0254 C:\WINDOWS\system32\msxml6.dll - ok
18:07:06.0718 0x0254 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
18:07:06.0718 0x0254 C:\WINDOWS\system32\verclsid.exe - ok
18:07:06.0734 0x0254 [ 2DD904F7FE982A3141193F491D04F7C9, 714C803F187B1F4D9DAC7C240354FFCEECCCC42763318DBF8153DBB066D0E9C4 ] C:\WINDOWS\system32\ieframe.dll
18:07:06.0734 0x0254 C:\WINDOWS\system32\ieframe.dll - ok
18:07:06.0750 0x0254 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
18:07:06.0750 0x0254 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
18:07:06.0765 0x0254 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
18:07:06.0765 0x0254 C:\WINDOWS\system32\cfgmgr32.dll - ok
18:07:06.0781 0x0254 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
18:07:06.0781 0x0254 C:\WINDOWS\system32\netshell.dll - ok
18:07:06.0796 0x0254 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
18:07:06.0796 0x0254 C:\WINDOWS\system32\credui.dll - ok
18:07:06.0796 0x0254 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
18:07:06.0796 0x0254 C:\WINDOWS\system32\dot3dlg.dll - ok
18:07:06.0812 0x0254 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
18:07:06.0812 0x0254 C:\WINDOWS\system32\onex.dll - ok
18:07:06.0828 0x0254 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
18:07:06.0828 0x0254 C:\WINDOWS\system32\eappcfg.dll - ok
18:07:06.0843 0x0254 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
18:07:06.0843 0x0254 C:\WINDOWS\system32\eappprxy.dll - ok
18:07:06.0859 0x0254 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
18:07:06.0859 0x0254 C:\WINDOWS\system32\netman.dll - ok
18:07:06.0875 0x0254 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
18:07:06.0875 0x0254 C:\WINDOWS\system32\wzcsapi.dll - ok
18:07:06.0890 0x0254 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
18:07:06.0890 0x0254 C:\WINDOWS\system32\netcfgx.dll - ok
18:07:06.0906 0x0254 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
18:07:06.0906 0x0254 C:\WINDOWS\system32\clusapi.dll - ok
18:07:06.0921 0x0254 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
18:07:06.0921 0x0254 C:\WINDOWS\system32\rasmans.dll - ok
18:07:06.0921 0x0254 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
18:07:06.0921 0x0254 C:\WINDOWS\system32\sens.dll - ok
18:07:06.0937 0x0254 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
18:07:06.0937 0x0254 C:\WINDOWS\system32\winipsec.dll - ok
18:07:06.0953 0x0254 [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
18:07:06.0953 0x0254 C:\WINDOWS\system32\mmcshext.dll - ok
18:07:06.0968 0x0254 [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
18:07:06.0968 0x0254 C:\WINDOWS\system32\hhsetup.dll - ok
18:07:06.0984 0x0254 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
18:07:06.0984 0x0254 C:\WINDOWS\system32\es.dll - ok
18:07:07.0000 0x0254 [ 2094BC9A0FC9C0E15EEA5F4A9581DD14, 06F739FB795F0F03B336CEBB895115BCA8123F3434D26F8428F707D348BF421C ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
18:07:07.0000 0x0254 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
18:07:07.0015 0x0254 [ 055309C927DEF2F09305ED0F3065CF66, ED92413E6D719B61208C4E0E598D64D989D220D0902F3E2A4A54972FD2595057 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
18:07:07.0015 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll - ok
18:07:07.0031 0x0254 [ ECD5517A6633826057D4F050927DDF56, 6E6599DA9DB33FB66AF76F9252569EE02EFF9F02078191735D09DA64E661C9F7 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
18:07:07.0031 0x0254 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
18:07:07.0046 0x0254 [ 8BCBC41817FC41F9CC9B10DD120CEC7C, F2F54909874D4711DCC5DC61BBF0546D533705464CAAB1419D7E12127D4F327D ] C:\Documents and Settings\Dan\Desktop\tdsskiller.exe
18:07:07.0046 0x0254 C:\Documents and Settings\Dan\Desktop\tdsskiller.exe - ok
18:07:07.0062 0x0254 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{47D5C63C-F95D-44C0-9917-E1025969DCF9}.tmp
18:07:07.0062 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{47D5C63C-F95D-44C0-9917-E1025969DCF9}.tmp - ok
18:07:07.0078 0x0254 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{401658E6-3AF9-4629-ABC9-BF14BFEA1E24}.tmp
18:07:07.0078 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{401658E6-3AF9-4629-ABC9-BF14BFEA1E24}.tmp - ok
18:07:07.0093 0x0254 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5D2F29BB-71EB-4D38-8D72-D8D6BE72A9D8}.tmp
18:07:07.0093 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5D2F29BB-71EB-4D38-8D72-D8D6BE72A9D8}.tmp - ok
18:07:07.0109 0x0254 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5F9A4A0A-6F0D-44A6-B2C3-751ACDABB2C0}.tmp
18:07:07.0109 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5F9A4A0A-6F0D-44A6-B2C3-751ACDABB2C0}.tmp - ok
18:07:07.0125 0x0254 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{DA8A13DC-4756-4B1C-9E21-321BC5D767EE}.tmp
18:07:07.0125 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{DA8A13DC-4756-4B1C-9E21-321BC5D767EE}.tmp - ok
18:07:07.0140 0x0254 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{669FE4AC-CF46-4D81-9DE7-B9D410616FFE}.tmp
18:07:07.0140 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{669FE4AC-CF46-4D81-9DE7-B9D410616FFE}.tmp - ok
18:07:07.0156 0x0254 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{7AC624EF-2ACA-4EFF-AB5C-608E2EB36E97}.tmp
18:07:07.0156 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{7AC624EF-2ACA-4EFF-AB5C-608E2EB36E97}.tmp - ok
18:07:07.0156 0x0254 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{4B7FC200-AC22-4D52-86B9-F1052FD4AE6A}.tmp
18:07:07.0156 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{4B7FC200-AC22-4D52-86B9-F1052FD4AE6A}.tmp - ok
18:07:07.0171 0x0254 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{1C05D377-D336-44EF-A22C-AA8611D57E56}.tmp
18:07:07.0171 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{1C05D377-D336-44EF-A22C-AA8611D57E56}.tmp - ok
18:07:07.0187 0x0254 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{B03CA3A9-47AA-4B61-A8FB-41EC96F52706}.tmp
18:07:07.0187 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{B03CA3A9-47AA-4B61-A8FB-41EC96F52706}.tmp - ok
18:07:07.0203 0x0254 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
18:07:07.0203 0x0254 C:\WINDOWS\system32\wbem\ncprov.dll - ok
18:07:07.0218 0x0254 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
18:07:07.0218 0x0254 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
18:07:07.0234 0x0254 [ E5517D0908CA75EEF9633A93FF3F0408, ADBF3948908AB0C487D2B536E2F8E0C0803EF2BDE109AC525677582549F7A7E2 ] C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
18:07:07.0234 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe - ok
18:07:07.0250 0x0254 [ CAF25369B9C7CA27D700D89EA8C7E528, FC1244265A4EC860FE87E65503C2F3B19C1DDA96F87EA9BA5B4CCA6A11CA2E9A ] C:\WINDOWS\pchealth\helpctr\binaries\HCAppRes.dll
18:07:07.0250 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\HCAppRes.dll - ok
18:07:07.0265 0x0254 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
18:07:07.0265 0x0254 C:\WINDOWS\system32\mlang.dll - ok
18:07:07.0281 0x0254 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
18:07:07.0281 0x0254 C:\WINDOWS\system32\drprov.dll - ok
18:07:07.0296 0x0254 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
18:07:07.0296 0x0254 C:\WINDOWS\system32\ntlanman.dll - ok
18:07:07.0312 0x0254 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
18:07:07.0312 0x0254 C:\WINDOWS\system32\netui0.dll - ok
18:07:07.0328 0x0254 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
18:07:07.0328 0x0254 C:\WINDOWS\system32\netui1.dll - ok
18:07:07.0328 0x0254 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
18:07:07.0328 0x0254 C:\WINDOWS\system32\netrap.dll - ok
18:07:07.0343 0x0254 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
18:07:07.0343 0x0254 C:\WINDOWS\system32\davclnt.dll - ok
18:07:07.0359 0x0254 [ DDC32A2FF2A1B94DBB76C149FDE4ECE7, 4FDA5B07B889F3A617F2E380F1C67F42698884EB208B5341D23B07FBC80C48A5 ] C:\WINDOWS\system32\wbem\xml\wmi2xml.dll
18:07:07.0359 0x0254 C:\WINDOWS\system32\wbem\xml\wmi2xml.dll - ok
18:07:07.0375 0x0254 [ FB6EE278BC2046E0952F320AC62D3E07, BE6EC1D5EA75398192173BD1DB6AFB01E5C54A287A79E4AF92776FB472BD0418 ] C:\WINDOWS\system32\dskquota.dll
18:07:07.0375 0x0254 C:\WINDOWS\system32\dskquota.dll - ok
18:07:07.0390 0x0254 [ 1F3A82333046F4B97B2BB148ABF38D54, DED83E1F40314D546E858DCBA4CDC483E39EE45A5CABEF7691F0D0C0C0051D18 ] C:\WINDOWS\system32\traffic.dll
18:07:07.0390 0x0254 C:\WINDOWS\system32\traffic.dll - ok
18:07:07.0406 0x0254 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
18:07:07.0406 0x0254 C:\WINDOWS\system32\security.dll - ok
18:07:07.0421 0x0254 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
18:07:07.0421 0x0254 C:\WINDOWS\system32\dssenh.dll - ok
18:07:07.0437 0x0254 [ 0099D24356585743B0B35C222092FD8F, 9EBC6DF134F0A2984E6385FD9CAD25961D2D789B94A0F8AD9F255947A790655F ] C:\WINDOWS\system32\faultrep.dll
18:07:07.0437 0x0254 C:\WINDOWS\system32\faultrep.dll - ok
18:07:07.0437 0x0254 [ 86042F6F6A5287EAF9379C91D0BF72B6, 92E5974DFD91ACEBF5D8BD5F14361C0AFD7528EF6503D1D8A8C26E64C115A0CB ] C:\WINDOWS\system32\dwwin.exe
18:07:07.0437 0x0254 C:\WINDOWS\system32\dwwin.exe - ok
18:07:07.0453 0x0254 [ EF32415C2755E66CA1B345DF68C71243, AAD88984799414684E83F894254A4CA2E61F8B7D0EE28F9A7BF6CC8A0B479903 ] C:\WINDOWS\system32\1033\dwintl.dll
18:07:07.0453 0x0254 C:\WINDOWS\system32\1033\dwintl.dll - ok
18:07:07.0468 0x0254 [ C9F5E1DE6DA983E89E714ED80C11F000, 9FE9A49CFDF8E5764A264C19A11BB123D5BD9F1D11DBC469709B5A8178EC8F8B ] C:\WINDOWS\system32\drwtsn32.exe
18:07:07.0468 0x0254 C:\WINDOWS\system32\drwtsn32.exe - ok
18:07:07.0484 0x0254 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5, B9E232CAB39F87F6356A2DBB827678A903712AFC04414D6616041135DBBAF9DE ] C:\WINDOWS\system32\dbgeng.dll
18:07:07.0484 0x0254 C:\WINDOWS\system32\dbgeng.dll - ok
18:07:07.0500 0x0254 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
18:07:07.0500 0x0254 C:\WINDOWS\system32\dbghelp.dll - ok
18:07:07.0515 0x0254 [ D7AE907903A6F46384B0F1D618FCE822, C0D69E748007268B80D3D3BDA5967EBCCBAEB3A39D9A37DC6A9C3ED3EBE63D9A ] C:\WINDOWS\system32\exts.dll
18:07:07.0515 0x0254 C:\WINDOWS\system32\exts.dll - ok
18:07:07.0531 0x0254 [ 3225C2BCBCAF3F0D994DADC82112E233, 862851D2DA3301B5A64072B323C7DF939121D0981E618BA78D8624D5191DFCDC ] C:\WINDOWS\system32\ntsdexts.dll
18:07:07.0531 0x0254 C:\WINDOWS\system32\ntsdexts.dll - ok
18:07:07.0546 0x0254 [ 5E28284F9B5F9097640D58A73D38AD4C, 865F34FE7BA81E9622DDBDFC511547D190367BBF3DAD21CEB6DA3EEC621044F5 ] C:\WINDOWS\system32\notepad.exe
18:07:07.0546 0x0254 C:\WINDOWS\system32\notepad.exe - ok
18:07:07.0562 0x0254 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{674C7F27-F4A1-4664-BA91-DBD80F6A04E3}.tmp
18:07:07.0562 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{674C7F27-F4A1-4664-BA91-DBD80F6A04E3}.tmp - ok
18:07:07.0578 0x0254 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D08844F3-FB1B-4453-A29D-50C084FBE350}.tmp
18:07:07.0578 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D08844F3-FB1B-4453-A29D-50C084FBE350}.tmp - ok
18:07:07.0593 0x0254 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D6AD9B00-BE5E-4500-A072-DD757BA49738}.tmp
18:07:07.0593 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D6AD9B00-BE5E-4500-A072-DD757BA49738}.tmp - ok
18:07:07.0609 0x0254 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{16017A12-E7FA-4AEB-9790-5CA116E625E4}.tmp
18:07:07.0609 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{16017A12-E7FA-4AEB-9790-5CA116E625E4}.tmp - ok
18:07:07.0625 0x0254 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{6A226406-ECFF-49A5-B721-7B16422BB5FF}.tmp
18:07:07.0625 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{6A226406-ECFF-49A5-B721-7B16422BB5FF}.tmp - ok
18:07:07.0640 0x0254 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{4147BF64-73EB-4B0E-875B-CAEC610A4699}.tmp
18:07:07.0640 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{4147BF64-73EB-4B0E-875B-CAEC610A4699}.tmp - ok
18:07:07.0656 0x0254 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{276DF96D-2711-42B3-B635-D545B7164083}.tmp
18:07:07.0656 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{276DF96D-2711-42B3-B635-D545B7164083}.tmp - ok
18:07:07.0656 0x0254 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{325A1A28-42DD-4FCC-9E2D-D904EA7A663F}.tmp
18:07:07.0656 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{325A1A28-42DD-4FCC-9E2D-D904EA7A663F}.tmp - ok
18:07:07.0671 0x0254 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{684A4742-F296-4610-B89A-065D36414DCF}.tmp
18:07:07.0671 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{684A4742-F296-4610-B89A-065D36414DCF}.tmp - ok
18:07:07.0687 0x0254 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{CA7F6B6E-D4E4-48B8-BCF8-E7748683783B}.tmp
18:07:07.0687 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{CA7F6B6E-D4E4-48B8-BCF8-E7748683783B}.tmp - ok
18:07:10.0250 0x0254 ============================================================
18:07:10.0250 0x0254 Scan finished
18:07:10.0250 0x0254 ============================================================
18:07:10.0265 0x0268 Detected object count: 2
18:07:10.0265 0x0268 Actual detected object count: 2
18:07:55.0609 0x0268 C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe - copied to quarantine
18:07:55.0609 0x0268 HKLM\SYSTEM\ControlSet001\services\etadpug - will be deleted on reboot
18:07:55.0609 0x0268 HKLM\SYSTEM\ControlSet002\services\etadpug - will be deleted on reboot
18:07:55.0625 0x0268 HKLM\SYSTEM\ControlSet003\services\etadpug - will be deleted on reboot
18:07:55.0640 0x0268 C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe - will be deleted on reboot
18:07:55.0640 0x0268 etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Delete
18:07:55.0640 0x0268 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:07:55.0640 0x0268 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
18:08:06.0937 0x0798 Deinitialize success
18:05:37.0500 0x07a0 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
18:05:38.0046 0x07a0 ============================================================
18:05:38.0046 0x07a0 Current date / time: 2013/09/30 18:05:38.0046
18:05:38.0046 0x07a0 SystemInfo:
18:05:38.0046 0x07a0
18:05:38.0046 0x07a0 OS Version: 5.1.2600 ServicePack: 3.0
18:05:38.0046 0x07a0 Product type: Workstation
18:05:38.0046 0x07a0 ComputerName: HOME
18:05:38.0046 0x07a0 UserName: Dan
18:05:38.0046 0x07a0 Windows directory: C:\WINDOWS
18:05:38.0046 0x07a0 System windows directory: C:\WINDOWS
18:05:38.0046 0x07a0 Processor architecture: Intel x86
18:05:38.0046 0x07a0 Number of processors: 4
18:05:38.0046 0x07a0 Page size: 0x1000
18:05:38.0046 0x07a0 Boot type: Safe boot with network
18:05:38.0046 0x07a0 ============================================================
18:05:38.0062 0x07a0 BG loaded
18:05:38.0203 0x07a0 System UUID: {DB817CD4-B020-F4E6-637C-35B22BA8EF59}
18:05:38.0625 0x07a0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:05:38.0625 0x07a0 ============================================================
18:05:38.0625 0x07a0 \Device\Harddisk0\DR0:
18:05:38.0625 0x07a0 MBR partitions:
18:05:38.0625 0x07a0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39CCEE0B
18:05:38.0625 0x07a0 ============================================================
18:05:38.0656 0x07a0 C: <-> \Device\Harddisk0\DR0\Partition1
18:05:38.0656 0x07a0 ============================================================
18:05:38.0656 0x07a0 Initialize success
18:05:38.0656 0x07a0 ============================================================
18:05:52.0671 0x0254 ============================================================
18:05:52.0671 0x0254 Scan started
18:05:52.0671 0x0254 Mode: Manual; SigCheck; TDLFS;
18:05:52.0671 0x0254 ============================================================
18:05:52.0671 0x0254 KSN ping started
18:05:55.0109 0x0254 KSN ping finished: true
18:05:55.0718 0x0254 ================ Scan system memory ========================
18:05:55.0718 0x0254 System memory - ok
18:05:55.0718 0x0254 ================ Scan services =============================
18:05:55.0812 0x0254 Abiosdsk - ok
18:05:55.0843 0x0254 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:05:55.0953 0x0254 abp480n5 - ok
18:05:56.0046 0x0254 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:05:56.0125 0x0254 ACPI - ok
18:05:56.0156 0x0254 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:05:56.0234 0x0254 ACPIEC - ok
18:05:56.0265 0x0254 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:05:56.0343 0x0254 adpu160m - ok
18:05:56.0390 0x0254 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:05:56.0468 0x0254 aec - ok
18:05:56.0500 0x0254 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:05:56.0515 0x0254 AFD - ok
18:05:56.0546 0x0254 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:05:56.0640 0x0254 agp440 - ok
18:05:56.0640 0x0254 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:05:56.0718 0x0254 agpCPQ - ok
18:05:56.0734 0x0254 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:05:56.0765 0x0254 Aha154x - ok
18:05:56.0781 0x0254 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:05:56.0859 0x0254 aic78u2 - ok
18:05:56.0859 0x0254 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:05:56.0953 0x0254 aic78xx - ok
18:05:57.0000 0x0254 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:05:57.0062 0x0254 Alerter - ok
18:05:57.0078 0x0254 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
18:05:57.0156 0x0254 ALG - ok
18:05:57.0187 0x0254 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:05:57.0265 0x0254 AliIde - ok
18:05:57.0296 0x0254 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:05:57.0375 0x0254 alim1541 - ok
18:05:57.0406 0x0254 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:05:57.0484 0x0254 amdagp - ok
18:05:57.0500 0x0254 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:05:57.0531 0x0254 amsint - ok
18:05:57.0578 0x0254 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:05:57.0640 0x0254 AppMgmt - ok
18:05:57.0671 0x0254 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:05:57.0734 0x0254 asc - ok
18:05:57.0765 0x0254 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:05:57.0796 0x0254 asc3350p - ok
18:05:57.0828 0x0254 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:05:57.0921 0x0254 asc3550 - ok
18:05:57.0984 0x0254 [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
18:05:58.0000 0x0254 aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
18:06:00.0578 0x0254 Detect skipped due to KSN trusted
18:06:00.0578 0x0254 aspnet_state - ok
18:06:00.0609 0x0254 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:06:00.0687 0x0254 AsyncMac - ok
18:06:00.0734 0x0254 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:06:00.0796 0x0254 atapi - ok
18:06:00.0812 0x0254 Atdisk - ok
18:06:00.0843 0x0254 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:06:00.0921 0x0254 Atmarpc - ok
18:06:00.0953 0x0254 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:06:01.0031 0x0254 AudioSrv - ok
18:06:01.0078 0x0254 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:06:01.0156 0x0254 audstub - ok
18:06:01.0218 0x0254 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
18:06:01.0281 0x0254 BCM43XX - ok
18:06:01.0328 0x0254 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:06:01.0406 0x0254 Beep - ok
18:06:01.0437 0x0254 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
18:06:01.0453 0x0254 Browser - ok
18:06:01.0484 0x0254 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:06:01.0546 0x0254 cbidf - ok
18:06:01.0562 0x0254 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:06:01.0640 0x0254 cbidf2k - ok
18:06:01.0656 0x0254 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:06:01.0687 0x0254 cd20xrnt - ok
18:06:01.0718 0x0254 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:06:01.0781 0x0254 Cdaudio - ok
18:06:01.0812 0x0254 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:06:01.0890 0x0254 Cdfs - ok
18:06:01.0921 0x0254 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:06:02.0000 0x0254 Cdrom - ok
18:06:02.0000 0x0254 Changer - ok
18:06:02.0046 0x0254 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:06:02.0109 0x0254 CiSvc - ok
18:06:02.0125 0x0254 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:06:02.0187 0x0254 ClipSrv - ok
18:06:02.0218 0x0254 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:06:02.0296 0x0254 CmdIde - ok
18:06:02.0312 0x0254 COMSysApp - ok
18:06:02.0359 0x0254 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:06:02.0437 0x0254 Cpqarray - ok
18:06:02.0484 0x0254 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:06:02.0562 0x0254 CryptSvc - ok
18:06:02.0593 0x0254 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:06:02.0656 0x0254 dac2w2k - ok
18:06:02.0687 0x0254 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:06:02.0765 0x0254 dac960nt - ok
18:06:02.0812 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:06:02.0843 0x0254 DcomLaunch - ok
18:06:02.0875 0x0254 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:06:02.0984 0x0254 Dhcp - ok
18:06:03.0000 0x0254 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:06:03.0062 0x0254 Disk - ok
18:06:03.0078 0x0254 dmadmin - ok
18:06:03.0140 0x0254 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:06:03.0234 0x0254 dmboot - ok
18:06:03.0250 0x0254 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:06:03.0328 0x0254 dmio - ok
18:06:03.0359 0x0254 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:06:03.0421 0x0254 dmload - ok
18:06:03.0468 0x0254 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
18:06:03.0531 0x0254 dmserver - ok
18:06:03.0546 0x0254 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:06:03.0609 0x0254 DMusic - ok
18:06:03.0656 0x0254 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:06:03.0687 0x0254 Dnscache - ok
18:06:03.0718 0x0254 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:06:03.0781 0x0254 Dot3svc - ok
18:06:03.0796 0x0254 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:06:03.0875 0x0254 dpti2o - ok
18:06:03.0906 0x0254 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:06:03.0968 0x0254 drmkaud - ok
18:06:04.0000 0x0254 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:06:04.0093 0x0254 E100B - ok
18:06:04.0125 0x0254 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
18:06:04.0140 0x0254 e1express - ok
18:06:04.0187 0x0254 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:06:04.0265 0x0254 EapHost - ok
18:06:04.0312 0x0254 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:06:04.0375 0x0254 ERSvc - ok
18:06:04.0421 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
18:06:04.0437 0x0254 Eventlog - ok
18:06:04.0484 0x0254 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
18:06:04.0500 0x0254 EventSystem - ok
18:06:04.0531 0x0254 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:06:04.0593 0x0254 Fastfat - ok
18:06:04.0640 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:06:04.0656 0x0254 FastUserSwitchingCompatibility - ok
18:06:04.0687 0x0254 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:06:04.0750 0x0254 Fdc - ok
18:06:04.0781 0x0254 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:06:04.0843 0x0254 Fips - ok
18:06:04.0859 0x0254 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:06:04.0937 0x0254 Flpydisk - ok
18:06:04.0968 0x0254 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:06:05.0046 0x0254 FltMgr - ok
18:06:05.0078 0x0254 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:06:05.0140 0x0254 Fs_Rec - ok
18:06:05.0171 0x0254 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:06:05.0265 0x0254 Ftdisk - ok
18:06:05.0296 0x0254 [ 035EAF9A18B84F9560984BCF41F52E99, D449A010FF46D43333799B4F282F779ACEC7671D326BA7B8234AF5D9DE48A07A ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys
18:06:05.0312 0x0254 gfiark - detected UnsignedFile.Multi.Generic ( 1 )
18:06:07.0843 0x0254 Detect skipped due to KSN trusted
18:06:07.0843 0x0254 gfiark - ok
18:06:07.0875 0x0254 [ 4594A3BB131B027E8D6590B9035B7DAC, EBCEDE824D98A6D6E805CA0F8360640AB44BF1E18D225868AFE9954BB083D5B8 ] gfiutil C:\WINDOWS\system32\drivers\gfiutil.sys
18:06:07.0875 0x0254 gfiutil - detected UnsignedFile.Multi.Generic ( 1 )
18:06:10.0406 0x0254 Detect skipped due to KSN trusted
18:06:10.0406 0x0254 gfiutil - ok
18:06:10.0531 0x0254 [ AD826942E10F8D18C29E365CE426A21B, 54AA8C21AAA495B4E6D15651A50F3FB4E585834875DF230EB551BC1BD0BE3484 ] gfi_lanss10_attservice C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
18:06:10.0546 0x0254 gfi_lanss10_attservice - ok
18:06:10.0609 0x0254 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
18:06:10.0625 0x0254 GoToAssist - ok
18:06:10.0656 0x0254 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:06:10.0718 0x0254 Gpc - ok
18:06:10.0765 0x0254 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:06:10.0781 0x0254 gupdate - ok
18:06:10.0796 0x0254 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:06:10.0796 0x0254 gupdatem - ok
18:06:10.0843 0x0254 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:06:10.0921 0x0254 HDAudBus - ok
18:06:10.0984 0x0254 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:06:11.0062 0x0254 helpsvc - ok
18:06:11.0062 0x0254 HidServ - ok
18:06:11.0093 0x0254 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:06:11.0156 0x0254 HidUsb - ok
18:06:11.0187 0x0254 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:06:11.0265 0x0254 hkmsvc - ok
18:06:11.0281 0x0254 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:06:11.0359 0x0254 hpn - ok
18:06:11.0390 0x0254 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:06:11.0421 0x0254 HTTP - ok
18:06:11.0453 0x0254 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:06:11.0531 0x0254 HTTPFilter - ok
18:06:11.0578 0x0254 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:06:11.0640 0x0254 i2omgmt - ok
18:06:11.0671 0x0254 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:06:11.0750 0x0254 i2omp - ok
18:06:11.0765 0x0254 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:06:11.0843 0x0254 i8042prt - ok
18:06:12.0062 0x0254 [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:06:12.0281 0x0254 ialm - ok
18:06:12.0312 0x0254 [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:06:12.0328 0x0254 iaStor - ok
18:06:12.0359 0x0254 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:06:12.0437 0x0254 Imapi - ok
18:06:12.0468 0x0254 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
18:06:12.0562 0x0254 ImapiService - ok
18:06:12.0593 0x0254 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:06:12.0687 0x0254 ini910u - ok
18:06:12.0859 0x0254 [ 17BBBABB21F86B650B2626045A9D016C, 01C1F7711B037844CF325C60A2ABEFBB84DD00B3F048E08D7D056E506334624B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:06:13.0015 0x0254 IntcAzAudAddService - ok
18:06:13.0046 0x0254 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:06:13.0125 0x0254 IntelIde - ok
18:06:13.0140 0x0254 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:06:13.0203 0x0254 intelppm - ok
18:06:13.0250 0x0254 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:06:13.0312 0x0254 Ip6Fw - ok
18:06:13.0359 0x0254 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:06:13.0437 0x0254 IpFilterDriver - ok
18:06:13.0484 0x0254 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:06:13.0546 0x0254 IpInIp - ok
18:06:13.0578 0x0254 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:06:13.0656 0x0254 IpNat - ok
18:06:13.0687 0x0254 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:06:13.0765 0x0254 IPSec - ok
18:06:13.0781 0x0254 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:06:13.0843 0x0254 IRENUM - ok
18:06:13.0875 0x0254 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:06:13.0953 0x0254 isapnp - ok
18:06:14.0062 0x0254 [ 32192B4EBE8720ED8D49A455C962CB91, 00EEFA0E6FCF329DE0A9D98F1231A9F23D059A4CF41460F7728C3DD0CD1746C4 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
18:06:14.0078 0x0254 JavaQuickStarterService - ok
18:06:14.0093 0x0254 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:06:14.0156 0x0254 Kbdclass - ok
18:06:14.0187 0x0254 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:06:14.0250 0x0254 kbdhid - ok
18:06:14.0312 0x0254 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:06:14.0375 0x0254 kmixer - ok
18:06:14.0406 0x0254 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:06:14.0406 0x0254 KSecDD - ok
18:06:14.0453 0x0254 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:06:14.0468 0x0254 lanmanserver - ok
18:06:14.0515 0x0254 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:06:14.0531 0x0254 lanmanworkstation - ok
18:06:14.0562 0x0254 [ BE2DC24D403643A2D1D98F33C7087B38, 0E72CAABFD41A30E6BD8E8EC7C75CAC6F96C4C32D578B58913686F1326116678 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
18:06:14.0578 0x0254 LBeepKE - ok
18:06:14.0578 0x0254 lbrtfdc - ok
18:06:14.0687 0x0254 [ 910344E2A984010435AE84783B25E5EB, 0A547AA691EE89383A8DDF5191943C9AB4021BFD55B51504E81308C52EBE5130 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:06:14.0703 0x0254 LBTServ - ok
18:06:14.0750 0x0254 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
18:06:14.0765 0x0254 LHidFilt - ok
18:06:14.0812 0x0254 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:06:14.0875 0x0254 LmHosts - ok
18:06:14.0890 0x0254 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
18:06:14.0906 0x0254 LMouFilt - ok
18:06:14.0937 0x0254 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:06:15.0015 0x0254 Messenger - ok
18:06:15.0046 0x0254 [ 41FE2F288E05A6C8AB85DD56770FFBAD, 75AB2C2882DEDB85DFCB313C0F469723AD252CA8D0D4C73D5CA72D7DDCA1B0E7 ] mferkdk C:\WINDOWS\system32\drivers\mferkdk.sys
18:06:15.0046 0x0254 mferkdk - ok
18:06:15.0078 0x0254 [ 096B52EA918AA909BA5903D79E129005, A34B7E5DA4053B0C9A01EEAA1538B2950287DD56BC602D2E35365ABA6E7AA4DC ] mfesmfk C:\WINDOWS\system32\drivers\mfesmfk.sys
18:06:15.0078 0x0254 mfesmfk - ok
18:06:15.0109 0x0254 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:06:15.0187 0x0254 mnmdd - ok
18:06:15.0218 0x0254 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:06:15.0281 0x0254 mnmsrvc - ok
18:06:15.0312 0x0254 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:06:15.0390 0x0254 Modem - ok
18:06:15.0406 0x0254 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:06:15.0484 0x0254 Mouclass - ok
18:06:15.0515 0x0254 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:06:15.0578 0x0254 mouhid - ok
18:06:15.0593 0x0254 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:06:15.0671 0x0254 MountMgr - ok
18:06:15.0687 0x0254 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:06:15.0781 0x0254 mraid35x - ok
18:06:15.0781 0x0254 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:06:15.0859 0x0254 MRxDAV - ok
18:06:15.0906 0x0254 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:06:15.0921 0x0254 MRxSmb - ok
18:06:15.0968 0x0254 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:06:16.0046 0x0254 MSDTC - ok
18:06:16.0078 0x0254 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:06:16.0140 0x0254 Msfs - ok
18:06:16.0156 0x0254 MSIServer - ok
18:06:16.0187 0x0254 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:06:16.0250 0x0254 MSKSSRV - ok
18:06:16.0281 0x0254 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:06:16.0343 0x0254 MSPCLOCK - ok
18:06:16.0375 0x0254 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:06:16.0453 0x0254 MSPQM - ok
18:06:16.0484 0x0254 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:06:16.0546 0x0254 mssmbios - ok
18:06:16.0578 0x0254 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:06:16.0593 0x0254 Mup - ok
18:06:16.0640 0x0254 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:06:16.0734 0x0254 napagent - ok
18:06:16.0781 0x0254 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:06:16.0859 0x0254 NDIS - ok
18:06:16.0890 0x0254 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:06:16.0906 0x0254 NdisTapi - ok
18:06:16.0937 0x0254 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:06:17.0000 0x0254 Ndisuio - ok
18:06:17.0015 0x0254 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:06:17.0093 0x0254 NdisWan - ok
18:06:17.0140 0x0254 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:06:17.0140 0x0254 NDProxy - ok
18:06:17.0187 0x0254 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:06:17.0250 0x0254 NetBIOS - ok
18:06:17.0281 0x0254 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:06:17.0359 0x0254 NetBT - ok
18:06:17.0390 0x0254 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
18:06:17.0468 0x0254 NetDDE - ok
18:06:17.0484 0x0254 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:06:17.0562 0x0254 NetDDEdsdm - ok
18:06:17.0593 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:06:17.0656 0x0254 Netlogon - ok
18:06:17.0671 0x0254 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
18:06:17.0750 0x0254 Netman - ok
18:06:17.0765 0x0254 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
18:06:17.0781 0x0254 Nla - ok
18:06:17.0828 0x0254 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:06:17.0890 0x0254 Npfs - ok
18:06:17.0953 0x0254 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:06:18.0031 0x0254 Ntfs - ok
18:06:18.0046 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:06:18.0109 0x0254 NtLmSsp - ok
18:06:18.0156 0x0254 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:06:18.0250 0x0254 NtmsSvc - ok
18:06:18.0281 0x0254 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:06:18.0359 0x0254 Null - ok
18:06:18.0453 0x0254 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:06:18.0593 0x0254 nv - ok
18:06:18.0625 0x0254 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:06:18.0703 0x0254 NwlnkFlt - ok
18:06:18.0718 0x0254 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:06:18.0812 0x0254 NwlnkFwd - ok
18:06:18.0843 0x0254 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:06:18.0906 0x0254 Parport - ok
18:06:18.0921 0x0254 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:06:19.0000 0x0254 PartMgr - ok
18:06:19.0031 0x0254 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:06:19.0109 0x0254 ParVdm - ok
18:06:19.0125 0x0254 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:06:19.0187 0x0254 PCI - ok
18:06:19.0203 0x0254 PCIDump - ok
18:06:19.0218 0x0254 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:06:19.0281 0x0254 PCIIde - ok
18:06:19.0312 0x0254 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:06:19.0390 0x0254 Pcmcia - ok
18:06:19.0390 0x0254 PDCOMP - ok
18:06:19.0406 0x0254 PDFRAME - ok
18:06:19.0421 0x0254 PDRELI - ok
18:06:19.0437 0x0254 PDRFRAME - ok
18:06:19.0468 0x0254 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:06:19.0531 0x0254 perc2 - ok
18:06:19.0562 0x0254 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:06:19.0625 0x0254 perc2hib - ok
18:06:19.0671 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
18:06:19.0687 0x0254 PlugPlay - ok
18:06:19.0703 0x0254 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:06:19.0765 0x0254 PptpMiniport - ok
18:06:19.0781 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:06:19.0843 0x0254 ProtectedStorage - ok
18:06:19.0859 0x0254 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:06:19.0921 0x0254 PSched - ok
18:06:19.0953 0x0254 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:06:20.0031 0x0254 Ptilink - ok
18:06:20.0078 0x0254 [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:06:20.0078 0x0254 PxHelp20 - ok
18:06:20.0109 0x0254 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:06:20.0171 0x0254 ql1080 - ok
18:06:20.0187 0x0254 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:06:20.0250 0x0254 Ql10wnt - ok
18:06:20.0250 0x0254 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:06:20.0343 0x0254 ql12160 - ok
18:06:20.0359 0x0254 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:06:20.0437 0x0254 ql1240 - ok
18:06:20.0468 0x0254 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:06:20.0531 0x0254 ql1280 - ok
18:06:20.0546 0x0254 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:06:20.0609 0x0254 RasAcd - ok
18:06:20.0656 0x0254 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:06:20.0734 0x0254 RasAuto - ok
18:06:20.0750 0x0254 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:06:20.0828 0x0254 Rasl2tp - ok
18:06:20.0875 0x0254 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:06:20.0953 0x0254 RasMan - ok
18:06:20.0953 0x0254 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:06:21.0031 0x0254 RasPppoe - ok
18:06:21.0046 0x0254 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:06:21.0109 0x0254 Raspti - ok
18:06:21.0140 0x0254 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:06:21.0218 0x0254 Rdbss - ok
18:06:21.0234 0x0254 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:06:21.0296 0x0254 RDPCDD - ok
18:06:21.0343 0x0254 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:06:21.0406 0x0254 rdpdr - ok
18:06:21.0468 0x0254 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:06:21.0484 0x0254 RDPWD - ok
18:06:21.0531 0x0254 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:06:21.0609 0x0254 RDSessMgr - ok
18:06:21.0640 0x0254 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:06:21.0718 0x0254 redbook - ok
18:06:21.0750 0x0254 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:06:21.0828 0x0254 RemoteRegistry - ok
18:06:21.0843 0x0254 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:06:21.0921 0x0254 RpcLocator - ok
18:06:21.0953 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:06:21.0968 0x0254 RpcSs - ok
18:06:22.0015 0x0254 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:06:22.0078 0x0254 RSVP - ok
18:06:22.0109 0x0254 SABKUTIL - ok
18:06:22.0140 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
18:06:22.0203 0x0254 SamSs - ok
18:06:22.0359 0x0254 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
18:06:22.0515 0x0254 SBAMSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:06:25.0046 0x0254 Detect skipped due to KSN trusted
18:06:25.0046 0x0254 SBAMSvc - ok
18:06:25.0078 0x0254 [ 40AA51F794921683CA143EE27F2F4171, CCA16D40D33B1C5A9E8366031EA3BC2F55FFEA30960ED46C0D24A8CA947195DD ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
18:06:25.0078 0x0254 sbaphd - detected UnsignedFile.Multi.Generic ( 1 )
18:06:31.0062 0x0254 Detect skipped due to KSN trusted
18:06:31.0062 0x0254 sbaphd - ok
18:06:31.0093 0x0254 [ 701109A92E144182E262BCC8DD898DC5, 549B78444E178632C260DC1DF10CB6F831787440E34EA50E02CFEF7CACB08C39 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
18:06:31.0109 0x0254 sbapifs - detected UnsignedFile.Multi.Generic ( 1 )
18:06:33.0625 0x0254 Detect skipped due to KSN trusted
18:06:33.0625 0x0254 sbapifs - ok
18:06:33.0671 0x0254 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
18:06:33.0687 0x0254 SbFw - detected UnsignedFile.Multi.Generic ( 1 )
18:06:36.0218 0x0254 Detect skipped due to KSN trusted
18:06:36.0218 0x0254 SbFw - ok
18:06:36.0250 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
18:06:36.0265 0x0254 SBFWIMCL - ok
18:06:36.0281 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCLMP C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
18:06:36.0296 0x0254 SBFWIMCLMP - ok
18:06:36.0328 0x0254 [ 3DE92A1DFB2E7D8812B13DDF10131472, 3E2690B68A1844D6B2C1FA35285191397F4987FA8F6CD61B6B8455B529433061 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
18:06:36.0343 0x0254 sbhips - detected UnsignedFile.Multi.Generic ( 1 )
18:06:38.0875 0x0254 Detect skipped due to KSN trusted
18:06:38.0875 0x0254 sbhips - ok
18:06:38.0921 0x0254 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
18:06:38.0937 0x0254 SBPIMSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:06:41.0484 0x0254 Detect skipped due to KSN trusted
18:06:41.0484 0x0254 SBPIMSvc - ok
18:06:41.0484 0x0254 SBRE - ok
18:06:41.0531 0x0254 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
18:06:41.0546 0x0254 sbtis - detected UnsignedFile.Multi.Generic ( 1 )
18:06:44.0062 0x0254 Detect skipped due to KSN trusted
18:06:44.0062 0x0254 sbtis - ok
18:06:44.0093 0x0254 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:06:44.0171 0x0254 SCardSvr - ok
18:06:44.0218 0x0254 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:06:44.0281 0x0254 Schedule - ok
18:06:44.0328 0x0254 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:06:44.0406 0x0254 Secdrv - ok
18:06:44.0421 0x0254 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:06:44.0484 0x0254 seclogon - ok
18:06:44.0515 0x0254 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
18:06:44.0578 0x0254 SENS - ok
18:06:44.0609 0x0254 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:06:44.0687 0x0254 serenum - ok
18:06:44.0703 0x0254 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:06:44.0781 0x0254 Serial - ok
18:06:44.0796 0x0254 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:06:44.0875 0x0254 Sfloppy - ok
18:06:44.0906 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:06:44.0921 0x0254 ShellHWDetection - ok
18:06:44.0921 0x0254 Simbad - ok
18:06:44.0968 0x0254 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:06:45.0031 0x0254 sisagp - ok
18:06:45.0062 0x0254 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:06:45.0140 0x0254 SONYPVU1 - ok
18:06:45.0171 0x0254 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:06:45.0218 0x0254 Sparrow - ok
18:06:45.0250 0x0254 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:06:45.0328 0x0254 splitter - ok
18:06:45.0359 0x0254 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:06:45.0375 0x0254 Spooler - ok
18:06:45.0406 0x0254 sprtsvc_dellsupportcenter - ok
18:06:45.0437 0x0254 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:06:45.0500 0x0254 sr - ok
18:06:45.0546 0x0254 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
18:06:45.0609 0x0254 srservice - ok
18:06:45.0640 0x0254 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:06:45.0656 0x0254 Srv - ok
18:06:45.0687 0x0254 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:06:45.0765 0x0254 SSDPSRV - ok
18:06:45.0828 0x0254 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:06:45.0906 0x0254 stisvc - ok
18:06:45.0953 0x0254 [ 7489520E98A119B5A9A00857F4F87D16, 818E070C16A85DD641A865CF439FF862A0D05B1E18B2329C24E8983074E0354E ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:06:45.0968 0x0254 stllssvr - ok
18:06:46.0015 0x0254 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
18:06:46.0031 0x0254 SupportSoft RemoteAssist - ok
18:06:46.0062 0x0254 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:06:46.0140 0x0254 swenum - ok
18:06:46.0156 0x0254 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:06:46.0218 0x0254 swmidi - ok
18:06:46.0234 0x0254 SwPrv - ok
18:06:46.0265 0x0254 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:06:46.0328 0x0254 symc810 - ok
18:06:46.0343 0x0254 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:06:46.0421 0x0254 symc8xx - ok
18:06:46.0453 0x0254 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:06:46.0531 0x0254 sym_hi - ok
18:06:46.0546 0x0254 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:06:46.0625 0x0254 sym_u3 - ok
18:06:46.0671 0x0254 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:06:46.0734 0x0254 sysaudio - ok
18:06:46.0781 0x0254 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:06:46.0859 0x0254 SysmonLog - ok
18:06:46.0890 0x0254 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:06:46.0968 0x0254 TapiSrv - ok
18:06:47.0015 0x0254 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:06:47.0046 0x0254 Tcpip - ok
18:06:47.0062 0x0254 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:06:47.0140 0x0254 TDPIPE - ok
18:06:47.0171 0x0254 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:06:47.0234 0x0254 TDTCP - ok
18:06:47.0250 0x0254 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:06:47.0328 0x0254 TermDD - ok
18:06:47.0375 0x0254 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
18:06:47.0453 0x0254 TermService - ok
18:06:47.0468 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
18:06:47.0484 0x0254 Themes - ok
18:06:47.0515 0x0254 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:06:47.0609 0x0254 TlntSvr - ok
18:06:47.0625 0x0254 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:06:47.0703 0x0254 TosIde - ok
18:06:47.0734 0x0254 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:06:47.0812 0x0254 TrkWks - ok
18:06:47.0875 0x0254 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:06:47.0953 0x0254 Udfs - ok
18:06:47.0984 0x0254 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:06:48.0031 0x0254 ultra - ok
18:06:48.0078 0x0254 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:06:48.0156 0x0254 Update - ok
18:06:48.0203 0x0254 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
18:06:48.0281 0x0254 upnphost - ok
18:06:48.0296 0x0254 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
18:06:48.0375 0x0254 UPS - ok
18:06:48.0437 0x0254 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:06:48.0500 0x0254 usbccgp - ok
18:06:48.0515 0x0254 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:06:48.0593 0x0254 usbehci - ok
18:06:48.0625 0x0254 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:06:48.0687 0x0254 usbhub - ok
18:06:48.0718 0x0254 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:06:48.0796 0x0254 usbscan - ok
18:06:48.0812 0x0254 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:06:48.0890 0x0254 USBSTOR - ok
18:06:48.0906 0x0254 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:06:48.0968 0x0254 usbuhci - ok
18:06:49.0031 0x0254 [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] UtilityChest_49Service C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
18:06:49.0046 0x0254 UtilityChest_49Service - ok
18:06:49.0078 0x0254 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:06:49.0156 0x0254 VgaSave - ok
18:06:49.0203 0x0254 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:06:49.0265 0x0254 viaagp - ok
18:06:49.0281 0x0254 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:06:49.0359 0x0254 ViaIde - ok
18:06:49.0406 0x0254 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:06:49.0468 0x0254 VolSnap - ok
18:06:49.0500 0x0254 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
18:06:49.0578 0x0254 VSS - ok
18:06:49.0609 0x0254 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
18:06:49.0671 0x0254 w32time - ok
18:06:49.0703 0x0254 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:06:49.0781 0x0254 Wanarp - ok
18:06:49.0843 0x0254 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:06:49.0859 0x0254 Wdf01000 - ok
18:06:49.0859 0x0254 WDICA - ok
18:06:49.0906 0x0254 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:06:49.0984 0x0254 wdmaud - ok
18:06:50.0015 0x0254 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
18:06:50.0093 0x0254 WebClient - ok
18:06:50.0171 0x0254 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:06:50.0250 0x0254 winmgmt - ok
18:06:50.0281 0x0254 wltrysvc - ok
18:06:50.0312 0x0254 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:06:50.0312 0x0254 WmdmPmSN - ok
18:06:50.0375 0x0254 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:06:50.0437 0x0254 Wmi - ok
18:06:50.0484 0x0254 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:06:50.0546 0x0254 WmiApSrv - ok
18:06:50.0640 0x0254 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:06:50.0703 0x0254 WMPNetworkSvc - ok
18:06:50.0734 0x0254 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:06:50.0750 0x0254 WpdUsb - ok
18:06:50.0781 0x0254 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:06:50.0781 0x0254 WudfPf - ok
18:06:50.0828 0x0254 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:06:50.0843 0x0254 WudfRd - ok
18:06:50.0875 0x0254 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:06:50.0875 0x0254 WudfSvc - ok
18:06:50.0921 0x0254 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:06:51.0015 0x0254 WZCSVC - ok
18:06:51.0062 0x0254 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:06:51.0125 0x0254 xmlprov - ok
18:06:51.0187 0x0254 [ 4071B83E29445A3A9F812F8846A6AB1D, 9F865A37F9BBB7A33DF50189170155C17905C5AE68AD7CD2A6B8C71139B6524A ] etadpug C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe
18:06:51.0187 0x0254 etadpug - detected Rootkit.Win32.PMax.gen ( 0 )
18:06:53.0843 0x0254 etadpug ( Rootkit.Win32.PMax.gen ) - infected
18:06:53.0843 0x0254 Force sending object to P2P due to detect: C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe
18:06:56.0640 0x0254 Object send P2P result: true
18:06:59.0343 0x0254 ================ Scan global ===============================
18:06:59.0359 0x0254 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:06:59.0390 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:06:59.0406 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:06:59.0421 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:06:59.0437 0x0254 [ Global ] - ok
18:06:59.0437 0x0254 ================ Scan MBR ==================================
18:06:59.0453 0x0254 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
18:06:59.0640 0x0254 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:06:59.0640 0x0254 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:07:02.0171 0x0254 ================ Scan VBR ==================================
18:07:02.0171 0x0254 [ 12CE34B8E9AE5B4A01F54B49AA6C4FEA ] \Device\Harddisk0\DR0\Partition1
18:07:02.0171 0x0254 \Device\Harddisk0\DR0\Partition1 - ok
18:07:02.0187 0x0254 ================ Scan active images ========================
18:07:02.0187 0x0254 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] C:\WINDOWS\system32\drivers\e1e5132.sys
18:07:02.0187 0x0254 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
18:07:02.0203 0x0254 [ 791912E524CC2CC6F50B5F2B52D1EB71, 2B269372E5B39B03089F781CC69AE519D1C840A80ADBE15EA3787FBCDE97F1A8 ] C:\WINDOWS\system32\drivers\usbport.sys
18:07:02.0203 0x0254 C:\WINDOWS\system32\drivers\usbport.sys - ok
18:07:02.0218 0x0254 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] C:\WINDOWS\system32\drivers\usbehci.sys
18:07:02.0218 0x0254 C:\WINDOWS\system32\drivers\usbehci.sys - ok
18:07:02.0234 0x0254 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
18:07:02.0234 0x0254 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
18:07:02.0250 0x0254 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
18:07:02.0250 0x0254 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
18:07:02.0265 0x0254 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
18:07:02.0265 0x0254 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
18:07:02.0281 0x0254 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
18:07:02.0281 0x0254 C:\WINDOWS\system32\drivers\fdc.sys - ok
18:07:02.0296 0x0254 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
18:07:02.0296 0x0254 C:\WINDOWS\system32\drivers\cdrom.sys - ok
18:07:02.0312 0x0254 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
18:07:02.0312 0x0254 C:\WINDOWS\system32\drivers\imapi.sys - ok
18:07:02.0312 0x0254 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
18:07:02.0312 0x0254 C:\WINDOWS\system32\drivers\ks.sys - ok
18:07:02.0328 0x0254 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
18:07:02.0328 0x0254 C:\WINDOWS\system32\drivers\redbook.sys - ok
18:07:02.0343 0x0254 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
18:07:02.0343 0x0254 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
18:07:02.0359 0x0254 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
18:07:02.0359 0x0254 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
18:07:02.0375 0x0254 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
18:07:02.0375 0x0254 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
18:07:02.0390 0x0254 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
18:07:02.0390 0x0254 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
18:07:02.0406 0x0254 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
18:07:02.0406 0x0254 C:\WINDOWS\system32\drivers\psched.sys - ok
18:07:02.0421 0x0254 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
18:07:02.0421 0x0254 C:\WINDOWS\system32\drivers\raspptp.sys - ok
18:07:02.0421 0x0254 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
18:07:02.0421 0x0254 C:\WINDOWS\system32\drivers\tdi.sys - ok
18:07:02.0437 0x0254 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
18:07:02.0437 0x0254 C:\WINDOWS\system32\drivers\msgpc.sys - ok
18:07:02.0453 0x0254 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
18:07:02.0453 0x0254 C:\WINDOWS\system32\drivers\ptilink.sys - ok
18:07:02.0468 0x0254 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
18:07:02.0468 0x0254 C:\WINDOWS\system32\drivers\raspti.sys - ok
18:07:02.0484 0x0254 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
18:07:02.0484 0x0254 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
18:07:02.0500 0x0254 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
18:07:02.0500 0x0254 C:\WINDOWS\system32\drivers\termdd.sys - ok
18:07:02.0515 0x0254 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
18:07:02.0515 0x0254 C:\WINDOWS\system32\drivers\mouclass.sys - ok
18:07:02.0531 0x0254 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] C:\WINDOWS\system32\drivers\SbFwIm.sys
18:07:02.0531 0x0254 C:\WINDOWS\system32\drivers\SbFwIm.sys - ok
18:07:02.0546 0x0254 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
18:07:02.0546 0x0254 C:\WINDOWS\system32\drivers\swenum.sys - ok
18:07:02.0562 0x0254 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
18:07:02.0562 0x0254 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
18:07:02.0578 0x0254 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
18:07:02.0578 0x0254 C:\WINDOWS\system32\drivers\update.sys - ok
18:07:02.0593 0x0254 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
18:07:02.0593 0x0254 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
18:07:02.0609 0x0254 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
18:07:02.0609 0x0254 C:\WINDOWS\system32\drivers\usbd.sys - ok
18:07:02.0625 0x0254 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
18:07:02.0625 0x0254 C:\WINDOWS\system32\drivers\usbhub.sys - ok
18:07:02.0640 0x0254 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
18:07:02.0640 0x0254 C:\WINDOWS\system32\drivers\beep.sys - ok
18:07:02.0656 0x0254 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
18:07:02.0656 0x0254 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
18:07:02.0656 0x0254 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
18:07:02.0656 0x0254 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
18:07:02.0671 0x0254 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys
18:07:02.0671 0x0254 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
18:07:02.0687 0x0254 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
18:07:02.0687 0x0254 C:\WINDOWS\system32\drivers\null.sys - ok
18:07:02.0703 0x0254 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
18:07:02.0703 0x0254 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
18:07:02.0718 0x0254 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
18:07:02.0718 0x0254 C:\WINDOWS\system32\drivers\videoprt.sys - ok
18:07:02.0734 0x0254 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
18:07:02.0734 0x0254 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
18:07:02.0750 0x0254 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
18:07:02.0750 0x0254 C:\WINDOWS\system32\drivers\vga.sys - ok
18:07:02.0765 0x0254 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
18:07:02.0765 0x0254 C:\WINDOWS\system32\drivers\ipsec.sys - ok
18:07:02.0765 0x0254 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
18:07:02.0765 0x0254 C:\WINDOWS\system32\drivers\msfs.sys - ok
18:07:02.0781 0x0254 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
18:07:02.0781 0x0254 C:\WINDOWS\system32\drivers\npfs.sys - ok
18:07:02.0796 0x0254 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
18:07:02.0796 0x0254 C:\WINDOWS\system32\drivers\rasacd.sys - ok
18:07:02.0812 0x0254 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
18:07:02.0812 0x0254 C:\WINDOWS\system32\drivers\tcpip.sys - ok
18:07:02.0828 0x0254 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] C:\WINDOWS\system32\drivers\SbFw.sys
18:07:02.0828 0x0254 C:\WINDOWS\system32\drivers\SbFw.sys - ok
18:07:02.0843 0x0254 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] C:\WINDOWS\system32\drivers\sbtis.sys
18:07:02.0843 0x0254 C:\WINDOWS\system32\drivers\sbtis.sys - ok
18:07:02.0859 0x0254 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
18:07:02.0859 0x0254 C:\WINDOWS\system32\drivers\netbt.sys - ok
18:07:02.0875 0x0254 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
18:07:02.0875 0x0254 C:\WINDOWS\system32\drivers\afd.sys - ok
18:07:02.0890 0x0254 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
18:07:02.0890 0x0254 C:\WINDOWS\system32\drivers\netbios.sys - ok
18:07:02.0906 0x0254 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
18:07:02.0906 0x0254 C:\WINDOWS\system32\drivers\rdbss.sys - ok
18:07:02.0906 0x0254 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
18:07:02.0906 0x0254 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
18:07:02.0921 0x0254 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
18:07:02.0921 0x0254 C:\WINDOWS\system32\ntdll.dll - ok
18:07:02.0937 0x0254 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
18:07:02.0937 0x0254 C:\WINDOWS\system32\smss.exe - ok
18:07:02.0953 0x0254 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
18:07:02.0953 0x0254 C:\WINDOWS\system32\autochk.exe - ok
18:07:02.0968 0x0254 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
18:07:02.0968 0x0254 C:\WINDOWS\system32\sfcfiles.dll - ok
18:07:02.0984 0x0254 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
18:07:02.0984 0x0254 C:\WINDOWS\system32\drivers\hidclass.sys - ok
18:07:03.0000 0x0254 [ 96ECCF28FDBF1B2CC12725818A63628D, 0F25069EE8A44B6F4B18F82F384D404CC1776A2AFC5032D9ED19CE36FF2A61DC ] C:\WINDOWS\system32\drivers\hidparse.sys
18:07:03.0000 0x0254 C:\WINDOWS\system32\drivers\hidparse.sys - ok
18:07:03.0015 0x0254 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
18:07:03.0015 0x0254 C:\WINDOWS\system32\drivers\hidusb.sys - ok
18:07:03.0031 0x0254 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
18:07:03.0031 0x0254 C:\WINDOWS\system32\drivers\mouhid.sys - ok
18:07:03.0046 0x0254 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
18:07:03.0046 0x0254 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
18:07:03.0062 0x0254 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
18:07:03.0062 0x0254 C:\WINDOWS\system32\drivers\cdfs.sys - ok
18:07:03.0078 0x0254 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] C:\WINDOWS\system32\drivers\usbccgp.sys
18:07:03.0078 0x0254 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
18:07:03.0093 0x0254 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
18:07:03.0093 0x0254 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
18:07:03.0109 0x0254 [ 399C974DDA25FD3E59F22BAB787F662B, D2D9B91438D5CC4915D1E24AE2727C9210153F48CC09339351744E465FD491FD ] C:\WINDOWS\system32\drivers\wdfldr.sys
18:07:03.0109 0x0254 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
18:07:03.0109 0x0254 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
18:07:03.0109 0x0254 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
18:07:03.0125 0x0254 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
18:07:03.0125 0x0254 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
18:07:03.0140 0x0254 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
18:07:03.0140 0x0254 C:\WINDOWS\system32\drivers\atapi.sys - ok
18:07:03.0156 0x0254 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
18:07:03.0156 0x0254 C:\WINDOWS\system32\drivers\wmilib.sys - ok
18:07:03.0171 0x0254 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
18:07:03.0171 0x0254 C:\WINDOWS\system32\drivers\dxapi.sys - ok
18:07:03.0187 0x0254 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
18:07:03.0187 0x0254 C:\WINDOWS\system32\watchdog.sys - ok
18:07:03.0203 0x0254 [ 63FA0F8D9CC1F24DC5D93FA8806228CD, 0C9C02393F159571BE58B1517D4809AB5F263BB8A04828463EEB50E8A949C421 ] C:\WINDOWS\system32\win32k.sys
18:07:03.0203 0x0254 C:\WINDOWS\system32\win32k.sys - ok
18:07:03.0218 0x0254 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
18:07:03.0218 0x0254 C:\WINDOWS\system32\csrss.exe - ok
18:07:03.0218 0x0254 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:07:03.0218 0x0254 C:\WINDOWS\system32\basesrv.dll - ok
18:07:03.0234 0x0254 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
18:07:03.0234 0x0254 C:\WINDOWS\system32\csrsrv.dll - ok
18:07:03.0250 0x0254 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:07:03.0250 0x0254 C:\WINDOWS\system32\winsrv.dll - ok
18:07:03.0265 0x0254 [ 8B1F3320AEBB536E021A5014409862DE, AF87414100C16882B5CB6852C94205EC646A42B2616C5EC8AD5010611427FAF1 ] C:\WINDOWS\system32\gdi32.dll
18:07:03.0265 0x0254 C:\WINDOWS\system32\gdi32.dll - ok
18:07:03.0281 0x0254 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
18:07:03.0281 0x0254 C:\WINDOWS\system32\kernel32.dll - ok
18:07:03.0296 0x0254 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
18:07:03.0296 0x0254 C:\WINDOWS\system32\user32.dll - ok
18:07:03.0312 0x0254 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
18:07:03.0312 0x0254 C:\WINDOWS\system32\drivers\dxg.sys - ok
18:07:03.0328 0x0254 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
18:07:03.0328 0x0254 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
18:07:03.0343 0x0254 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
18:07:03.0343 0x0254 C:\WINDOWS\system32\vga.dll - ok
18:07:03.0359 0x0254 [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
18:07:03.0359 0x0254 C:\WINDOWS\system32\framebuf.dll - ok
18:07:03.0375 0x0254 [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
18:07:03.0375 0x0254 C:\WINDOWS\system32\vga256.dll - ok
18:07:03.0390 0x0254 [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
18:07:03.0390 0x0254 C:\WINDOWS\system32\vga64k.dll - ok
18:07:03.0406 0x0254 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
18:07:03.0406 0x0254 C:\WINDOWS\system32\winlogon.exe - ok
18:07:03.0406 0x0254 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
18:07:03.0406 0x0254 C:\WINDOWS\system32\advapi32.dll - ok
18:07:03.0421 0x0254 [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
18:07:03.0421 0x0254 C:\WINDOWS\system32\rpcrt4.dll - ok
18:07:03.0437 0x0254 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
18:07:03.0437 0x0254 C:\WINDOWS\system32\secur32.dll - ok
18:07:03.0453 0x0254 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
18:07:03.0453 0x0254 C:\WINDOWS\system32\authz.dll - ok
18:07:03.0468 0x0254 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
18:07:03.0468 0x0254 C:\WINDOWS\system32\msvcrt.dll - ok
18:07:03.0484 0x0254 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1, EA90CA8DC82F2273B4CD8F8C3B7C5AB9856AE0E8B5AC0CA2604776CDC9FE40B2 ] C:\WINDOWS\system32\crypt32.dll
18:07:03.0484 0x0254 C:\WINDOWS\system32\crypt32.dll - ok
18:07:03.0500 0x0254 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
18:07:03.0500 0x0254 C:\WINDOWS\system32\msasn1.dll - ok
18:07:03.0515 0x0254 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
18:07:03.0515 0x0254 C:\WINDOWS\system32\nddeapi.dll - ok
18:07:03.0531 0x0254 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
18:07:03.0531 0x0254 C:\WINDOWS\system32\profmap.dll - ok
18:07:03.0546 0x0254 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
18:07:03.0546 0x0254 C:\WINDOWS\system32\netapi32.dll - ok
18:07:03.0546 0x0254 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
18:07:03.0546 0x0254 C:\WINDOWS\system32\userenv.dll - ok
18:07:03.0562 0x0254 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
18:07:03.0562 0x0254 C:\WINDOWS\system32\psapi.dll - ok
18:07:03.0578 0x0254 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
18:07:03.0578 0x0254 C:\WINDOWS\system32\regapi.dll - ok
18:07:03.0593 0x0254 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
18:07:03.0593 0x0254 C:\WINDOWS\system32\setupapi.dll - ok
18:07:03.0609 0x0254 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
18:07:03.0609 0x0254 C:\WINDOWS\system32\version.dll - ok
18:07:03.0625 0x0254 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
18:07:03.0625 0x0254 C:\WINDOWS\system32\winsta.dll - ok
18:07:03.0640 0x0254 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
18:07:03.0640 0x0254 C:\WINDOWS\system32\wintrust.dll - ok
18:07:03.0656 0x0254 [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
18:07:03.0656 0x0254 C:\WINDOWS\system32\imagehlp.dll - ok
18:07:03.0656 0x0254 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
18:07:03.0656 0x0254 C:\WINDOWS\system32\ws2_32.dll - ok
18:07:03.0671 0x0254 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
18:07:03.0671 0x0254 C:\WINDOWS\system32\ws2help.dll - ok
18:07:03.0687 0x0254 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
18:07:03.0687 0x0254 C:\WINDOWS\system32\imm32.dll - ok
18:07:03.0703 0x0254 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
18:07:03.0703 0x0254 C:\WINDOWS\system32\kbdus.dll - ok
18:07:03.0718 0x0254 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
18:07:03.0718 0x0254 C:\WINDOWS\system32\msgina.dll - ok
18:07:03.0734 0x0254 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
18:07:03.0734 0x0254 C:\WINDOWS\system32\comctl32.dll - ok
18:07:03.0750 0x0254 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
18:07:03.0750 0x0254 C:\WINDOWS\system32\odbc32.dll - ok
18:07:03.0765 0x0254 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
18:07:03.0765 0x0254 C:\WINDOWS\system32\comdlg32.dll - ok
18:07:03.0781 0x0254 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
18:07:03.0781 0x0254 C:\WINDOWS\system32\shell32.dll - ok
18:07:03.0796 0x0254 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
18:07:03.0796 0x0254 C:\WINDOWS\system32\shlwapi.dll - ok
18:07:03.0812 0x0254 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
18:07:03.0812 0x0254 C:\WINDOWS\system32\sxs.dll - ok
18:07:03.0828 0x0254 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
18:07:03.0828 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
18:07:03.0843 0x0254 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
18:07:03.0843 0x0254 C:\WINDOWS\system32\odbcint.dll - ok
18:07:03.0859 0x0254 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
18:07:03.0859 0x0254 C:\WINDOWS\system32\ole32.dll - ok
18:07:03.0875 0x0254 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
18:07:03.0875 0x0254 C:\WINDOWS\system32\sfc.dll - ok
18:07:03.0875 0x0254 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
18:07:03.0875 0x0254 C:\WINDOWS\system32\sfc_os.dll - ok
18:07:03.0890 0x0254 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
18:07:03.0890 0x0254 C:\WINDOWS\system32\shsvcs.dll - ok
18:07:03.0906 0x0254 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
18:07:03.0906 0x0254 C:\WINDOWS\system32\apphelp.dll - ok
18:07:03.0921 0x0254 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:07:03.0921 0x0254 C:\WINDOWS\system32\services.exe - ok
18:07:03.0937 0x0254 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
18:07:03.0937 0x0254 C:\WINDOWS\system32\lsass.exe - ok
18:07:03.0953 0x0254 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
18:07:03.0953 0x0254 C:\WINDOWS\system32\ncobjapi.dll - ok
18:07:03.0968 0x0254 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
18:07:03.0968 0x0254 C:\WINDOWS\system32\lsasrv.dll - ok
18:07:03.0984 0x0254 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
18:07:03.0984 0x0254 C:\WINDOWS\system32\msvcp60.dll - ok
18:07:04.0000 0x0254 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
18:07:04.0000 0x0254 C:\WINDOWS\system32\scesrv.dll - ok
18:07:04.0000 0x0254 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
18:07:04.0000 0x0254 C:\WINDOWS\system32\mpr.dll - ok
18:07:04.0015 0x0254 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
18:07:04.0015 0x0254 C:\WINDOWS\system32\umpnpmgr.dll - ok
18:07:04.0031 0x0254 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
18:07:04.0031 0x0254 C:\WINDOWS\system32\shimeng.dll - ok
18:07:04.0046 0x0254 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
18:07:04.0046 0x0254 C:\WINDOWS\system32\ntdsapi.dll - ok
18:07:04.0062 0x0254 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
18:07:04.0062 0x0254 C:\WINDOWS\AppPatch\acadproc.dll - ok
18:07:04.0078 0x0254 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
18:07:04.0078 0x0254 C:\WINDOWS\system32\dnsapi.dll - ok
18:07:04.0093 0x0254 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
18:07:04.0093 0x0254 C:\WINDOWS\system32\wldap32.dll - ok
18:07:04.0109 0x0254 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
18:07:04.0109 0x0254 C:\WINDOWS\system32\samlib.dll - ok
18:07:04.0125 0x0254 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
18:07:04.0125 0x0254 C:\WINDOWS\system32\samsrv.dll - ok
18:07:04.0140 0x0254 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
18:07:04.0140 0x0254 C:\WINDOWS\AppPatch\acgenral.dll - ok
18:07:04.0156 0x0254 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
18:07:04.0156 0x0254 C:\WINDOWS\system32\cryptdll.dll - ok
18:07:04.0156 0x0254 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
18:07:04.0156 0x0254 C:\WINDOWS\system32\winmm.dll - ok
18:07:04.0171 0x0254 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
18:07:04.0171 0x0254 C:\WINDOWS\system32\oleaut32.dll - ok
18:07:04.0187 0x0254 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
18:07:04.0187 0x0254 C:\WINDOWS\system32\msacm32.dll - ok
18:07:04.0203 0x0254 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
18:07:04.0203 0x0254 C:\WINDOWS\system32\uxtheme.dll - ok
18:07:04.0218 0x0254 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
18:07:04.0218 0x0254 C:\WINDOWS\system32\msapsspc.dll - ok
18:07:04.0234 0x0254 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
18:07:04.0234 0x0254 C:\WINDOWS\system32\msvcrt40.dll - ok
18:07:04.0250 0x0254 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
18:07:04.0250 0x0254 C:\WINDOWS\system32\digest.dll - ok
18:07:04.0265 0x0254 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
18:07:04.0265 0x0254 C:\WINDOWS\system32\schannel.dll - ok
18:07:04.0281 0x0254 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
18:07:04.0281 0x0254 C:\WINDOWS\system32\msnsspc.dll - ok
18:07:04.0296 0x0254 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
18:07:04.0296 0x0254 C:\WINDOWS\system32\msctfime.ime - ok
18:07:04.0312 0x0254 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
18:07:04.0312 0x0254 C:\WINDOWS\system32\msprivs.dll - ok
18:07:04.0328 0x0254 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
18:07:04.0328 0x0254 C:\WINDOWS\system32\kerberos.dll - ok
18:07:04.0328 0x0254 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
18:07:04.0328 0x0254 C:\WINDOWS\system32\msv1_0.dll - ok
18:07:04.0343 0x0254 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
18:07:04.0343 0x0254 C:\WINDOWS\system32\iphlpapi.dll - ok
18:07:04.0359 0x0254 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
18:07:04.0359 0x0254 C:\WINDOWS\system32\netlogon.dll - ok
18:07:04.0375 0x0254 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
18:07:04.0375 0x0254 C:\WINDOWS\system32\w32time.dll - ok
18:07:04.0390 0x0254 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
18:07:04.0390 0x0254 C:\WINDOWS\system32\wdigest.dll - ok
18:07:04.0406 0x0254 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
18:07:04.0406 0x0254 C:\WINDOWS\system32\rsaenh.dll - ok
18:07:04.0421 0x0254 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
18:07:04.0421 0x0254 C:\WINDOWS\system32\winscard.dll - ok
18:07:04.0437 0x0254 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
18:07:04.0437 0x0254 C:\WINDOWS\system32\wtsapi32.dll - ok
18:07:04.0453 0x0254 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
18:07:04.0453 0x0254 C:\WINDOWS\system32\scecli.dll - ok
18:07:04.0453 0x0254 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
18:07:04.0453 0x0254 C:\WINDOWS\system32\svchost.exe - ok
18:07:04.0468 0x0254 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
18:07:04.0468 0x0254 C:\WINDOWS\system32\ntmarta.dll - ok
18:07:04.0484 0x0254 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
18:07:04.0484 0x0254 C:\WINDOWS\system32\rpcss.dll - ok
18:07:04.0500 0x0254 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
18:07:04.0500 0x0254 C:\WINDOWS\system32\xpsp2res.dll - ok
18:07:04.0515 0x0254 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
18:07:04.0515 0x0254 C:\WINDOWS\system32\eventlog.dll - ok
18:07:04.0531 0x0254 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
18:07:04.0531 0x0254 C:\WINDOWS\system32\mswsock.dll - ok
18:07:04.0546 0x0254 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
18:07:04.0546 0x0254 C:\WINDOWS\system32\hnetcfg.dll - ok
18:07:04.0562 0x0254 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
18:07:04.0562 0x0254 C:\WINDOWS\system32\winrnr.dll - ok
18:07:04.0578 0x0254 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
18:07:04.0578 0x0254 C:\WINDOWS\system32\wshtcpip.dll - ok
18:07:04.0593 0x0254 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
18:07:04.0593 0x0254 C:\WINDOWS\system32\rasadhlp.dll - ok
18:07:04.0609 0x0254 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
18:07:04.0609 0x0254 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
18:07:04.0625 0x0254 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
18:07:04.0625 0x0254 C:\WINDOWS\system32\dhcpcsvc.dll - ok
18:07:04.0640 0x0254 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
18:07:04.0640 0x0254 C:\WINDOWS\system32\dnsrslvr.dll - ok
18:07:04.0656 0x0254 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
18:07:04.0656 0x0254 C:\WINDOWS\system32\lmhsvc.dll - ok
18:07:04.0656 0x0254 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
18:07:04.0656 0x0254 C:\WINDOWS\system32\wzcsvc.dll - ok
18:07:04.0671 0x0254 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
18:07:04.0671 0x0254 C:\WINDOWS\system32\rtutils.dll - ok
18:07:04.0687 0x0254 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
18:07:04.0687 0x0254 C:\WINDOWS\system32\wmi.dll - ok
18:07:04.0703 0x0254 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
18:07:04.0703 0x0254 C:\WINDOWS\system32\eapolqec.dll - ok
18:07:04.0718 0x0254 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
18:07:04.0718 0x0254 C:\WINDOWS\system32\atl.dll - ok
18:07:04.0734 0x0254 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
18:07:04.0734 0x0254 C:\WINDOWS\system32\dot3api.dll - ok
18:07:04.0750 0x0254 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
18:07:04.0750 0x0254 C:\WINDOWS\system32\qutil.dll - ok
18:07:04.0765 0x0254 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
18:07:04.0765 0x0254 C:\WINDOWS\system32\esent.dll - ok
18:07:04.0781 0x0254 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
18:07:04.0781 0x0254 C:\WINDOWS\system32\logonui.exe - ok
18:07:04.0796 0x0254 [ 482E8F6FD557D5A0DF7363F72DF145FE, BCD5D1A9C715CCCFE93E21145EF8AC924BC5726F53D0BA86A938B01EF5B37C7D ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
18:07:04.0796 0x0254 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
18:07:04.0796 0x0254 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
18:07:04.0796 0x0254 C:\WINDOWS\system32\duser.dll - ok
18:07:04.0812 0x0254 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
18:07:04.0812 0x0254 C:\WINDOWS\system32\clbcatq.dll - ok
18:07:04.0828 0x0254 [ F1BD516A4446B737BAEFB9FBAA92F01A, D4FBFFA2AE1F77F9E40C7DD8F415C6BD7690BA6B747F0B22C4B866C68F76D1AF ] C:\WINDOWS\system32\wininet.dll
18:07:04.0828 0x0254 C:\WINDOWS\system32\wininet.dll - ok
18:07:04.0843 0x0254 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
18:07:04.0843 0x0254 C:\WINDOWS\system32\msimg32.dll - ok
18:07:04.0859 0x0254 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
18:07:04.0859 0x0254 C:\WINDOWS\system32\oleacc.dll - ok
18:07:04.0875 0x0254 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
18:07:04.0875 0x0254 C:\WINDOWS\system32\comres.dll - ok
18:07:04.0890 0x0254 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
18:07:04.0890 0x0254 C:\WINDOWS\system32\normaliz.dll - ok
18:07:04.0906 0x0254 [ 5288BC366FDABFA94D5C4577DAF85387, D51AD3B26E4F1256B91DBB270E5B713D1FE53FBDF97E1CF9179EB293AA9490F2 ] C:\WINDOWS\system32\urlmon.dll
18:07:04.0906 0x0254 C:\WINDOWS\system32\urlmon.dll - ok
18:07:04.0906 0x0254 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
18:07:04.0906 0x0254 C:\WINDOWS\system32\wkssvc.dll - ok
18:07:04.0921 0x0254 [ 6195004BF2586FAA3B22F3CAC9E5CC15, DF6611C7710FA1D1199B05D7FFF8A511B12278867EA4062BB2E21B3A553C96D8 ] C:\WINDOWS\system32\iertutil.dll
18:07:04.0921 0x0254 C:\WINDOWS\system32\iertutil.dll - ok
18:07:04.0937 0x0254 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
18:07:04.0937 0x0254 C:\WINDOWS\system32\shgina.dll - ok
18:07:04.0953 0x0254 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
18:07:04.0953 0x0254 C:\WINDOWS\system32\rastls.dll - ok
18:07:04.0968 0x0254 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
18:07:04.0968 0x0254 C:\WINDOWS\system32\cryptui.dll - ok
18:07:04.0984 0x0254 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
18:07:04.0984 0x0254 C:\WINDOWS\system32\mprapi.dll - ok
18:07:05.0000 0x0254 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
18:07:05.0000 0x0254 C:\WINDOWS\system32\activeds.dll - ok
18:07:05.0015 0x0254 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
18:07:05.0015 0x0254 C:\WINDOWS\system32\adsldpc.dll - ok
18:07:05.0031 0x0254 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
18:07:05.0031 0x0254 C:\WINDOWS\system32\rasapi32.dll - ok
18:07:05.0046 0x0254 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
18:07:05.0046 0x0254 C:\WINDOWS\system32\rasman.dll - ok
18:07:05.0062 0x0254 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
18:07:05.0062 0x0254 C:\WINDOWS\system32\tapi32.dll - ok
18:07:05.0078 0x0254 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
18:07:05.0078 0x0254 C:\WINDOWS\system32\riched20.dll - ok
18:07:05.0093 0x0254 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
18:07:05.0093 0x0254 C:\WINDOWS\system32\raschap.dll - ok
18:07:05.0109 0x0254 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
18:07:05.0109 0x0254 C:\WINDOWS\system32\cscdll.dll - ok
18:07:05.0125 0x0254 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
18:07:05.0125 0x0254 C:\WINDOWS\system32\dimsntfy.dll - ok
18:07:05.0125 0x0254 [ 02A450FB1B4131B63F0782B3B626BF3D, 1DDCD4A0DA234D8919C8EA9180BF943FEAFBE59E546598E60E9963C3FA970AD3 ] C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
18:07:05.0125 0x0254 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll - ok
18:07:05.0140 0x0254 [ E530E95DBFE0EA51159D1F7C81DB6B98, D13948DB19752995A7B684396047DABAFF64F239462C25E27A1765124A522DF3 ] C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
18:07:05.0140 0x0254 C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll - ok
18:07:05.0156 0x0254 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
18:07:05.0156 0x0254 C:\WINDOWS\system32\wlnotify.dll - ok
18:07:05.0171 0x0254 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
18:07:05.0171 0x0254 C:\WINDOWS\system32\winspool.drv - ok
18:07:05.0187 0x0254 [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll
18:07:05.0187 0x0254 C:\WINDOWS\system32\WgaLogon.dll - ok
18:07:05.0203 0x0254 [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
18:07:05.0203 0x0254 C:\WINDOWS\system32\msxml3.dll - ok
18:07:05.0218 0x0254 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
18:07:05.0218 0x0254 C:\WINDOWS\system32\cryptsvc.dll - ok
18:07:05.0234 0x0254 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
18:07:05.0234 0x0254 C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe - ok
18:07:05.0234 0x0254 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
18:07:05.0234 0x0254 C:\WINDOWS\system32\certcli.dll - ok
18:07:05.0250 0x0254 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
18:07:05.0250 0x0254 C:\WINDOWS\system32\dmserver.dll - ok
18:07:05.0265 0x0254 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
18:07:05.0265 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
18:07:05.0281 0x0254 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
18:07:05.0281 0x0254 C:\WINDOWS\system32\srvsvc.dll - ok
18:07:05.0296 0x0254 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
18:07:05.0296 0x0254 C:\WINDOWS\system32\netmsg.dll - ok
18:07:05.0312 0x0254 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
18:07:05.0312 0x0254 C:\WINDOWS\system32\drivers\srv.sys - ok
18:07:05.0328 0x0254 [ 8C7B50B5725FF49B891CA25B16C0C3A9, A4CB6DE2629971325E91CE3F55E2409904C7967324ADF5845F1ABBF24675D16D ] C:\Program Files\GFI Software\VIPRE\SpursDownload.dll
18:07:05.0328 0x0254 C:\Program Files\GFI Software\VIPRE\SpursDownload.dll - ok
18:07:05.0343 0x0254 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
18:07:05.0343 0x0254 C:\WINDOWS\system32\winhttp.dll - ok
18:07:05.0359 0x0254 [ A2E10A48CA23A2A347273B6C16DD8A8B, 78FC684C26B327895F44D409817523B48B8359AF903CC272A1B5CB3B464E6FB2 ] C:\Program Files\GFI Software\VIPRE\SBTE.dll
18:07:05.0359 0x0254 C:\Program Files\GFI Software\VIPRE\SBTE.dll - ok
18:07:05.0375 0x0254 [ D2C26AF280C00EBD8D27E35C8FF71DF4, FFD4B8826ECA24B9C44FE8BACF1A6B3D3F1ED8D33580F70FC4F21218B11FD9BF ] C:\Program Files\GFI Software\VIPRE\sbap.dll
18:07:05.0375 0x0254 C:\Program Files\GFI Software\VIPRE\sbap.dll - ok
18:07:05.0390 0x0254 [ 56AE49FABF0397C0AC6B289C56DA7E36, 65E36D5D372BC9C4343A1DD321F22AB4790CE50AFAD6525C82DE7BE1EFFB5529 ] C:\Program Files\GFI Software\VIPRE\SBArva.dll
18:07:05.0390 0x0254 C:\Program Files\GFI Software\VIPRE\SBArva.dll - ok
18:07:05.0406 0x0254 [ 9CE7BD04EDF43A81685030FF09E7F4D7, 964470B01D1974851358D018C35DD7AB5A2B59DCB6E7961E4DC77C4EE8BCC4FF ] C:\Program Files\GFI Software\VIPRE\mimepp.dll
18:07:05.0406 0x0254 C:\Program Files\GFI Software\VIPRE\mimepp.dll - ok
18:07:05.0406 0x0254 [ A4DB5188924D7101F8A0159E3B82987A, 6F1747525409AADC04E063D9F8A5675DD99DCF52E9625518221592CFA35A8714 ] C:\Program Files\GFI Software\VIPRE\SbHips.dll
18:07:05.0406 0x0254 C:\Program Files\GFI Software\VIPRE\SbHips.dll - ok
18:07:05.0421 0x0254 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
18:07:05.0421 0x0254 C:\WINDOWS\system32\msi.dll - ok
18:07:05.0437 0x0254 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
18:07:05.0437 0x0254 C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe - ok
18:07:05.0453 0x0254 [ D985A5DD14104EDA5D57EC3FE5C7204E, 1E25361B88631F45A4372332CAC28339FA5683FECA5E3382059F66420DCAB622 ] C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll
18:07:05.0453 0x0254 C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll - ok
18:07:05.0468 0x0254 [ A5FE51B8CE661A935A165803C65A4BF1, 5A190418B2F5E7FC18AD27AC315B21DF185BBA8C0E33DC0B3CE60FE07EF34441 ] C:\Program Files\GFI Software\VIPRE\unrar.dll
18:07:05.0468 0x0254 C:\Program Files\GFI Software\VIPRE\unrar.dll - ok
18:07:05.0484 0x0254 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
18:07:05.0484 0x0254 C:\WINDOWS\system32\srsvc.dll - ok
18:07:05.0500 0x0254 [ 22F0A21055416B77724CDF7D3D184266, 2B91A278043D38D2BA6BA1A3D61A0DE912589AD5693640AD6D55CEBAAE35F94E ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll
18:07:05.0500 0x0254 C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll - ok
18:07:05.0515 0x0254 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
18:07:05.0515 0x0254 C:\Program Files\Common Files\supportsoft\bin\ssrc.exe - ok
18:07:05.0531 0x0254 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
18:07:05.0531 0x0254 C:\WINDOWS\system32\powrprof.dll - ok
18:07:05.0546 0x0254 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
18:07:05.0546 0x0254 C:\WINDOWS\system32\wsock32.dll - ok
18:07:05.0562 0x0254 [ D7CE4BF406BB32DA938A03419BFC0F92, 71CB6A5A06375EC9A9B0250AB58FDB6AE1E6E9AD31E9757B4085043D24E1A944 ] C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll
18:07:05.0562 0x0254 C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll - ok
18:07:05.0578 0x0254 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
18:07:05.0578 0x0254 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
18:07:05.0578 0x0254 [ 0CC8C487FB84CB3C53DB71E3979FA450, A7C611D37FFF4C399C43B75490E089FCC587A73694385DAF7B8A087A6BE21BC9 ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll
18:07:05.0578 0x0254 C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll - ok
18:07:05.0593 0x0254 [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
18:07:05.0593 0x0254 C:\WINDOWS\system32\regsvr32.exe - ok
18:07:05.0609 0x0254 [ 46D2D7FDED46379E6D051633640AF8D3, 02C7D4B8CC7B95B5CA3F4FBB0EC5CD123167CA9864AAF93D9C67EE1ACAF1C7C0 ] C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
18:07:05.0609 0x0254 C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe - ok
18:07:05.0625 0x0254 [ F2A12BE9CEB441655BDABF9601CBFE4D, DF24F97716F97AA14EF76484C592DDFE92AC5EA32396A101BD889F96D452D9E5 ] C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE
18:07:05.0625 0x0254 C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE - ok
18:07:05.0640 0x0254 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
18:07:05.0640 0x0254 C:\WINDOWS\system32\vssapi.dll - ok
18:07:05.0656 0x0254 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
18:07:05.0656 0x0254 C:\WINDOWS\system32\browser.dll - ok
18:07:05.0671 0x0254 [ 1DA97713C483C4E000955F52224D8733, 56046551936AF1E876EEC3AACC8099E1AC502B6BA83560811E1F6A1FFD532484 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe
18:07:05.0671 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe - ok
18:07:05.0687 0x0254 [ 140B8FBF6850B61F86515470850CF972, CB170A866CB69512F90017B6BABABA1EEFD643CEF5CBC3DBE3554C07D933F825 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll
18:07:05.0687 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll - ok
18:07:05.0703 0x0254 [ 72F1995653E66CBABC9332711DFF966D, 295AFCD30CE82BADCF5B61458FE2FB6B97139A2A136DACB06CEBC48B3772CB35 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll
18:07:05.0703 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll - ok
18:07:05.0703 0x0254 [ 47857DF83C1BD9755AFD1C7F0AE65465, 967AD7C178348FCE215F2AD1FCF19676CB0A483288CD155A8899D1AF3469F6BC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
18:07:05.0703 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll - ok
18:07:05.0718 0x0254 [ 871F979D70414C900B35E56222932DAF, 91FD46D7335C9990A20F215B9F6F53BC59551420A9C99AD8110AE2F9FF7598F0 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
18:07:05.0718 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
18:07:05.0734 0x0254 [ 4D03CA609E68F4C90CF66515218017F8, CF420ACED0D810E1D75F6811DD986F2D9FDED2FBB8D61FC9A7024520C475FEBB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
18:07:05.0734 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
18:07:05.0750 0x0254 [ 88F2EC4D51D72A87D804D0E6E041F534, 53DE55870D3FB5F9ED5164BBE17CC33E6E692D1F6E07E0EBF11C3617D557CC95 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll
18:07:05.0750 0x0254 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll - ok
18:07:05.0765 0x0254 [ C610485022BDAF12F3836B6955470B69, 69E053FBF9B37A0E8D0FE20AB2474AF1F1AA325FAA6C67B212ECABC8E85F7F0C ] C:\Program Files\GFI Software\VIPRE\vipre.dll
18:07:05.0765 0x0254 C:\Program Files\GFI Software\VIPRE\vipre.dll - ok
18:07:05.0781 0x0254 [ 5D2BE16A06CF09B2952C85503A89C28E, 0A98709D8C96AF58B8A9711576DD7610CE849D487DBACA6ECF01A3F0AA42BF8E ] C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll
18:07:05.0781 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll - ok
18:07:05.0796 0x0254 [ 763D69C5A9DE7BCF670D9CDA9EC3CEC0, D2A261B1C2727EE188834A69129418C50F3525D25BC47FB8F87B2ADCA5DB2811 ] C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll
18:07:05.0796 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll - ok
18:07:05.0812 0x0254 [ D1B01B7933F26211E80EAC667A909E1B, 9515F423FC74D84CB9B8CFDCB94017697D85ADBDFCECC9BE70D755D253EA7F27 ] C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll
18:07:05.0812 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll - ok
18:07:05.0828 0x0254 [ 19350C72F956CB7ADBA0F5EC6FDE6846, 61EBB1C358EB3DE3D5D84BBCA4BF09570B31E7F842FC1D3BA68221EBDB21A662 ] C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll
18:07:05.0828 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll - ok
18:07:05.0843 0x0254 [ 0748D7C015A09EC9C0539130259736FE, 3AB581FC911C41966A18F459394E27B32DA34E56A3E1D34BF9A8856349274742 ] C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll
18:07:05.0843 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll - ok
18:07:05.0859 0x0254 [ C9A63111931F99F41D1ADF01895C4B4F, F869BE843A5D6ECD86D5837DB3BC3C3D38821EAA0828AD119BC69273DF510ECD ] C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll
18:07:05.0859 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll - ok
18:07:05.0875 0x0254 [ B46A091F4B9B2472A9C07EC402829A0B, 3A3F3448E935A6A5966B8F45F23595F8846C01ABBB7A706439141F4CE67E4A7B ] C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll
18:07:05.0875 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll - ok
18:07:05.0890 0x0254 [ 5B3FD19F792F926080689DC42EBE2503, 8E8F9748136E10F7BFCEFF2642EA33870BBA320BF6D0047CDB5502C706C64055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll
18:07:05.0890 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll - ok
18:07:05.0906 0x0254 [ E8865E926E750F7C71AA93CAACA1C352, 4D8354D2FA45D63564696FA2ED4CC9475F1848194E52CF243F10FB70C5EF416B ] C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll
18:07:05.0906 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll - ok
18:07:05.0906 0x0254 [ 8A6877EBFB19471C6DCDBC128BA92997, 8B3BDBE922D57A4E6EB198F8CE95C9960AF9C49EE553ABA886FD14703193CFEC ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll
18:07:05.0906 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll - ok
18:07:05.0921 0x0254 [ 3A61DF5B7A4791336367B9BAB3BE3113, 193BC11EE4B7064F5B73D4F6F7455B1A7BC088C8CB3BCB0B2FA9401496557055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll
18:07:05.0921 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll - ok
18:07:05.0937 0x0254 [ C3D0DB2B67E8E77CA5DE82CC5A044B38, 944F8588F882080772304E88243EA19F566165DAEB3044583774EA19389BAD75 ] C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll
18:07:05.0937 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll - ok
18:07:05.0953 0x0254 [ 41A8DF69920FB5349288C083577325F2, 71D35130D8A33E436E7686949AFAF9EC58864B2EB737B0AD9563B33C783D6A83 ] C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll
18:07:05.0953 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll - ok
18:07:05.0968 0x0254 [ 3C2E428944BE3E8908BCEB6F86572C39, F7E5675A7F0BD12C6B4F6D609E4FEE14128EF773B248D4F9A2F52F30D8212ECE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll
18:07:05.0968 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll - ok
18:07:05.0984 0x0254 [ 08C8482A1D4326F9AE1A5BF3A1E46086, FF9F4E86EC63F7C481C429BFCF38C3D25F25B052412537AC668351EF496989FE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll
18:07:05.0984 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll - ok
18:07:06.0000 0x0254 [ 93BE04A5C3DC07B5A3D79D97E231630A, 3C3997E7F3E0FFA20DCC6361F6389DE9B3307E97D133B5B1CD49D5D63AA38E0A ] C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll
18:07:06.0000 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll - ok
18:07:06.0015 0x0254 [ F109D57D63B480953FC5F5998D0B4186, 3D52B491C76E37E547BA5F3F2EE1952DF50EC6723D0DEA9E49A7CEB04C74F1F2 ] C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll
18:07:06.0015 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll - ok
18:07:06.0031 0x0254 [ EC9178C60133C6007C9D613050910D2C, D1553802066831E2E388DE12EA7AA8E65C38F9F9C7F841EDE82D3E2E82EDCEB5 ] C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll
18:07:06.0031 0x0254 C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll - ok
18:07:06.0046 0x0254 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
18:07:06.0046 0x0254 C:\WINDOWS\system32\shfolder.dll - ok
18:07:06.0062 0x0254 [ 315ABC478715CEBB404D6E2187B95214, F66A1DBA21A0365DB5F9E7D85EAA5DF4FD9168A78F34AE15F656A492A084DBCE ] C:\Program Files\GFI Software\VIPRE\gfiarksh.dll
18:07:06.0062 0x0254 C:\Program Files\GFI Software\VIPRE\gfiarksh.dll - ok
18:07:06.0078 0x0254 [ 508BADE9FAC071330D3CA3E6BFB40A04, E926D60638A6003FA67DD36D85065DBCDB51C7607B6CBB459793A321CFF03F18 ] C:\Program Files\GFI Software\VIPRE\gfiutil.dll
18:07:06.0078 0x0254 C:\Program Files\GFI Software\VIPRE\gfiutil.dll - ok
18:07:06.0093 0x0254 [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
18:07:06.0093 0x0254 C:\WINDOWS\system32\fltlib.dll - ok
18:07:06.0109 0x0254 [ 75938F0CA410AC4B3FD388FD88792B8F, F84120B7EB0D185D88C90368F8AC48AF7E6FBB74726336D6991B0618AF0303B2 ] C:\Program Files\GFI Software\VIPRE\cmclient1.dll
18:07:06.0109 0x0254 C:\Program Files\GFI Software\VIPRE\cmclient1.dll - ok
18:07:06.0125 0x0254 [ E513C28C4F8650F3B2A20F7878337415, B3CF0BB145FD80621C1B695B23026DE49125530A937927C6956AA0D7E6170C08 ] C:\Program Files\GFI Software\VIPRE\SbFwe.dll
18:07:06.0125 0x0254 C:\Program Files\GFI Software\VIPRE\SbFwe.dll - ok
18:07:06.0125 0x0254 [ 6B59E42D12D76455E1657DF2BFD47C90, 3057284AACA7C33BD78A7980BA44DFA796A365423EE994CD9B62E8E8CEFF2760 ] C:\Program Files\GFI Software\VIPRE\kbu.dll
18:07:06.0125 0x0254 C:\Program Files\GFI Software\VIPRE\kbu.dll - ok
18:07:06.0140 0x0254 [ 80B23666B6458A24AFC0AFD4E20BBBB7, 58CF7F963CE21860639E392AEAFDB484EF8105B1C6CED00062C6A2A92D0C46A9 ] C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll
18:07:06.0140 0x0254 C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll - ok
18:07:06.0156 0x0254 [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
18:07:06.0156 0x0254 C:\WINDOWS\system32\mpnotify.exe - ok
18:07:06.0171 0x0254 [ F49DABE4B824B9BF35E5F541A6CAAF26, B306E86362380B5922672527FC4548AA9623757DA5533D22DE44D81126E3DCFD ] C:\WINDOWS\system32\BCMLogon.dll
18:07:06.0171 0x0254 C:\WINDOWS\system32\BCMLogon.dll - ok
18:07:06.0187 0x0254 [ 25DE4FB4312B50B992E134E51F982A1F, 2384044EB3AC154A5AE39A479048A8850836775337E6802F7CECE8A0E1BA0C60 ] C:\Program Files\GFI Software\VIPRE\SBTIS.dll
18:07:06.0187 0x0254 C:\Program Files\GFI Software\VIPRE\SBTIS.dll - ok
18:07:06.0203 0x0254 [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\MFC71.DLL
18:07:06.0203 0x0254 C:\WINDOWS\system32\MFC71.DLL - ok
18:07:06.0218 0x0254 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\MSVCR71.DLL
18:07:06.0218 0x0254 C:\WINDOWS\system32\MSVCR71.DLL - ok
18:07:06.0234 0x0254 [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\MSVCP71.DLL
18:07:06.0234 0x0254 C:\WINDOWS\system32\MSVCP71.DLL - ok
18:07:06.0250 0x0254 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
18:07:06.0250 0x0254 C:\WINDOWS\system32\cscui.dll - ok
18:07:06.0265 0x0254 [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
18:07:06.0265 0x0254 C:\WINDOWS\system32\dpcdll.dll - ok
18:07:06.0265 0x0254 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
18:07:06.0265 0x0254 C:\WINDOWS\system32\termsrv.dll - ok
18:07:06.0281 0x0254 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
18:07:06.0281 0x0254 C:\WINDOWS\system32\userinit.exe - ok
18:07:06.0296 0x0254 [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe
18:07:06.0296 0x0254 C:\WINDOWS\system32\WgaTray.exe - ok
18:07:06.0312 0x0254 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
18:07:06.0312 0x0254 C:\WINDOWS\system32\icaapi.dll - ok
18:07:06.0328 0x0254 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
18:07:06.0328 0x0254 C:\WINDOWS\explorer.exe - ok
18:07:06.0343 0x0254 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
18:07:06.0343 0x0254 C:\WINDOWS\system32\mstlsapi.dll - ok
18:07:06.0359 0x0254 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
18:07:06.0359 0x0254 C:\WINDOWS\system32\browseui.dll - ok
18:07:06.0375 0x0254 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
18:07:06.0375 0x0254 C:\WINDOWS\system32\shdocvw.dll - ok
18:07:06.0390 0x0254 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
18:07:06.0390 0x0254 C:\WINDOWS\system32\cryptnet.dll - ok
18:07:06.0406 0x0254 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
18:07:06.0406 0x0254 C:\WINDOWS\system32\sensapi.dll - ok
18:07:06.0406 0x0254 [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll
18:07:06.0421 0x0254 C:\WINDOWS\system32\LegitCheckControl.dll - ok
18:07:06.0421 0x0254 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
18:07:06.0421 0x0254 C:\WINDOWS\system32\desk.cpl - ok
18:07:06.0437 0x0254 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
18:07:06.0437 0x0254 C:\WINDOWS\system32\themeui.dll - ok
18:07:06.0453 0x0254 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
18:07:06.0453 0x0254 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
18:07:06.0468 0x0254 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
18:07:06.0468 0x0254 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
18:07:06.0484 0x0254 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
18:07:06.0484 0x0254 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
18:07:06.0500 0x0254 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
18:07:06.0500 0x0254 C:\WINDOWS\system32\wbem\esscli.dll - ok
18:07:06.0515 0x0254 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
18:07:06.0515 0x0254 C:\WINDOWS\system32\wbem\fastprox.dll - ok
18:07:06.0531 0x0254 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
18:07:06.0531 0x0254 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
18:07:06.0546 0x0254 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
18:07:06.0546 0x0254 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
18:07:06.0562 0x0254 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
18:07:06.0562 0x0254 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
18:07:06.0578 0x0254 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
18:07:06.0578 0x0254 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
18:07:06.0593 0x0254 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
18:07:06.0593 0x0254 C:\WINDOWS\system32\wbem\wbemess.dll - ok
18:07:06.0609 0x0254 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
18:07:06.0609 0x0254 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
18:07:06.0625 0x0254 [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
18:07:06.0625 0x0254 C:\WINDOWS\system32\licwmi.dll - ok
18:07:06.0640 0x0254 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
18:07:06.0640 0x0254 C:\WINDOWS\system32\linkinfo.dll - ok
18:07:06.0656 0x0254 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
18:07:06.0656 0x0254 C:\WINDOWS\system32\wbem\framedyn.dll - ok
18:07:06.0671 0x0254 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
18:07:06.0671 0x0254 C:\WINDOWS\system32\ntshrui.dll - ok
18:07:06.0687 0x0254 [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
18:07:06.0687 0x0254 C:\WINDOWS\system32\licdll.dll - ok
18:07:06.0703 0x0254 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
18:07:06.0703 0x0254 C:\WINDOWS\system32\msxml6.dll - ok
18:07:06.0718 0x0254 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
18:07:06.0718 0x0254 C:\WINDOWS\system32\verclsid.exe - ok
18:07:06.0734 0x0254 [ 2DD904F7FE982A3141193F491D04F7C9, 714C803F187B1F4D9DAC7C240354FFCEECCCC42763318DBF8153DBB066D0E9C4 ] C:\WINDOWS\system32\ieframe.dll
18:07:06.0734 0x0254 C:\WINDOWS\system32\ieframe.dll - ok
18:07:06.0750 0x0254 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
18:07:06.0750 0x0254 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
18:07:06.0765 0x0254 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
18:07:06.0765 0x0254 C:\WINDOWS\system32\cfgmgr32.dll - ok
18:07:06.0781 0x0254 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
18:07:06.0781 0x0254 C:\WINDOWS\system32\netshell.dll - ok
18:07:06.0796 0x0254 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
18:07:06.0796 0x0254 C:\WINDOWS\system32\credui.dll - ok
18:07:06.0796 0x0254 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
18:07:06.0796 0x0254 C:\WINDOWS\system32\dot3dlg.dll - ok
18:07:06.0812 0x0254 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
18:07:06.0812 0x0254 C:\WINDOWS\system32\onex.dll - ok
18:07:06.0828 0x0254 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
18:07:06.0828 0x0254 C:\WINDOWS\system32\eappcfg.dll - ok
18:07:06.0843 0x0254 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
18:07:06.0843 0x0254 C:\WINDOWS\system32\eappprxy.dll - ok
18:07:06.0859 0x0254 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
18:07:06.0859 0x0254 C:\WINDOWS\system32\netman.dll - ok
18:07:06.0875 0x0254 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
18:07:06.0875 0x0254 C:\WINDOWS\system32\wzcsapi.dll - ok
18:07:06.0890 0x0254 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
18:07:06.0890 0x0254 C:\WINDOWS\system32\netcfgx.dll - ok
18:07:06.0906 0x0254 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
18:07:06.0906 0x0254 C:\WINDOWS\system32\clusapi.dll - ok
18:07:06.0921 0x0254 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
18:07:06.0921 0x0254 C:\WINDOWS\system32\rasmans.dll - ok
18:07:06.0921 0x0254 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
18:07:06.0921 0x0254 C:\WINDOWS\system32\sens.dll - ok
18:07:06.0937 0x0254 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
18:07:06.0937 0x0254 C:\WINDOWS\system32\winipsec.dll - ok
18:07:06.0953 0x0254 [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
18:07:06.0953 0x0254 C:\WINDOWS\system32\mmcshext.dll - ok
18:07:06.0968 0x0254 [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
18:07:06.0968 0x0254 C:\WINDOWS\system32\hhsetup.dll - ok
18:07:06.0984 0x0254 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
18:07:06.0984 0x0254 C:\WINDOWS\system32\es.dll - ok
18:07:07.0000 0x0254 [ 2094BC9A0FC9C0E15EEA5F4A9581DD14, 06F739FB795F0F03B336CEBB895115BCA8123F3434D26F8428F707D348BF421C ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
18:07:07.0000 0x0254 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
18:07:07.0015 0x0254 [ 055309C927DEF2F09305ED0F3065CF66, ED92413E6D719B61208C4E0E598D64D989D220D0902F3E2A4A54972FD2595057 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
18:07:07.0015 0x0254 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll - ok
18:07:07.0031 0x0254 [ ECD5517A6633826057D4F050927DDF56, 6E6599DA9DB33FB66AF76F9252569EE02EFF9F02078191735D09DA64E661C9F7 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
18:07:07.0031 0x0254 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
18:07:07.0046 0x0254 [ 8BCBC41817FC41F9CC9B10DD120CEC7C, F2F54909874D4711DCC5DC61BBF0546D533705464CAAB1419D7E12127D4F327D ] C:\Documents and Settings\Dan\Desktop\tdsskiller.exe
18:07:07.0046 0x0254 C:\Documents and Settings\Dan\Desktop\tdsskiller.exe - ok
18:07:07.0062 0x0254 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{47D5C63C-F95D-44C0-9917-E1025969DCF9}.tmp
18:07:07.0062 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{47D5C63C-F95D-44C0-9917-E1025969DCF9}.tmp - ok
18:07:07.0078 0x0254 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{401658E6-3AF9-4629-ABC9-BF14BFEA1E24}.tmp
18:07:07.0078 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{401658E6-3AF9-4629-ABC9-BF14BFEA1E24}.tmp - ok
18:07:07.0093 0x0254 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5D2F29BB-71EB-4D38-8D72-D8D6BE72A9D8}.tmp
18:07:07.0093 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5D2F29BB-71EB-4D38-8D72-D8D6BE72A9D8}.tmp - ok
18:07:07.0109 0x0254 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5F9A4A0A-6F0D-44A6-B2C3-751ACDABB2C0}.tmp
18:07:07.0109 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{5F9A4A0A-6F0D-44A6-B2C3-751ACDABB2C0}.tmp - ok
18:07:07.0125 0x0254 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{DA8A13DC-4756-4B1C-9E21-321BC5D767EE}.tmp
18:07:07.0125 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{DA8A13DC-4756-4B1C-9E21-321BC5D767EE}.tmp - ok
18:07:07.0140 0x0254 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{669FE4AC-CF46-4D81-9DE7-B9D410616FFE}.tmp
18:07:07.0140 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{669FE4AC-CF46-4D81-9DE7-B9D410616FFE}.tmp - ok
18:07:07.0156 0x0254 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{7AC624EF-2ACA-4EFF-AB5C-608E2EB36E97}.tmp
18:07:07.0156 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{7AC624EF-2ACA-4EFF-AB5C-608E2EB36E97}.tmp - ok
18:07:07.0156 0x0254 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{4B7FC200-AC22-4D52-86B9-F1052FD4AE6A}.tmp
18:07:07.0156 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{4B7FC200-AC22-4D52-86B9-F1052FD4AE6A}.tmp - ok
18:07:07.0171 0x0254 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{1C05D377-D336-44EF-A22C-AA8611D57E56}.tmp
18:07:07.0171 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{1C05D377-D336-44EF-A22C-AA8611D57E56}.tmp - ok
18:07:07.0187 0x0254 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{B03CA3A9-47AA-4B61-A8FB-41EC96F52706}.tmp
18:07:07.0187 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{904497ED-9061-41A1-8EE7-B1E094A72178}\{B03CA3A9-47AA-4B61-A8FB-41EC96F52706}.tmp - ok
18:07:07.0203 0x0254 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
18:07:07.0203 0x0254 C:\WINDOWS\system32\wbem\ncprov.dll - ok
18:07:07.0218 0x0254 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
18:07:07.0218 0x0254 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
18:07:07.0234 0x0254 [ E5517D0908CA75EEF9633A93FF3F0408, ADBF3948908AB0C487D2B536E2F8E0C0803EF2BDE109AC525677582549F7A7E2 ] C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
18:07:07.0234 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe - ok
18:07:07.0250 0x0254 [ CAF25369B9C7CA27D700D89EA8C7E528, FC1244265A4EC860FE87E65503C2F3B19C1DDA96F87EA9BA5B4CCA6A11CA2E9A ] C:\WINDOWS\pchealth\helpctr\binaries\HCAppRes.dll
18:07:07.0250 0x0254 C:\WINDOWS\pchealth\helpctr\binaries\HCAppRes.dll - ok
18:07:07.0265 0x0254 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
18:07:07.0265 0x0254 C:\WINDOWS\system32\mlang.dll - ok
18:07:07.0281 0x0254 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
18:07:07.0281 0x0254 C:\WINDOWS\system32\drprov.dll - ok
18:07:07.0296 0x0254 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
18:07:07.0296 0x0254 C:\WINDOWS\system32\ntlanman.dll - ok
18:07:07.0312 0x0254 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
18:07:07.0312 0x0254 C:\WINDOWS\system32\netui0.dll - ok
18:07:07.0328 0x0254 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
18:07:07.0328 0x0254 C:\WINDOWS\system32\netui1.dll - ok
18:07:07.0328 0x0254 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
18:07:07.0328 0x0254 C:\WINDOWS\system32\netrap.dll - ok
18:07:07.0343 0x0254 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
18:07:07.0343 0x0254 C:\WINDOWS\system32\davclnt.dll - ok
18:07:07.0359 0x0254 [ DDC32A2FF2A1B94DBB76C149FDE4ECE7, 4FDA5B07B889F3A617F2E380F1C67F42698884EB208B5341D23B07FBC80C48A5 ] C:\WINDOWS\system32\wbem\xml\wmi2xml.dll
18:07:07.0359 0x0254 C:\WINDOWS\system32\wbem\xml\wmi2xml.dll - ok
18:07:07.0375 0x0254 [ FB6EE278BC2046E0952F320AC62D3E07, BE6EC1D5EA75398192173BD1DB6AFB01E5C54A287A79E4AF92776FB472BD0418 ] C:\WINDOWS\system32\dskquota.dll
18:07:07.0375 0x0254 C:\WINDOWS\system32\dskquota.dll - ok
18:07:07.0390 0x0254 [ 1F3A82333046F4B97B2BB148ABF38D54, DED83E1F40314D546E858DCBA4CDC483E39EE45A5CABEF7691F0D0C0C0051D18 ] C:\WINDOWS\system32\traffic.dll
18:07:07.0390 0x0254 C:\WINDOWS\system32\traffic.dll - ok
18:07:07.0406 0x0254 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
18:07:07.0406 0x0254 C:\WINDOWS\system32\security.dll - ok
18:07:07.0421 0x0254 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
18:07:07.0421 0x0254 C:\WINDOWS\system32\dssenh.dll - ok
18:07:07.0437 0x0254 [ 0099D24356585743B0B35C222092FD8F, 9EBC6DF134F0A2984E6385FD9CAD25961D2D789B94A0F8AD9F255947A790655F ] C:\WINDOWS\system32\faultrep.dll
18:07:07.0437 0x0254 C:\WINDOWS\system32\faultrep.dll - ok
18:07:07.0437 0x0254 [ 86042F6F6A5287EAF9379C91D0BF72B6, 92E5974DFD91ACEBF5D8BD5F14361C0AFD7528EF6503D1D8A8C26E64C115A0CB ] C:\WINDOWS\system32\dwwin.exe
18:07:07.0437 0x0254 C:\WINDOWS\system32\dwwin.exe - ok
18:07:07.0453 0x0254 [ EF32415C2755E66CA1B345DF68C71243, AAD88984799414684E83F894254A4CA2E61F8B7D0EE28F9A7BF6CC8A0B479903 ] C:\WINDOWS\system32\1033\dwintl.dll
18:07:07.0453 0x0254 C:\WINDOWS\system32\1033\dwintl.dll - ok
18:07:07.0468 0x0254 [ C9F5E1DE6DA983E89E714ED80C11F000, 9FE9A49CFDF8E5764A264C19A11BB123D5BD9F1D11DBC469709B5A8178EC8F8B ] C:\WINDOWS\system32\drwtsn32.exe
18:07:07.0468 0x0254 C:\WINDOWS\system32\drwtsn32.exe - ok
18:07:07.0484 0x0254 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5, B9E232CAB39F87F6356A2DBB827678A903712AFC04414D6616041135DBBAF9DE ] C:\WINDOWS\system32\dbgeng.dll
18:07:07.0484 0x0254 C:\WINDOWS\system32\dbgeng.dll - ok
18:07:07.0500 0x0254 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
18:07:07.0500 0x0254 C:\WINDOWS\system32\dbghelp.dll - ok
18:07:07.0515 0x0254 [ D7AE907903A6F46384B0F1D618FCE822, C0D69E748007268B80D3D3BDA5967EBCCBAEB3A39D9A37DC6A9C3ED3EBE63D9A ] C:\WINDOWS\system32\exts.dll
18:07:07.0515 0x0254 C:\WINDOWS\system32\exts.dll - ok
18:07:07.0531 0x0254 [ 3225C2BCBCAF3F0D994DADC82112E233, 862851D2DA3301B5A64072B323C7DF939121D0981E618BA78D8624D5191DFCDC ] C:\WINDOWS\system32\ntsdexts.dll
18:07:07.0531 0x0254 C:\WINDOWS\system32\ntsdexts.dll - ok
18:07:07.0546 0x0254 [ 5E28284F9B5F9097640D58A73D38AD4C, 865F34FE7BA81E9622DDBDFC511547D190367BBF3DAD21CEB6DA3EEC621044F5 ] C:\WINDOWS\system32\notepad.exe
18:07:07.0546 0x0254 C:\WINDOWS\system32\notepad.exe - ok
18:07:07.0562 0x0254 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{674C7F27-F4A1-4664-BA91-DBD80F6A04E3}.tmp
18:07:07.0562 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{674C7F27-F4A1-4664-BA91-DBD80F6A04E3}.tmp - ok
18:07:07.0578 0x0254 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D08844F3-FB1B-4453-A29D-50C084FBE350}.tmp
18:07:07.0578 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D08844F3-FB1B-4453-A29D-50C084FBE350}.tmp - ok
18:07:07.0593 0x0254 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D6AD9B00-BE5E-4500-A072-DD757BA49738}.tmp
18:07:07.0593 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{D6AD9B00-BE5E-4500-A072-DD757BA49738}.tmp - ok
18:07:07.0609 0x0254 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{16017A12-E7FA-4AEB-9790-5CA116E625E4}.tmp
18:07:07.0609 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{16017A12-E7FA-4AEB-9790-5CA116E625E4}.tmp - ok
18:07:07.0625 0x0254 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{6A226406-ECFF-49A5-B721-7B16422BB5FF}.tmp
18:07:07.0625 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{6A226406-ECFF-49A5-B721-7B16422BB5FF}.tmp - ok
18:07:07.0640 0x0254 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{4147BF64-73EB-4B0E-875B-CAEC610A4699}.tmp
18:07:07.0640 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{4147BF64-73EB-4B0E-875B-CAEC610A4699}.tmp - ok
18:07:07.0656 0x0254 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{276DF96D-2711-42B3-B635-D545B7164083}.tmp
18:07:07.0656 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{276DF96D-2711-42B3-B635-D545B7164083}.tmp - ok
18:07:07.0656 0x0254 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{325A1A28-42DD-4FCC-9E2D-D904EA7A663F}.tmp
18:07:07.0656 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{325A1A28-42DD-4FCC-9E2D-D904EA7A663F}.tmp - ok
18:07:07.0671 0x0254 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{684A4742-F296-4610-B89A-065D36414DCF}.tmp
18:07:07.0671 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{684A4742-F296-4610-B89A-065D36414DCF}.tmp - ok
18:07:07.0687 0x0254 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{CA7F6B6E-D4E4-48B8-BCF8-E7748683783B}.tmp
18:07:07.0687 0x0254 C:\DOCUME~1\Dan\LOCALS~1\temp\{732C3399-820C-409F-9DDB-4ECB7AD4D1F8}\{CA7F6B6E-D4E4-48B8-BCF8-E7748683783B}.tmp - ok
18:07:10.0250 0x0254 ============================================================
18:07:10.0250 0x0254 Scan finished
18:07:10.0250 0x0254 ============================================================
18:07:10.0265 0x0268 Detected object count: 2
18:07:10.0265 0x0268 Actual detected object count: 2
18:07:55.0609 0x0268 C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe - copied to quarantine
18:07:55.0609 0x0268 HKLM\SYSTEM\ControlSet001\services\etadpug - will be deleted on reboot
18:07:55.0609 0x0268 HKLM\SYSTEM\ControlSet002\services\etadpug - will be deleted on reboot
18:07:55.0625 0x0268 HKLM\SYSTEM\ControlSet003\services\etadpug - will be deleted on reboot
18:07:55.0640 0x0268 C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe - will be deleted on reboot
18:07:55.0640 0x0268 etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Delete
18:07:55.0640 0x0268 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:07:55.0640 0x0268 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
18:08:06.0937 0x0798 Deinitialize success
#6
Posted 01 October 2013 - 01:49 PM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
What's up with your problem?
Please, run TDSSKiller scan again. When you will see Threats detected window, select Delete option for TDSS File System element.
After reboot run TDSSKiller scan once more and post it's log.
Please, run TDSSKiller scan again. When you will see Threats detected window, select Delete option for TDSS File System element.
After reboot run TDSSKiller scan once more and post it's log.
#7
Posted 01 October 2013 - 06:20 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
Hi Phel,
Followed your directions again, still having the problem. My anti-virus (Vipre) popup message indicates desktop.ini found when I log on with other than the admin user acount not in safemode. Websites still get redirected. Here's the latest log file:
20:10:04.0062 0x0350 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
20:10:04.0781 0x0350 ============================================================
20:10:04.0781 0x0350 Current date / time: 2013/10/01 20:10:04.0781
20:10:04.0781 0x0350 SystemInfo:
20:10:04.0781 0x0350
20:10:04.0781 0x0350 OS Version: 5.1.2600 ServicePack: 3.0
20:10:04.0781 0x0350 Product type: Workstation
20:10:04.0781 0x0350 ComputerName: HOME
20:10:04.0781 0x0350 UserName: Dan
20:10:04.0781 0x0350 Windows directory: C:\WINDOWS
20:10:04.0781 0x0350 System windows directory: C:\WINDOWS
20:10:04.0781 0x0350 Processor architecture: Intel x86
20:10:04.0781 0x0350 Number of processors: 4
20:10:04.0781 0x0350 Page size: 0x1000
20:10:04.0781 0x0350 Boot type: Safe boot with network
20:10:04.0781 0x0350 ============================================================
20:10:04.0781 0x0350 BG loaded
20:10:04.0921 0x0350 System UUID: {DB817CD4-B020-F4E6-637C-35B22BA8EF59}
20:10:05.0250 0x0350 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:10:05.0250 0x0350 ============================================================
20:10:05.0250 0x0350 \Device\Harddisk0\DR0:
20:10:05.0250 0x0350 MBR partitions:
20:10:05.0250 0x0350 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39CCEE0B
20:10:05.0250 0x0350 ============================================================
20:10:05.0281 0x0350 C: <-> \Device\Harddisk0\DR0\Partition1
20:10:05.0281 0x0350 ============================================================
20:10:05.0281 0x0350 Initialize success
20:10:05.0281 0x0350 ============================================================
20:10:13.0750 0x0244 ============================================================
20:10:13.0750 0x0244 Scan started
20:10:13.0750 0x0244 Mode: Manual; SigCheck; TDLFS;
20:10:13.0750 0x0244 ============================================================
20:10:13.0750 0x0244 KSN ping started
20:10:16.0296 0x0244 KSN ping finished: true
20:10:16.0937 0x0244 ================ Scan system memory ========================
20:10:16.0937 0x0244 System memory - ok
20:10:16.0937 0x0244 ================ Scan services =============================
20:10:17.0031 0x0244 Abiosdsk - ok
20:10:17.0046 0x0244 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:10:17.0140 0x0244 abp480n5 - ok
20:10:17.0218 0x0244 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:10:17.0312 0x0244 ACPI - ok
20:10:17.0328 0x0244 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:10:17.0406 0x0244 ACPIEC - ok
20:10:17.0437 0x0244 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:10:17.0531 0x0244 adpu160m - ok
20:10:17.0562 0x0244 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:10:17.0640 0x0244 aec - ok
20:10:17.0687 0x0244 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:10:17.0687 0x0244 AFD - ok
20:10:17.0734 0x0244 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:10:17.0812 0x0244 agp440 - ok
20:10:17.0828 0x0244 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:10:17.0890 0x0244 agpCPQ - ok
20:10:17.0921 0x0244 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:10:17.0953 0x0244 Aha154x - ok
20:10:17.0968 0x0244 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:10:18.0046 0x0244 aic78u2 - ok
20:10:18.0046 0x0244 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:10:18.0156 0x0244 aic78xx - ok
20:10:18.0187 0x0244 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:10:18.0265 0x0244 Alerter - ok
20:10:18.0281 0x0244 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
20:10:18.0343 0x0244 ALG - ok
20:10:18.0375 0x0244 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:10:18.0468 0x0244 AliIde - ok
20:10:18.0484 0x0244 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:10:18.0562 0x0244 alim1541 - ok
20:10:18.0593 0x0244 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:10:18.0671 0x0244 amdagp - ok
20:10:18.0687 0x0244 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
20:10:18.0718 0x0244 amsint - ok
20:10:18.0765 0x0244 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:10:18.0828 0x0244 AppMgmt - ok
20:10:18.0859 0x0244 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
20:10:18.0921 0x0244 asc - ok
20:10:18.0953 0x0244 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:10:18.0984 0x0244 asc3350p - ok
20:10:19.0031 0x0244 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:10:19.0109 0x0244 asc3550 - ok
20:10:19.0187 0x0244 [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
20:10:19.0203 0x0244 aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
20:10:21.0937 0x0244 Detect skipped due to KSN trusted
20:10:21.0937 0x0244 aspnet_state - ok
20:10:21.0968 0x0244 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:10:22.0031 0x0244 AsyncMac - ok
20:10:22.0078 0x0244 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:10:22.0140 0x0244 atapi - ok
20:10:22.0156 0x0244 Atdisk - ok
20:10:22.0187 0x0244 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:10:22.0265 0x0244 Atmarpc - ok
20:10:22.0296 0x0244 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:10:22.0375 0x0244 AudioSrv - ok
20:10:22.0421 0x0244 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:10:22.0500 0x0244 audstub - ok
20:10:22.0562 0x0244 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:10:22.0593 0x0244 BCM43XX - ok
20:10:22.0640 0x0244 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:10:22.0718 0x0244 Beep - ok
20:10:22.0750 0x0244 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
20:10:22.0765 0x0244 Browser - ok
20:10:22.0812 0x0244 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:10:22.0875 0x0244 cbidf - ok
20:10:22.0890 0x0244 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:10:22.0953 0x0244 cbidf2k - ok
20:10:22.0984 0x0244 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:10:23.0015 0x0244 cd20xrnt - ok
20:10:23.0046 0x0244 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:10:23.0125 0x0244 Cdaudio - ok
20:10:23.0171 0x0244 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:10:23.0234 0x0244 Cdfs - ok
20:10:23.0265 0x0244 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:10:23.0343 0x0244 Cdrom - ok
20:10:23.0359 0x0244 Changer - ok
20:10:23.0390 0x0244 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:10:23.0453 0x0244 CiSvc - ok
20:10:23.0468 0x0244 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:10:23.0531 0x0244 ClipSrv - ok
20:10:23.0562 0x0244 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:10:23.0656 0x0244 CmdIde - ok
20:10:23.0656 0x0244 COMSysApp - ok
20:10:23.0703 0x0244 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:10:23.0781 0x0244 Cpqarray - ok
20:10:23.0812 0x0244 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:10:23.0875 0x0244 CryptSvc - ok
20:10:23.0906 0x0244 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:10:23.0984 0x0244 dac2w2k - ok
20:10:24.0015 0x0244 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:10:24.0093 0x0244 dac960nt - ok
20:10:24.0125 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:10:24.0156 0x0244 DcomLaunch - ok
20:10:24.0187 0x0244 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:10:24.0265 0x0244 Dhcp - ok
20:10:24.0281 0x0244 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:10:24.0359 0x0244 Disk - ok
20:10:24.0359 0x0244 dmadmin - ok
20:10:24.0421 0x0244 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:10:24.0500 0x0244 dmboot - ok
20:10:24.0515 0x0244 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:10:24.0593 0x0244 dmio - ok
20:10:24.0625 0x0244 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:10:24.0703 0x0244 dmload - ok
20:10:24.0734 0x0244 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
20:10:24.0796 0x0244 dmserver - ok
20:10:24.0812 0x0244 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:10:24.0890 0x0244 DMusic - ok
20:10:24.0937 0x0244 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:10:24.0953 0x0244 Dnscache - ok
20:10:24.0984 0x0244 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:10:25.0046 0x0244 Dot3svc - ok
20:10:25.0078 0x0244 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:10:25.0156 0x0244 dpti2o - ok
20:10:25.0187 0x0244 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:10:25.0250 0x0244 drmkaud - ok
20:10:25.0281 0x0244 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:10:25.0375 0x0244 E100B - ok
20:10:25.0406 0x0244 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
20:10:25.0421 0x0244 e1express - ok
20:10:25.0453 0x0244 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:10:25.0546 0x0244 EapHost - ok
20:10:25.0578 0x0244 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:10:25.0640 0x0244 ERSvc - ok
20:10:25.0687 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
20:10:25.0687 0x0244 Eventlog - ok
20:10:25.0750 0x0244 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
20:10:25.0765 0x0244 EventSystem - ok
20:10:25.0781 0x0244 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:10:25.0859 0x0244 Fastfat - ok
20:10:25.0890 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:10:25.0906 0x0244 FastUserSwitchingCompatibility - ok
20:10:25.0937 0x0244 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:10:26.0015 0x0244 Fdc - ok
20:10:26.0031 0x0244 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:10:26.0093 0x0244 Fips - ok
20:10:26.0125 0x0244 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:10:26.0203 0x0244 Flpydisk - ok
20:10:26.0234 0x0244 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:10:26.0296 0x0244 FltMgr - ok
20:10:26.0343 0x0244 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:10:26.0406 0x0244 Fs_Rec - ok
20:10:26.0437 0x0244 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:10:26.0531 0x0244 Ftdisk - ok
20:10:26.0562 0x0244 [ 035EAF9A18B84F9560984BCF41F52E99, D449A010FF46D43333799B4F282F779ACEC7671D326BA7B8234AF5D9DE48A07A ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys
20:10:26.0578 0x0244 gfiark - detected UnsignedFile.Multi.Generic ( 1 )
20:10:29.0296 0x0244 Detect skipped due to KSN trusted
20:10:29.0296 0x0244 gfiark - ok
20:10:29.0328 0x0244 [ 4594A3BB131B027E8D6590B9035B7DAC, EBCEDE824D98A6D6E805CA0F8360640AB44BF1E18D225868AFE9954BB083D5B8 ] gfiutil C:\WINDOWS\system32\drivers\gfiutil.sys
20:10:29.0343 0x0244 gfiutil - detected UnsignedFile.Multi.Generic ( 1 )
20:10:32.0062 0x0244 Detect skipped due to KSN trusted
20:10:32.0062 0x0244 gfiutil - ok
20:10:32.0187 0x0244 [ AD826942E10F8D18C29E365CE426A21B, 54AA8C21AAA495B4E6D15651A50F3FB4E585834875DF230EB551BC1BD0BE3484 ] gfi_lanss10_attservice C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
20:10:32.0203 0x0244 gfi_lanss10_attservice - ok
20:10:32.0265 0x0244 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
20:10:32.0281 0x0244 GoToAssist - ok
20:10:32.0312 0x0244 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:10:32.0390 0x0244 Gpc - ok
20:10:32.0437 0x0244 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:32.0437 0x0244 gupdate - ok
20:10:32.0453 0x0244 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:32.0468 0x0244 gupdatem - ok
20:10:32.0515 0x0244 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:10:32.0593 0x0244 HDAudBus - ok
20:10:32.0656 0x0244 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:10:32.0718 0x0244 helpsvc - ok
20:10:32.0734 0x0244 HidServ - ok
20:10:32.0781 0x0244 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:10:32.0843 0x0244 HidUsb - ok
20:10:32.0875 0x0244 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:10:32.0953 0x0244 hkmsvc - ok
20:10:32.0968 0x0244 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
20:10:33.0046 0x0244 hpn - ok
20:10:33.0093 0x0244 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:10:33.0125 0x0244 HTTP - ok
20:10:33.0156 0x0244 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:10:33.0234 0x0244 HTTPFilter - ok
20:10:33.0265 0x0244 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:10:33.0328 0x0244 i2omgmt - ok
20:10:33.0375 0x0244 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:10:33.0437 0x0244 i2omp - ok
20:10:33.0453 0x0244 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:10:33.0531 0x0244 i8042prt - ok
20:10:33.0734 0x0244 [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:10:34.0000 0x0244 ialm - ok
20:10:34.0046 0x0244 [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
20:10:34.0062 0x0244 iaStor - ok
20:10:34.0078 0x0244 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:10:34.0156 0x0244 Imapi - ok
20:10:34.0187 0x0244 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
20:10:34.0265 0x0244 ImapiService - ok
20:10:34.0312 0x0244 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:10:34.0390 0x0244 ini910u - ok
20:10:34.0578 0x0244 [ 17BBBABB21F86B650B2626045A9D016C, 01C1F7711B037844CF325C60A2ABEFBB84DD00B3F048E08D7D056E506334624B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:10:34.0718 0x0244 IntcAzAudAddService - ok
20:10:34.0750 0x0244 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:10:34.0828 0x0244 IntelIde - ok
20:10:34.0859 0x0244 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:10:34.0921 0x0244 intelppm - ok
20:10:34.0968 0x0244 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:10:35.0031 0x0244 Ip6Fw - ok
20:10:35.0078 0x0244 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:10:35.0156 0x0244 IpFilterDriver - ok
20:10:35.0187 0x0244 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:10:35.0265 0x0244 IpInIp - ok
20:10:35.0281 0x0244 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:10:35.0359 0x0244 IpNat - ok
20:10:35.0406 0x0244 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:10:35.0468 0x0244 IPSec - ok
20:10:35.0500 0x0244 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:10:35.0562 0x0244 IRENUM - ok
20:10:35.0578 0x0244 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:10:35.0656 0x0244 isapnp - ok
20:10:35.0765 0x0244 [ 32192B4EBE8720ED8D49A455C962CB91, 00EEFA0E6FCF329DE0A9D98F1231A9F23D059A4CF41460F7728C3DD0CD1746C4 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:10:35.0781 0x0244 JavaQuickStarterService - ok
20:10:35.0796 0x0244 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:10:35.0859 0x0244 Kbdclass - ok
20:10:35.0890 0x0244 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:10:35.0953 0x0244 kbdhid - ok
20:10:36.0015 0x0244 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:10:36.0078 0x0244 kmixer - ok
20:10:36.0109 0x0244 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:10:36.0109 0x0244 KSecDD - ok
20:10:36.0156 0x0244 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:10:36.0171 0x0244 lanmanserver - ok
20:10:36.0218 0x0244 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:10:36.0234 0x0244 lanmanworkstation - ok
20:10:36.0265 0x0244 [ BE2DC24D403643A2D1D98F33C7087B38, 0E72CAABFD41A30E6BD8E8EC7C75CAC6F96C4C32D578B58913686F1326116678 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
20:10:36.0281 0x0244 LBeepKE - ok
20:10:36.0281 0x0244 lbrtfdc - ok
20:10:36.0390 0x0244 [ 910344E2A984010435AE84783B25E5EB, 0A547AA691EE89383A8DDF5191943C9AB4021BFD55B51504E81308C52EBE5130 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:10:36.0406 0x0244 LBTServ - ok
20:10:36.0453 0x0244 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:10:36.0468 0x0244 LHidFilt - ok
20:10:36.0515 0x0244 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:10:36.0578 0x0244 LmHosts - ok
20:10:36.0593 0x0244 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:10:36.0609 0x0244 LMouFilt - ok
20:10:36.0640 0x0244 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:10:36.0703 0x0244 Messenger - ok
20:10:36.0734 0x0244 [ 41FE2F288E05A6C8AB85DD56770FFBAD, 75AB2C2882DEDB85DFCB313C0F469723AD252CA8D0D4C73D5CA72D7DDCA1B0E7 ] mferkdk C:\WINDOWS\system32\drivers\mferkdk.sys
20:10:36.0750 0x0244 mferkdk - ok
20:10:36.0765 0x0244 [ 096B52EA918AA909BA5903D79E129005, A34B7E5DA4053B0C9A01EEAA1538B2950287DD56BC602D2E35365ABA6E7AA4DC ] mfesmfk C:\WINDOWS\system32\drivers\mfesmfk.sys
20:10:36.0781 0x0244 mfesmfk - ok
20:10:36.0796 0x0244 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:10:36.0875 0x0244 mnmdd - ok
20:10:36.0906 0x0244 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:10:36.0968 0x0244 mnmsrvc - ok
20:10:36.0984 0x0244 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:10:37.0062 0x0244 Modem - ok
20:10:37.0093 0x0244 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:10:37.0171 0x0244 Mouclass - ok
20:10:37.0203 0x0244 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:10:37.0265 0x0244 mouhid - ok
20:10:37.0281 0x0244 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:10:37.0359 0x0244 MountMgr - ok
20:10:37.0375 0x0244 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:10:37.0468 0x0244 mraid35x - ok
20:10:37.0468 0x0244 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:10:37.0546 0x0244 MRxDAV - ok
20:10:37.0578 0x0244 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:10:37.0593 0x0244 MRxSmb - ok
20:10:37.0640 0x0244 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:10:37.0718 0x0244 MSDTC - ok
20:10:37.0750 0x0244 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:10:37.0812 0x0244 Msfs - ok
20:10:37.0828 0x0244 MSIServer - ok
20:10:37.0859 0x0244 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:10:37.0921 0x0244 MSKSSRV - ok
20:10:37.0953 0x0244 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:10:38.0015 0x0244 MSPCLOCK - ok
20:10:38.0046 0x0244 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:10:38.0125 0x0244 MSPQM - ok
20:10:38.0140 0x0244 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:10:38.0203 0x0244 mssmbios - ok
20:10:38.0250 0x0244 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:10:38.0250 0x0244 Mup - ok
20:10:38.0296 0x0244 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:10:38.0375 0x0244 napagent - ok
20:10:38.0421 0x0244 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:10:38.0500 0x0244 NDIS - ok
20:10:38.0531 0x0244 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:10:38.0546 0x0244 NdisTapi - ok
20:10:38.0578 0x0244 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:10:38.0656 0x0244 Ndisuio - ok
20:10:38.0656 0x0244 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:10:38.0734 0x0244 NdisWan - ok
20:10:38.0781 0x0244 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:10:38.0796 0x0244 NDProxy - ok
20:10:38.0828 0x0244 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:10:38.0906 0x0244 NetBIOS - ok
20:10:38.0921 0x0244 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:10:39.0000 0x0244 NetBT - ok
20:10:39.0046 0x0244 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
20:10:39.0109 0x0244 NetDDE - ok
20:10:39.0140 0x0244 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:10:39.0203 0x0244 NetDDEdsdm - ok
20:10:39.0234 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:10:39.0296 0x0244 Netlogon - ok
20:10:39.0328 0x0244 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
20:10:39.0390 0x0244 Netman - ok
20:10:39.0421 0x0244 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
20:10:39.0437 0x0244 Nla - ok
20:10:39.0468 0x0244 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:10:39.0546 0x0244 Npfs - ok
20:10:39.0593 0x0244 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:10:39.0687 0x0244 Ntfs - ok
20:10:39.0703 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:10:39.0781 0x0244 NtLmSsp - ok
20:10:39.0828 0x0244 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:10:39.0906 0x0244 NtmsSvc - ok
20:10:39.0953 0x0244 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:10:40.0031 0x0244 Null - ok
20:10:40.0109 0x0244 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:10:40.0234 0x0244 nv - ok
20:10:40.0265 0x0244 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:10:40.0343 0x0244 NwlnkFlt - ok
20:10:40.0359 0x0244 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:10:40.0421 0x0244 NwlnkFwd - ok
20:10:40.0453 0x0244 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:10:40.0531 0x0244 Parport - ok
20:10:40.0546 0x0244 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:10:40.0609 0x0244 PartMgr - ok
20:10:40.0640 0x0244 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:10:40.0718 0x0244 ParVdm - ok
20:10:40.0734 0x0244 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:10:40.0812 0x0244 PCI - ok
20:10:40.0828 0x0244 PCIDump - ok
20:10:40.0843 0x0244 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:10:40.0906 0x0244 PCIIde - ok
20:10:40.0937 0x0244 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:10:41.0000 0x0244 Pcmcia - ok
20:10:41.0015 0x0244 PDCOMP - ok
20:10:41.0031 0x0244 PDFRAME - ok
20:10:41.0046 0x0244 PDRELI - ok
20:10:41.0062 0x0244 PDRFRAME - ok
20:10:41.0093 0x0244 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
20:10:41.0156 0x0244 perc2 - ok
20:10:41.0171 0x0244 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:10:41.0234 0x0244 perc2hib - ok
20:10:41.0296 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
20:10:41.0296 0x0244 PlugPlay - ok
20:10:41.0312 0x0244 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:10:41.0390 0x0244 PptpMiniport - ok
20:10:41.0390 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:10:41.0468 0x0244 ProtectedStorage - ok
20:10:41.0468 0x0244 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:10:41.0546 0x0244 PSched - ok
20:10:41.0578 0x0244 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:10:41.0656 0x0244 Ptilink - ok
20:10:41.0687 0x0244 [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:10:41.0703 0x0244 PxHelp20 - ok
20:10:41.0718 0x0244 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:10:41.0796 0x0244 ql1080 - ok
20:10:41.0812 0x0244 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:10:41.0875 0x0244 Ql10wnt - ok
20:10:41.0890 0x0244 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:10:41.0984 0x0244 ql12160 - ok
20:10:42.0000 0x0244 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:10:42.0062 0x0244 ql1240 - ok
20:10:42.0093 0x0244 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:10:42.0156 0x0244 ql1280 - ok
20:10:42.0171 0x0244 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:10:42.0234 0x0244 RasAcd - ok
20:10:42.0281 0x0244 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:10:42.0359 0x0244 RasAuto - ok
20:10:42.0375 0x0244 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:10:42.0453 0x0244 Rasl2tp - ok
20:10:42.0500 0x0244 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:10:42.0562 0x0244 RasMan - ok
20:10:42.0578 0x0244 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:10:42.0640 0x0244 RasPppoe - ok
20:10:42.0656 0x0244 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:10:42.0718 0x0244 Raspti - ok
20:10:42.0750 0x0244 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:10:42.0828 0x0244 Rdbss - ok
20:10:42.0843 0x0244 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:10:42.0906 0x0244 RDPCDD - ok
20:10:42.0953 0x0244 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:10:43.0031 0x0244 rdpdr - ok
20:10:43.0078 0x0244 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:10:43.0109 0x0244 RDPWD - ok
20:10:43.0156 0x0244 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:10:43.0218 0x0244 RDSessMgr - ok
20:10:43.0265 0x0244 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:10:43.0328 0x0244 redbook - ok
20:10:43.0375 0x0244 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:10:43.0437 0x0244 RemoteRegistry - ok
20:10:43.0453 0x0244 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:10:43.0531 0x0244 RpcLocator - ok
20:10:43.0546 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:10:43.0578 0x0244 RpcSs - ok
20:10:43.0625 0x0244 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:10:43.0687 0x0244 RSVP - ok
20:10:43.0718 0x0244 SABKUTIL - ok
20:10:43.0750 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
20:10:43.0812 0x0244 SamSs - ok
20:10:43.0968 0x0244 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
20:10:44.0140 0x0244 SBAMSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:10:47.0171 0x0244 Detect skipped due to KSN trusted
20:10:47.0171 0x0244 SBAMSvc - ok
20:10:47.0203 0x0244 [ 40AA51F794921683CA143EE27F2F4171, CCA16D40D33B1C5A9E8366031EA3BC2F55FFEA30960ED46C0D24A8CA947195DD ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
20:10:47.0218 0x0244 sbaphd - detected UnsignedFile.Multi.Generic ( 1 )
20:10:49.0937 0x0244 Detect skipped due to KSN trusted
20:10:49.0937 0x0244 sbaphd - ok
20:10:49.0968 0x0244 [ 701109A92E144182E262BCC8DD898DC5, 549B78444E178632C260DC1DF10CB6F831787440E34EA50E02CFEF7CACB08C39 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
20:10:49.0984 0x0244 sbapifs - detected UnsignedFile.Multi.Generic ( 1 )
20:10:52.0703 0x0244 Detect skipped due to KSN trusted
20:10:52.0703 0x0244 sbapifs - ok
20:10:52.0750 0x0244 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
20:10:52.0765 0x0244 SbFw - detected UnsignedFile.Multi.Generic ( 1 )
20:10:55.0515 0x0244 Detect skipped due to KSN trusted
20:10:55.0515 0x0244 SbFw - ok
20:10:55.0546 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
20:10:55.0562 0x0244 SBFWIMCL - ok
20:10:55.0578 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCLMP C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
20:10:55.0593 0x0244 SBFWIMCLMP - ok
20:10:55.0625 0x0244 [ 3DE92A1DFB2E7D8812B13DDF10131472, 3E2690B68A1844D6B2C1FA35285191397F4987FA8F6CD61B6B8455B529433061 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
20:10:55.0640 0x0244 sbhips - detected UnsignedFile.Multi.Generic ( 1 )
20:10:58.0343 0x0244 Detect skipped due to KSN trusted
20:10:58.0343 0x0244 sbhips - ok
20:10:58.0390 0x0244 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
20:10:58.0406 0x0244 SBPIMSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:11:01.0109 0x0244 Detect skipped due to KSN trusted
20:11:01.0109 0x0244 SBPIMSvc - ok
20:11:01.0109 0x0244 SBRE - ok
20:11:01.0156 0x0244 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
20:11:01.0171 0x0244 sbtis - detected UnsignedFile.Multi.Generic ( 1 )
20:11:03.0875 0x0244 Detect skipped due to KSN trusted
20:11:03.0875 0x0244 sbtis - ok
20:11:03.0906 0x0244 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:11:03.0984 0x0244 SCardSvr - ok
20:11:04.0031 0x0244 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:11:04.0109 0x0244 Schedule - ok
20:11:04.0156 0x0244 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:11:04.0234 0x0244 Secdrv - ok
20:11:04.0250 0x0244 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:11:04.0312 0x0244 seclogon - ok
20:11:04.0343 0x0244 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
20:11:04.0406 0x0244 SENS - ok
20:11:04.0437 0x0244 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:11:04.0515 0x0244 serenum - ok
20:11:04.0531 0x0244 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:11:04.0609 0x0244 Serial - ok
20:11:04.0625 0x0244 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:11:04.0703 0x0244 Sfloppy - ok
20:11:04.0734 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:11:04.0734 0x0244 ShellHWDetection - ok
20:11:04.0750 0x0244 Simbad - ok
20:11:04.0796 0x0244 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:11:04.0859 0x0244 sisagp - ok
20:11:04.0890 0x0244 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
20:11:04.0968 0x0244 SONYPVU1 - ok
20:11:05.0000 0x0244 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:11:05.0046 0x0244 Sparrow - ok
20:11:05.0078 0x0244 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:11:05.0140 0x0244 splitter - ok
20:11:05.0187 0x0244 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:11:05.0203 0x0244 Spooler - ok
20:11:05.0234 0x0244 sprtsvc_dellsupportcenter - ok
20:11:05.0250 0x0244 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:11:05.0312 0x0244 sr - ok
20:11:05.0359 0x0244 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
20:11:05.0437 0x0244 srservice - ok
20:11:05.0468 0x0244 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:11:05.0484 0x0244 Srv - ok
20:11:05.0500 0x0244 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:11:05.0593 0x0244 SSDPSRV - ok
20:11:05.0640 0x0244 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:11:05.0718 0x0244 stisvc - ok
20:11:05.0765 0x0244 [ 7489520E98A119B5A9A00857F4F87D16, 818E070C16A85DD641A865CF439FF862A0D05B1E18B2329C24E8983074E0354E ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:11:05.0781 0x0244 stllssvr - ok
20:11:05.0828 0x0244 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:11:05.0843 0x0244 SupportSoft RemoteAssist - ok
20:11:05.0890 0x0244 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:11:05.0968 0x0244 swenum - ok
20:11:05.0984 0x0244 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:11:06.0046 0x0244 swmidi - ok
20:11:06.0062 0x0244 SwPrv - ok
20:11:06.0093 0x0244 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
20:11:06.0171 0x0244 symc810 - ok
20:11:06.0171 0x0244 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:11:06.0250 0x0244 symc8xx - ok
20:11:06.0281 0x0244 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:11:06.0359 0x0244 sym_hi - ok
20:11:06.0375 0x0244 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:11:06.0468 0x0244 sym_u3 - ok
20:11:06.0500 0x0244 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:11:06.0578 0x0244 sysaudio - ok
20:11:06.0609 0x0244 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:11:06.0671 0x0244 SysmonLog - ok
20:11:06.0703 0x0244 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:11:06.0781 0x0244 TapiSrv - ok
20:11:06.0828 0x0244 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:11:06.0859 0x0244 Tcpip - ok
20:11:06.0890 0x0244 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:11:06.0968 0x0244 TDPIPE - ok
20:11:07.0000 0x0244 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:11:07.0062 0x0244 TDTCP - ok
20:11:07.0078 0x0244 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:11:07.0156 0x0244 TermDD - ok
20:11:07.0203 0x0244 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
20:11:07.0281 0x0244 TermService - ok
20:11:07.0296 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
20:11:07.0312 0x0244 Themes - ok
20:11:07.0343 0x0244 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:11:07.0437 0x0244 TlntSvr - ok
20:11:07.0453 0x0244 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
20:11:07.0531 0x0244 TosIde - ok
20:11:07.0578 0x0244 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:11:07.0640 0x0244 TrkWks - ok
20:11:07.0687 0x0244 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:11:07.0750 0x0244 Udfs - ok
20:11:07.0781 0x0244 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
20:11:07.0812 0x0244 ultra - ok
20:11:07.0859 0x0244 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:11:07.0937 0x0244 Update - ok
20:11:07.0984 0x0244 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
20:11:08.0062 0x0244 upnphost - ok
20:11:08.0093 0x0244 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
20:11:08.0171 0x0244 UPS - ok
20:11:08.0218 0x0244 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:11:08.0281 0x0244 usbccgp - ok
20:11:08.0312 0x0244 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:11:08.0375 0x0244 usbehci - ok
20:11:08.0406 0x0244 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:11:08.0468 0x0244 usbhub - ok
20:11:08.0500 0x0244 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:11:08.0578 0x0244 usbscan - ok
20:11:08.0593 0x0244 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:11:08.0671 0x0244 USBSTOR - ok
20:11:08.0671 0x0244 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:11:08.0750 0x0244 usbuhci - ok
20:11:08.0812 0x0244 [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] UtilityChest_49Service C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
20:11:08.0812 0x0244 UtilityChest_49Service - ok
20:11:08.0843 0x0244 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:11:08.0921 0x0244 VgaSave - ok
20:11:08.0953 0x0244 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:11:09.0015 0x0244 viaagp - ok
20:11:09.0062 0x0244 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:11:09.0140 0x0244 ViaIde - ok
20:11:09.0171 0x0244 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:11:09.0234 0x0244 VolSnap - ok
20:11:09.0281 0x0244 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
20:11:09.0359 0x0244 VSS - ok
20:11:09.0375 0x0244 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
20:11:09.0453 0x0244 w32time - ok
20:11:09.0484 0x0244 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:11:09.0562 0x0244 Wanarp - ok
20:11:09.0609 0x0244 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:11:09.0625 0x0244 Wdf01000 - ok
20:11:09.0640 0x0244 WDICA - ok
20:11:09.0687 0x0244 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:11:09.0750 0x0244 wdmaud - ok
20:11:09.0796 0x0244 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
20:11:09.0859 0x0244 WebClient - ok
20:11:09.0937 0x0244 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:11:10.0000 0x0244 winmgmt - ok
20:11:10.0031 0x0244 wltrysvc - ok
20:11:10.0078 0x0244 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:11:10.0078 0x0244 WmdmPmSN - ok
20:11:10.0140 0x0244 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:11:10.0187 0x0244 Wmi - ok
20:11:10.0203 0x0244 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:11:10.0281 0x0244 WmiApSrv - ok
20:11:10.0375 0x0244 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:11:10.0437 0x0244 WMPNetworkSvc - ok
20:11:10.0453 0x0244 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:11:10.0468 0x0244 WpdUsb - ok
20:11:10.0500 0x0244 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:11:10.0515 0x0244 WudfPf - ok
20:11:10.0562 0x0244 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:11:10.0578 0x0244 WudfRd - ok
20:11:10.0625 0x0244 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:11:10.0640 0x0244 WudfSvc - ok
20:11:10.0687 0x0244 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:11:10.0781 0x0244 WZCSVC - ok
20:11:10.0812 0x0244 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:11:10.0890 0x0244 xmlprov - ok
20:11:10.0906 0x0244 ================ Scan global ===============================
20:11:10.0937 0x0244 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:11:10.0984 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:11.0000 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:11.0015 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:11:11.0015 0x0244 [ Global ] - ok
20:11:11.0015 0x0244 ================ Scan MBR ==================================
20:11:11.0031 0x0244 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
20:11:11.0250 0x0244 \Device\Harddisk0\DR0 - ok
20:11:11.0250 0x0244 ================ Scan VBR ==================================
20:11:11.0265 0x0244 [ 12CE34B8E9AE5B4A01F54B49AA6C4FEA ] \Device\Harddisk0\DR0\Partition1
20:11:11.0265 0x0244 \Device\Harddisk0\DR0\Partition1 - ok
20:11:11.0265 0x0244 ================ Scan active images ========================
20:11:11.0281 0x0244 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] C:\WINDOWS\system32\drivers\e1e5132.sys
20:11:11.0281 0x0244 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
20:11:11.0296 0x0244 [ 791912E524CC2CC6F50B5F2B52D1EB71, 2B269372E5B39B03089F781CC69AE519D1C840A80ADBE15EA3787FBCDE97F1A8 ] C:\WINDOWS\system32\drivers\usbport.sys
20:11:11.0296 0x0244 C:\WINDOWS\system32\drivers\usbport.sys - ok
20:11:11.0312 0x0244 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
20:11:11.0312 0x0244 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
20:11:11.0328 0x0244 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
20:11:11.0328 0x0244 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
20:11:11.0343 0x0244 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] C:\WINDOWS\system32\drivers\usbehci.sys
20:11:11.0343 0x0244 C:\WINDOWS\system32\drivers\usbehci.sys - ok
20:11:11.0359 0x0244 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
20:11:11.0359 0x0244 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
20:11:11.0375 0x0244 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
20:11:11.0375 0x0244 C:\WINDOWS\system32\drivers\fdc.sys - ok
20:11:11.0375 0x0244 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
20:11:11.0375 0x0244 C:\WINDOWS\system32\drivers\cdrom.sys - ok
20:11:11.0390 0x0244 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
20:11:11.0390 0x0244 C:\WINDOWS\system32\drivers\imapi.sys - ok
20:11:11.0406 0x0244 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
20:11:11.0406 0x0244 C:\WINDOWS\system32\drivers\ks.sys - ok
20:11:11.0421 0x0244 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
20:11:11.0421 0x0244 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
20:11:11.0437 0x0244 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
20:11:11.0437 0x0244 C:\WINDOWS\system32\drivers\redbook.sys - ok
20:11:11.0453 0x0244 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
20:11:11.0453 0x0244 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
20:11:11.0468 0x0244 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
20:11:11.0468 0x0244 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
20:11:11.0484 0x0244 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
20:11:11.0484 0x0244 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
20:11:11.0500 0x0244 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
20:11:11.0500 0x0244 C:\WINDOWS\system32\drivers\msgpc.sys - ok
20:11:11.0500 0x0244 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
20:11:11.0500 0x0244 C:\WINDOWS\system32\drivers\psched.sys - ok
20:11:11.0515 0x0244 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
20:11:11.0515 0x0244 C:\WINDOWS\system32\drivers\raspptp.sys - ok
20:11:11.0531 0x0244 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
20:11:11.0531 0x0244 C:\WINDOWS\system32\drivers\tdi.sys - ok
20:11:11.0546 0x0244 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
20:11:11.0546 0x0244 C:\WINDOWS\system32\drivers\ptilink.sys - ok
20:11:11.0562 0x0244 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
20:11:11.0562 0x0244 C:\WINDOWS\system32\drivers\raspti.sys - ok
20:11:11.0578 0x0244 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
20:11:11.0578 0x0244 C:\WINDOWS\system32\drivers\termdd.sys - ok
20:11:11.0593 0x0244 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
20:11:11.0593 0x0244 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
20:11:11.0609 0x0244 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
20:11:11.0609 0x0244 C:\WINDOWS\system32\drivers\mouclass.sys - ok
20:11:11.0625 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] C:\WINDOWS\system32\drivers\SbFwIm.sys
20:11:11.0625 0x0244 C:\WINDOWS\system32\drivers\SbFwIm.sys - ok
20:11:11.0640 0x0244 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
20:11:11.0640 0x0244 C:\WINDOWS\system32\drivers\swenum.sys - ok
20:11:11.0656 0x0244 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
20:11:11.0656 0x0244 C:\WINDOWS\system32\drivers\update.sys - ok
20:11:11.0671 0x0244 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
20:11:11.0671 0x0244 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
20:11:11.0687 0x0244 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
20:11:11.0687 0x0244 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
20:11:11.0703 0x0244 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
20:11:11.0703 0x0244 C:\WINDOWS\system32\drivers\usbd.sys - ok
20:11:11.0703 0x0244 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
20:11:11.0703 0x0244 C:\WINDOWS\system32\drivers\usbhub.sys - ok
20:11:11.0718 0x0244 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
20:11:11.0718 0x0244 C:\WINDOWS\system32\drivers\beep.sys - ok
20:11:11.0734 0x0244 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
20:11:11.0734 0x0244 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
20:11:11.0750 0x0244 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
20:11:11.0750 0x0244 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
20:11:11.0765 0x0244 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys
20:11:11.0765 0x0244 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
20:11:11.0781 0x0244 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
20:11:11.0781 0x0244 C:\WINDOWS\system32\drivers\null.sys - ok
20:11:11.0796 0x0244 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
20:11:11.0796 0x0244 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
20:11:11.0812 0x0244 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
20:11:11.0812 0x0244 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
20:11:11.0812 0x0244 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
20:11:11.0812 0x0244 C:\WINDOWS\system32\drivers\vga.sys - ok
20:11:11.0828 0x0244 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
20:11:11.0828 0x0244 C:\WINDOWS\system32\drivers\videoprt.sys - ok
20:11:11.0843 0x0244 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
20:11:11.0843 0x0244 C:\WINDOWS\system32\drivers\ipsec.sys - ok
20:11:11.0859 0x0244 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
20:11:11.0859 0x0244 C:\WINDOWS\system32\drivers\msfs.sys - ok
20:11:11.0875 0x0244 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
20:11:11.0875 0x0244 C:\WINDOWS\system32\drivers\npfs.sys - ok
20:11:11.0890 0x0244 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
20:11:11.0890 0x0244 C:\WINDOWS\system32\drivers\rasacd.sys - ok
20:11:11.0906 0x0244 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
20:11:11.0906 0x0244 C:\WINDOWS\system32\drivers\tcpip.sys - ok
20:11:11.0921 0x0244 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] C:\WINDOWS\system32\drivers\SbFw.sys
20:11:11.0921 0x0244 C:\WINDOWS\system32\drivers\SbFw.sys - ok
20:11:11.0937 0x0244 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
20:11:11.0937 0x0244 C:\WINDOWS\system32\drivers\netbt.sys - ok
20:11:11.0953 0x0244 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] C:\WINDOWS\system32\drivers\sbtis.sys
20:11:11.0953 0x0244 C:\WINDOWS\system32\drivers\sbtis.sys - ok
20:11:11.0968 0x0244 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
20:11:11.0968 0x0244 C:\WINDOWS\system32\drivers\afd.sys - ok
20:11:11.0984 0x0244 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
20:11:11.0984 0x0244 C:\WINDOWS\system32\drivers\netbios.sys - ok
20:11:12.0000 0x0244 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
20:11:12.0000 0x0244 C:\WINDOWS\system32\drivers\rdbss.sys - ok
20:11:12.0000 0x0244 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
20:11:12.0000 0x0244 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
20:11:12.0015 0x0244 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
20:11:12.0015 0x0244 C:\WINDOWS\system32\ntdll.dll - ok
20:11:12.0031 0x0244 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
20:11:12.0031 0x0244 C:\WINDOWS\system32\smss.exe - ok
20:11:12.0046 0x0244 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
20:11:12.0046 0x0244 C:\WINDOWS\system32\autochk.exe - ok
20:11:12.0062 0x0244 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
20:11:12.0062 0x0244 C:\WINDOWS\system32\sfcfiles.dll - ok
20:11:12.0078 0x0244 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
20:11:12.0078 0x0244 C:\WINDOWS\system32\drivers\hidclass.sys - ok
20:11:12.0093 0x0244 [ 96ECCF28FDBF1B2CC12725818A63628D, 0F25069EE8A44B6F4B18F82F384D404CC1776A2AFC5032D9ED19CE36FF2A61DC ] C:\WINDOWS\system32\drivers\hidparse.sys
20:11:12.0093 0x0244 C:\WINDOWS\system32\drivers\hidparse.sys - ok
20:11:12.0109 0x0244 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
20:11:12.0109 0x0244 C:\WINDOWS\system32\drivers\hidusb.sys - ok
20:11:12.0125 0x0244 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
20:11:12.0125 0x0244 C:\WINDOWS\system32\drivers\mouhid.sys - ok
20:11:12.0140 0x0244 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
20:11:12.0140 0x0244 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
20:11:12.0156 0x0244 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
20:11:12.0156 0x0244 C:\WINDOWS\system32\drivers\cdfs.sys - ok
20:11:12.0156 0x0244 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] C:\WINDOWS\system32\drivers\usbccgp.sys
20:11:12.0156 0x0244 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
20:11:12.0171 0x0244 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
20:11:12.0171 0x0244 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
20:11:12.0187 0x0244 [ 399C974DDA25FD3E59F22BAB787F662B, D2D9B91438D5CC4915D1E24AE2727C9210153F48CC09339351744E465FD491FD ] C:\WINDOWS\system32\drivers\wdfldr.sys
20:11:12.0187 0x0244 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
20:11:12.0203 0x0244 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
20:11:12.0203 0x0244 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
20:11:12.0218 0x0244 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
20:11:12.0218 0x0244 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
20:11:12.0234 0x0244 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
20:11:12.0234 0x0244 C:\WINDOWS\system32\drivers\atapi.sys - ok
20:11:12.0250 0x0244 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
20:11:12.0250 0x0244 C:\WINDOWS\system32\drivers\wmilib.sys - ok
20:11:12.0265 0x0244 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
20:11:12.0265 0x0244 C:\WINDOWS\system32\drivers\dxapi.sys - ok
20:11:12.0265 0x0244 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
20:11:12.0265 0x0244 C:\WINDOWS\system32\watchdog.sys - ok
20:11:12.0281 0x0244 [ 63FA0F8D9CC1F24DC5D93FA8806228CD, 0C9C02393F159571BE58B1517D4809AB5F263BB8A04828463EEB50E8A949C421 ] C:\WINDOWS\system32\win32k.sys
20:11:12.0281 0x0244 C:\WINDOWS\system32\win32k.sys - ok
20:11:12.0296 0x0244 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
20:11:12.0296 0x0244 C:\WINDOWS\system32\csrss.exe - ok
20:11:12.0312 0x0244 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
20:11:12.0312 0x0244 C:\WINDOWS\system32\csrsrv.dll - ok
20:11:12.0328 0x0244 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:11:12.0328 0x0244 C:\WINDOWS\system32\basesrv.dll - ok
20:11:12.0343 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:12.0343 0x0244 C:\WINDOWS\system32\winsrv.dll - ok
20:11:12.0359 0x0244 [ 8B1F3320AEBB536E021A5014409862DE, AF87414100C16882B5CB6852C94205EC646A42B2616C5EC8AD5010611427FAF1 ] C:\WINDOWS\system32\gdi32.dll
20:11:12.0359 0x0244 C:\WINDOWS\system32\gdi32.dll - ok
20:11:12.0375 0x0244 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
20:11:12.0375 0x0244 C:\WINDOWS\system32\kernel32.dll - ok
20:11:12.0390 0x0244 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
20:11:12.0390 0x0244 C:\WINDOWS\system32\user32.dll - ok
20:11:12.0406 0x0244 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
20:11:12.0406 0x0244 C:\WINDOWS\system32\drivers\dxg.sys - ok
20:11:12.0421 0x0244 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
20:11:12.0421 0x0244 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
20:11:12.0437 0x0244 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
20:11:12.0437 0x0244 C:\WINDOWS\system32\vga.dll - ok
20:11:12.0453 0x0244 [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
20:11:12.0453 0x0244 C:\WINDOWS\system32\framebuf.dll - ok
20:11:12.0468 0x0244 [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
20:11:12.0468 0x0244 C:\WINDOWS\system32\vga256.dll - ok
20:11:12.0484 0x0244 [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
20:11:12.0484 0x0244 C:\WINDOWS\system32\vga64k.dll - ok
20:11:12.0484 0x0244 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
20:11:12.0484 0x0244 C:\WINDOWS\system32\winlogon.exe - ok
20:11:12.0500 0x0244 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
20:11:12.0500 0x0244 C:\WINDOWS\system32\advapi32.dll - ok
20:11:12.0515 0x0244 [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
20:11:12.0515 0x0244 C:\WINDOWS\system32\rpcrt4.dll - ok
20:11:12.0531 0x0244 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
20:11:12.0531 0x0244 C:\WINDOWS\system32\secur32.dll - ok
20:11:12.0546 0x0244 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
20:11:12.0546 0x0244 C:\WINDOWS\system32\authz.dll - ok
20:11:12.0562 0x0244 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
20:11:12.0562 0x0244 C:\WINDOWS\system32\msvcrt.dll - ok
20:11:12.0578 0x0244 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1, EA90CA8DC82F2273B4CD8F8C3B7C5AB9856AE0E8B5AC0CA2604776CDC9FE40B2 ] C:\WINDOWS\system32\crypt32.dll
20:11:12.0578 0x0244 C:\WINDOWS\system32\crypt32.dll - ok
20:11:12.0593 0x0244 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
20:11:12.0593 0x0244 C:\WINDOWS\system32\msasn1.dll - ok
20:11:12.0593 0x0244 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
20:11:12.0593 0x0244 C:\WINDOWS\system32\nddeapi.dll - ok
20:11:12.0609 0x0244 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
20:11:12.0609 0x0244 C:\WINDOWS\system32\profmap.dll - ok
20:11:12.0625 0x0244 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
20:11:12.0625 0x0244 C:\WINDOWS\system32\netapi32.dll - ok
20:11:12.0640 0x0244 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
20:11:12.0640 0x0244 C:\WINDOWS\system32\userenv.dll - ok
20:11:12.0656 0x0244 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
20:11:12.0656 0x0244 C:\WINDOWS\system32\psapi.dll - ok
20:11:12.0671 0x0244 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
20:11:12.0671 0x0244 C:\WINDOWS\system32\regapi.dll - ok
20:11:12.0687 0x0244 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
20:11:12.0687 0x0244 C:\WINDOWS\system32\setupapi.dll - ok
20:11:12.0703 0x0244 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
20:11:12.0703 0x0244 C:\WINDOWS\system32\version.dll - ok
20:11:12.0718 0x0244 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
20:11:12.0718 0x0244 C:\WINDOWS\system32\winsta.dll - ok
20:11:12.0734 0x0244 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
20:11:12.0734 0x0244 C:\WINDOWS\system32\wintrust.dll - ok
20:11:12.0750 0x0244 [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
20:11:12.0750 0x0244 C:\WINDOWS\system32\imagehlp.dll - ok
20:11:12.0750 0x0244 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
20:11:12.0750 0x0244 C:\WINDOWS\system32\ws2help.dll - ok
20:11:12.0765 0x0244 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
20:11:12.0765 0x0244 C:\WINDOWS\system32\ws2_32.dll - ok
20:11:12.0781 0x0244 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
20:11:12.0781 0x0244 C:\WINDOWS\system32\imm32.dll - ok
20:11:12.0796 0x0244 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
20:11:12.0796 0x0244 C:\WINDOWS\system32\kbdus.dll - ok
20:11:12.0812 0x0244 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
20:11:12.0812 0x0244 C:\WINDOWS\system32\msgina.dll - ok
20:11:12.0828 0x0244 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
20:11:12.0828 0x0244 C:\WINDOWS\system32\comctl32.dll - ok
20:11:12.0843 0x0244 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
20:11:12.0843 0x0244 C:\WINDOWS\system32\odbc32.dll - ok
20:11:12.0859 0x0244 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
20:11:12.0859 0x0244 C:\WINDOWS\system32\comdlg32.dll - ok
20:11:12.0875 0x0244 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
20:11:12.0875 0x0244 C:\WINDOWS\system32\shell32.dll - ok
20:11:12.0890 0x0244 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
20:11:12.0890 0x0244 C:\WINDOWS\system32\shlwapi.dll - ok
20:11:12.0906 0x0244 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
20:11:12.0906 0x0244 C:\WINDOWS\system32\sxs.dll - ok
20:11:12.0921 0x0244 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
20:11:12.0921 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
20:11:12.0921 0x0244 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
20:11:12.0921 0x0244 C:\WINDOWS\system32\odbcint.dll - ok
20:11:12.0937 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
20:11:12.0937 0x0244 C:\WINDOWS\system32\shsvcs.dll - ok
20:11:12.0953 0x0244 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
20:11:12.0953 0x0244 C:\WINDOWS\system32\ole32.dll - ok
20:11:12.0968 0x0244 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
20:11:12.0968 0x0244 C:\WINDOWS\system32\sfc.dll - ok
20:11:12.0984 0x0244 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
20:11:12.0984 0x0244 C:\WINDOWS\system32\sfc_os.dll - ok
20:11:13.0000 0x0244 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
20:11:13.0000 0x0244 C:\WINDOWS\system32\apphelp.dll - ok
20:11:13.0015 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
20:11:13.0015 0x0244 C:\WINDOWS\system32\lsass.exe - ok
20:11:13.0031 0x0244 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
20:11:13.0031 0x0244 C:\WINDOWS\system32\ncobjapi.dll - ok
20:11:13.0031 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:11:13.0031 0x0244 C:\WINDOWS\system32\services.exe - ok
20:11:13.0046 0x0244 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
20:11:13.0046 0x0244 C:\WINDOWS\system32\lsasrv.dll - ok
20:11:13.0062 0x0244 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
20:11:13.0062 0x0244 C:\WINDOWS\system32\msvcp60.dll - ok
20:11:13.0078 0x0244 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
20:11:13.0078 0x0244 C:\WINDOWS\system32\scesrv.dll - ok
20:11:13.0093 0x0244 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
20:11:13.0093 0x0244 C:\WINDOWS\system32\mpr.dll - ok
20:11:13.0109 0x0244 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
20:11:13.0109 0x0244 C:\WINDOWS\system32\ntdsapi.dll - ok
20:11:13.0125 0x0244 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
20:11:13.0125 0x0244 C:\WINDOWS\system32\umpnpmgr.dll - ok
20:11:13.0140 0x0244 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
20:11:13.0140 0x0244 C:\WINDOWS\system32\dnsapi.dll - ok
20:11:13.0156 0x0244 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
20:11:13.0156 0x0244 C:\WINDOWS\system32\shimeng.dll - ok
20:11:13.0171 0x0244 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
20:11:13.0171 0x0244 C:\WINDOWS\system32\wldap32.dll - ok
20:11:13.0187 0x0244 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
20:11:13.0187 0x0244 C:\WINDOWS\AppPatch\acadproc.dll - ok
20:11:13.0203 0x0244 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
20:11:13.0203 0x0244 C:\WINDOWS\system32\samlib.dll - ok
20:11:13.0218 0x0244 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
20:11:13.0218 0x0244 C:\WINDOWS\system32\samsrv.dll - ok
20:11:13.0234 0x0244 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
20:11:13.0234 0x0244 C:\WINDOWS\system32\cryptdll.dll - ok
20:11:13.0250 0x0244 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
20:11:13.0250 0x0244 C:\WINDOWS\AppPatch\acgenral.dll - ok
20:11:13.0250 0x0244 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
20:11:13.0250 0x0244 C:\WINDOWS\system32\winmm.dll - ok
20:11:13.0265 0x0244 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
20:11:13.0265 0x0244 C:\WINDOWS\system32\oleaut32.dll - ok
20:11:13.0281 0x0244 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
20:11:13.0281 0x0244 C:\WINDOWS\system32\msacm32.dll - ok
20:11:13.0296 0x0244 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
20:11:13.0296 0x0244 C:\WINDOWS\system32\uxtheme.dll - ok
20:11:13.0312 0x0244 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
20:11:13.0312 0x0244 C:\WINDOWS\system32\msapsspc.dll - ok
20:11:13.0328 0x0244 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
20:11:13.0328 0x0244 C:\WINDOWS\system32\msvcrt40.dll - ok
20:11:13.0343 0x0244 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
20:11:13.0343 0x0244 C:\WINDOWS\system32\schannel.dll - ok
20:11:13.0359 0x0244 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
20:11:13.0359 0x0244 C:\WINDOWS\system32\digest.dll - ok
20:11:13.0359 0x0244 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
20:11:13.0359 0x0244 C:\WINDOWS\system32\msnsspc.dll - ok
20:11:13.0375 0x0244 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
20:11:13.0375 0x0244 C:\WINDOWS\system32\msctfime.ime - ok
20:11:13.0390 0x0244 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
20:11:13.0390 0x0244 C:\WINDOWS\system32\msprivs.dll - ok
20:11:13.0406 0x0244 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
20:11:13.0406 0x0244 C:\WINDOWS\system32\kerberos.dll - ok
20:11:13.0421 0x0244 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
20:11:13.0421 0x0244 C:\WINDOWS\system32\msv1_0.dll - ok
20:11:13.0437 0x0244 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
20:11:13.0437 0x0244 C:\WINDOWS\system32\iphlpapi.dll - ok
20:11:13.0453 0x0244 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
20:11:13.0453 0x0244 C:\WINDOWS\system32\netlogon.dll - ok
20:11:13.0468 0x0244 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
20:11:13.0468 0x0244 C:\WINDOWS\system32\w32time.dll - ok
20:11:13.0484 0x0244 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
20:11:13.0484 0x0244 C:\WINDOWS\system32\wdigest.dll - ok
20:11:13.0500 0x0244 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
20:11:13.0500 0x0244 C:\WINDOWS\system32\rsaenh.dll - ok
20:11:13.0500 0x0244 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
20:11:13.0500 0x0244 C:\WINDOWS\system32\winscard.dll - ok
20:11:13.0515 0x0244 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
20:11:13.0515 0x0244 C:\WINDOWS\system32\wtsapi32.dll - ok
20:11:13.0531 0x0244 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
20:11:13.0531 0x0244 C:\WINDOWS\system32\scecli.dll - ok
20:11:13.0546 0x0244 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
20:11:13.0546 0x0244 C:\WINDOWS\system32\svchost.exe - ok
20:11:13.0562 0x0244 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
20:11:13.0562 0x0244 C:\WINDOWS\system32\ntmarta.dll - ok
20:11:13.0578 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
20:11:13.0578 0x0244 C:\WINDOWS\system32\rpcss.dll - ok
20:11:13.0593 0x0244 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
20:11:13.0593 0x0244 C:\WINDOWS\system32\xpsp2res.dll - ok
20:11:13.0609 0x0244 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
20:11:13.0609 0x0244 C:\WINDOWS\system32\eventlog.dll - ok
20:11:13.0625 0x0244 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
20:11:13.0625 0x0244 C:\WINDOWS\system32\mswsock.dll - ok
20:11:13.0640 0x0244 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
20:11:13.0640 0x0244 C:\WINDOWS\system32\hnetcfg.dll - ok
20:11:13.0656 0x0244 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
20:11:13.0656 0x0244 C:\WINDOWS\system32\wshtcpip.dll - ok
20:11:13.0671 0x0244 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
20:11:13.0671 0x0244 C:\WINDOWS\system32\rasadhlp.dll - ok
20:11:13.0687 0x0244 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
20:11:13.0687 0x0244 C:\WINDOWS\system32\winrnr.dll - ok
20:11:13.0703 0x0244 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
20:11:13.0703 0x0244 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
20:11:13.0703 0x0244 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
20:11:13.0703 0x0244 C:\WINDOWS\system32\dhcpcsvc.dll - ok
20:11:13.0718 0x0244 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
20:11:13.0718 0x0244 C:\WINDOWS\system32\dnsrslvr.dll - ok
20:11:13.0734 0x0244 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
20:11:13.0734 0x0244 C:\WINDOWS\system32\lmhsvc.dll - ok
20:11:13.0750 0x0244 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
20:11:13.0750 0x0244 C:\WINDOWS\system32\wzcsvc.dll - ok
20:11:13.0765 0x0244 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
20:11:13.0765 0x0244 C:\WINDOWS\system32\rtutils.dll - ok
20:11:13.0781 0x0244 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
20:11:13.0781 0x0244 C:\WINDOWS\system32\wmi.dll - ok
20:11:13.0796 0x0244 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
20:11:13.0796 0x0244 C:\WINDOWS\system32\atl.dll - ok
20:11:13.0812 0x0244 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
20:11:13.0812 0x0244 C:\WINDOWS\system32\eapolqec.dll - ok
20:11:13.0812 0x0244 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
20:11:13.0812 0x0244 C:\WINDOWS\system32\qutil.dll - ok
20:11:13.0828 0x0244 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
20:11:13.0828 0x0244 C:\WINDOWS\system32\dot3api.dll - ok
20:11:13.0843 0x0244 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
20:11:13.0843 0x0244 C:\WINDOWS\system32\esent.dll - ok
20:11:13.0859 0x0244 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
20:11:13.0859 0x0244 C:\WINDOWS\system32\logonui.exe - ok
20:11:13.0875 0x0244 [ 482E8F6FD557D5A0DF7363F72DF145FE, BCD5D1A9C715CCCFE93E21145EF8AC924BC5726F53D0BA86A938B01EF5B37C7D ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
20:11:13.0875 0x0244 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
20:11:13.0890 0x0244 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
20:11:13.0890 0x0244 C:\WINDOWS\system32\duser.dll - ok
20:11:13.0906 0x0244 [ F1BD516A4446B737BAEFB9FBAA92F01A, D4FBFFA2AE1F77F9E40C7DD8F415C6BD7690BA6B747F0B22C4B866C68F76D1AF ] C:\WINDOWS\system32\wininet.dll
20:11:13.0906 0x0244 C:\WINDOWS\system32\wininet.dll - ok
20:11:13.0921 0x0244 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
20:11:13.0921 0x0244 C:\WINDOWS\system32\msimg32.dll - ok
20:11:13.0937 0x0244 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
20:11:13.0937 0x0244 C:\WINDOWS\system32\oleacc.dll - ok
20:11:13.0953 0x0244 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
20:11:13.0953 0x0244 C:\WINDOWS\system32\normaliz.dll - ok
20:11:13.0968 0x0244 [ 5288BC366FDABFA94D5C4577DAF85387, D51AD3B26E4F1256B91DBB270E5B713D1FE53FBDF97E1CF9179EB293AA9490F2 ] C:\WINDOWS\system32\urlmon.dll
20:11:13.0968 0x0244 C:\WINDOWS\system32\urlmon.dll - ok
20:11:13.0984 0x0244 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
20:11:13.0984 0x0244 C:\WINDOWS\system32\wkssvc.dll - ok
20:11:14.0000 0x0244 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
20:11:14.0000 0x0244 C:\WINDOWS\system32\clbcatq.dll - ok
20:11:14.0000 0x0244 [ 6195004BF2586FAA3B22F3CAC9E5CC15, DF6611C7710FA1D1199B05D7FFF8A511B12278867EA4062BB2E21B3A553C96D8 ] C:\WINDOWS\system32\iertutil.dll
20:11:14.0000 0x0244 C:\WINDOWS\system32\iertutil.dll - ok
20:11:14.0015 0x0244 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
20:11:14.0015 0x0244 C:\WINDOWS\system32\comres.dll - ok
20:11:14.0031 0x0244 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
20:11:14.0031 0x0244 C:\WINDOWS\system32\shgina.dll - ok
20:11:14.0046 0x0244 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
20:11:14.0046 0x0244 C:\WINDOWS\system32\rastls.dll - ok
20:11:14.0062 0x0244 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
20:11:14.0062 0x0244 C:\WINDOWS\system32\cryptui.dll - ok
20:11:14.0078 0x0244 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
20:11:14.0078 0x0244 C:\WINDOWS\system32\mprapi.dll - ok
20:11:14.0093 0x0244 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
20:11:14.0093 0x0244 C:\WINDOWS\system32\activeds.dll - ok
20:11:14.0109 0x0244 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
20:11:14.0109 0x0244 C:\WINDOWS\system32\adsldpc.dll - ok
20:11:14.0125 0x0244 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
20:11:14.0125 0x0244 C:\WINDOWS\system32\rasapi32.dll - ok
20:11:14.0140 0x0244 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
20:11:14.0140 0x0244 C:\WINDOWS\system32\rasman.dll - ok
20:11:14.0140 0x0244 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
20:11:14.0140 0x0244 C:\WINDOWS\system32\tapi32.dll - ok
20:11:14.0156 0x0244 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
20:11:14.0156 0x0244 C:\WINDOWS\system32\cscdll.dll - ok
20:11:14.0171 0x0244 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
20:11:14.0171 0x0244 C:\WINDOWS\system32\dimsntfy.dll - ok
20:11:14.0187 0x0244 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
20:11:14.0187 0x0244 C:\WINDOWS\system32\riched20.dll - ok
20:11:14.0203 0x0244 [ 02A450FB1B4131B63F0782B3B626BF3D, 1DDCD4A0DA234D8919C8EA9180BF943FEAFBE59E546598E60E9963C3FA970AD3 ] C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
20:11:14.0203 0x0244 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll - ok
20:11:14.0218 0x0244 [ E530E95DBFE0EA51159D1F7C81DB6B98, D13948DB19752995A7B684396047DABAFF64F239462C25E27A1765124A522DF3 ] C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
20:11:14.0218 0x0244 C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll - ok
20:11:14.0234 0x0244 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
20:11:14.0234 0x0244 C:\WINDOWS\system32\wlnotify.dll - ok
20:11:14.0250 0x0244 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
20:11:14.0250 0x0244 C:\WINDOWS\system32\raschap.dll - ok
20:11:14.0250 0x0244 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
20:11:14.0250 0x0244 C:\WINDOWS\system32\winspool.drv - ok
20:11:14.0265 0x0244 [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll
20:11:14.0265 0x0244 C:\WINDOWS\system32\WgaLogon.dll - ok
20:11:14.0281 0x0244 [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
20:11:14.0281 0x0244 C:\WINDOWS\system32\msxml3.dll - ok
20:11:14.0296 0x0244 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
20:11:14.0296 0x0244 C:\WINDOWS\system32\cryptsvc.dll - ok
20:11:14.0312 0x0244 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
20:11:14.0312 0x0244 C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe - ok
20:11:14.0328 0x0244 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
20:11:14.0328 0x0244 C:\WINDOWS\system32\certcli.dll - ok
20:11:14.0343 0x0244 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
20:11:14.0343 0x0244 C:\WINDOWS\system32\dmserver.dll - ok
20:11:14.0359 0x0244 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
20:11:14.0359 0x0244 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
20:11:14.0375 0x0244 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
20:11:14.0375 0x0244 C:\WINDOWS\system32\srvsvc.dll - ok
20:11:14.0390 0x0244 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
20:11:14.0390 0x0244 C:\WINDOWS\system32\netmsg.dll - ok
20:11:14.0406 0x0244 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
20:11:14.0406 0x0244 C:\WINDOWS\system32\drivers\srv.sys - ok
20:11:14.0421 0x0244 [ 8C7B50B5725FF49B891CA25B16C0C3A9, A4CB6DE2629971325E91CE3F55E2409904C7967324ADF5845F1ABBF24675D16D ] C:\Program Files\GFI Software\VIPRE\SpursDownload.dll
20:11:14.0421 0x0244 C:\Program Files\GFI Software\VIPRE\SpursDownload.dll - ok
20:11:14.0437 0x0244 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
20:11:14.0437 0x0244 C:\WINDOWS\system32\winhttp.dll - ok
20:11:14.0453 0x0244 [ A2E10A48CA23A2A347273B6C16DD8A8B, 78FC684C26B327895F44D409817523B48B8359AF903CC272A1B5CB3B464E6FB2 ] C:\Program Files\GFI Software\VIPRE\SBTE.dll
20:11:14.0453 0x0244 C:\Program Files\GFI Software\VIPRE\SBTE.dll - ok
20:11:14.0468 0x0244 [ D2C26AF280C00EBD8D27E35C8FF71DF4, FFD4B8826ECA24B9C44FE8BACF1A6B3D3F1ED8D33580F70FC4F21218B11FD9BF ] C:\Program Files\GFI Software\VIPRE\sbap.dll
20:11:14.0468 0x0244 C:\Program Files\GFI Software\VIPRE\sbap.dll - ok
20:11:14.0468 0x0244 [ 56AE49FABF0397C0AC6B289C56DA7E36, 65E36D5D372BC9C4343A1DD321F22AB4790CE50AFAD6525C82DE7BE1EFFB5529 ] C:\Program Files\GFI Software\VIPRE\SBArva.dll
20:11:14.0468 0x0244 C:\Program Files\GFI Software\VIPRE\SBArva.dll - ok
20:11:14.0484 0x0244 [ 9CE7BD04EDF43A81685030FF09E7F4D7, 964470B01D1974851358D018C35DD7AB5A2B59DCB6E7961E4DC77C4EE8BCC4FF ] C:\Program Files\GFI Software\VIPRE\mimepp.dll
20:11:14.0484 0x0244 C:\Program Files\GFI Software\VIPRE\mimepp.dll - ok
20:11:14.0500 0x0244 [ A4DB5188924D7101F8A0159E3B82987A, 6F1747525409AADC04E063D9F8A5675DD99DCF52E9625518221592CFA35A8714 ] C:\Program Files\GFI Software\VIPRE\SbHips.dll
20:11:14.0500 0x0244 C:\Program Files\GFI Software\VIPRE\SbHips.dll - ok
20:11:14.0515 0x0244 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
20:11:14.0515 0x0244 C:\WINDOWS\system32\msi.dll - ok
20:11:14.0531 0x0244 [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
20:11:14.0531 0x0244 C:\WINDOWS\system32\mpnotify.exe - ok
20:11:14.0546 0x0244 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
20:11:14.0546 0x0244 C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe - ok
20:11:14.0562 0x0244 [ D985A5DD14104EDA5D57EC3FE5C7204E, 1E25361B88631F45A4372332CAC28339FA5683FECA5E3382059F66420DCAB622 ] C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll
20:11:14.0562 0x0244 C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll - ok
20:11:14.0578 0x0244 [ F49DABE4B824B9BF35E5F541A6CAAF26, B306E86362380B5922672527FC4548AA9623757DA5533D22DE44D81126E3DCFD ] C:\WINDOWS\system32\BCMLogon.dll
20:11:14.0578 0x0244 C:\WINDOWS\system32\BCMLogon.dll - ok
20:11:14.0578 0x0244 [ A5FE51B8CE661A935A165803C65A4BF1, 5A190418B2F5E7FC18AD27AC315B21DF185BBA8C0E33DC0B3CE60FE07EF34441 ] C:\Program Files\GFI Software\VIPRE\unrar.dll
20:11:14.0578 0x0244 C:\Program Files\GFI Software\VIPRE\unrar.dll - ok
20:11:14.0593 0x0244 [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\MFC71.DLL
20:11:14.0593 0x0244 C:\WINDOWS\system32\MFC71.DLL - ok
20:11:14.0609 0x0244 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
20:11:14.0609 0x0244 C:\WINDOWS\system32\srsvc.dll - ok
20:11:14.0625 0x0244 [ 22F0A21055416B77724CDF7D3D184266, 2B91A278043D38D2BA6BA1A3D61A0DE912589AD5693640AD6D55CEBAAE35F94E ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll
20:11:14.0625 0x0244 C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll - ok
20:11:14.0640 0x0244 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:11:14.0640 0x0244 C:\Program Files\Common Files\supportsoft\bin\ssrc.exe - ok
20:11:14.0656 0x0244 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
20:11:14.0656 0x0244 C:\WINDOWS\system32\powrprof.dll - ok
20:11:14.0671 0x0244 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
20:11:14.0671 0x0244 C:\WINDOWS\system32\wsock32.dll - ok
20:11:14.0687 0x0244 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\MSVCR71.DLL
20:11:14.0687 0x0244 C:\WINDOWS\system32\MSVCR71.DLL - ok
20:11:14.0703 0x0244 [ D7CE4BF406BB32DA938A03419BFC0F92, 71CB6A5A06375EC9A9B0250AB58FDB6AE1E6E9AD31E9757B4085043D24E1A944 ] C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll
20:11:14.0703 0x0244 C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll - ok
20:11:14.0718 0x0244 [ 0CC8C487FB84CB3C53DB71E3979FA450, A7C611D37FFF4C399C43B75490E089FCC587A73694385DAF7B8A087A6BE21BC9 ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll
20:11:14.0718 0x0244 C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll - ok
20:11:14.0734 0x0244 [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\MSVCP71.DLL
20:11:14.0734 0x0244 C:\WINDOWS\system32\MSVCP71.DLL - ok
20:11:14.0750 0x0244 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
20:11:14.0750 0x0244 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
20:11:14.0750 0x0244 [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
20:11:14.0750 0x0244 C:\WINDOWS\system32\regsvr32.exe - ok
20:11:14.0765 0x0244 [ 46D2D7FDED46379E6D051633640AF8D3, 02C7D4B8CC7B95B5CA3F4FBB0EC5CD123167CA9864AAF93D9C67EE1ACAF1C7C0 ] C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
20:11:14.0765 0x0244 C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe - ok
20:11:14.0781 0x0244 [ F2A12BE9CEB441655BDABF9601CBFE4D, DF24F97716F97AA14EF76484C592DDFE92AC5EA32396A101BD889F96D452D9E5 ] C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE
20:11:14.0781 0x0244 C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE - ok
20:11:14.0796 0x0244 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
20:11:14.0796 0x0244 C:\WINDOWS\system32\vssapi.dll - ok
20:11:14.0812 0x0244 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
20:11:14.0812 0x0244 C:\WINDOWS\system32\browser.dll - ok
20:11:14.0828 0x0244 [ 1DA97713C483C4E000955F52224D8733, 56046551936AF1E876EEC3AACC8099E1AC502B6BA83560811E1F6A1FFD532484 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe
20:11:14.0828 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe - ok
20:11:14.0843 0x0244 [ 140B8FBF6850B61F86515470850CF972, CB170A866CB69512F90017B6BABABA1EEFD643CEF5CBC3DBE3554C07D933F825 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll
20:11:14.0843 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll - ok
20:11:14.0859 0x0244 [ 72F1995653E66CBABC9332711DFF966D, 295AFCD30CE82BADCF5B61458FE2FB6B97139A2A136DACB06CEBC48B3772CB35 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll
20:11:14.0859 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll - ok
20:11:14.0875 0x0244 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
20:11:14.0875 0x0244 C:\WINDOWS\system32\cscui.dll - ok
20:11:14.0890 0x0244 [ 47857DF83C1BD9755AFD1C7F0AE65465, 967AD7C178348FCE215F2AD1FCF19676CB0A483288CD155A8899D1AF3469F6BC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
20:11:14.0890 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll - ok
20:11:14.0906 0x0244 [ 871F979D70414C900B35E56222932DAF, 91FD46D7335C9990A20F215B9F6F53BC59551420A9C99AD8110AE2F9FF7598F0 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
20:11:14.0906 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
20:11:14.0921 0x0244 [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
20:11:14.0921 0x0244 C:\WINDOWS\system32\dpcdll.dll - ok
20:11:14.0921 0x0244 [ 4D03CA609E68F4C90CF66515218017F8, CF420ACED0D810E1D75F6811DD986F2D9FDED2FBB8D61FC9A7024520C475FEBB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
20:11:14.0921 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
20:11:14.0937 0x0244 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
20:11:14.0937 0x0244 C:\WINDOWS\system32\userinit.exe - ok
20:11:14.0953 0x0244 [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe
20:11:14.0953 0x0244 C:\WINDOWS\system32\WgaTray.exe - ok
20:11:14.0968 0x0244 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
20:11:14.0968 0x0244 C:\WINDOWS\explorer.exe - ok
20:11:14.0984 0x0244 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
20:11:14.0984 0x0244 C:\WINDOWS\system32\browseui.dll - ok
20:11:15.0000 0x0244 [ 88F2EC4D51D72A87D804D0E6E041F534, 53DE55870D3FB5F9ED5164BBE17CC33E6E692D1F6E07E0EBF11C3617D557CC95 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll
20:11:15.0000 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll - ok
20:11:15.0015 0x0244 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
20:11:15.0015 0x0244 C:\WINDOWS\system32\shdocvw.dll - ok
20:11:15.0031 0x0244 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
20:11:15.0031 0x0244 C:\WINDOWS\system32\cryptnet.dll - ok
20:11:15.0031 0x0244 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
20:11:15.0031 0x0244 C:\WINDOWS\system32\sensapi.dll - ok
20:11:15.0046 0x0244 [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll
20:11:15.0046 0x0244 C:\WINDOWS\system32\LegitCheckControl.dll - ok
20:11:15.0062 0x0244 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
20:11:15.0062 0x0244 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
20:11:15.0078 0x0244 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
20:11:15.0078 0x0244 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
20:11:15.0093 0x0244 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
20:11:15.0093 0x0244 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
20:11:15.0109 0x0244 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
20:11:15.0109 0x0244 C:\WINDOWS\system32\desk.cpl - ok
20:11:15.0125 0x0244 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
20:11:15.0125 0x0244 C:\WINDOWS\system32\wbem\esscli.dll - ok
20:11:15.0140 0x0244 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
20:11:15.0140 0x0244 C:\WINDOWS\system32\themeui.dll - ok
20:11:15.0156 0x0244 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
20:11:15.0156 0x0244 C:\WINDOWS\system32\wbem\fastprox.dll - ok
20:11:15.0171 0x0244 [ C610485022BDAF12F3836B6955470B69, 69E053FBF9B37A0E8D0FE20AB2474AF1F1AA325FAA6C67B212ECABC8E85F7F0C ] C:\Program Files\GFI Software\VIPRE\vipre.dll
20:11:15.0171 0x0244 C:\Program Files\GFI Software\VIPRE\vipre.dll - ok
20:11:15.0187 0x0244 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
20:11:15.0187 0x0244 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
20:11:15.0203 0x0244 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
20:11:15.0203 0x0244 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
20:11:15.0218 0x0244 [ 5D2BE16A06CF09B2952C85503A89C28E, 0A98709D8C96AF58B8A9711576DD7610CE849D487DBACA6ECF01A3F0AA42BF8E ] C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll
20:11:15.0218 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll - ok
20:11:15.0234 0x0244 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
20:11:15.0234 0x0244 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
20:11:15.0250 0x0244 [ 763D69C5A9DE7BCF670D9CDA9EC3CEC0, D2A261B1C2727EE188834A69129418C50F3525D25BC47FB8F87B2ADCA5DB2811 ] C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll
20:11:15.0250 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll - ok
20:11:15.0250 0x0244 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
20:11:15.0250 0x0244 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
20:11:15.0265 0x0244 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
20:11:15.0265 0x0244 C:\WINDOWS\system32\wbem\wbemess.dll - ok
20:11:15.0281 0x0244 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
20:11:15.0281 0x0244 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
20:11:15.0296 0x0244 [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
20:11:15.0296 0x0244 C:\WINDOWS\system32\licwmi.dll - ok
20:11:15.0312 0x0244 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
20:11:15.0312 0x0244 C:\WINDOWS\system32\wbem\framedyn.dll - ok
20:11:15.0328 0x0244 [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
20:11:15.0328 0x0244 C:\WINDOWS\system32\licdll.dll - ok
20:11:15.0343 0x0244 [ D1B01B7933F26211E80EAC667A909E1B, 9515F423FC74D84CB9B8CFDCB94017697D85ADBDFCECC9BE70D755D253EA7F27 ] C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll
20:11:15.0343 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll - ok
20:11:15.0359 0x0244 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
20:11:15.0359 0x0244 C:\WINDOWS\system32\msxml6.dll - ok
20:11:15.0375 0x0244 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
20:11:15.0375 0x0244 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
20:11:15.0375 0x0244 [ 19350C72F956CB7ADBA0F5EC6FDE6846, 61EBB1C358EB3DE3D5D84BBCA4BF09570B31E7F842FC1D3BA68221EBDB21A662 ] C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll
20:11:15.0375 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll - ok
20:11:15.0390 0x0244 [ 0748D7C015A09EC9C0539130259736FE, 3AB581FC911C41966A18F459394E27B32DA34E56A3E1D34BF9A8856349274742 ] C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll
20:11:15.0390 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll - ok
20:11:15.0406 0x0244 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
20:11:15.0406 0x0244 C:\WINDOWS\system32\cfgmgr32.dll - ok
20:11:15.0421 0x0244 [ C9A63111931F99F41D1ADF01895C4B4F, F869BE843A5D6ECD86D5837DB3BC3C3D38821EAA0828AD119BC69273DF510ECD ] C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll
20:11:15.0421 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll - ok
20:11:15.0437 0x0244 [ B46A091F4B9B2472A9C07EC402829A0B, 3A3F3448E935A6A5966B8F45F23595F8846C01ABBB7A706439141F4CE67E4A7B ] C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll
20:11:15.0437 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll - ok
20:11:15.0453 0x0244 [ 5B3FD19F792F926080689DC42EBE2503, 8E8F9748136E10F7BFCEFF2642EA33870BBA320BF6D0047CDB5502C706C64055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll
20:11:15.0453 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll - ok
20:11:15.0468 0x0244 [ E8865E926E750F7C71AA93CAACA1C352, 4D8354D2FA45D63564696FA2ED4CC9475F1848194E52CF243F10FB70C5EF416B ] C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll
20:11:15.0468 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll - ok
20:11:15.0484 0x0244 [ 8A6877EBFB19471C6DCDBC128BA92997, 8B3BDBE922D57A4E6EB198F8CE95C9960AF9C49EE553ABA886FD14703193CFEC ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll
20:11:15.0484 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll - ok
20:11:15.0500 0x0244 [ 3A61DF5B7A4791336367B9BAB3BE3113, 193BC11EE4B7064F5B73D4F6F7455B1A7BC088C8CB3BCB0B2FA9401496557055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll
20:11:15.0500 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll - ok
20:11:15.0500 0x0244 [ C3D0DB2B67E8E77CA5DE82CC5A044B38, 944F8588F882080772304E88243EA19F566165DAEB3044583774EA19389BAD75 ] C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll
20:11:15.0500 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll - ok
20:11:15.0515 0x0244 [ 41A8DF69920FB5349288C083577325F2, 71D35130D8A33E436E7686949AFAF9EC58864B2EB737B0AD9563B33C783D6A83 ] C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll
20:11:15.0515 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll - ok
20:11:15.0531 0x0244 [ 3C2E428944BE3E8908BCEB6F86572C39, F7E5675A7F0BD12C6B4F6D609E4FEE14128EF773B248D4F9A2F52F30D8212ECE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll
20:11:15.0531 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll - ok
20:11:15.0546 0x0244 [ 08C8482A1D4326F9AE1A5BF3A1E46086, FF9F4E86EC63F7C481C429BFCF38C3D25F25B052412537AC668351EF496989FE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll
20:11:15.0546 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll - ok
20:11:15.0562 0x0244 [ 93BE04A5C3DC07B5A3D79D97E231630A, 3C3997E7F3E0FFA20DCC6361F6389DE9B3307E97D133B5B1CD49D5D63AA38E0A ] C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll
20:11:15.0562 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll - ok
20:11:15.0578 0x0244 [ F109D57D63B480953FC5F5998D0B4186, 3D52B491C76E37E547BA5F3F2EE1952DF50EC6723D0DEA9E49A7CEB04C74F1F2 ] C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll
20:11:15.0578 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll - ok
20:11:15.0593 0x0244 [ EC9178C60133C6007C9D613050910D2C, D1553802066831E2E388DE12EA7AA8E65C38F9F9C7F841EDE82D3E2E82EDCEB5 ] C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll
20:11:15.0593 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll - ok
20:11:15.0609 0x0244 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
20:11:15.0609 0x0244 C:\WINDOWS\system32\shfolder.dll - ok
20:11:15.0625 0x0244 [ 315ABC478715CEBB404D6E2187B95214, F66A1DBA21A0365DB5F9E7D85EAA5DF4FD9168A78F34AE15F656A492A084DBCE ] C:\Program Files\GFI Software\VIPRE\gfiarksh.dll
20:11:15.0625 0x0244 C:\Program Files\GFI Software\VIPRE\gfiarksh.dll - ok
20:11:15.0640 0x0244 [ 508BADE9FAC071330D3CA3E6BFB40A04, E926D60638A6003FA67DD36D85065DBCDB51C7607B6CBB459793A321CFF03F18 ] C:\Program Files\GFI Software\VIPRE\gfiutil.dll
20:11:15.0640 0x0244 C:\Program Files\GFI Software\VIPRE\gfiutil.dll - ok
20:11:15.0656 0x0244 [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
20:11:15.0656 0x0244 C:\WINDOWS\system32\fltlib.dll - ok
20:11:15.0671 0x0244 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
20:11:15.0671 0x0244 C:\WINDOWS\system32\es.dll - ok
20:11:15.0687 0x0244 [ 75938F0CA410AC4B3FD388FD88792B8F, F84120B7EB0D185D88C90368F8AC48AF7E6FBB74726336D6991B0618AF0303B2 ] C:\Program Files\GFI Software\VIPRE\cmclient1.dll
20:11:15.0687 0x0244 C:\Program Files\GFI Software\VIPRE\cmclient1.dll - ok
20:11:15.0703 0x0244 [ E513C28C4F8650F3B2A20F7878337415, B3CF0BB145FD80621C1B695B23026DE49125530A937927C6956AA0D7E6170C08 ] C:\Program Files\GFI Software\VIPRE\SbFwe.dll
20:11:15.0703 0x0244 C:\Program Files\GFI Software\VIPRE\SbFwe.dll - ok
20:11:15.0718 0x0244 [ 6B59E42D12D76455E1657DF2BFD47C90, 3057284AACA7C33BD78A7980BA44DFA796A365423EE994CD9B62E8E8CEFF2760 ] C:\Program Files\GFI Software\VIPRE\kbu.dll
20:11:15.0718 0x0244 C:\Program Files\GFI Software\VIPRE\kbu.dll - ok
20:11:15.0734 0x0244 [ 80B23666B6458A24AFC0AFD4E20BBBB7, 58CF7F963CE21860639E392AEAFDB484EF8105B1C6CED00062C6A2A92D0C46A9 ] C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll
20:11:15.0734 0x0244 C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll - ok
20:11:15.0734 0x0244 [ 25DE4FB4312B50B992E134E51F982A1F, 2384044EB3AC154A5AE39A479048A8850836775337E6802F7CECE8A0E1BA0C60 ] C:\Program Files\GFI Software\VIPRE\SBTIS.dll
20:11:15.0734 0x0244 C:\Program Files\GFI Software\VIPRE\SBTIS.dll - ok
20:11:15.0750 0x0244 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
20:11:15.0750 0x0244 C:\WINDOWS\system32\termsrv.dll - ok
20:11:15.0765 0x0244 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
20:11:15.0765 0x0244 C:\WINDOWS\system32\icaapi.dll - ok
20:11:15.0781 0x0244 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
20:11:15.0781 0x0244 C:\WINDOWS\system32\mstlsapi.dll - ok
20:11:15.0796 0x0244 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
20:11:15.0796 0x0244 C:\WINDOWS\system32\linkinfo.dll - ok
20:11:15.0812 0x0244 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
20:11:15.0812 0x0244 C:\WINDOWS\system32\ntshrui.dll - ok
20:11:15.0828 0x0244 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
20:11:15.0828 0x0244 C:\WINDOWS\system32\verclsid.exe - ok
20:11:15.0843 0x0244 [ 2DD904F7FE982A3141193F491D04F7C9, 714C803F187B1F4D9DAC7C240354FFCEECCCC42763318DBF8153DBB066D0E9C4 ] C:\WINDOWS\system32\ieframe.dll
20:11:15.0843 0x0244 C:\WINDOWS\system32\ieframe.dll - ok
20:11:15.0843 0x0244 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
20:11:15.0843 0x0244 C:\WINDOWS\system32\netshell.dll - ok
20:11:15.0859 0x0244 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
20:11:15.0859 0x0244 C:\WINDOWS\system32\credui.dll - ok
20:11:15.0875 0x0244 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
20:11:15.0875 0x0244 C:\WINDOWS\system32\dot3dlg.dll - ok
20:11:15.0890 0x0244 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
20:11:15.0890 0x0244 C:\WINDOWS\system32\onex.dll - ok
20:11:15.0906 0x0244 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
20:11:15.0906 0x0244 C:\WINDOWS\system32\eappcfg.dll - ok
20:11:15.0921 0x0244 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
20:11:15.0921 0x0244 C:\WINDOWS\system32\eappprxy.dll - ok
20:11:15.0937 0x0244 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
20:11:15.0937 0x0244 C:\WINDOWS\system32\netman.dll - ok
20:11:15.0953 0x0244 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
20:11:15.0953 0x0244 C:\WINDOWS\system32\wzcsapi.dll - ok
20:11:15.0968 0x0244 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
20:11:15.0968 0x0244 C:\WINDOWS\system32\netcfgx.dll - ok
20:11:15.0984 0x0244 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
20:11:15.0984 0x0244 C:\WINDOWS\system32\clusapi.dll - ok
20:11:16.0000 0x0244 [ ECD5517A6633826057D4F050927DDF56, 6E6599DA9DB33FB66AF76F9252569EE02EFF9F02078191735D09DA64E661C9F7 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
20:11:16.0000 0x0244 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
20:11:16.0000 0x0244 [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
20:11:16.0000 0x0244 C:\WINDOWS\system32\msisip.dll - ok
20:11:16.0015 0x0244 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
20:11:16.0015 0x0244 C:\WINDOWS\system32\rasmans.dll - ok
20:11:16.0031 0x0244 [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
20:11:16.0031 0x0244 C:\WINDOWS\system32\wshext.dll - ok
20:11:16.0046 0x0244 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
20:11:16.0046 0x0244 C:\WINDOWS\system32\sens.dll - ok
20:11:16.0062 0x0244 [ FE9141073B7F9597A99E4203C7706BE2, 7018FEF4FE0C0192BDD21C559D140A31D7D9904DCEB59CF45D0F8D570F286F65 ] C:\PROGRA~1\MICROS~3\Office10\MCPS.DLL
20:11:16.0062 0x0244 C:\PROGRA~1\MICROS~3\Office10\MCPS.DLL - ok
20:11:16.0078 0x0244 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
20:11:16.0078 0x0244 C:\WINDOWS\system32\winipsec.dll - ok
20:11:16.0093 0x0244 [ B60DDDD2D63CE41CB8C487FCFBB6419E, B18A0D4BEBA606BF30F5010BA3C72ABAFAC80D5F303A8BFFB24D7F7B78B786E6 ] C:\Program Files\Internet Explorer\iexplore.exe
20:11:16.0093 0x0244 C:\Program Files\Internet Explorer\iexplore.exe - ok
20:11:16.0109 0x0244 [ AF8841FEF8DE40D36E77C6662843EDAE, E7FAE0E448B7123CE4BBD20D5EBFCD8690F6902D7007C39733658EAD65A0A1DE ] C:\WINDOWS\AppPatch\aclayers.dll
20:11:16.0109 0x0244 C:\WINDOWS\AppPatch\aclayers.dll - ok
20:11:16.0125 0x0244 [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
20:11:16.0125 0x0244 C:\WINDOWS\system32\mmcshext.dll - ok
20:11:16.0140 0x0244 [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
20:11:16.0140 0x0244 C:\WINDOWS\system32\hhsetup.dll - ok
20:11:16.0156 0x0244 [ BC32B2061742C9AA72416D8E33E58DA2, 07EDCBF1D383E971A6BD66ED973630ECE5D736542733D3353C072227041DE181 ] C:\Program Files\Internet Explorer\xpshims.dll
20:11:16.0156 0x0244 C:\Program Files\Internet Explorer\xpshims.dll - ok
20:11:16.0171 0x0244 [ 11734790410900D2CD6B7839020E4DD9, D457755F13909BC06B9A62CCC41AE369D97870663E77E149B49CF50DF025390C ] C:\WINDOWS\system32\ieui.dll
20:11:16.0171 0x0244 C:\WINDOWS\system32\ieui.dll - ok
20:11:16.0187 0x0244 [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\msimtf.dll
20:11:16.0187 0x0244 C:\WINDOWS\system32\msimtf.dll - ok
20:11:16.0187 0x0244 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
20:11:16.0187 0x0244 C:\WINDOWS\system32\msctf.dll - ok
20:11:16.0203 0x0244 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
20:11:16.0203 0x0244 C:\WINDOWS\system32\ctfmon.exe - ok
20:11:16.0218 0x0244 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
20:11:16.0218 0x0244 C:\WINDOWS\system32\msutb.dll - ok
20:11:16.0234 0x0244 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
20:11:16.0234 0x0244 C:\WINDOWS\ime\sptip.dll - ok
20:11:16.0250 0x0244 [ D1E18F4AE94FFEC7270BE0A10C0B295E, 4F22F8AB7B282C118B3458051F858D7EAB52B6459206B9CDF01FE97A9F886097 ] C:\WINDOWS\system32\xmllite.dll
20:11:16.0250 0x0244 C:\WINDOWS\system32\xmllite.dll - ok
20:11:16.0265 0x0244 [ BEAF0D617C877953950CB03DDB66B983, D4DA7B5EAF39AE75DB0350FB680930B3CB3C8ABEB84F51E200A0E73ADE30956D ] C:\Program Files\Internet Explorer\ieproxy.dll
20:11:16.0265 0x0244 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:11:16.0281 0x0244 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
20:11:16.0281 0x0244 C:\WINDOWS\system32\mlang.dll - ok
20:11:16.0296 0x0244 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
20:11:16.0296 0x0244 C:\WINDOWS\system32\actxprxy.dll - ok
20:11:16.0296 0x0244 [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll
20:11:16.0296 0x0244 C:\WINDOWS\system32\usp10.dll - ok
20:11:16.0312 0x0244 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
20:11:16.0312 0x0244 C:\WINDOWS\system32\dssenh.dll - ok
20:11:16.0328 0x0244 [ 4C9AFE1AE4112D260A3E7846C60C774D, 83DB41F2FAD6C2DA95C190E0933FF9F3FD5632696CB071BBDE362D90F6E936B2 ] C:\WINDOWS\system32\mshtml.dll
20:11:16.0328 0x0244 C:\WINDOWS\system32\mshtml.dll - ok
20:11:16.0343 0x0244 [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
20:11:16.0343 0x0244 C:\WINDOWS\system32\msls31.dll - ok
20:11:16.0359 0x0244 [ 0689622E6484934EB6E5F4D3A96311F9, A7D417556512F0FB129939F70835529F3EAC3D5ACBECE5B960A97C2605AF0833 ] C:\WINDOWS\system32\jscript.dll
20:11:16.0359 0x0244 C:\WINDOWS\system32\jscript.dll - ok
20:11:16.0375 0x0244 [ 894A4735262D32C7E737AD6F19348C55, BB85E2DD920D93B38FFE21A21FF8D5F530352889AC303517D50F4E344EA90AF1 ] C:\WINDOWS\system32\iepeers.dll
20:11:16.0375 0x0244 C:\WINDOWS\system32\iepeers.dll - ok
20:11:16.0390 0x0244 [ 5E1A0476E009A1930A524DFF4CA13982, 02635287787412C2075F48A1BBA60B2705C13F5E0D82F82C8C048ED9D8AB5F26 ] C:\WINDOWS\system32\dxtrans.dll
20:11:16.0390 0x0244 C:\WINDOWS\system32\dxtrans.dll - ok
20:11:16.0406 0x0244 [ A47F6A13202AA54541CA46D6CED79F5F, D1FA5CDA2256F3B10E9306673A0E29EE7693548E29D5665BBEA2D42927D061F0 ] C:\WINDOWS\system32\ddrawex.dll
20:11:16.0406 0x0244 C:\WINDOWS\system32\ddrawex.dll - ok
20:11:16.0421 0x0244 [ A340CD71EB535A3DD751B5F28723E50C, AC19738C9255B6B48D20DDCF384BDDAEE0B3EF50F2297512E1750901DA9CC72A ] C:\WINDOWS\system32\ddraw.dll
20:11:16.0421 0x0244 C:\WINDOWS\system32\ddraw.dll - ok
20:11:16.0437 0x0244 [ D8B91D94ECB123862B390FDE3250D3BB, DB2959E80684627ADD72CD895F8B4CBA56CFEBF60BFD60719E400181DD2CE979 ] C:\WINDOWS\system32\dciman32.dll
20:11:16.0437 0x0244 C:\WINDOWS\system32\dciman32.dll - ok
20:11:16.0453 0x0244 [ 42B928FC8518D793BF7A5EAFC57B1D8B, 22C194288DB7FE6902E4BE183856A07456B764D3B123C346A63F49AE55B4EF88 ] C:\WINDOWS\system32\imgutil.dll
20:11:16.0453 0x0244 C:\WINDOWS\system32\imgutil.dll - ok
20:11:16.0468 0x0244 [ E5FA1B044DAC5F6F600A1742D73F6936, 8B9FC6C6388316854F101B99F0C15597DAC20CE43A4B9B151748F98070E9DF8A ] C:\WINDOWS\system32\pngfilt.dll
20:11:16.0468 0x0244 C:\WINDOWS\system32\pngfilt.dll - ok
20:11:16.0484 0x0244 [ 057D53F1490598D41D9D4DEE9A92B0B1, 3B085C27A91BF708B475250630545ECF0D57C454F8C4B21FDD40C81C0B9621B6 ] C:\WINDOWS\system32\dxtmsft.dll
20:11:16.0484 0x0244 C:\WINDOWS\system32\dxtmsft.dll - ok
20:11:16.0500 0x0244 [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
20:11:16.0500 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
20:11:16.0500 0x0244 [ D0049860B63DD87A73A5D165C829C65F, 5113DB094113EF8288F646FACA08F2E49D1F0828589334AA5E0A999608BB63EA ] C:\WINDOWS\system32\t2embed.dll
20:11:16.0500 0x0244 C:\WINDOWS\system32\t2embed.dll - ok
20:11:16.0515 0x0244 [ C3200506FB212A0F4FB736A80E646C40, 19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ] C:\WINDOWS\system32\lz32.dll
20:11:16.0515 0x0244 C:\WINDOWS\system32\lz32.dll - ok
20:11:16.0531 0x0244 [ 4E87AFEC1327D2D71DCB837F8636F428, B3B1E210B699B96CBBF7B20BE56A4B420D125EAD1CD3725D2897CDAC6DDF60CE ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_8_800_94.ocx
20:11:16.0531 0x0244 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_8_800_94.ocx - ok
20:11:16.0546 0x0244 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
20:11:16.0546 0x0244 C:\WINDOWS\system32\dsound.dll - ok
20:11:16.0562 0x0244 [ AA0507F0516A4DFF1B1279AB4A2ABB37, 8EBC13ED4D96F208C5DF940EE51A4D06B64DD789425301B466C9FCD1EF78C64D ] C:\WINDOWS\system32\dinput8.dll
20:11:16.0562 0x0244 C:\WINDOWS\system32\dinput8.dll - ok
20:11:16.0578 0x0244 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
20:11:16.0578 0x0244 C:\WINDOWS\system32\mscms.dll - ok
20:11:16.0593 0x0244 [ 56ADB11F7D4D0816C0BE1E701C1B5E52, 8986E38F7CB4DEED83B0614A8BA37B20C3C30B7A3EFD1A17A9D0B3EBFF58AE8B ] C:\WINDOWS\system32\d3dim700.dll
20:11:16.0593 0x0244 C:\WINDOWS\system32\d3dim700.dll - ok
20:11:16.0609 0x0244 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
20:11:16.0609 0x0244 C:\WINDOWS\system32\drprov.dll - ok
20:11:16.0625 0x0244 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
20:11:16.0625 0x0244 C:\WINDOWS\system32\netui0.dll - ok
20:11:16.0625 0x0244 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
20:11:16.0625 0x0244 C:\WINDOWS\system32\ntlanman.dll - ok
20:11:16.0640 0x0244 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
20:11:16.0640 0x0244 C:\WINDOWS\system32\netui1.dll - ok
20:11:16.0656 0x0244 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
20:11:16.0656 0x0244 C:\WINDOWS\system32\netrap.dll - ok
20:11:16.0671 0x0244 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
20:11:16.0671 0x0244 C:\WINDOWS\system32\davclnt.dll - ok
20:11:16.0687 0x0244 [ 31CF51DCDA1424B813CC97B20F71B431, E3DEE0EA503F5F84B65CFD2A5216EC609313F05616E5F66605E45BA866206D1A ] C:\WINDOWS\system32\vbscript.dll
20:11:16.0687 0x0244 C:\WINDOWS\system32\vbscript.dll - ok
20:11:16.0703 0x0244 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
20:11:16.0703 0x0244 C:\WINDOWS\system32\wbem\ncprov.dll - ok
20:11:16.0718 0x0244 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
20:11:16.0718 0x0244 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
20:11:16.0734 0x0244 [ 8BCBC41817FC41F9CC9B10DD120CEC7C, F2F54909874D4711DCC5DC61BBF0546D533705464CAAB1419D7E12127D4F327D ] C:\Documents and Settings\Dan\Desktop\tdsskiller.exe
20:11:16.0734 0x0244 C:\Documents and Settings\Dan\Desktop\tdsskiller.exe - ok
20:11:16.0750 0x0244 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{3E24C45E-C0FD-4A14-A1C1-50CA7EDDDDEB}.tmp
20:11:16.0750 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{3E24C45E-C0FD-4A14-A1C1-50CA7EDDDDEB}.tmp - ok
20:11:16.0750 0x0244 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{89F11435-E87D-4859-8678-57E6E1DDC34C}.tmp
20:11:16.0750 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{89F11435-E87D-4859-8678-57E6E1DDC34C}.tmp - ok
20:11:16.0765 0x0244 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{D74853ED-2D74-463C-B3FB-2E1330F6F133}.tmp
20:11:16.0765 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{D74853ED-2D74-463C-B3FB-2E1330F6F133}.tmp - ok
20:11:16.0781 0x0244 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{1FA74148-25A6-4538-91B4-7951C2F7B753}.tmp
20:11:16.0781 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{1FA74148-25A6-4538-91B4-7951C2F7B753}.tmp - ok
20:11:16.0796 0x0244 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{97A3EC45-30B1-4E7A-9F82-C30A75EA02E8}.tmp
20:11:16.0796 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{97A3EC45-30B1-4E7A-9F82-C30A75EA02E8}.tmp - ok
20:11:16.0812 0x0244 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{580F2C04-848D-4A3B-A11C-229E870C53A1}.tmp
20:11:16.0812 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{580F2C04-848D-4A3B-A11C-229E870C53A1}.tmp - ok
20:11:16.0828 0x0244 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{55FC9A0A-2B0E-49D7-AA85-FABEC48B9CBF}.tmp
20:11:16.0828 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{55FC9A0A-2B0E-49D7-AA85-FABEC48B9CBF}.tmp - ok
20:11:16.0843 0x0244 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{F5EFF5AF-4BC3-44D3-8F87-05C1FE9C7D1C}.tmp
20:11:16.0843 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{F5EFF5AF-4BC3-44D3-8F87-05C1FE9C7D1C}.tmp - ok
20:11:16.0859 0x0244 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{68FC2F11-084A-495B-AA9B-C55B537AB8CB}.tmp
20:11:16.0859 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{68FC2F11-084A-495B-AA9B-C55B537AB8CB}.tmp - ok
20:11:16.0875 0x0244 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{53D3E849-FD35-4357-BD28-4124579F7A2B}.tmp
20:11:16.0875 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{53D3E849-FD35-4357-BD28-4124579F7A2B}.tmp - ok
20:11:16.0890 0x0244 [ 2094BC9A0FC9C0E15EEA5F4A9581DD14, 06F739FB795F0F03B336CEBB895115BCA8123F3434D26F8428F707D348BF421C ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
20:11:16.0890 0x0244 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
20:11:16.0906 0x0244 [ 055309C927DEF2F09305ED0F3065CF66, ED92413E6D719B61208C4E0E598D64D989D220D0902F3E2A4A54972FD2595057 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
20:11:16.0906 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll - ok
20:11:16.0921 0x0244 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E4CEF61E-DFE7-4F95-81EB-F26D92795BFC}.tmp
20:11:16.0921 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E4CEF61E-DFE7-4F95-81EB-F26D92795BFC}.tmp - ok
20:11:16.0937 0x0244 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{C9BC8DAA-F803-40CD-824A-A2CC44F22AA4}.tmp
20:11:16.0937 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{C9BC8DAA-F803-40CD-824A-A2CC44F22AA4}.tmp - ok
20:11:16.0953 0x0244 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E0847E00-F40B-49D0-BD90-5AF54FEB76A8}.tmp
20:11:16.0953 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E0847E00-F40B-49D0-BD90-5AF54FEB76A8}.tmp - ok
20:11:16.0968 0x0244 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B2913A19-45C2-45E4-ACF6-38339D3E45DB}.tmp
20:11:16.0968 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B2913A19-45C2-45E4-ACF6-38339D3E45DB}.tmp - ok
20:11:16.0984 0x0244 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A94571A8-4C79-476E-9ECB-FB656F7F309F}.tmp
20:11:16.0984 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A94571A8-4C79-476E-9ECB-FB656F7F309F}.tmp - ok
20:11:16.0984 0x0244 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{64FC424A-A558-489E-9E73-795AE8AC0EA1}.tmp
20:11:16.0984 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{64FC424A-A558-489E-9E73-795AE8AC0EA1}.tmp - ok
20:11:17.0000 0x0244 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{5B299D16-ADDE-4E75-9B24-16A382D39033}.tmp
20:11:17.0000 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{5B299D16-ADDE-4E75-9B24-16A382D39033}.tmp - ok
20:11:17.0015 0x0244 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{7615F325-34D8-4ECB-8AAD-3A050163BEED}.tmp
20:11:17.0015 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{7615F325-34D8-4ECB-8AAD-3A050163BEED}.tmp - ok
20:11:17.0031 0x0244 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A898F715-FDFF-4690-9FE2-4A09ABD5991E}.tmp
20:11:17.0031 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A898F715-FDFF-4690-9FE2-4A09ABD5991E}.tmp - ok
20:11:17.0046 0x0244 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B26B0851-C7A5-412D-8510-26461AF47D64}.tmp
20:11:17.0046 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B26B0851-C7A5-412D-8510-26461AF47D64}.tmp - ok
20:11:19.0593 0x0244 ============================================================
20:11:19.0593 0x0244 Scan finished
20:11:19.0593 0x0244 ============================================================
20:11:19.0609 0x05b8 Detected object count: 0
20:11:19.0609 0x05b8 Actual detected object count: 0
20:11:24.0296 0x0354 Deinitialize success
Followed your directions again, still having the problem. My anti-virus (Vipre) popup message indicates desktop.ini found when I log on with other than the admin user acount not in safemode. Websites still get redirected. Here's the latest log file:
20:10:04.0062 0x0350 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
20:10:04.0781 0x0350 ============================================================
20:10:04.0781 0x0350 Current date / time: 2013/10/01 20:10:04.0781
20:10:04.0781 0x0350 SystemInfo:
20:10:04.0781 0x0350
20:10:04.0781 0x0350 OS Version: 5.1.2600 ServicePack: 3.0
20:10:04.0781 0x0350 Product type: Workstation
20:10:04.0781 0x0350 ComputerName: HOME
20:10:04.0781 0x0350 UserName: Dan
20:10:04.0781 0x0350 Windows directory: C:\WINDOWS
20:10:04.0781 0x0350 System windows directory: C:\WINDOWS
20:10:04.0781 0x0350 Processor architecture: Intel x86
20:10:04.0781 0x0350 Number of processors: 4
20:10:04.0781 0x0350 Page size: 0x1000
20:10:04.0781 0x0350 Boot type: Safe boot with network
20:10:04.0781 0x0350 ============================================================
20:10:04.0781 0x0350 BG loaded
20:10:04.0921 0x0350 System UUID: {DB817CD4-B020-F4E6-637C-35B22BA8EF59}
20:10:05.0250 0x0350 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:10:05.0250 0x0350 ============================================================
20:10:05.0250 0x0350 \Device\Harddisk0\DR0:
20:10:05.0250 0x0350 MBR partitions:
20:10:05.0250 0x0350 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39CCEE0B
20:10:05.0250 0x0350 ============================================================
20:10:05.0281 0x0350 C: <-> \Device\Harddisk0\DR0\Partition1
20:10:05.0281 0x0350 ============================================================
20:10:05.0281 0x0350 Initialize success
20:10:05.0281 0x0350 ============================================================
20:10:13.0750 0x0244 ============================================================
20:10:13.0750 0x0244 Scan started
20:10:13.0750 0x0244 Mode: Manual; SigCheck; TDLFS;
20:10:13.0750 0x0244 ============================================================
20:10:13.0750 0x0244 KSN ping started
20:10:16.0296 0x0244 KSN ping finished: true
20:10:16.0937 0x0244 ================ Scan system memory ========================
20:10:16.0937 0x0244 System memory - ok
20:10:16.0937 0x0244 ================ Scan services =============================
20:10:17.0031 0x0244 Abiosdsk - ok
20:10:17.0046 0x0244 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:10:17.0140 0x0244 abp480n5 - ok
20:10:17.0218 0x0244 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:10:17.0312 0x0244 ACPI - ok
20:10:17.0328 0x0244 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:10:17.0406 0x0244 ACPIEC - ok
20:10:17.0437 0x0244 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:10:17.0531 0x0244 adpu160m - ok
20:10:17.0562 0x0244 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:10:17.0640 0x0244 aec - ok
20:10:17.0687 0x0244 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:10:17.0687 0x0244 AFD - ok
20:10:17.0734 0x0244 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:10:17.0812 0x0244 agp440 - ok
20:10:17.0828 0x0244 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:10:17.0890 0x0244 agpCPQ - ok
20:10:17.0921 0x0244 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:10:17.0953 0x0244 Aha154x - ok
20:10:17.0968 0x0244 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:10:18.0046 0x0244 aic78u2 - ok
20:10:18.0046 0x0244 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:10:18.0156 0x0244 aic78xx - ok
20:10:18.0187 0x0244 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:10:18.0265 0x0244 Alerter - ok
20:10:18.0281 0x0244 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
20:10:18.0343 0x0244 ALG - ok
20:10:18.0375 0x0244 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:10:18.0468 0x0244 AliIde - ok
20:10:18.0484 0x0244 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:10:18.0562 0x0244 alim1541 - ok
20:10:18.0593 0x0244 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:10:18.0671 0x0244 amdagp - ok
20:10:18.0687 0x0244 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
20:10:18.0718 0x0244 amsint - ok
20:10:18.0765 0x0244 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:10:18.0828 0x0244 AppMgmt - ok
20:10:18.0859 0x0244 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
20:10:18.0921 0x0244 asc - ok
20:10:18.0953 0x0244 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:10:18.0984 0x0244 asc3350p - ok
20:10:19.0031 0x0244 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:10:19.0109 0x0244 asc3550 - ok
20:10:19.0187 0x0244 [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
20:10:19.0203 0x0244 aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
20:10:21.0937 0x0244 Detect skipped due to KSN trusted
20:10:21.0937 0x0244 aspnet_state - ok
20:10:21.0968 0x0244 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:10:22.0031 0x0244 AsyncMac - ok
20:10:22.0078 0x0244 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:10:22.0140 0x0244 atapi - ok
20:10:22.0156 0x0244 Atdisk - ok
20:10:22.0187 0x0244 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:10:22.0265 0x0244 Atmarpc - ok
20:10:22.0296 0x0244 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:10:22.0375 0x0244 AudioSrv - ok
20:10:22.0421 0x0244 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:10:22.0500 0x0244 audstub - ok
20:10:22.0562 0x0244 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:10:22.0593 0x0244 BCM43XX - ok
20:10:22.0640 0x0244 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:10:22.0718 0x0244 Beep - ok
20:10:22.0750 0x0244 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
20:10:22.0765 0x0244 Browser - ok
20:10:22.0812 0x0244 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:10:22.0875 0x0244 cbidf - ok
20:10:22.0890 0x0244 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:10:22.0953 0x0244 cbidf2k - ok
20:10:22.0984 0x0244 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:10:23.0015 0x0244 cd20xrnt - ok
20:10:23.0046 0x0244 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:10:23.0125 0x0244 Cdaudio - ok
20:10:23.0171 0x0244 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:10:23.0234 0x0244 Cdfs - ok
20:10:23.0265 0x0244 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:10:23.0343 0x0244 Cdrom - ok
20:10:23.0359 0x0244 Changer - ok
20:10:23.0390 0x0244 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:10:23.0453 0x0244 CiSvc - ok
20:10:23.0468 0x0244 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:10:23.0531 0x0244 ClipSrv - ok
20:10:23.0562 0x0244 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:10:23.0656 0x0244 CmdIde - ok
20:10:23.0656 0x0244 COMSysApp - ok
20:10:23.0703 0x0244 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:10:23.0781 0x0244 Cpqarray - ok
20:10:23.0812 0x0244 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:10:23.0875 0x0244 CryptSvc - ok
20:10:23.0906 0x0244 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:10:23.0984 0x0244 dac2w2k - ok
20:10:24.0015 0x0244 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:10:24.0093 0x0244 dac960nt - ok
20:10:24.0125 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:10:24.0156 0x0244 DcomLaunch - ok
20:10:24.0187 0x0244 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:10:24.0265 0x0244 Dhcp - ok
20:10:24.0281 0x0244 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:10:24.0359 0x0244 Disk - ok
20:10:24.0359 0x0244 dmadmin - ok
20:10:24.0421 0x0244 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:10:24.0500 0x0244 dmboot - ok
20:10:24.0515 0x0244 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:10:24.0593 0x0244 dmio - ok
20:10:24.0625 0x0244 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:10:24.0703 0x0244 dmload - ok
20:10:24.0734 0x0244 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
20:10:24.0796 0x0244 dmserver - ok
20:10:24.0812 0x0244 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:10:24.0890 0x0244 DMusic - ok
20:10:24.0937 0x0244 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:10:24.0953 0x0244 Dnscache - ok
20:10:24.0984 0x0244 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:10:25.0046 0x0244 Dot3svc - ok
20:10:25.0078 0x0244 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:10:25.0156 0x0244 dpti2o - ok
20:10:25.0187 0x0244 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:10:25.0250 0x0244 drmkaud - ok
20:10:25.0281 0x0244 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:10:25.0375 0x0244 E100B - ok
20:10:25.0406 0x0244 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
20:10:25.0421 0x0244 e1express - ok
20:10:25.0453 0x0244 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:10:25.0546 0x0244 EapHost - ok
20:10:25.0578 0x0244 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:10:25.0640 0x0244 ERSvc - ok
20:10:25.0687 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
20:10:25.0687 0x0244 Eventlog - ok
20:10:25.0750 0x0244 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
20:10:25.0765 0x0244 EventSystem - ok
20:10:25.0781 0x0244 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:10:25.0859 0x0244 Fastfat - ok
20:10:25.0890 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:10:25.0906 0x0244 FastUserSwitchingCompatibility - ok
20:10:25.0937 0x0244 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:10:26.0015 0x0244 Fdc - ok
20:10:26.0031 0x0244 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:10:26.0093 0x0244 Fips - ok
20:10:26.0125 0x0244 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:10:26.0203 0x0244 Flpydisk - ok
20:10:26.0234 0x0244 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:10:26.0296 0x0244 FltMgr - ok
20:10:26.0343 0x0244 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:10:26.0406 0x0244 Fs_Rec - ok
20:10:26.0437 0x0244 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:10:26.0531 0x0244 Ftdisk - ok
20:10:26.0562 0x0244 [ 035EAF9A18B84F9560984BCF41F52E99, D449A010FF46D43333799B4F282F779ACEC7671D326BA7B8234AF5D9DE48A07A ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys
20:10:26.0578 0x0244 gfiark - detected UnsignedFile.Multi.Generic ( 1 )
20:10:29.0296 0x0244 Detect skipped due to KSN trusted
20:10:29.0296 0x0244 gfiark - ok
20:10:29.0328 0x0244 [ 4594A3BB131B027E8D6590B9035B7DAC, EBCEDE824D98A6D6E805CA0F8360640AB44BF1E18D225868AFE9954BB083D5B8 ] gfiutil C:\WINDOWS\system32\drivers\gfiutil.sys
20:10:29.0343 0x0244 gfiutil - detected UnsignedFile.Multi.Generic ( 1 )
20:10:32.0062 0x0244 Detect skipped due to KSN trusted
20:10:32.0062 0x0244 gfiutil - ok
20:10:32.0187 0x0244 [ AD826942E10F8D18C29E365CE426A21B, 54AA8C21AAA495B4E6D15651A50F3FB4E585834875DF230EB551BC1BD0BE3484 ] gfi_lanss10_attservice C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe
20:10:32.0203 0x0244 gfi_lanss10_attservice - ok
20:10:32.0265 0x0244 [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
20:10:32.0281 0x0244 GoToAssist - ok
20:10:32.0312 0x0244 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:10:32.0390 0x0244 Gpc - ok
20:10:32.0437 0x0244 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:32.0437 0x0244 gupdate - ok
20:10:32.0453 0x0244 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:10:32.0468 0x0244 gupdatem - ok
20:10:32.0515 0x0244 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:10:32.0593 0x0244 HDAudBus - ok
20:10:32.0656 0x0244 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:10:32.0718 0x0244 helpsvc - ok
20:10:32.0734 0x0244 HidServ - ok
20:10:32.0781 0x0244 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:10:32.0843 0x0244 HidUsb - ok
20:10:32.0875 0x0244 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:10:32.0953 0x0244 hkmsvc - ok
20:10:32.0968 0x0244 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
20:10:33.0046 0x0244 hpn - ok
20:10:33.0093 0x0244 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:10:33.0125 0x0244 HTTP - ok
20:10:33.0156 0x0244 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:10:33.0234 0x0244 HTTPFilter - ok
20:10:33.0265 0x0244 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:10:33.0328 0x0244 i2omgmt - ok
20:10:33.0375 0x0244 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:10:33.0437 0x0244 i2omp - ok
20:10:33.0453 0x0244 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:10:33.0531 0x0244 i8042prt - ok
20:10:33.0734 0x0244 [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:10:34.0000 0x0244 ialm - ok
20:10:34.0046 0x0244 [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
20:10:34.0062 0x0244 iaStor - ok
20:10:34.0078 0x0244 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:10:34.0156 0x0244 Imapi - ok
20:10:34.0187 0x0244 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
20:10:34.0265 0x0244 ImapiService - ok
20:10:34.0312 0x0244 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:10:34.0390 0x0244 ini910u - ok
20:10:34.0578 0x0244 [ 17BBBABB21F86B650B2626045A9D016C, 01C1F7711B037844CF325C60A2ABEFBB84DD00B3F048E08D7D056E506334624B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:10:34.0718 0x0244 IntcAzAudAddService - ok
20:10:34.0750 0x0244 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:10:34.0828 0x0244 IntelIde - ok
20:10:34.0859 0x0244 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:10:34.0921 0x0244 intelppm - ok
20:10:34.0968 0x0244 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:10:35.0031 0x0244 Ip6Fw - ok
20:10:35.0078 0x0244 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:10:35.0156 0x0244 IpFilterDriver - ok
20:10:35.0187 0x0244 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:10:35.0265 0x0244 IpInIp - ok
20:10:35.0281 0x0244 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:10:35.0359 0x0244 IpNat - ok
20:10:35.0406 0x0244 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:10:35.0468 0x0244 IPSec - ok
20:10:35.0500 0x0244 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:10:35.0562 0x0244 IRENUM - ok
20:10:35.0578 0x0244 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:10:35.0656 0x0244 isapnp - ok
20:10:35.0765 0x0244 [ 32192B4EBE8720ED8D49A455C962CB91, 00EEFA0E6FCF329DE0A9D98F1231A9F23D059A4CF41460F7728C3DD0CD1746C4 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:10:35.0781 0x0244 JavaQuickStarterService - ok
20:10:35.0796 0x0244 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:10:35.0859 0x0244 Kbdclass - ok
20:10:35.0890 0x0244 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:10:35.0953 0x0244 kbdhid - ok
20:10:36.0015 0x0244 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:10:36.0078 0x0244 kmixer - ok
20:10:36.0109 0x0244 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:10:36.0109 0x0244 KSecDD - ok
20:10:36.0156 0x0244 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:10:36.0171 0x0244 lanmanserver - ok
20:10:36.0218 0x0244 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:10:36.0234 0x0244 lanmanworkstation - ok
20:10:36.0265 0x0244 [ BE2DC24D403643A2D1D98F33C7087B38, 0E72CAABFD41A30E6BD8E8EC7C75CAC6F96C4C32D578B58913686F1326116678 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
20:10:36.0281 0x0244 LBeepKE - ok
20:10:36.0281 0x0244 lbrtfdc - ok
20:10:36.0390 0x0244 [ 910344E2A984010435AE84783B25E5EB, 0A547AA691EE89383A8DDF5191943C9AB4021BFD55B51504E81308C52EBE5130 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:10:36.0406 0x0244 LBTServ - ok
20:10:36.0453 0x0244 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:10:36.0468 0x0244 LHidFilt - ok
20:10:36.0515 0x0244 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:10:36.0578 0x0244 LmHosts - ok
20:10:36.0593 0x0244 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:10:36.0609 0x0244 LMouFilt - ok
20:10:36.0640 0x0244 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:10:36.0703 0x0244 Messenger - ok
20:10:36.0734 0x0244 [ 41FE2F288E05A6C8AB85DD56770FFBAD, 75AB2C2882DEDB85DFCB313C0F469723AD252CA8D0D4C73D5CA72D7DDCA1B0E7 ] mferkdk C:\WINDOWS\system32\drivers\mferkdk.sys
20:10:36.0750 0x0244 mferkdk - ok
20:10:36.0765 0x0244 [ 096B52EA918AA909BA5903D79E129005, A34B7E5DA4053B0C9A01EEAA1538B2950287DD56BC602D2E35365ABA6E7AA4DC ] mfesmfk C:\WINDOWS\system32\drivers\mfesmfk.sys
20:10:36.0781 0x0244 mfesmfk - ok
20:10:36.0796 0x0244 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:10:36.0875 0x0244 mnmdd - ok
20:10:36.0906 0x0244 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:10:36.0968 0x0244 mnmsrvc - ok
20:10:36.0984 0x0244 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:10:37.0062 0x0244 Modem - ok
20:10:37.0093 0x0244 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:10:37.0171 0x0244 Mouclass - ok
20:10:37.0203 0x0244 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:10:37.0265 0x0244 mouhid - ok
20:10:37.0281 0x0244 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:10:37.0359 0x0244 MountMgr - ok
20:10:37.0375 0x0244 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:10:37.0468 0x0244 mraid35x - ok
20:10:37.0468 0x0244 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:10:37.0546 0x0244 MRxDAV - ok
20:10:37.0578 0x0244 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:10:37.0593 0x0244 MRxSmb - ok
20:10:37.0640 0x0244 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:10:37.0718 0x0244 MSDTC - ok
20:10:37.0750 0x0244 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:10:37.0812 0x0244 Msfs - ok
20:10:37.0828 0x0244 MSIServer - ok
20:10:37.0859 0x0244 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:10:37.0921 0x0244 MSKSSRV - ok
20:10:37.0953 0x0244 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:10:38.0015 0x0244 MSPCLOCK - ok
20:10:38.0046 0x0244 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:10:38.0125 0x0244 MSPQM - ok
20:10:38.0140 0x0244 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:10:38.0203 0x0244 mssmbios - ok
20:10:38.0250 0x0244 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:10:38.0250 0x0244 Mup - ok
20:10:38.0296 0x0244 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:10:38.0375 0x0244 napagent - ok
20:10:38.0421 0x0244 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:10:38.0500 0x0244 NDIS - ok
20:10:38.0531 0x0244 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:10:38.0546 0x0244 NdisTapi - ok
20:10:38.0578 0x0244 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:10:38.0656 0x0244 Ndisuio - ok
20:10:38.0656 0x0244 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:10:38.0734 0x0244 NdisWan - ok
20:10:38.0781 0x0244 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:10:38.0796 0x0244 NDProxy - ok
20:10:38.0828 0x0244 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:10:38.0906 0x0244 NetBIOS - ok
20:10:38.0921 0x0244 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:10:39.0000 0x0244 NetBT - ok
20:10:39.0046 0x0244 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
20:10:39.0109 0x0244 NetDDE - ok
20:10:39.0140 0x0244 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:10:39.0203 0x0244 NetDDEdsdm - ok
20:10:39.0234 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:10:39.0296 0x0244 Netlogon - ok
20:10:39.0328 0x0244 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
20:10:39.0390 0x0244 Netman - ok
20:10:39.0421 0x0244 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
20:10:39.0437 0x0244 Nla - ok
20:10:39.0468 0x0244 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:10:39.0546 0x0244 Npfs - ok
20:10:39.0593 0x0244 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:10:39.0687 0x0244 Ntfs - ok
20:10:39.0703 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:10:39.0781 0x0244 NtLmSsp - ok
20:10:39.0828 0x0244 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:10:39.0906 0x0244 NtmsSvc - ok
20:10:39.0953 0x0244 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:10:40.0031 0x0244 Null - ok
20:10:40.0109 0x0244 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:10:40.0234 0x0244 nv - ok
20:10:40.0265 0x0244 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:10:40.0343 0x0244 NwlnkFlt - ok
20:10:40.0359 0x0244 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:10:40.0421 0x0244 NwlnkFwd - ok
20:10:40.0453 0x0244 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:10:40.0531 0x0244 Parport - ok
20:10:40.0546 0x0244 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:10:40.0609 0x0244 PartMgr - ok
20:10:40.0640 0x0244 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:10:40.0718 0x0244 ParVdm - ok
20:10:40.0734 0x0244 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:10:40.0812 0x0244 PCI - ok
20:10:40.0828 0x0244 PCIDump - ok
20:10:40.0843 0x0244 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:10:40.0906 0x0244 PCIIde - ok
20:10:40.0937 0x0244 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:10:41.0000 0x0244 Pcmcia - ok
20:10:41.0015 0x0244 PDCOMP - ok
20:10:41.0031 0x0244 PDFRAME - ok
20:10:41.0046 0x0244 PDRELI - ok
20:10:41.0062 0x0244 PDRFRAME - ok
20:10:41.0093 0x0244 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
20:10:41.0156 0x0244 perc2 - ok
20:10:41.0171 0x0244 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:10:41.0234 0x0244 perc2hib - ok
20:10:41.0296 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
20:10:41.0296 0x0244 PlugPlay - ok
20:10:41.0312 0x0244 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:10:41.0390 0x0244 PptpMiniport - ok
20:10:41.0390 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:10:41.0468 0x0244 ProtectedStorage - ok
20:10:41.0468 0x0244 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:10:41.0546 0x0244 PSched - ok
20:10:41.0578 0x0244 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:10:41.0656 0x0244 Ptilink - ok
20:10:41.0687 0x0244 [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:10:41.0703 0x0244 PxHelp20 - ok
20:10:41.0718 0x0244 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:10:41.0796 0x0244 ql1080 - ok
20:10:41.0812 0x0244 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:10:41.0875 0x0244 Ql10wnt - ok
20:10:41.0890 0x0244 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:10:41.0984 0x0244 ql12160 - ok
20:10:42.0000 0x0244 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:10:42.0062 0x0244 ql1240 - ok
20:10:42.0093 0x0244 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:10:42.0156 0x0244 ql1280 - ok
20:10:42.0171 0x0244 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:10:42.0234 0x0244 RasAcd - ok
20:10:42.0281 0x0244 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:10:42.0359 0x0244 RasAuto - ok
20:10:42.0375 0x0244 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:10:42.0453 0x0244 Rasl2tp - ok
20:10:42.0500 0x0244 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:10:42.0562 0x0244 RasMan - ok
20:10:42.0578 0x0244 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:10:42.0640 0x0244 RasPppoe - ok
20:10:42.0656 0x0244 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:10:42.0718 0x0244 Raspti - ok
20:10:42.0750 0x0244 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:10:42.0828 0x0244 Rdbss - ok
20:10:42.0843 0x0244 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:10:42.0906 0x0244 RDPCDD - ok
20:10:42.0953 0x0244 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:10:43.0031 0x0244 rdpdr - ok
20:10:43.0078 0x0244 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:10:43.0109 0x0244 RDPWD - ok
20:10:43.0156 0x0244 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:10:43.0218 0x0244 RDSessMgr - ok
20:10:43.0265 0x0244 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:10:43.0328 0x0244 redbook - ok
20:10:43.0375 0x0244 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:10:43.0437 0x0244 RemoteRegistry - ok
20:10:43.0453 0x0244 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:10:43.0531 0x0244 RpcLocator - ok
20:10:43.0546 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:10:43.0578 0x0244 RpcSs - ok
20:10:43.0625 0x0244 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:10:43.0687 0x0244 RSVP - ok
20:10:43.0718 0x0244 SABKUTIL - ok
20:10:43.0750 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
20:10:43.0812 0x0244 SamSs - ok
20:10:43.0968 0x0244 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
20:10:44.0140 0x0244 SBAMSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:10:47.0171 0x0244 Detect skipped due to KSN trusted
20:10:47.0171 0x0244 SBAMSvc - ok
20:10:47.0203 0x0244 [ 40AA51F794921683CA143EE27F2F4171, CCA16D40D33B1C5A9E8366031EA3BC2F55FFEA30960ED46C0D24A8CA947195DD ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
20:10:47.0218 0x0244 sbaphd - detected UnsignedFile.Multi.Generic ( 1 )
20:10:49.0937 0x0244 Detect skipped due to KSN trusted
20:10:49.0937 0x0244 sbaphd - ok
20:10:49.0968 0x0244 [ 701109A92E144182E262BCC8DD898DC5, 549B78444E178632C260DC1DF10CB6F831787440E34EA50E02CFEF7CACB08C39 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
20:10:49.0984 0x0244 sbapifs - detected UnsignedFile.Multi.Generic ( 1 )
20:10:52.0703 0x0244 Detect skipped due to KSN trusted
20:10:52.0703 0x0244 sbapifs - ok
20:10:52.0750 0x0244 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
20:10:52.0765 0x0244 SbFw - detected UnsignedFile.Multi.Generic ( 1 )
20:10:55.0515 0x0244 Detect skipped due to KSN trusted
20:10:55.0515 0x0244 SbFw - ok
20:10:55.0546 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
20:10:55.0562 0x0244 SBFWIMCL - ok
20:10:55.0578 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] SBFWIMCLMP C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
20:10:55.0593 0x0244 SBFWIMCLMP - ok
20:10:55.0625 0x0244 [ 3DE92A1DFB2E7D8812B13DDF10131472, 3E2690B68A1844D6B2C1FA35285191397F4987FA8F6CD61B6B8455B529433061 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
20:10:55.0640 0x0244 sbhips - detected UnsignedFile.Multi.Generic ( 1 )
20:10:58.0343 0x0244 Detect skipped due to KSN trusted
20:10:58.0343 0x0244 sbhips - ok
20:10:58.0390 0x0244 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
20:10:58.0406 0x0244 SBPIMSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:11:01.0109 0x0244 Detect skipped due to KSN trusted
20:11:01.0109 0x0244 SBPIMSvc - ok
20:11:01.0109 0x0244 SBRE - ok
20:11:01.0156 0x0244 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
20:11:01.0171 0x0244 sbtis - detected UnsignedFile.Multi.Generic ( 1 )
20:11:03.0875 0x0244 Detect skipped due to KSN trusted
20:11:03.0875 0x0244 sbtis - ok
20:11:03.0906 0x0244 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:11:03.0984 0x0244 SCardSvr - ok
20:11:04.0031 0x0244 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:11:04.0109 0x0244 Schedule - ok
20:11:04.0156 0x0244 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:11:04.0234 0x0244 Secdrv - ok
20:11:04.0250 0x0244 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:11:04.0312 0x0244 seclogon - ok
20:11:04.0343 0x0244 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
20:11:04.0406 0x0244 SENS - ok
20:11:04.0437 0x0244 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:11:04.0515 0x0244 serenum - ok
20:11:04.0531 0x0244 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:11:04.0609 0x0244 Serial - ok
20:11:04.0625 0x0244 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:11:04.0703 0x0244 Sfloppy - ok
20:11:04.0734 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:11:04.0734 0x0244 ShellHWDetection - ok
20:11:04.0750 0x0244 Simbad - ok
20:11:04.0796 0x0244 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:11:04.0859 0x0244 sisagp - ok
20:11:04.0890 0x0244 [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
20:11:04.0968 0x0244 SONYPVU1 - ok
20:11:05.0000 0x0244 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:11:05.0046 0x0244 Sparrow - ok
20:11:05.0078 0x0244 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:11:05.0140 0x0244 splitter - ok
20:11:05.0187 0x0244 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:11:05.0203 0x0244 Spooler - ok
20:11:05.0234 0x0244 sprtsvc_dellsupportcenter - ok
20:11:05.0250 0x0244 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:11:05.0312 0x0244 sr - ok
20:11:05.0359 0x0244 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
20:11:05.0437 0x0244 srservice - ok
20:11:05.0468 0x0244 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:11:05.0484 0x0244 Srv - ok
20:11:05.0500 0x0244 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:11:05.0593 0x0244 SSDPSRV - ok
20:11:05.0640 0x0244 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:11:05.0718 0x0244 stisvc - ok
20:11:05.0765 0x0244 [ 7489520E98A119B5A9A00857F4F87D16, 818E070C16A85DD641A865CF439FF862A0D05B1E18B2329C24E8983074E0354E ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:11:05.0781 0x0244 stllssvr - ok
20:11:05.0828 0x0244 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:11:05.0843 0x0244 SupportSoft RemoteAssist - ok
20:11:05.0890 0x0244 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:11:05.0968 0x0244 swenum - ok
20:11:05.0984 0x0244 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:11:06.0046 0x0244 swmidi - ok
20:11:06.0062 0x0244 SwPrv - ok
20:11:06.0093 0x0244 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
20:11:06.0171 0x0244 symc810 - ok
20:11:06.0171 0x0244 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:11:06.0250 0x0244 symc8xx - ok
20:11:06.0281 0x0244 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:11:06.0359 0x0244 sym_hi - ok
20:11:06.0375 0x0244 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:11:06.0468 0x0244 sym_u3 - ok
20:11:06.0500 0x0244 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:11:06.0578 0x0244 sysaudio - ok
20:11:06.0609 0x0244 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:11:06.0671 0x0244 SysmonLog - ok
20:11:06.0703 0x0244 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:11:06.0781 0x0244 TapiSrv - ok
20:11:06.0828 0x0244 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:11:06.0859 0x0244 Tcpip - ok
20:11:06.0890 0x0244 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:11:06.0968 0x0244 TDPIPE - ok
20:11:07.0000 0x0244 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:11:07.0062 0x0244 TDTCP - ok
20:11:07.0078 0x0244 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:11:07.0156 0x0244 TermDD - ok
20:11:07.0203 0x0244 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
20:11:07.0281 0x0244 TermService - ok
20:11:07.0296 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
20:11:07.0312 0x0244 Themes - ok
20:11:07.0343 0x0244 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:11:07.0437 0x0244 TlntSvr - ok
20:11:07.0453 0x0244 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
20:11:07.0531 0x0244 TosIde - ok
20:11:07.0578 0x0244 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:11:07.0640 0x0244 TrkWks - ok
20:11:07.0687 0x0244 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:11:07.0750 0x0244 Udfs - ok
20:11:07.0781 0x0244 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
20:11:07.0812 0x0244 ultra - ok
20:11:07.0859 0x0244 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:11:07.0937 0x0244 Update - ok
20:11:07.0984 0x0244 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
20:11:08.0062 0x0244 upnphost - ok
20:11:08.0093 0x0244 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
20:11:08.0171 0x0244 UPS - ok
20:11:08.0218 0x0244 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:11:08.0281 0x0244 usbccgp - ok
20:11:08.0312 0x0244 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:11:08.0375 0x0244 usbehci - ok
20:11:08.0406 0x0244 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:11:08.0468 0x0244 usbhub - ok
20:11:08.0500 0x0244 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:11:08.0578 0x0244 usbscan - ok
20:11:08.0593 0x0244 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:11:08.0671 0x0244 USBSTOR - ok
20:11:08.0671 0x0244 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:11:08.0750 0x0244 usbuhci - ok
20:11:08.0812 0x0244 [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] UtilityChest_49Service C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
20:11:08.0812 0x0244 UtilityChest_49Service - ok
20:11:08.0843 0x0244 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:11:08.0921 0x0244 VgaSave - ok
20:11:08.0953 0x0244 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:11:09.0015 0x0244 viaagp - ok
20:11:09.0062 0x0244 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:11:09.0140 0x0244 ViaIde - ok
20:11:09.0171 0x0244 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:11:09.0234 0x0244 VolSnap - ok
20:11:09.0281 0x0244 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
20:11:09.0359 0x0244 VSS - ok
20:11:09.0375 0x0244 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
20:11:09.0453 0x0244 w32time - ok
20:11:09.0484 0x0244 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:11:09.0562 0x0244 Wanarp - ok
20:11:09.0609 0x0244 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
20:11:09.0625 0x0244 Wdf01000 - ok
20:11:09.0640 0x0244 WDICA - ok
20:11:09.0687 0x0244 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:11:09.0750 0x0244 wdmaud - ok
20:11:09.0796 0x0244 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
20:11:09.0859 0x0244 WebClient - ok
20:11:09.0937 0x0244 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:11:10.0000 0x0244 winmgmt - ok
20:11:10.0031 0x0244 wltrysvc - ok
20:11:10.0078 0x0244 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:11:10.0078 0x0244 WmdmPmSN - ok
20:11:10.0140 0x0244 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:11:10.0187 0x0244 Wmi - ok
20:11:10.0203 0x0244 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:11:10.0281 0x0244 WmiApSrv - ok
20:11:10.0375 0x0244 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:11:10.0437 0x0244 WMPNetworkSvc - ok
20:11:10.0453 0x0244 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:11:10.0468 0x0244 WpdUsb - ok
20:11:10.0500 0x0244 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:11:10.0515 0x0244 WudfPf - ok
20:11:10.0562 0x0244 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:11:10.0578 0x0244 WudfRd - ok
20:11:10.0625 0x0244 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:11:10.0640 0x0244 WudfSvc - ok
20:11:10.0687 0x0244 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:11:10.0781 0x0244 WZCSVC - ok
20:11:10.0812 0x0244 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:11:10.0890 0x0244 xmlprov - ok
20:11:10.0906 0x0244 ================ Scan global ===============================
20:11:10.0937 0x0244 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:11:10.0984 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:11.0000 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:11.0015 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:11:11.0015 0x0244 [ Global ] - ok
20:11:11.0015 0x0244 ================ Scan MBR ==================================
20:11:11.0031 0x0244 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
20:11:11.0250 0x0244 \Device\Harddisk0\DR0 - ok
20:11:11.0250 0x0244 ================ Scan VBR ==================================
20:11:11.0265 0x0244 [ 12CE34B8E9AE5B4A01F54B49AA6C4FEA ] \Device\Harddisk0\DR0\Partition1
20:11:11.0265 0x0244 \Device\Harddisk0\DR0\Partition1 - ok
20:11:11.0265 0x0244 ================ Scan active images ========================
20:11:11.0281 0x0244 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] C:\WINDOWS\system32\drivers\e1e5132.sys
20:11:11.0281 0x0244 C:\WINDOWS\system32\drivers\e1e5132.sys - ok
20:11:11.0296 0x0244 [ 791912E524CC2CC6F50B5F2B52D1EB71, 2B269372E5B39B03089F781CC69AE519D1C840A80ADBE15EA3787FBCDE97F1A8 ] C:\WINDOWS\system32\drivers\usbport.sys
20:11:11.0296 0x0244 C:\WINDOWS\system32\drivers\usbport.sys - ok
20:11:11.0312 0x0244 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
20:11:11.0312 0x0244 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
20:11:11.0328 0x0244 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
20:11:11.0328 0x0244 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
20:11:11.0343 0x0244 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] C:\WINDOWS\system32\drivers\usbehci.sys
20:11:11.0343 0x0244 C:\WINDOWS\system32\drivers\usbehci.sys - ok
20:11:11.0359 0x0244 [ B89BCF0A25AEB3B47030AC83287F894A, DEBA0B00D5E15D1F4AC014D3FD684115E48FE924DF0170F7F4273056DD854778 ] C:\WINDOWS\system32\drivers\BCMWL5.SYS
20:11:11.0359 0x0244 C:\WINDOWS\system32\drivers\BCMWL5.SYS - ok
20:11:11.0375 0x0244 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
20:11:11.0375 0x0244 C:\WINDOWS\system32\drivers\fdc.sys - ok
20:11:11.0375 0x0244 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
20:11:11.0375 0x0244 C:\WINDOWS\system32\drivers\cdrom.sys - ok
20:11:11.0390 0x0244 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
20:11:11.0390 0x0244 C:\WINDOWS\system32\drivers\imapi.sys - ok
20:11:11.0406 0x0244 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
20:11:11.0406 0x0244 C:\WINDOWS\system32\drivers\ks.sys - ok
20:11:11.0421 0x0244 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
20:11:11.0421 0x0244 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
20:11:11.0437 0x0244 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
20:11:11.0437 0x0244 C:\WINDOWS\system32\drivers\redbook.sys - ok
20:11:11.0453 0x0244 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
20:11:11.0453 0x0244 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
20:11:11.0468 0x0244 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
20:11:11.0468 0x0244 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
20:11:11.0484 0x0244 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
20:11:11.0484 0x0244 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
20:11:11.0500 0x0244 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
20:11:11.0500 0x0244 C:\WINDOWS\system32\drivers\msgpc.sys - ok
20:11:11.0500 0x0244 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
20:11:11.0500 0x0244 C:\WINDOWS\system32\drivers\psched.sys - ok
20:11:11.0515 0x0244 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
20:11:11.0515 0x0244 C:\WINDOWS\system32\drivers\raspptp.sys - ok
20:11:11.0531 0x0244 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
20:11:11.0531 0x0244 C:\WINDOWS\system32\drivers\tdi.sys - ok
20:11:11.0546 0x0244 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
20:11:11.0546 0x0244 C:\WINDOWS\system32\drivers\ptilink.sys - ok
20:11:11.0562 0x0244 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
20:11:11.0562 0x0244 C:\WINDOWS\system32\drivers\raspti.sys - ok
20:11:11.0578 0x0244 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
20:11:11.0578 0x0244 C:\WINDOWS\system32\drivers\termdd.sys - ok
20:11:11.0593 0x0244 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
20:11:11.0593 0x0244 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
20:11:11.0609 0x0244 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
20:11:11.0609 0x0244 C:\WINDOWS\system32\drivers\mouclass.sys - ok
20:11:11.0625 0x0244 [ 1B4ACDDFE18B30C51F624734B1D98F3A, 027469BBD031530FB6D0C98F3497809736022F1E1D23A5CB0154E27911113B2C ] C:\WINDOWS\system32\drivers\SbFwIm.sys
20:11:11.0625 0x0244 C:\WINDOWS\system32\drivers\SbFwIm.sys - ok
20:11:11.0640 0x0244 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
20:11:11.0640 0x0244 C:\WINDOWS\system32\drivers\swenum.sys - ok
20:11:11.0656 0x0244 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
20:11:11.0656 0x0244 C:\WINDOWS\system32\drivers\update.sys - ok
20:11:11.0671 0x0244 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
20:11:11.0671 0x0244 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
20:11:11.0687 0x0244 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
20:11:11.0687 0x0244 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
20:11:11.0703 0x0244 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
20:11:11.0703 0x0244 C:\WINDOWS\system32\drivers\usbd.sys - ok
20:11:11.0703 0x0244 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
20:11:11.0703 0x0244 C:\WINDOWS\system32\drivers\usbhub.sys - ok
20:11:11.0718 0x0244 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
20:11:11.0718 0x0244 C:\WINDOWS\system32\drivers\beep.sys - ok
20:11:11.0734 0x0244 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
20:11:11.0734 0x0244 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
20:11:11.0750 0x0244 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
20:11:11.0750 0x0244 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
20:11:11.0765 0x0244 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] C:\WINDOWS\system32\drivers\i2omgmt.sys
20:11:11.0765 0x0244 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
20:11:11.0781 0x0244 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
20:11:11.0781 0x0244 C:\WINDOWS\system32\drivers\null.sys - ok
20:11:11.0796 0x0244 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
20:11:11.0796 0x0244 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
20:11:11.0812 0x0244 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
20:11:11.0812 0x0244 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
20:11:11.0812 0x0244 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
20:11:11.0812 0x0244 C:\WINDOWS\system32\drivers\vga.sys - ok
20:11:11.0828 0x0244 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
20:11:11.0828 0x0244 C:\WINDOWS\system32\drivers\videoprt.sys - ok
20:11:11.0843 0x0244 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
20:11:11.0843 0x0244 C:\WINDOWS\system32\drivers\ipsec.sys - ok
20:11:11.0859 0x0244 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
20:11:11.0859 0x0244 C:\WINDOWS\system32\drivers\msfs.sys - ok
20:11:11.0875 0x0244 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
20:11:11.0875 0x0244 C:\WINDOWS\system32\drivers\npfs.sys - ok
20:11:11.0890 0x0244 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
20:11:11.0890 0x0244 C:\WINDOWS\system32\drivers\rasacd.sys - ok
20:11:11.0906 0x0244 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
20:11:11.0906 0x0244 C:\WINDOWS\system32\drivers\tcpip.sys - ok
20:11:11.0921 0x0244 [ 63C39E79334FB12933F02858593235AA, ED5C29159E198C842C78F41BC63EE4B8530A50A4A0C705E10A8FE7973B82DA98 ] C:\WINDOWS\system32\drivers\SbFw.sys
20:11:11.0921 0x0244 C:\WINDOWS\system32\drivers\SbFw.sys - ok
20:11:11.0937 0x0244 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
20:11:11.0937 0x0244 C:\WINDOWS\system32\drivers\netbt.sys - ok
20:11:11.0953 0x0244 [ 0FCFE672B915687F5BFC0FD8944B360C, 36E113A399408C7C8950AFB57C942515230775427C7511CF2DBDBD4835B28A73 ] C:\WINDOWS\system32\drivers\sbtis.sys
20:11:11.0953 0x0244 C:\WINDOWS\system32\drivers\sbtis.sys - ok
20:11:11.0968 0x0244 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
20:11:11.0968 0x0244 C:\WINDOWS\system32\drivers\afd.sys - ok
20:11:11.0984 0x0244 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
20:11:11.0984 0x0244 C:\WINDOWS\system32\drivers\netbios.sys - ok
20:11:12.0000 0x0244 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
20:11:12.0000 0x0244 C:\WINDOWS\system32\drivers\rdbss.sys - ok
20:11:12.0000 0x0244 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
20:11:12.0000 0x0244 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
20:11:12.0015 0x0244 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
20:11:12.0015 0x0244 C:\WINDOWS\system32\ntdll.dll - ok
20:11:12.0031 0x0244 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
20:11:12.0031 0x0244 C:\WINDOWS\system32\smss.exe - ok
20:11:12.0046 0x0244 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
20:11:12.0046 0x0244 C:\WINDOWS\system32\autochk.exe - ok
20:11:12.0062 0x0244 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
20:11:12.0062 0x0244 C:\WINDOWS\system32\sfcfiles.dll - ok
20:11:12.0078 0x0244 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
20:11:12.0078 0x0244 C:\WINDOWS\system32\drivers\hidclass.sys - ok
20:11:12.0093 0x0244 [ 96ECCF28FDBF1B2CC12725818A63628D, 0F25069EE8A44B6F4B18F82F384D404CC1776A2AFC5032D9ED19CE36FF2A61DC ] C:\WINDOWS\system32\drivers\hidparse.sys
20:11:12.0093 0x0244 C:\WINDOWS\system32\drivers\hidparse.sys - ok
20:11:12.0109 0x0244 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
20:11:12.0109 0x0244 C:\WINDOWS\system32\drivers\hidusb.sys - ok
20:11:12.0125 0x0244 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
20:11:12.0125 0x0244 C:\WINDOWS\system32\drivers\mouhid.sys - ok
20:11:12.0140 0x0244 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
20:11:12.0140 0x0244 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
20:11:12.0156 0x0244 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
20:11:12.0156 0x0244 C:\WINDOWS\system32\drivers\cdfs.sys - ok
20:11:12.0156 0x0244 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] C:\WINDOWS\system32\drivers\usbccgp.sys
20:11:12.0156 0x0244 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
20:11:12.0171 0x0244 [ 01CC7FB6E790EF044B411377F3A1FF41, A935C0C45F7A8EA7D6A462064928B6F982709FB33C21DE6424232297F3A1948B ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
20:11:12.0171 0x0244 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
20:11:12.0187 0x0244 [ 399C974DDA25FD3E59F22BAB787F662B, D2D9B91438D5CC4915D1E24AE2727C9210153F48CC09339351744E465FD491FD ] C:\WINDOWS\system32\drivers\wdfldr.sys
20:11:12.0187 0x0244 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
20:11:12.0203 0x0244 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
20:11:12.0203 0x0244 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
20:11:12.0218 0x0244 [ A2E7EAE8898D7B4B8C302B8F4E836BB5, 1F3C1228891C90B4567DE07AD8A9EF1F5005ED74A71EC5E814906FEF44D02ADC ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
20:11:12.0218 0x0244 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
20:11:12.0234 0x0244 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
20:11:12.0234 0x0244 C:\WINDOWS\system32\drivers\atapi.sys - ok
20:11:12.0250 0x0244 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
20:11:12.0250 0x0244 C:\WINDOWS\system32\drivers\wmilib.sys - ok
20:11:12.0265 0x0244 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
20:11:12.0265 0x0244 C:\WINDOWS\system32\drivers\dxapi.sys - ok
20:11:12.0265 0x0244 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
20:11:12.0265 0x0244 C:\WINDOWS\system32\watchdog.sys - ok
20:11:12.0281 0x0244 [ 63FA0F8D9CC1F24DC5D93FA8806228CD, 0C9C02393F159571BE58B1517D4809AB5F263BB8A04828463EEB50E8A949C421 ] C:\WINDOWS\system32\win32k.sys
20:11:12.0281 0x0244 C:\WINDOWS\system32\win32k.sys - ok
20:11:12.0296 0x0244 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
20:11:12.0296 0x0244 C:\WINDOWS\system32\csrss.exe - ok
20:11:12.0312 0x0244 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
20:11:12.0312 0x0244 C:\WINDOWS\system32\csrsrv.dll - ok
20:11:12.0328 0x0244 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:11:12.0328 0x0244 C:\WINDOWS\system32\basesrv.dll - ok
20:11:12.0343 0x0244 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:11:12.0343 0x0244 C:\WINDOWS\system32\winsrv.dll - ok
20:11:12.0359 0x0244 [ 8B1F3320AEBB536E021A5014409862DE, AF87414100C16882B5CB6852C94205EC646A42B2616C5EC8AD5010611427FAF1 ] C:\WINDOWS\system32\gdi32.dll
20:11:12.0359 0x0244 C:\WINDOWS\system32\gdi32.dll - ok
20:11:12.0375 0x0244 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
20:11:12.0375 0x0244 C:\WINDOWS\system32\kernel32.dll - ok
20:11:12.0390 0x0244 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
20:11:12.0390 0x0244 C:\WINDOWS\system32\user32.dll - ok
20:11:12.0406 0x0244 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
20:11:12.0406 0x0244 C:\WINDOWS\system32\drivers\dxg.sys - ok
20:11:12.0421 0x0244 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
20:11:12.0421 0x0244 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
20:11:12.0437 0x0244 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
20:11:12.0437 0x0244 C:\WINDOWS\system32\vga.dll - ok
20:11:12.0453 0x0244 [ C669A8B0A436641AAD3C2EADA780CBB9, A2D8154A31D8AD00E4BC70C9C1E138D7D8820D7A5C0A1CF33A4745E933797525 ] C:\WINDOWS\system32\framebuf.dll
20:11:12.0453 0x0244 C:\WINDOWS\system32\framebuf.dll - ok
20:11:12.0468 0x0244 [ 1FB5E4AD68B9091148D2A28CF6831D77, 8ABF5F65F8509C633C24856C808854AE1AC8870A98B3DDBF9ED98B7D3CA48383 ] C:\WINDOWS\system32\vga256.dll
20:11:12.0468 0x0244 C:\WINDOWS\system32\vga256.dll - ok
20:11:12.0484 0x0244 [ D5A9D4E5DFD788A5F427DEC60A278FBD, 2E4F11FC9AC6761EA6D044E40A382B226C0E2B119416DD2B78D3B4B067983484 ] C:\WINDOWS\system32\vga64k.dll
20:11:12.0484 0x0244 C:\WINDOWS\system32\vga64k.dll - ok
20:11:12.0484 0x0244 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
20:11:12.0484 0x0244 C:\WINDOWS\system32\winlogon.exe - ok
20:11:12.0500 0x0244 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
20:11:12.0500 0x0244 C:\WINDOWS\system32\advapi32.dll - ok
20:11:12.0515 0x0244 [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
20:11:12.0515 0x0244 C:\WINDOWS\system32\rpcrt4.dll - ok
20:11:12.0531 0x0244 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
20:11:12.0531 0x0244 C:\WINDOWS\system32\secur32.dll - ok
20:11:12.0546 0x0244 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
20:11:12.0546 0x0244 C:\WINDOWS\system32\authz.dll - ok
20:11:12.0562 0x0244 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
20:11:12.0562 0x0244 C:\WINDOWS\system32\msvcrt.dll - ok
20:11:12.0578 0x0244 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1, EA90CA8DC82F2273B4CD8F8C3B7C5AB9856AE0E8B5AC0CA2604776CDC9FE40B2 ] C:\WINDOWS\system32\crypt32.dll
20:11:12.0578 0x0244 C:\WINDOWS\system32\crypt32.dll - ok
20:11:12.0593 0x0244 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
20:11:12.0593 0x0244 C:\WINDOWS\system32\msasn1.dll - ok
20:11:12.0593 0x0244 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
20:11:12.0593 0x0244 C:\WINDOWS\system32\nddeapi.dll - ok
20:11:12.0609 0x0244 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
20:11:12.0609 0x0244 C:\WINDOWS\system32\profmap.dll - ok
20:11:12.0625 0x0244 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
20:11:12.0625 0x0244 C:\WINDOWS\system32\netapi32.dll - ok
20:11:12.0640 0x0244 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
20:11:12.0640 0x0244 C:\WINDOWS\system32\userenv.dll - ok
20:11:12.0656 0x0244 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
20:11:12.0656 0x0244 C:\WINDOWS\system32\psapi.dll - ok
20:11:12.0671 0x0244 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
20:11:12.0671 0x0244 C:\WINDOWS\system32\regapi.dll - ok
20:11:12.0687 0x0244 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
20:11:12.0687 0x0244 C:\WINDOWS\system32\setupapi.dll - ok
20:11:12.0703 0x0244 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
20:11:12.0703 0x0244 C:\WINDOWS\system32\version.dll - ok
20:11:12.0718 0x0244 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
20:11:12.0718 0x0244 C:\WINDOWS\system32\winsta.dll - ok
20:11:12.0734 0x0244 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
20:11:12.0734 0x0244 C:\WINDOWS\system32\wintrust.dll - ok
20:11:12.0750 0x0244 [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
20:11:12.0750 0x0244 C:\WINDOWS\system32\imagehlp.dll - ok
20:11:12.0750 0x0244 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
20:11:12.0750 0x0244 C:\WINDOWS\system32\ws2help.dll - ok
20:11:12.0765 0x0244 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
20:11:12.0765 0x0244 C:\WINDOWS\system32\ws2_32.dll - ok
20:11:12.0781 0x0244 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
20:11:12.0781 0x0244 C:\WINDOWS\system32\imm32.dll - ok
20:11:12.0796 0x0244 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
20:11:12.0796 0x0244 C:\WINDOWS\system32\kbdus.dll - ok
20:11:12.0812 0x0244 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
20:11:12.0812 0x0244 C:\WINDOWS\system32\msgina.dll - ok
20:11:12.0828 0x0244 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
20:11:12.0828 0x0244 C:\WINDOWS\system32\comctl32.dll - ok
20:11:12.0843 0x0244 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
20:11:12.0843 0x0244 C:\WINDOWS\system32\odbc32.dll - ok
20:11:12.0859 0x0244 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
20:11:12.0859 0x0244 C:\WINDOWS\system32\comdlg32.dll - ok
20:11:12.0875 0x0244 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
20:11:12.0875 0x0244 C:\WINDOWS\system32\shell32.dll - ok
20:11:12.0890 0x0244 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
20:11:12.0890 0x0244 C:\WINDOWS\system32\shlwapi.dll - ok
20:11:12.0906 0x0244 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
20:11:12.0906 0x0244 C:\WINDOWS\system32\sxs.dll - ok
20:11:12.0921 0x0244 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
20:11:12.0921 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
20:11:12.0921 0x0244 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
20:11:12.0921 0x0244 C:\WINDOWS\system32\odbcint.dll - ok
20:11:12.0937 0x0244 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
20:11:12.0937 0x0244 C:\WINDOWS\system32\shsvcs.dll - ok
20:11:12.0953 0x0244 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
20:11:12.0953 0x0244 C:\WINDOWS\system32\ole32.dll - ok
20:11:12.0968 0x0244 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
20:11:12.0968 0x0244 C:\WINDOWS\system32\sfc.dll - ok
20:11:12.0984 0x0244 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
20:11:12.0984 0x0244 C:\WINDOWS\system32\sfc_os.dll - ok
20:11:13.0000 0x0244 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
20:11:13.0000 0x0244 C:\WINDOWS\system32\apphelp.dll - ok
20:11:13.0015 0x0244 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
20:11:13.0015 0x0244 C:\WINDOWS\system32\lsass.exe - ok
20:11:13.0031 0x0244 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
20:11:13.0031 0x0244 C:\WINDOWS\system32\ncobjapi.dll - ok
20:11:13.0031 0x0244 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:11:13.0031 0x0244 C:\WINDOWS\system32\services.exe - ok
20:11:13.0046 0x0244 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
20:11:13.0046 0x0244 C:\WINDOWS\system32\lsasrv.dll - ok
20:11:13.0062 0x0244 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
20:11:13.0062 0x0244 C:\WINDOWS\system32\msvcp60.dll - ok
20:11:13.0078 0x0244 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
20:11:13.0078 0x0244 C:\WINDOWS\system32\scesrv.dll - ok
20:11:13.0093 0x0244 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
20:11:13.0093 0x0244 C:\WINDOWS\system32\mpr.dll - ok
20:11:13.0109 0x0244 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
20:11:13.0109 0x0244 C:\WINDOWS\system32\ntdsapi.dll - ok
20:11:13.0125 0x0244 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
20:11:13.0125 0x0244 C:\WINDOWS\system32\umpnpmgr.dll - ok
20:11:13.0140 0x0244 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
20:11:13.0140 0x0244 C:\WINDOWS\system32\dnsapi.dll - ok
20:11:13.0156 0x0244 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
20:11:13.0156 0x0244 C:\WINDOWS\system32\shimeng.dll - ok
20:11:13.0171 0x0244 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
20:11:13.0171 0x0244 C:\WINDOWS\system32\wldap32.dll - ok
20:11:13.0187 0x0244 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
20:11:13.0187 0x0244 C:\WINDOWS\AppPatch\acadproc.dll - ok
20:11:13.0203 0x0244 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
20:11:13.0203 0x0244 C:\WINDOWS\system32\samlib.dll - ok
20:11:13.0218 0x0244 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
20:11:13.0218 0x0244 C:\WINDOWS\system32\samsrv.dll - ok
20:11:13.0234 0x0244 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
20:11:13.0234 0x0244 C:\WINDOWS\system32\cryptdll.dll - ok
20:11:13.0250 0x0244 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
20:11:13.0250 0x0244 C:\WINDOWS\AppPatch\acgenral.dll - ok
20:11:13.0250 0x0244 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
20:11:13.0250 0x0244 C:\WINDOWS\system32\winmm.dll - ok
20:11:13.0265 0x0244 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
20:11:13.0265 0x0244 C:\WINDOWS\system32\oleaut32.dll - ok
20:11:13.0281 0x0244 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
20:11:13.0281 0x0244 C:\WINDOWS\system32\msacm32.dll - ok
20:11:13.0296 0x0244 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
20:11:13.0296 0x0244 C:\WINDOWS\system32\uxtheme.dll - ok
20:11:13.0312 0x0244 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
20:11:13.0312 0x0244 C:\WINDOWS\system32\msapsspc.dll - ok
20:11:13.0328 0x0244 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
20:11:13.0328 0x0244 C:\WINDOWS\system32\msvcrt40.dll - ok
20:11:13.0343 0x0244 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
20:11:13.0343 0x0244 C:\WINDOWS\system32\schannel.dll - ok
20:11:13.0359 0x0244 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
20:11:13.0359 0x0244 C:\WINDOWS\system32\digest.dll - ok
20:11:13.0359 0x0244 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
20:11:13.0359 0x0244 C:\WINDOWS\system32\msnsspc.dll - ok
20:11:13.0375 0x0244 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
20:11:13.0375 0x0244 C:\WINDOWS\system32\msctfime.ime - ok
20:11:13.0390 0x0244 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
20:11:13.0390 0x0244 C:\WINDOWS\system32\msprivs.dll - ok
20:11:13.0406 0x0244 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
20:11:13.0406 0x0244 C:\WINDOWS\system32\kerberos.dll - ok
20:11:13.0421 0x0244 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
20:11:13.0421 0x0244 C:\WINDOWS\system32\msv1_0.dll - ok
20:11:13.0437 0x0244 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
20:11:13.0437 0x0244 C:\WINDOWS\system32\iphlpapi.dll - ok
20:11:13.0453 0x0244 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
20:11:13.0453 0x0244 C:\WINDOWS\system32\netlogon.dll - ok
20:11:13.0468 0x0244 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
20:11:13.0468 0x0244 C:\WINDOWS\system32\w32time.dll - ok
20:11:13.0484 0x0244 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
20:11:13.0484 0x0244 C:\WINDOWS\system32\wdigest.dll - ok
20:11:13.0500 0x0244 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
20:11:13.0500 0x0244 C:\WINDOWS\system32\rsaenh.dll - ok
20:11:13.0500 0x0244 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
20:11:13.0500 0x0244 C:\WINDOWS\system32\winscard.dll - ok
20:11:13.0515 0x0244 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
20:11:13.0515 0x0244 C:\WINDOWS\system32\wtsapi32.dll - ok
20:11:13.0531 0x0244 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
20:11:13.0531 0x0244 C:\WINDOWS\system32\scecli.dll - ok
20:11:13.0546 0x0244 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
20:11:13.0546 0x0244 C:\WINDOWS\system32\svchost.exe - ok
20:11:13.0562 0x0244 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
20:11:13.0562 0x0244 C:\WINDOWS\system32\ntmarta.dll - ok
20:11:13.0578 0x0244 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
20:11:13.0578 0x0244 C:\WINDOWS\system32\rpcss.dll - ok
20:11:13.0593 0x0244 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
20:11:13.0593 0x0244 C:\WINDOWS\system32\xpsp2res.dll - ok
20:11:13.0609 0x0244 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
20:11:13.0609 0x0244 C:\WINDOWS\system32\eventlog.dll - ok
20:11:13.0625 0x0244 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
20:11:13.0625 0x0244 C:\WINDOWS\system32\mswsock.dll - ok
20:11:13.0640 0x0244 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
20:11:13.0640 0x0244 C:\WINDOWS\system32\hnetcfg.dll - ok
20:11:13.0656 0x0244 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
20:11:13.0656 0x0244 C:\WINDOWS\system32\wshtcpip.dll - ok
20:11:13.0671 0x0244 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
20:11:13.0671 0x0244 C:\WINDOWS\system32\rasadhlp.dll - ok
20:11:13.0687 0x0244 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
20:11:13.0687 0x0244 C:\WINDOWS\system32\winrnr.dll - ok
20:11:13.0703 0x0244 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
20:11:13.0703 0x0244 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
20:11:13.0703 0x0244 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
20:11:13.0703 0x0244 C:\WINDOWS\system32\dhcpcsvc.dll - ok
20:11:13.0718 0x0244 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
20:11:13.0718 0x0244 C:\WINDOWS\system32\dnsrslvr.dll - ok
20:11:13.0734 0x0244 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
20:11:13.0734 0x0244 C:\WINDOWS\system32\lmhsvc.dll - ok
20:11:13.0750 0x0244 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
20:11:13.0750 0x0244 C:\WINDOWS\system32\wzcsvc.dll - ok
20:11:13.0765 0x0244 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
20:11:13.0765 0x0244 C:\WINDOWS\system32\rtutils.dll - ok
20:11:13.0781 0x0244 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
20:11:13.0781 0x0244 C:\WINDOWS\system32\wmi.dll - ok
20:11:13.0796 0x0244 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
20:11:13.0796 0x0244 C:\WINDOWS\system32\atl.dll - ok
20:11:13.0812 0x0244 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
20:11:13.0812 0x0244 C:\WINDOWS\system32\eapolqec.dll - ok
20:11:13.0812 0x0244 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
20:11:13.0812 0x0244 C:\WINDOWS\system32\qutil.dll - ok
20:11:13.0828 0x0244 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
20:11:13.0828 0x0244 C:\WINDOWS\system32\dot3api.dll - ok
20:11:13.0843 0x0244 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
20:11:13.0843 0x0244 C:\WINDOWS\system32\esent.dll - ok
20:11:13.0859 0x0244 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
20:11:13.0859 0x0244 C:\WINDOWS\system32\logonui.exe - ok
20:11:13.0875 0x0244 [ 482E8F6FD557D5A0DF7363F72DF145FE, BCD5D1A9C715CCCFE93E21145EF8AC924BC5726F53D0BA86A938B01EF5B37C7D ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
20:11:13.0875 0x0244 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
20:11:13.0890 0x0244 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
20:11:13.0890 0x0244 C:\WINDOWS\system32\duser.dll - ok
20:11:13.0906 0x0244 [ F1BD516A4446B737BAEFB9FBAA92F01A, D4FBFFA2AE1F77F9E40C7DD8F415C6BD7690BA6B747F0B22C4B866C68F76D1AF ] C:\WINDOWS\system32\wininet.dll
20:11:13.0906 0x0244 C:\WINDOWS\system32\wininet.dll - ok
20:11:13.0921 0x0244 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
20:11:13.0921 0x0244 C:\WINDOWS\system32\msimg32.dll - ok
20:11:13.0937 0x0244 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
20:11:13.0937 0x0244 C:\WINDOWS\system32\oleacc.dll - ok
20:11:13.0953 0x0244 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
20:11:13.0953 0x0244 C:\WINDOWS\system32\normaliz.dll - ok
20:11:13.0968 0x0244 [ 5288BC366FDABFA94D5C4577DAF85387, D51AD3B26E4F1256B91DBB270E5B713D1FE53FBDF97E1CF9179EB293AA9490F2 ] C:\WINDOWS\system32\urlmon.dll
20:11:13.0968 0x0244 C:\WINDOWS\system32\urlmon.dll - ok
20:11:13.0984 0x0244 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
20:11:13.0984 0x0244 C:\WINDOWS\system32\wkssvc.dll - ok
20:11:14.0000 0x0244 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
20:11:14.0000 0x0244 C:\WINDOWS\system32\clbcatq.dll - ok
20:11:14.0000 0x0244 [ 6195004BF2586FAA3B22F3CAC9E5CC15, DF6611C7710FA1D1199B05D7FFF8A511B12278867EA4062BB2E21B3A553C96D8 ] C:\WINDOWS\system32\iertutil.dll
20:11:14.0000 0x0244 C:\WINDOWS\system32\iertutil.dll - ok
20:11:14.0015 0x0244 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
20:11:14.0015 0x0244 C:\WINDOWS\system32\comres.dll - ok
20:11:14.0031 0x0244 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
20:11:14.0031 0x0244 C:\WINDOWS\system32\shgina.dll - ok
20:11:14.0046 0x0244 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
20:11:14.0046 0x0244 C:\WINDOWS\system32\rastls.dll - ok
20:11:14.0062 0x0244 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
20:11:14.0062 0x0244 C:\WINDOWS\system32\cryptui.dll - ok
20:11:14.0078 0x0244 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
20:11:14.0078 0x0244 C:\WINDOWS\system32\mprapi.dll - ok
20:11:14.0093 0x0244 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
20:11:14.0093 0x0244 C:\WINDOWS\system32\activeds.dll - ok
20:11:14.0109 0x0244 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
20:11:14.0109 0x0244 C:\WINDOWS\system32\adsldpc.dll - ok
20:11:14.0125 0x0244 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
20:11:14.0125 0x0244 C:\WINDOWS\system32\rasapi32.dll - ok
20:11:14.0140 0x0244 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
20:11:14.0140 0x0244 C:\WINDOWS\system32\rasman.dll - ok
20:11:14.0140 0x0244 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
20:11:14.0140 0x0244 C:\WINDOWS\system32\tapi32.dll - ok
20:11:14.0156 0x0244 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
20:11:14.0156 0x0244 C:\WINDOWS\system32\cscdll.dll - ok
20:11:14.0171 0x0244 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
20:11:14.0171 0x0244 C:\WINDOWS\system32\dimsntfy.dll - ok
20:11:14.0187 0x0244 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
20:11:14.0187 0x0244 C:\WINDOWS\system32\riched20.dll - ok
20:11:14.0203 0x0244 [ 02A450FB1B4131B63F0782B3B626BF3D, 1DDCD4A0DA234D8919C8EA9180BF943FEAFBE59E546598E60E9963C3FA970AD3 ] C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
20:11:14.0203 0x0244 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll - ok
20:11:14.0218 0x0244 [ E530E95DBFE0EA51159D1F7C81DB6B98, D13948DB19752995A7B684396047DABAFF64F239462C25E27A1765124A522DF3 ] C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
20:11:14.0218 0x0244 C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll - ok
20:11:14.0234 0x0244 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
20:11:14.0234 0x0244 C:\WINDOWS\system32\wlnotify.dll - ok
20:11:14.0250 0x0244 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
20:11:14.0250 0x0244 C:\WINDOWS\system32\raschap.dll - ok
20:11:14.0250 0x0244 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
20:11:14.0250 0x0244 C:\WINDOWS\system32\winspool.drv - ok
20:11:14.0265 0x0244 [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll
20:11:14.0265 0x0244 C:\WINDOWS\system32\WgaLogon.dll - ok
20:11:14.0281 0x0244 [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
20:11:14.0281 0x0244 C:\WINDOWS\system32\msxml3.dll - ok
20:11:14.0296 0x0244 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
20:11:14.0296 0x0244 C:\WINDOWS\system32\cryptsvc.dll - ok
20:11:14.0312 0x0244 [ 03C67BDB26D79BC71406F52E385926A1, 9DB74CC45B660913E38B933F82EC705E16D64205EC4A9DE9F98B8BA34CD31610 ] C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
20:11:14.0312 0x0244 C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe - ok
20:11:14.0328 0x0244 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
20:11:14.0328 0x0244 C:\WINDOWS\system32\certcli.dll - ok
20:11:14.0343 0x0244 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
20:11:14.0343 0x0244 C:\WINDOWS\system32\dmserver.dll - ok
20:11:14.0359 0x0244 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
20:11:14.0359 0x0244 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
20:11:14.0375 0x0244 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
20:11:14.0375 0x0244 C:\WINDOWS\system32\srvsvc.dll - ok
20:11:14.0390 0x0244 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
20:11:14.0390 0x0244 C:\WINDOWS\system32\netmsg.dll - ok
20:11:14.0406 0x0244 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
20:11:14.0406 0x0244 C:\WINDOWS\system32\drivers\srv.sys - ok
20:11:14.0421 0x0244 [ 8C7B50B5725FF49B891CA25B16C0C3A9, A4CB6DE2629971325E91CE3F55E2409904C7967324ADF5845F1ABBF24675D16D ] C:\Program Files\GFI Software\VIPRE\SpursDownload.dll
20:11:14.0421 0x0244 C:\Program Files\GFI Software\VIPRE\SpursDownload.dll - ok
20:11:14.0437 0x0244 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
20:11:14.0437 0x0244 C:\WINDOWS\system32\winhttp.dll - ok
20:11:14.0453 0x0244 [ A2E10A48CA23A2A347273B6C16DD8A8B, 78FC684C26B327895F44D409817523B48B8359AF903CC272A1B5CB3B464E6FB2 ] C:\Program Files\GFI Software\VIPRE\SBTE.dll
20:11:14.0453 0x0244 C:\Program Files\GFI Software\VIPRE\SBTE.dll - ok
20:11:14.0468 0x0244 [ D2C26AF280C00EBD8D27E35C8FF71DF4, FFD4B8826ECA24B9C44FE8BACF1A6B3D3F1ED8D33580F70FC4F21218B11FD9BF ] C:\Program Files\GFI Software\VIPRE\sbap.dll
20:11:14.0468 0x0244 C:\Program Files\GFI Software\VIPRE\sbap.dll - ok
20:11:14.0468 0x0244 [ 56AE49FABF0397C0AC6B289C56DA7E36, 65E36D5D372BC9C4343A1DD321F22AB4790CE50AFAD6525C82DE7BE1EFFB5529 ] C:\Program Files\GFI Software\VIPRE\SBArva.dll
20:11:14.0468 0x0244 C:\Program Files\GFI Software\VIPRE\SBArva.dll - ok
20:11:14.0484 0x0244 [ 9CE7BD04EDF43A81685030FF09E7F4D7, 964470B01D1974851358D018C35DD7AB5A2B59DCB6E7961E4DC77C4EE8BCC4FF ] C:\Program Files\GFI Software\VIPRE\mimepp.dll
20:11:14.0484 0x0244 C:\Program Files\GFI Software\VIPRE\mimepp.dll - ok
20:11:14.0500 0x0244 [ A4DB5188924D7101F8A0159E3B82987A, 6F1747525409AADC04E063D9F8A5675DD99DCF52E9625518221592CFA35A8714 ] C:\Program Files\GFI Software\VIPRE\SbHips.dll
20:11:14.0500 0x0244 C:\Program Files\GFI Software\VIPRE\SbHips.dll - ok
20:11:14.0515 0x0244 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
20:11:14.0515 0x0244 C:\WINDOWS\system32\msi.dll - ok
20:11:14.0531 0x0244 [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
20:11:14.0531 0x0244 C:\WINDOWS\system32\mpnotify.exe - ok
20:11:14.0546 0x0244 [ E0F866D00F85F55A04E066FEE23065F9, 00489020919B46613A8CEB2971B938B0A5B4AF3B0495BDEE60BADF7BB74573AE ] C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
20:11:14.0546 0x0244 C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe - ok
20:11:14.0562 0x0244 [ D985A5DD14104EDA5D57EC3FE5C7204E, 1E25361B88631F45A4372332CAC28339FA5683FECA5E3382059F66420DCAB622 ] C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll
20:11:14.0562 0x0244 C:\Program Files\GFI Software\VIPRE\SBRES_VPP_en-US.dll - ok
20:11:14.0578 0x0244 [ F49DABE4B824B9BF35E5F541A6CAAF26, B306E86362380B5922672527FC4548AA9623757DA5533D22DE44D81126E3DCFD ] C:\WINDOWS\system32\BCMLogon.dll
20:11:14.0578 0x0244 C:\WINDOWS\system32\BCMLogon.dll - ok
20:11:14.0578 0x0244 [ A5FE51B8CE661A935A165803C65A4BF1, 5A190418B2F5E7FC18AD27AC315B21DF185BBA8C0E33DC0B3CE60FE07EF34441 ] C:\Program Files\GFI Software\VIPRE\unrar.dll
20:11:14.0578 0x0244 C:\Program Files\GFI Software\VIPRE\unrar.dll - ok
20:11:14.0593 0x0244 [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\MFC71.DLL
20:11:14.0593 0x0244 C:\WINDOWS\system32\MFC71.DLL - ok
20:11:14.0609 0x0244 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
20:11:14.0609 0x0244 C:\WINDOWS\system32\srsvc.dll - ok
20:11:14.0625 0x0244 [ 22F0A21055416B77724CDF7D3D184266, 2B91A278043D38D2BA6BA1A3D61A0DE912589AD5693640AD6D55CEBAAE35F94E ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll
20:11:14.0625 0x0244 C:\Program Files\GFI Software\VIPRE\Plugins\PI_PatchMonitor.dll - ok
20:11:14.0640 0x0244 [ 78B58486A5CB4F418D06EA2D6E961DB0, A9E3ED090F3EBD81D4D5C4702FB05CEB2E74D85656D88AD350895A8DBCF0FA90 ] C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:11:14.0640 0x0244 C:\Program Files\Common Files\supportsoft\bin\ssrc.exe - ok
20:11:14.0656 0x0244 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
20:11:14.0656 0x0244 C:\WINDOWS\system32\powrprof.dll - ok
20:11:14.0671 0x0244 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
20:11:14.0671 0x0244 C:\WINDOWS\system32\wsock32.dll - ok
20:11:14.0687 0x0244 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\MSVCR71.DLL
20:11:14.0687 0x0244 C:\WINDOWS\system32\MSVCR71.DLL - ok
20:11:14.0703 0x0244 [ D7CE4BF406BB32DA938A03419BFC0F92, 71CB6A5A06375EC9A9B0250AB58FDB6AE1E6E9AD31E9757B4085043D24E1A944 ] C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll
20:11:14.0703 0x0244 C:\Program Files\Common Files\supportsoft\bin\vnchooks.dll - ok
20:11:14.0718 0x0244 [ 0CC8C487FB84CB3C53DB71E3979FA450, A7C611D37FFF4C399C43B75490E089FCC587A73694385DAF7B8A087A6BE21BC9 ] C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll
20:11:14.0718 0x0244 C:\Program Files\GFI Software\VIPRE\Plugins\PI_Recovery.dll - ok
20:11:14.0734 0x0244 [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\MSVCP71.DLL
20:11:14.0734 0x0244 C:\WINDOWS\system32\MSVCP71.DLL - ok
20:11:14.0750 0x0244 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
20:11:14.0750 0x0244 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
20:11:14.0750 0x0244 [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
20:11:14.0750 0x0244 C:\WINDOWS\system32\regsvr32.exe - ok
20:11:14.0765 0x0244 [ 46D2D7FDED46379E6D051633640AF8D3, 02C7D4B8CC7B95B5CA3F4FBB0EC5CD123167CA9864AAF93D9C67EE1ACAF1C7C0 ] C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
20:11:14.0765 0x0244 C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe - ok
20:11:14.0781 0x0244 [ F2A12BE9CEB441655BDABF9601CBFE4D, DF24F97716F97AA14EF76484C592DDFE92AC5EA32396A101BD889F96D452D9E5 ] C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE
20:11:14.0781 0x0244 C:\PROGRA~1\COMMON~1\SUPPOR~1\bin\SPRTHE~1.EXE - ok
20:11:14.0796 0x0244 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
20:11:14.0796 0x0244 C:\WINDOWS\system32\vssapi.dll - ok
20:11:14.0812 0x0244 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
20:11:14.0812 0x0244 C:\WINDOWS\system32\browser.dll - ok
20:11:14.0828 0x0244 [ 1DA97713C483C4E000955F52224D8733, 56046551936AF1E876EEC3AACC8099E1AC502B6BA83560811E1F6A1FFD532484 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe
20:11:14.0828 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe - ok
20:11:14.0843 0x0244 [ 140B8FBF6850B61F86515470850CF972, CB170A866CB69512F90017B6BABABA1EEFD643CEF5CBC3DBE3554C07D933F825 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll
20:11:14.0843 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\gfi_log.dll - ok
20:11:14.0859 0x0244 [ 72F1995653E66CBABC9332711DFF966D, 295AFCD30CE82BADCF5B61458FE2FB6B97139A2A136DACB06CEBC48B3772CB35 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll
20:11:14.0859 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll - ok
20:11:14.0875 0x0244 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
20:11:14.0875 0x0244 C:\WINDOWS\system32\cscui.dll - ok
20:11:14.0890 0x0244 [ 47857DF83C1BD9755AFD1C7F0AE65465, 967AD7C178348FCE215F2AD1FCF19676CB0A483288CD155A8899D1AF3469F6BC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
20:11:14.0890 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll - ok
20:11:14.0906 0x0244 [ 871F979D70414C900B35E56222932DAF, 91FD46D7335C9990A20F215B9F6F53BC59551420A9C99AD8110AE2F9FF7598F0 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
20:11:14.0906 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
20:11:14.0921 0x0244 [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
20:11:14.0921 0x0244 C:\WINDOWS\system32\dpcdll.dll - ok
20:11:14.0921 0x0244 [ 4D03CA609E68F4C90CF66515218017F8, CF420ACED0D810E1D75F6811DD986F2D9FDED2FBB8D61FC9A7024520C475FEBB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
20:11:14.0921 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
20:11:14.0937 0x0244 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
20:11:14.0937 0x0244 C:\WINDOWS\system32\userinit.exe - ok
20:11:14.0953 0x0244 [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe
20:11:14.0953 0x0244 C:\WINDOWS\system32\WgaTray.exe - ok
20:11:14.0968 0x0244 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
20:11:14.0968 0x0244 C:\WINDOWS\explorer.exe - ok
20:11:14.0984 0x0244 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
20:11:14.0984 0x0244 C:\WINDOWS\system32\browseui.dll - ok
20:11:15.0000 0x0244 [ 88F2EC4D51D72A87D804D0E6E041F534, 53DE55870D3FB5F9ED5164BBE17CC33E6E692D1F6E07E0EBF11C3617D557CC95 ] C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll
20:11:15.0000 0x0244 C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll - ok
20:11:15.0015 0x0244 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
20:11:15.0015 0x0244 C:\WINDOWS\system32\shdocvw.dll - ok
20:11:15.0031 0x0244 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
20:11:15.0031 0x0244 C:\WINDOWS\system32\cryptnet.dll - ok
20:11:15.0031 0x0244 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
20:11:15.0031 0x0244 C:\WINDOWS\system32\sensapi.dll - ok
20:11:15.0046 0x0244 [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll
20:11:15.0046 0x0244 C:\WINDOWS\system32\LegitCheckControl.dll - ok
20:11:15.0062 0x0244 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
20:11:15.0062 0x0244 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
20:11:15.0078 0x0244 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
20:11:15.0078 0x0244 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
20:11:15.0093 0x0244 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
20:11:15.0093 0x0244 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
20:11:15.0109 0x0244 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
20:11:15.0109 0x0244 C:\WINDOWS\system32\desk.cpl - ok
20:11:15.0125 0x0244 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
20:11:15.0125 0x0244 C:\WINDOWS\system32\wbem\esscli.dll - ok
20:11:15.0140 0x0244 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
20:11:15.0140 0x0244 C:\WINDOWS\system32\themeui.dll - ok
20:11:15.0156 0x0244 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
20:11:15.0156 0x0244 C:\WINDOWS\system32\wbem\fastprox.dll - ok
20:11:15.0171 0x0244 [ C610485022BDAF12F3836B6955470B69, 69E053FBF9B37A0E8D0FE20AB2474AF1F1AA325FAA6C67B212ECABC8E85F7F0C ] C:\Program Files\GFI Software\VIPRE\vipre.dll
20:11:15.0171 0x0244 C:\Program Files\GFI Software\VIPRE\vipre.dll - ok
20:11:15.0187 0x0244 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
20:11:15.0187 0x0244 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
20:11:15.0203 0x0244 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
20:11:15.0203 0x0244 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
20:11:15.0218 0x0244 [ 5D2BE16A06CF09B2952C85503A89C28E, 0A98709D8C96AF58B8A9711576DD7610CE849D487DBACA6ECF01A3F0AA42BF8E ] C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll
20:11:15.0218 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\remediation.dll - ok
20:11:15.0234 0x0244 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
20:11:15.0234 0x0244 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
20:11:15.0250 0x0244 [ 763D69C5A9DE7BCF670D9CDA9EC3CEC0, D2A261B1C2727EE188834A69129418C50F3525D25BC47FB8F87B2ADCA5DB2811 ] C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll
20:11:15.0250 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\vcore.dll - ok
20:11:15.0250 0x0244 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
20:11:15.0250 0x0244 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
20:11:15.0265 0x0244 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
20:11:15.0265 0x0244 C:\WINDOWS\system32\wbem\wbemess.dll - ok
20:11:15.0281 0x0244 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
20:11:15.0281 0x0244 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
20:11:15.0296 0x0244 [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
20:11:15.0296 0x0244 C:\WINDOWS\system32\licwmi.dll - ok
20:11:15.0312 0x0244 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
20:11:15.0312 0x0244 C:\WINDOWS\system32\wbem\framedyn.dll - ok
20:11:15.0328 0x0244 [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
20:11:15.0328 0x0244 C:\WINDOWS\system32\licdll.dll - ok
20:11:15.0343 0x0244 [ D1B01B7933F26211E80EAC667A909E1B, 9515F423FC74D84CB9B8CFDCB94017697D85ADBDFCECC9BE70D755D253EA7F27 ] C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll
20:11:15.0343 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\patchw32.dll - ok
20:11:15.0359 0x0244 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
20:11:15.0359 0x0244 C:\WINDOWS\system32\msxml6.dll - ok
20:11:15.0375 0x0244 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
20:11:15.0375 0x0244 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
20:11:15.0375 0x0244 [ 19350C72F956CB7ADBA0F5EC6FDE6846, 61EBB1C358EB3DE3D5D84BBCA4BF09570B31E7F842FC1D3BA68221EBDB21A662 ] C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll
20:11:15.0375 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\lgpl.dll - ok
20:11:15.0390 0x0244 [ 0748D7C015A09EC9C0539130259736FE, 3AB581FC911C41966A18F459394E27B32DA34E56A3E1D34BF9A8856349274742 ] C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll
20:11:15.0390 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\lib7zip.dll - ok
20:11:15.0406 0x0244 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
20:11:15.0406 0x0244 C:\WINDOWS\system32\cfgmgr32.dll - ok
20:11:15.0421 0x0244 [ C9A63111931F99F41D1ADF01895C4B4F, F869BE843A5D6ECD86D5837DB3BC3C3D38821EAA0828AD119BC69273DF510ECD ] C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll
20:11:15.0421 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll - ok
20:11:15.0437 0x0244 [ B46A091F4B9B2472A9C07EC402829A0B, 3A3F3448E935A6A5966B8F45F23595F8846C01ABBB7A706439141F4CE67E4A7B ] C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll
20:11:15.0437 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libCHM.dll - ok
20:11:15.0453 0x0244 [ 5B3FD19F792F926080689DC42EBE2503, 8E8F9748136E10F7BFCEFF2642EA33870BBA320BF6D0047CDB5502C706C64055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll
20:11:15.0453 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libEmail.dll - ok
20:11:15.0468 0x0244 [ E8865E926E750F7C71AA93CAACA1C352, 4D8354D2FA45D63564696FA2ED4CC9475F1848194E52CF243F10FB70C5EF416B ] C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll
20:11:15.0468 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll - ok
20:11:15.0484 0x0244 [ 8A6877EBFB19471C6DCDBC128BA92997, 8B3BDBE922D57A4E6EB198F8CE95C9960AF9C49EE553ABA886FD14703193CFEC ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll
20:11:15.0484 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMsCab.dll - ok
20:11:15.0500 0x0244 [ 3A61DF5B7A4791336367B9BAB3BE3113, 193BC11EE4B7064F5B73D4F6F7455B1A7BC088C8CB3BCB0B2FA9401496557055 ] C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll
20:11:15.0500 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libMsi.dll - ok
20:11:15.0500 0x0244 [ C3D0DB2B67E8E77CA5DE82CC5A044B38, 944F8588F882080772304E88243EA19F566165DAEB3044583774EA19389BAD75 ] C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll
20:11:15.0500 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libNSIS.dll - ok
20:11:15.0515 0x0244 [ 41A8DF69920FB5349288C083577325F2, 71D35130D8A33E436E7686949AFAF9EC58864B2EB737B0AD9563B33C783D6A83 ] C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll
20:11:15.0515 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libOleA.dll - ok
20:11:15.0531 0x0244 [ 3C2E428944BE3E8908BCEB6F86572C39, F7E5675A7F0BD12C6B4F6D609E4FEE14128EF773B248D4F9A2F52F30D8212ECE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll
20:11:15.0531 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libRar.dll - ok
20:11:15.0546 0x0244 [ 08C8482A1D4326F9AE1A5BF3A1E46086, FF9F4E86EC63F7C481C429BFCF38C3D25F25B052412537AC668351EF496989FE ] C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll
20:11:15.0546 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libRTF.dll - ok
20:11:15.0562 0x0244 [ 93BE04A5C3DC07B5A3D79D97E231630A, 3C3997E7F3E0FFA20DCC6361F6389DE9B3307E97D133B5B1CD49D5D63AA38E0A ] C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll
20:11:15.0562 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libtd.dll - ok
20:11:15.0578 0x0244 [ F109D57D63B480953FC5F5998D0B4186, 3D52B491C76E37E547BA5F3F2EE1952DF50EC6723D0DEA9E49A7CEB04C74F1F2 ] C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll
20:11:15.0578 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libVvs.dll - ok
20:11:15.0593 0x0244 [ EC9178C60133C6007C9D613050910D2C, D1553802066831E2E388DE12EA7AA8E65C38F9F9C7F841EDE82D3E2E82EDCEB5 ] C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll
20:11:15.0593 0x0244 C:\Program Files\GFI Software\VIPRE\Definitions\libZip.dll - ok
20:11:15.0609 0x0244 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
20:11:15.0609 0x0244 C:\WINDOWS\system32\shfolder.dll - ok
20:11:15.0625 0x0244 [ 315ABC478715CEBB404D6E2187B95214, F66A1DBA21A0365DB5F9E7D85EAA5DF4FD9168A78F34AE15F656A492A084DBCE ] C:\Program Files\GFI Software\VIPRE\gfiarksh.dll
20:11:15.0625 0x0244 C:\Program Files\GFI Software\VIPRE\gfiarksh.dll - ok
20:11:15.0640 0x0244 [ 508BADE9FAC071330D3CA3E6BFB40A04, E926D60638A6003FA67DD36D85065DBCDB51C7607B6CBB459793A321CFF03F18 ] C:\Program Files\GFI Software\VIPRE\gfiutil.dll
20:11:15.0640 0x0244 C:\Program Files\GFI Software\VIPRE\gfiutil.dll - ok
20:11:15.0656 0x0244 [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
20:11:15.0656 0x0244 C:\WINDOWS\system32\fltlib.dll - ok
20:11:15.0671 0x0244 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
20:11:15.0671 0x0244 C:\WINDOWS\system32\es.dll - ok
20:11:15.0687 0x0244 [ 75938F0CA410AC4B3FD388FD88792B8F, F84120B7EB0D185D88C90368F8AC48AF7E6FBB74726336D6991B0618AF0303B2 ] C:\Program Files\GFI Software\VIPRE\cmclient1.dll
20:11:15.0687 0x0244 C:\Program Files\GFI Software\VIPRE\cmclient1.dll - ok
20:11:15.0703 0x0244 [ E513C28C4F8650F3B2A20F7878337415, B3CF0BB145FD80621C1B695B23026DE49125530A937927C6956AA0D7E6170C08 ] C:\Program Files\GFI Software\VIPRE\SbFwe.dll
20:11:15.0703 0x0244 C:\Program Files\GFI Software\VIPRE\SbFwe.dll - ok
20:11:15.0718 0x0244 [ 6B59E42D12D76455E1657DF2BFD47C90, 3057284AACA7C33BD78A7980BA44DFA796A365423EE994CD9B62E8E8CEFF2760 ] C:\Program Files\GFI Software\VIPRE\kbu.dll
20:11:15.0718 0x0244 C:\Program Files\GFI Software\VIPRE\kbu.dll - ok
20:11:15.0734 0x0244 [ 80B23666B6458A24AFC0AFD4E20BBBB7, 58CF7F963CE21860639E392AEAFDB484EF8105B1C6CED00062C6A2A92D0C46A9 ] C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll
20:11:15.0734 0x0244 C:\Program Files\GFI Software\VIPRE\SbWebFilter.dll - ok
20:11:15.0734 0x0244 [ 25DE4FB4312B50B992E134E51F982A1F, 2384044EB3AC154A5AE39A479048A8850836775337E6802F7CECE8A0E1BA0C60 ] C:\Program Files\GFI Software\VIPRE\SBTIS.dll
20:11:15.0734 0x0244 C:\Program Files\GFI Software\VIPRE\SBTIS.dll - ok
20:11:15.0750 0x0244 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
20:11:15.0750 0x0244 C:\WINDOWS\system32\termsrv.dll - ok
20:11:15.0765 0x0244 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
20:11:15.0765 0x0244 C:\WINDOWS\system32\icaapi.dll - ok
20:11:15.0781 0x0244 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
20:11:15.0781 0x0244 C:\WINDOWS\system32\mstlsapi.dll - ok
20:11:15.0796 0x0244 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
20:11:15.0796 0x0244 C:\WINDOWS\system32\linkinfo.dll - ok
20:11:15.0812 0x0244 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
20:11:15.0812 0x0244 C:\WINDOWS\system32\ntshrui.dll - ok
20:11:15.0828 0x0244 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
20:11:15.0828 0x0244 C:\WINDOWS\system32\verclsid.exe - ok
20:11:15.0843 0x0244 [ 2DD904F7FE982A3141193F491D04F7C9, 714C803F187B1F4D9DAC7C240354FFCEECCCC42763318DBF8153DBB066D0E9C4 ] C:\WINDOWS\system32\ieframe.dll
20:11:15.0843 0x0244 C:\WINDOWS\system32\ieframe.dll - ok
20:11:15.0843 0x0244 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
20:11:15.0843 0x0244 C:\WINDOWS\system32\netshell.dll - ok
20:11:15.0859 0x0244 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
20:11:15.0859 0x0244 C:\WINDOWS\system32\credui.dll - ok
20:11:15.0875 0x0244 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
20:11:15.0875 0x0244 C:\WINDOWS\system32\dot3dlg.dll - ok
20:11:15.0890 0x0244 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
20:11:15.0890 0x0244 C:\WINDOWS\system32\onex.dll - ok
20:11:15.0906 0x0244 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
20:11:15.0906 0x0244 C:\WINDOWS\system32\eappcfg.dll - ok
20:11:15.0921 0x0244 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
20:11:15.0921 0x0244 C:\WINDOWS\system32\eappprxy.dll - ok
20:11:15.0937 0x0244 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
20:11:15.0937 0x0244 C:\WINDOWS\system32\netman.dll - ok
20:11:15.0953 0x0244 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
20:11:15.0953 0x0244 C:\WINDOWS\system32\wzcsapi.dll - ok
20:11:15.0968 0x0244 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
20:11:15.0968 0x0244 C:\WINDOWS\system32\netcfgx.dll - ok
20:11:15.0984 0x0244 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
20:11:15.0984 0x0244 C:\WINDOWS\system32\clusapi.dll - ok
20:11:16.0000 0x0244 [ ECD5517A6633826057D4F050927DDF56, 6E6599DA9DB33FB66AF76F9252569EE02EFF9F02078191735D09DA64E661C9F7 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
20:11:16.0000 0x0244 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
20:11:16.0000 0x0244 [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
20:11:16.0000 0x0244 C:\WINDOWS\system32\msisip.dll - ok
20:11:16.0015 0x0244 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
20:11:16.0015 0x0244 C:\WINDOWS\system32\rasmans.dll - ok
20:11:16.0031 0x0244 [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
20:11:16.0031 0x0244 C:\WINDOWS\system32\wshext.dll - ok
20:11:16.0046 0x0244 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
20:11:16.0046 0x0244 C:\WINDOWS\system32\sens.dll - ok
20:11:16.0062 0x0244 [ FE9141073B7F9597A99E4203C7706BE2, 7018FEF4FE0C0192BDD21C559D140A31D7D9904DCEB59CF45D0F8D570F286F65 ] C:\PROGRA~1\MICROS~3\Office10\MCPS.DLL
20:11:16.0062 0x0244 C:\PROGRA~1\MICROS~3\Office10\MCPS.DLL - ok
20:11:16.0078 0x0244 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
20:11:16.0078 0x0244 C:\WINDOWS\system32\winipsec.dll - ok
20:11:16.0093 0x0244 [ B60DDDD2D63CE41CB8C487FCFBB6419E, B18A0D4BEBA606BF30F5010BA3C72ABAFAC80D5F303A8BFFB24D7F7B78B786E6 ] C:\Program Files\Internet Explorer\iexplore.exe
20:11:16.0093 0x0244 C:\Program Files\Internet Explorer\iexplore.exe - ok
20:11:16.0109 0x0244 [ AF8841FEF8DE40D36E77C6662843EDAE, E7FAE0E448B7123CE4BBD20D5EBFCD8690F6902D7007C39733658EAD65A0A1DE ] C:\WINDOWS\AppPatch\aclayers.dll
20:11:16.0109 0x0244 C:\WINDOWS\AppPatch\aclayers.dll - ok
20:11:16.0125 0x0244 [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
20:11:16.0125 0x0244 C:\WINDOWS\system32\mmcshext.dll - ok
20:11:16.0140 0x0244 [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
20:11:16.0140 0x0244 C:\WINDOWS\system32\hhsetup.dll - ok
20:11:16.0156 0x0244 [ BC32B2061742C9AA72416D8E33E58DA2, 07EDCBF1D383E971A6BD66ED973630ECE5D736542733D3353C072227041DE181 ] C:\Program Files\Internet Explorer\xpshims.dll
20:11:16.0156 0x0244 C:\Program Files\Internet Explorer\xpshims.dll - ok
20:11:16.0171 0x0244 [ 11734790410900D2CD6B7839020E4DD9, D457755F13909BC06B9A62CCC41AE369D97870663E77E149B49CF50DF025390C ] C:\WINDOWS\system32\ieui.dll
20:11:16.0171 0x0244 C:\WINDOWS\system32\ieui.dll - ok
20:11:16.0187 0x0244 [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\msimtf.dll
20:11:16.0187 0x0244 C:\WINDOWS\system32\msimtf.dll - ok
20:11:16.0187 0x0244 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
20:11:16.0187 0x0244 C:\WINDOWS\system32\msctf.dll - ok
20:11:16.0203 0x0244 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
20:11:16.0203 0x0244 C:\WINDOWS\system32\ctfmon.exe - ok
20:11:16.0218 0x0244 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
20:11:16.0218 0x0244 C:\WINDOWS\system32\msutb.dll - ok
20:11:16.0234 0x0244 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
20:11:16.0234 0x0244 C:\WINDOWS\ime\sptip.dll - ok
20:11:16.0250 0x0244 [ D1E18F4AE94FFEC7270BE0A10C0B295E, 4F22F8AB7B282C118B3458051F858D7EAB52B6459206B9CDF01FE97A9F886097 ] C:\WINDOWS\system32\xmllite.dll
20:11:16.0250 0x0244 C:\WINDOWS\system32\xmllite.dll - ok
20:11:16.0265 0x0244 [ BEAF0D617C877953950CB03DDB66B983, D4DA7B5EAF39AE75DB0350FB680930B3CB3C8ABEB84F51E200A0E73ADE30956D ] C:\Program Files\Internet Explorer\ieproxy.dll
20:11:16.0265 0x0244 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:11:16.0281 0x0244 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
20:11:16.0281 0x0244 C:\WINDOWS\system32\mlang.dll - ok
20:11:16.0296 0x0244 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
20:11:16.0296 0x0244 C:\WINDOWS\system32\actxprxy.dll - ok
20:11:16.0296 0x0244 [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll
20:11:16.0296 0x0244 C:\WINDOWS\system32\usp10.dll - ok
20:11:16.0312 0x0244 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
20:11:16.0312 0x0244 C:\WINDOWS\system32\dssenh.dll - ok
20:11:16.0328 0x0244 [ 4C9AFE1AE4112D260A3E7846C60C774D, 83DB41F2FAD6C2DA95C190E0933FF9F3FD5632696CB071BBDE362D90F6E936B2 ] C:\WINDOWS\system32\mshtml.dll
20:11:16.0328 0x0244 C:\WINDOWS\system32\mshtml.dll - ok
20:11:16.0343 0x0244 [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
20:11:16.0343 0x0244 C:\WINDOWS\system32\msls31.dll - ok
20:11:16.0359 0x0244 [ 0689622E6484934EB6E5F4D3A96311F9, A7D417556512F0FB129939F70835529F3EAC3D5ACBECE5B960A97C2605AF0833 ] C:\WINDOWS\system32\jscript.dll
20:11:16.0359 0x0244 C:\WINDOWS\system32\jscript.dll - ok
20:11:16.0375 0x0244 [ 894A4735262D32C7E737AD6F19348C55, BB85E2DD920D93B38FFE21A21FF8D5F530352889AC303517D50F4E344EA90AF1 ] C:\WINDOWS\system32\iepeers.dll
20:11:16.0375 0x0244 C:\WINDOWS\system32\iepeers.dll - ok
20:11:16.0390 0x0244 [ 5E1A0476E009A1930A524DFF4CA13982, 02635287787412C2075F48A1BBA60B2705C13F5E0D82F82C8C048ED9D8AB5F26 ] C:\WINDOWS\system32\dxtrans.dll
20:11:16.0390 0x0244 C:\WINDOWS\system32\dxtrans.dll - ok
20:11:16.0406 0x0244 [ A47F6A13202AA54541CA46D6CED79F5F, D1FA5CDA2256F3B10E9306673A0E29EE7693548E29D5665BBEA2D42927D061F0 ] C:\WINDOWS\system32\ddrawex.dll
20:11:16.0406 0x0244 C:\WINDOWS\system32\ddrawex.dll - ok
20:11:16.0421 0x0244 [ A340CD71EB535A3DD751B5F28723E50C, AC19738C9255B6B48D20DDCF384BDDAEE0B3EF50F2297512E1750901DA9CC72A ] C:\WINDOWS\system32\ddraw.dll
20:11:16.0421 0x0244 C:\WINDOWS\system32\ddraw.dll - ok
20:11:16.0437 0x0244 [ D8B91D94ECB123862B390FDE3250D3BB, DB2959E80684627ADD72CD895F8B4CBA56CFEBF60BFD60719E400181DD2CE979 ] C:\WINDOWS\system32\dciman32.dll
20:11:16.0437 0x0244 C:\WINDOWS\system32\dciman32.dll - ok
20:11:16.0453 0x0244 [ 42B928FC8518D793BF7A5EAFC57B1D8B, 22C194288DB7FE6902E4BE183856A07456B764D3B123C346A63F49AE55B4EF88 ] C:\WINDOWS\system32\imgutil.dll
20:11:16.0453 0x0244 C:\WINDOWS\system32\imgutil.dll - ok
20:11:16.0468 0x0244 [ E5FA1B044DAC5F6F600A1742D73F6936, 8B9FC6C6388316854F101B99F0C15597DAC20CE43A4B9B151748F98070E9DF8A ] C:\WINDOWS\system32\pngfilt.dll
20:11:16.0468 0x0244 C:\WINDOWS\system32\pngfilt.dll - ok
20:11:16.0484 0x0244 [ 057D53F1490598D41D9D4DEE9A92B0B1, 3B085C27A91BF708B475250630545ECF0D57C454F8C4B21FDD40C81C0B9621B6 ] C:\WINDOWS\system32\dxtmsft.dll
20:11:16.0484 0x0244 C:\WINDOWS\system32\dxtmsft.dll - ok
20:11:16.0500 0x0244 [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
20:11:16.0500 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
20:11:16.0500 0x0244 [ D0049860B63DD87A73A5D165C829C65F, 5113DB094113EF8288F646FACA08F2E49D1F0828589334AA5E0A999608BB63EA ] C:\WINDOWS\system32\t2embed.dll
20:11:16.0500 0x0244 C:\WINDOWS\system32\t2embed.dll - ok
20:11:16.0515 0x0244 [ C3200506FB212A0F4FB736A80E646C40, 19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ] C:\WINDOWS\system32\lz32.dll
20:11:16.0515 0x0244 C:\WINDOWS\system32\lz32.dll - ok
20:11:16.0531 0x0244 [ 4E87AFEC1327D2D71DCB837F8636F428, B3B1E210B699B96CBBF7B20BE56A4B420D125EAD1CD3725D2897CDAC6DDF60CE ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_8_800_94.ocx
20:11:16.0531 0x0244 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_8_800_94.ocx - ok
20:11:16.0546 0x0244 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
20:11:16.0546 0x0244 C:\WINDOWS\system32\dsound.dll - ok
20:11:16.0562 0x0244 [ AA0507F0516A4DFF1B1279AB4A2ABB37, 8EBC13ED4D96F208C5DF940EE51A4D06B64DD789425301B466C9FCD1EF78C64D ] C:\WINDOWS\system32\dinput8.dll
20:11:16.0562 0x0244 C:\WINDOWS\system32\dinput8.dll - ok
20:11:16.0578 0x0244 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
20:11:16.0578 0x0244 C:\WINDOWS\system32\mscms.dll - ok
20:11:16.0593 0x0244 [ 56ADB11F7D4D0816C0BE1E701C1B5E52, 8986E38F7CB4DEED83B0614A8BA37B20C3C30B7A3EFD1A17A9D0B3EBFF58AE8B ] C:\WINDOWS\system32\d3dim700.dll
20:11:16.0593 0x0244 C:\WINDOWS\system32\d3dim700.dll - ok
20:11:16.0609 0x0244 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
20:11:16.0609 0x0244 C:\WINDOWS\system32\drprov.dll - ok
20:11:16.0625 0x0244 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
20:11:16.0625 0x0244 C:\WINDOWS\system32\netui0.dll - ok
20:11:16.0625 0x0244 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
20:11:16.0625 0x0244 C:\WINDOWS\system32\ntlanman.dll - ok
20:11:16.0640 0x0244 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
20:11:16.0640 0x0244 C:\WINDOWS\system32\netui1.dll - ok
20:11:16.0656 0x0244 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
20:11:16.0656 0x0244 C:\WINDOWS\system32\netrap.dll - ok
20:11:16.0671 0x0244 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
20:11:16.0671 0x0244 C:\WINDOWS\system32\davclnt.dll - ok
20:11:16.0687 0x0244 [ 31CF51DCDA1424B813CC97B20F71B431, E3DEE0EA503F5F84B65CFD2A5216EC609313F05616E5F66605E45BA866206D1A ] C:\WINDOWS\system32\vbscript.dll
20:11:16.0687 0x0244 C:\WINDOWS\system32\vbscript.dll - ok
20:11:16.0703 0x0244 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
20:11:16.0703 0x0244 C:\WINDOWS\system32\wbem\ncprov.dll - ok
20:11:16.0718 0x0244 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
20:11:16.0718 0x0244 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
20:11:16.0734 0x0244 [ 8BCBC41817FC41F9CC9B10DD120CEC7C, F2F54909874D4711DCC5DC61BBF0546D533705464CAAB1419D7E12127D4F327D ] C:\Documents and Settings\Dan\Desktop\tdsskiller.exe
20:11:16.0734 0x0244 C:\Documents and Settings\Dan\Desktop\tdsskiller.exe - ok
20:11:16.0750 0x0244 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{3E24C45E-C0FD-4A14-A1C1-50CA7EDDDDEB}.tmp
20:11:16.0750 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{3E24C45E-C0FD-4A14-A1C1-50CA7EDDDDEB}.tmp - ok
20:11:16.0750 0x0244 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{89F11435-E87D-4859-8678-57E6E1DDC34C}.tmp
20:11:16.0750 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{89F11435-E87D-4859-8678-57E6E1DDC34C}.tmp - ok
20:11:16.0765 0x0244 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{D74853ED-2D74-463C-B3FB-2E1330F6F133}.tmp
20:11:16.0765 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{D74853ED-2D74-463C-B3FB-2E1330F6F133}.tmp - ok
20:11:16.0781 0x0244 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{1FA74148-25A6-4538-91B4-7951C2F7B753}.tmp
20:11:16.0781 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{1FA74148-25A6-4538-91B4-7951C2F7B753}.tmp - ok
20:11:16.0796 0x0244 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{97A3EC45-30B1-4E7A-9F82-C30A75EA02E8}.tmp
20:11:16.0796 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{97A3EC45-30B1-4E7A-9F82-C30A75EA02E8}.tmp - ok
20:11:16.0812 0x0244 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{580F2C04-848D-4A3B-A11C-229E870C53A1}.tmp
20:11:16.0812 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{580F2C04-848D-4A3B-A11C-229E870C53A1}.tmp - ok
20:11:16.0828 0x0244 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{55FC9A0A-2B0E-49D7-AA85-FABEC48B9CBF}.tmp
20:11:16.0828 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{55FC9A0A-2B0E-49D7-AA85-FABEC48B9CBF}.tmp - ok
20:11:16.0843 0x0244 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{F5EFF5AF-4BC3-44D3-8F87-05C1FE9C7D1C}.tmp
20:11:16.0843 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{F5EFF5AF-4BC3-44D3-8F87-05C1FE9C7D1C}.tmp - ok
20:11:16.0859 0x0244 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{68FC2F11-084A-495B-AA9B-C55B537AB8CB}.tmp
20:11:16.0859 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{68FC2F11-084A-495B-AA9B-C55B537AB8CB}.tmp - ok
20:11:16.0875 0x0244 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{53D3E849-FD35-4357-BD28-4124579F7A2B}.tmp
20:11:16.0875 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{715C297B-D4DD-4499-90CC-4E301C94AE1F}\{53D3E849-FD35-4357-BD28-4124579F7A2B}.tmp - ok
20:11:16.0890 0x0244 [ 2094BC9A0FC9C0E15EEA5F4A9581DD14, 06F739FB795F0F03B336CEBB895115BCA8123F3434D26F8428F707D348BF421C ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
20:11:16.0890 0x0244 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
20:11:16.0906 0x0244 [ 055309C927DEF2F09305ED0F3065CF66, ED92413E6D719B61208C4E0E598D64D989D220D0902F3E2A4A54972FD2595057 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
20:11:16.0906 0x0244 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll - ok
20:11:16.0921 0x0244 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E4CEF61E-DFE7-4F95-81EB-F26D92795BFC}.tmp
20:11:16.0921 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E4CEF61E-DFE7-4F95-81EB-F26D92795BFC}.tmp - ok
20:11:16.0937 0x0244 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{C9BC8DAA-F803-40CD-824A-A2CC44F22AA4}.tmp
20:11:16.0937 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{C9BC8DAA-F803-40CD-824A-A2CC44F22AA4}.tmp - ok
20:11:16.0953 0x0244 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E0847E00-F40B-49D0-BD90-5AF54FEB76A8}.tmp
20:11:16.0953 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{E0847E00-F40B-49D0-BD90-5AF54FEB76A8}.tmp - ok
20:11:16.0968 0x0244 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B2913A19-45C2-45E4-ACF6-38339D3E45DB}.tmp
20:11:16.0968 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B2913A19-45C2-45E4-ACF6-38339D3E45DB}.tmp - ok
20:11:16.0984 0x0244 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A94571A8-4C79-476E-9ECB-FB656F7F309F}.tmp
20:11:16.0984 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A94571A8-4C79-476E-9ECB-FB656F7F309F}.tmp - ok
20:11:16.0984 0x0244 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{64FC424A-A558-489E-9E73-795AE8AC0EA1}.tmp
20:11:16.0984 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{64FC424A-A558-489E-9E73-795AE8AC0EA1}.tmp - ok
20:11:17.0000 0x0244 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{5B299D16-ADDE-4E75-9B24-16A382D39033}.tmp
20:11:17.0000 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{5B299D16-ADDE-4E75-9B24-16A382D39033}.tmp - ok
20:11:17.0015 0x0244 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{7615F325-34D8-4ECB-8AAD-3A050163BEED}.tmp
20:11:17.0015 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{7615F325-34D8-4ECB-8AAD-3A050163BEED}.tmp - ok
20:11:17.0031 0x0244 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A898F715-FDFF-4690-9FE2-4A09ABD5991E}.tmp
20:11:17.0031 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{A898F715-FDFF-4690-9FE2-4A09ABD5991E}.tmp - ok
20:11:17.0046 0x0244 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B26B0851-C7A5-412D-8510-26461AF47D64}.tmp
20:11:17.0046 0x0244 C:\DOCUME~1\Dan\LOCALS~1\temp\{12A4202F-21A1-4483-84D6-6C911AF2166B}\{B26B0851-C7A5-412D-8510-26461AF47D64}.tmp - ok
20:11:19.0593 0x0244 ============================================================
20:11:19.0593 0x0244 Scan finished
20:11:19.0593 0x0244 ============================================================
20:11:19.0609 0x05b8 Detected object count: 0
20:11:19.0609 0x05b8 Actual detected object count: 0
20:11:24.0296 0x0354 Deinitialize success
#8
Posted 02 October 2013 - 12:37 PM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Okay, seems that the active part of ZeroAccess was removed. Let's run OTL again to get a fresh log:
- Run OTL.
- Click on Scan All Users checkbox, which is located near Quick Scan button.
- Then click the Run Scan button at the top.
- Let the program run unhindered.
- When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this file and post them in your topic.
#9
Posted 03 October 2013 - 04:51 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
Hey Phel, sorry for the delay. Here's the log file:
OTL logfile created on: 10/3/2013 6:19:12 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.96% Memory free
3.84 Gb Paging File | 3.65 Gb Available in Paging File | 94.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.80 Gb Free Space | 93.60% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (UtilityChest_49Service) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe (COMPANYVERS_NAME)
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope = {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program Files\UtilityChest_49\bar\1.bin [2013/04/21 08:47:15 | 000,000,000 | ---D | M]
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2010/11/07 23:02:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Assistant BHO) - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [Utility Chest Search Scope Monitor] C:\Program Files\UtilityChest_49\bar\1.bin\49SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [UtilityChest_49 Browser Plugin Loader] C:\Program Files\UtilityChest_49\bar\1.bin\49brmon.exe (VER_COMPANY_NAME)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O8 - Extra context menu item: &Search - http://tbedits.utili...2013042108&cv=2 File not found
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: NameServer = 8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/03 18:18:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/03 18:18:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/10/03 18:16:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 18:15:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/03 18:14:46 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/10/01 23:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/01 20:14:13 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/01 20:13:01 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/03/19 19:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1F4E
[2011/03/19 19:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\320
[2010/06/06 20:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2013/04/21 09:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2013/05/31 18:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2013/05/31 18:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2011/01/11 10:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hJdJf06300
[2008/05/23 04:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/05/31 18:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008/05/23 04:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2013/05/31 20:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\GFI Software
[2013/04/14 15:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\Orbit
[2011/03/24 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\ProgSense
[2013/05/31 18:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\GFI Software
[2011/03/19 20:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\GrabPro
[2011/02/07 20:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Leadertech
[2013/04/23 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\LimeWire
[2013/04/23 20:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Orbit
[2011/03/19 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\ProgSense
[2012/07/21 08:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\WeatherBug
[2010/10/17 10:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\qqsbcwpyq
========== Purity Check ==========
< End of report >
OTL logfile created on: 10/3/2013 6:19:12 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 80.96% Memory free
3.84 Gb Paging File | 3.65 Gb Available in Paging File | 94.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 432.80 Gb Free Space | 93.60% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (UtilityChest_49Service) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe (COMPANYVERS_NAME)
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope = {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program Files\UtilityChest_49\bar\1.bin [2013/04/21 08:47:15 | 000,000,000 | ---D | M]
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2010/11/07 23:02:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Assistant BHO) - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [Utility Chest Search Scope Monitor] C:\Program Files\UtilityChest_49\bar\1.bin\49SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [UtilityChest_49 Browser Plugin Loader] C:\Program Files\UtilityChest_49\bar\1.bin\49brmon.exe (VER_COMPANY_NAME)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O8 - Extra context menu item: &Search - http://tbedits.utili...2013042108&cv=2 File not found
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: NameServer = 8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/03 18:18:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/03 18:18:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/10/03 18:16:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/03 18:15:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/03 18:14:46 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/10/01 23:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/01 20:14:13 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/01 20:13:01 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/03/19 19:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1F4E
[2011/03/19 19:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\320
[2010/06/06 20:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2013/04/21 09:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2013/05/31 18:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2013/05/31 18:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2011/01/11 10:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hJdJf06300
[2008/05/23 04:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/05/31 18:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2008/05/23 04:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2013/05/31 20:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\GFI Software
[2013/04/14 15:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\Orbit
[2011/03/24 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anne2\Application Data\ProgSense
[2013/05/31 18:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\GFI Software
[2011/03/19 20:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\GrabPro
[2011/02/07 20:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Leadertech
[2013/04/23 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\LimeWire
[2013/04/23 20:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Orbit
[2011/03/19 20:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\ProgSense
[2012/07/21 08:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\WeatherBug
[2010/10/17 10:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\qqsbcwpyq
========== Purity Check ==========
< End of report >
#10
Posted 04 October 2013 - 04:23 PM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Step 1. Uninstalling programs.
- Open Start menu.
- Click on Control Panel.
- Click on Programs and Features. New window should appear.
- Uninstall these programs one by one, selecting each program and clicking Uninstall button.
- Utility Chest Toolbar
- Run OTL.
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
:Commands [CREATERESTOREPOINT] :OTL SRV - (UtilityChest_49Service) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe (COMPANYVERS_NAME) IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = http://search.mywebs...r={searchTerms} FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll (MindSpark) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program Files\UtilityChest_49\bar\1.bin [2013/04/21 08:47:15 | 000,000,000 | ---D | M] O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark) O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark) O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O3 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark) O8 - Extra context menu item: &Search - http://tbedits.utili...2013042108&cv=2 File not found [2010/10/17 10:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\qqsbcwpyq [2011/01/11 10:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hJdJf06300 [2013/05/31 18:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found :Files C:\Program Files\UtilityChest_49 netsh int ip reset resetlog.txt /c netsh winsock reset catalog /c :Commands [RESETHOSTS] [EMPTYTEMP] - Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Download ESET Services Repair tool from here to your Desktop.
- Launch ServicesRepair.exe on your Desktop.
- Click Yes to start repair.
- When finished, click Yes to reboot you computer.
- Post the contents of the C:\Documents and Settings\Dan\Desktop\CC Support\Logs\SvcRepair.log in your next message.
- Please, download AdwCleaner from here to your Desktop.
- Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
- Adwcleaner window should appear.
- Click on Scan button. Scan could take some time to proceed.
- Click on the Clean button.
- Click on OK.
- Computer will be rebooted automatically, when program will finish it's job.
- After fix Notepad window with report should appear. Post the contents of the report in your next message.
- Run OTL.
- Click on Scan All Users checkbox, which is located near Quick Scan button.
- Find in the OTL window Extra Registry section and change radiobutton there to the Use SafeList.
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
BASESERVICES
- Then click the Run Scan button at the top.
- Let the program run unhindered.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
- SvcRepair.log
- AdwCleaner's log
- OTL.txt
- Extras.txt
#11
Posted 05 October 2013 - 06:53 AM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
Hi Phel,
Followed your directions and the logs are below. I also have a new issue now. My firewall keeps resetting to off. I recieve a Windows Security Alert message the the GFI Vipre reports the firewall is turned off. I resore firewall to default in Vipre and each time I restart the computer, I receive the windows security message that the firewall is turned off?
Log Opened: 2013-10-05 @ 07:54:29
07:54:29 - -----------------
07:54:29 - | Begin Logging |
07:54:29 - -----------------
07:54:29 - Fix started on a WIN_XP X86 computer
07:54:29 - Prep in progress. Please Wait.
07:54:30 - Prep complete
07:54:30 - Repairing Services Now. Please wait...
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Setup>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
SetACL finished successfully.
07:54:31 - Services Repair Complete.
07:55:35 - Reboot Initiated
Log Opened: 2013-10-05 @ 08:02:21
08:02:21 - -----------------
08:02:21 - | Begin Logging |
08:02:21 - -----------------
08:02:21 - Fix started on a WIN_XP X86 computer
08:02:21 - Prep in progress. Please Wait.
08:02:23 - Prep complete
08:02:23 - Repairing Services Now. Please wait...
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Setup>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
SetACL finished successfully.
08:02:24 - Services Repair Complete.
08:02:27 - Reboot Initiated
# AdwCleaner v3.006 - Report created 05/10/2013 at 08:31:31
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dan - HOME
# Running from : C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\iMesh
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Dan\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Documents and Settings\Anne2\Local Settings\Application Data\visi_coupon
File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [3558 octets] - [05/10/2013 08:30:46]
AdwCleaner[S0].txt - [3553 octets] - [05/10/2013 08:31:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3613 octets] ##########
OTL logfile created on: 10/5/2013 8:39:10 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.88% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.34 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0cd4aa9a\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1f18aef2\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e8a3b327\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\schedcompactdb.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\modlop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\dbprocessorop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\patchautodownload.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\scanmngsys.dll ()
MOD - C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2013/10/05 07:45:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/05 08:30:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/05 07:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support
[2013/10/05 07:44:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/03 18:18:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/05 08:34:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/05 08:34:03 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/05 08:34:02 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/05 08:32:44 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/10/05 08:32:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/05 08:32:41 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/05 08:29:20 | 001,045,226 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
[2013/10/05 08:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/05 08:16:34 | 000,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/05 08:16:34 | 000,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/05 07:53:50 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\ServicesRepair.exe
[2013/10/05 07:45:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/10/03 18:18:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/10/05 08:29:18 | 001,045,226 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
[2013/10/05 08:12:09 | 2136,129,536 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/05 07:53:47 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\ServicesRepair.exe
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< >
< End of report >
OTL Extras logfile created on: 10/5/2013 8:39:10 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.88% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.34 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiSpywareOverride" = 0
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1AB60EB-989A-45CD-964E-3163639AF84A}" = TRI.Net Data Engine
"{A46F7968-271D-48D5-BCE9-568624123A48}" = VIPRE Internet Security
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Internet Security
"{C7DACB79-D0BE-477B-B63F-4BBF33F39B7A}" = TWC Client ActiveX Controls
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"sp6" = Logitech SetPoint 6.32
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"Trusted Software Assistant_is1" = File Type Assistant
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/6/2013 10:50:26 AM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Outlook.
Error - 6/6/2013 2:28:19 PM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application outlook.exe, version 10.0.2616.0, faulting module
outllib.dll, version 10.0.2627.0, fault address 0x0010b468.
Error - 6/12/2013 7:01:16 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/8/2013 10:10:52 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2013 5:19:44 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/27/2013 5:13:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/25/2013 8:51:49 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00064d02.
Error - 9/30/2013 6:04:46 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application tdsskiller.exe, version 3.0.0.11, faulting module
tdsskiller.exe, version 3.0.0.11, fault address 0x00034fb1.
[ System Events ]
Error - 10/5/2013 8:00:28 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:00:50 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:02:27 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:03:51 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:04:59 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 10/5/2013 8:09:27 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:11:15 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:12:34 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 10/5/2013 8:21:40 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 10/5/2013 8:32:58 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
< End of report >
Followed your directions and the logs are below. I also have a new issue now. My firewall keeps resetting to off. I recieve a Windows Security Alert message the the GFI Vipre reports the firewall is turned off. I resore firewall to default in Vipre and each time I restart the computer, I receive the windows security message that the firewall is turned off?
Log Opened: 2013-10-05 @ 07:54:29
07:54:29 - -----------------
07:54:29 - | Begin Logging |
07:54:29 - -----------------
07:54:29 - Fix started on a WIN_XP X86 computer
07:54:29 - Prep in progress. Please Wait.
07:54:30 - Prep complete
07:54:30 - Repairing Services Now. Please wait...
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Setup>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
SetACL finished successfully.
07:54:31 - Services Repair Complete.
07:55:35 - Reboot Initiated
Log Opened: 2013-10-05 @ 08:02:21
08:02:21 - -----------------
08:02:21 - | Begin Logging |
08:02:21 - -----------------
08:02:21 - Fix started on a WIN_XP X86 computer
08:02:21 - Prep in progress. Please Wait.
08:02:23 - Prep complete
08:02:23 - Repairing Services Now. Please wait...
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Setup>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
SetACL finished successfully.
The operation completed successfully
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\XP\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Enum>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
SetACL finished successfully.
08:02:24 - Services Repair Complete.
08:02:27 - Reboot Initiated
# AdwCleaner v3.006 - Report created 05/10/2013 at 08:31:31
# Updated 01/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dan - HOME
# Running from : C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\iMesh
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Dan\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Documents and Settings\Anne2\Local Settings\Application Data\visi_coupon
File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [3558 octets] - [05/10/2013 08:30:46]
AdwCleaner[S0].txt - [3553 octets] - [05/10/2013 08:31:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3613 octets] ##########
OTL logfile created on: 10/5/2013 8:39:10 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.88% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.34 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0cd4aa9a\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1f18aef2\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e8a3b327\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\schedcompactdb.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\modlop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\dbprocessorop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\patchautodownload.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\scanmngsys.dll ()
MOD - C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2013/10/05 07:45:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/05 08:30:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/05 07:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support
[2013/10/05 07:44:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/03 18:18:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/05 08:34:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/05 08:34:03 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/05 08:34:02 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/05 08:32:44 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2013/10/05 08:32:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/05 08:32:41 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/05 08:29:20 | 001,045,226 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
[2013/10/05 08:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/05 08:16:34 | 000,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/05 08:16:34 | 000,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/05 07:53:50 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\ServicesRepair.exe
[2013/10/05 07:45:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/10/03 18:18:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/10/05 08:29:18 | 001,045,226 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\adwcleaner.exe
[2013/10/05 08:12:09 | 2136,129,536 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/05 07:53:47 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\ServicesRepair.exe
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< >
< End of report >
OTL Extras logfile created on: 10/5/2013 8:39:10 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.88% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.34 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiSpywareOverride" = 0
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1AB60EB-989A-45CD-964E-3163639AF84A}" = TRI.Net Data Engine
"{A46F7968-271D-48D5-BCE9-568624123A48}" = VIPRE Internet Security
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Internet Security
"{C7DACB79-D0BE-477B-B63F-4BBF33F39B7A}" = TWC Client ActiveX Controls
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"sp6" = Logitech SetPoint 6.32
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"Trusted Software Assistant_is1" = File Type Assistant
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/6/2013 10:50:26 AM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Outlook.
Error - 6/6/2013 2:28:19 PM | Computer Name = HOME | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application outlook.exe, version 10.0.2616.0, faulting module
outllib.dll, version 10.0.2627.0, fault address 0x0010b468.
Error - 6/12/2013 7:01:16 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/8/2013 10:10:52 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/29/2013 5:19:44 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/27/2013 5:13:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/19/2013 8:25:27 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/25/2013 8:51:49 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00064d02.
Error - 9/30/2013 6:04:46 PM | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application tdsskiller.exe, version 3.0.0.11, faulting module
tdsskiller.exe, version 3.0.0.11, fault address 0x00034fb1.
[ System Events ]
Error - 10/5/2013 8:00:28 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:00:50 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:02:27 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:03:51 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:04:59 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SABKUTIL sbaphd
Error - 10/5/2013 8:09:27 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/5/2013 8:11:15 AM | Computer Name = HOME | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/5/2013 8:12:34 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 10/5/2013 8:21:40 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 10/5/2013 8:32:58 AM | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
< End of report >
#12
Posted 05 October 2013 - 07:50 AM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Does it show any error messages to you?My firewall keeps resetting to off.
Download RogueKiller to your desktop
Note: This is a French tool so don't be surprised when you find the page displays with some French.
- Quit all running programs
- Run RogueKiller.exe on your Desktop
- Wait until Prescan has finished...
- Click on Scan
- Wait for the scan to finish.
- The report is created on your desktop.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
#13
Posted 05 October 2013 - 12:16 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
No Errors, it doesn't let me turn on the vipre firewall. Here's the log you requested:
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Scan -- Date : 10/05/2013 14:09:19
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> FOUND
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10052013_140919.txt >>
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Scan -- Date : 10/05/2013 14:09:19
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> FOUND
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10052013_140919.txt >>
#14
Posted 05 October 2013 - 12:37 PM
Phel
-
- Malware Removal
-
- 1,386 posts
Trusted Helper
Step 1. RogueKiller fix.
Step 2. OTL scan.
- Quit all running programs
- For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
- Wait until Prescan has finished...
- Click on Scan
- Wait for the scan to finish.
- The report is created on your desktop.
- Click on the Delete button
- The report is created on your desktop.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Step 2. OTL scan.
- Run OTL.
- Click on Scan All Users checkbox, which is located near Quick Scan button.
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
BASESERVICES
- Then click the Run Scan button at the top.
- Let the program run unhindered.
- When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this file and post them in your topic.
- OTL.txt
- RKreport.txt
#15
Posted 05 October 2013 - 03:10 PM
whitewater
- Topic Starter
-
- Member
-
- 49 posts
Member
OTL logfile created on: 10/5/2013 5:03:59 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop\virus removal
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.35% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.31 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\virus removal\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0cd4aa9a\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1f18aef2\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e8a3b327\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\schedcompactdb.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\modlop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\dbprocessorop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\patchautodownload.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\scanmngsys.dll ()
MOD - C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2013/10/05 07:45:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/05 16:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\RK_Quarantine
[2013/10/05 14:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\virus removal
[2013/10/05 08:30:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/05 07:44:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/05 16:54:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/05 16:53:54 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/05 16:53:54 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/05 16:53:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/05 16:53:44 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/05 14:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/05 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/10/05 08:16:34 | 000,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/05 08:16:34 | 000,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/05 07:45:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/10/05 13:58:52 | 2136,129,536 | -HS- | C] () -- C:\hiberfil.sys
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< End of report >
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Remove -- Date : 10/05/2013 16:59:06
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> DELETED
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> [0xc0000034] Unknown error
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> DELETED
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> DELETED
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> DELETED
[ZeroAccess][File] @ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\@ [-] --> DELETED
[ZeroAccess][Folder] L : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 000000cb.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\000000cb.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000000.@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][Folder] ???ﯹ๛ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛ [-] --> DELETED
[ZeroAccess][Folder] ??? : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\??? [-] --> DELETED
[ZeroAccess][Folder] ??? : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\??? [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][File] @ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\@ [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\00000004.@ [-] --> DELETED
[ZeroAccess][File] 201d3dde : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\201d3dde [-] --> DELETED
[ZeroAccess][File] 76603ac3 : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\76603ac3 [-] --> DELETED
[ZeroAccess][Folder] L : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 000000cb.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\000000cb.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000000.@ [-] --> DELETED
[ZeroAccess][File] 80000032.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000032.@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][Folder] ???ﯹ๛ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛ [-] --> DELETED
[ZeroAccess][Folder] : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ [-] --> DELETED
[ZeroAccess][Folder] : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_10052013_165906.txt >>
RKreport[0]_S_10052013_165847.txt
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Scan -- Date : 10/05/2013 16:58:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> FOUND
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10052013_165847.txt >>
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dan\Desktop\virus removal
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.35% Memory free
3.84 Gb Paging File | 3.43 Gb Available in Paging File | 89.39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 431.31 Gb Free Space | 93.28% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Dan\Desktop\virus removal\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\mantle.exe (GFI Software Development Ltd.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
========== Modules (No Company Name) ==========
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0cd4aa9a\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1f18aef2\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e8a3b327\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libMachoUniv.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\Definitions\libBase64.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\schedcompactdb.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\modlop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\crmimodule.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\apistrings.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\dbprocessorop.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\unrar.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\patchautodownload.dll ()
MOD - C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\scanmngsys.dll ()
MOD - C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (SBAMSvc) -- C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREDrv.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (gfiutil) -- C:\WINDOWS\system32\drivers\gfiutil.sys (ThreatTrack Security)
DRV - (gfiark) -- C:\WINDOWS\system32\drivers\gfiark.sys (ThreatTrack Security)
DRV - (SbFw) -- C:\WINDOWS\system32\drivers\SbFw.sys (GFI Software)
DRV - (sbtis) -- C:\WINDOWS\system32\drivers\sbtis.sys (GFI Software)
DRV - (sbhips) -- C:\WINDOWS\system32\drivers\sbhips.sys (GFI Software)
DRV - (sbapifs) -- C:\WINDOWS\system32\drivers\sbapifs.sys (GFI Software)
DRV - (sbaphd) -- C:\WINDOWS\system32\drivers\sbaphd.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\WINDOWS\system32\drivers\SbFwIm.sys (GFI Software)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080523
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://webmail.neo.rr.com/
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes,DefaultScope = {EE443FBB-6959-4DF9-9202-CBA5F3CD9141}
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..\SearchScopes\{EE443FBB-6959-4DF9-9202-CBA5F3CD9141}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/02/16 21:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2013/10/05 07:45:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1144838760-1349409005-803156783-1005\..Trusted Domains: roadrunner.com ([webmail] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370089183593 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D786296-925B-4799-9CB9-41D04358C112}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA1D4EC1-CC71-4B1E-B652-5BAA80CF6AD7}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Program Files\Windows NT\shell.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/05 16:57:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\RK_Quarantine
[2013/10/05 14:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Desktop\virus removal
[2013/10/05 08:30:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/05 07:44:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/30 18:07:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/09/29 08:41:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/09/29 08:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/09/29 07:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/09/29 07:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/09/29 07:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
========== Files - Modified Within 30 Days ==========
[2013/10/05 16:54:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/05 16:53:54 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/05 16:53:54 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/10/05 16:53:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/05 16:53:44 | 2136,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/05 14:17:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/05 09:08:01 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013/10/05 08:16:34 | 000,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/05 08:16:34 | 000,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/05 07:45:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/09/29 09:04:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/09/25 21:19:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/25 21:04:14 | 000,003,129 | ---- | M] () -- C:\WINDOWS\System32\lanss_v102_lnsscomm.csv
[2013/09/15 08:56:07 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/14 08:30:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013/10/05 13:58:52 | 2136,129,536 | -HS- | C] () -- C:\hiberfil.sys
[2013/09/29 09:04:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\My Computer.lnk
[2013/05/19 07:46:58 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/14 18:22:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/31 15:24:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\housecall.guid.cache
[2009/07/09 18:42:24 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2008/05/29 18:49:24 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/13 20:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 20:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 20:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 09:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 20:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 20:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 20:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 20:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 20:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
No service found with a name of PolicyAgent
SRV - [2008/04/13 20:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 20:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 20:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 12:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 07:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 20:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 08:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 20:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 20:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 20:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 01:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 20:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 20:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 20:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 20:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/27 19:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 20:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 20:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 20:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 20:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 20:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 08:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/13 20:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 20:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 02:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< End of report >
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Remove -- Date : 10/05/2013 16:59:06
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> DELETED
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> [0xc0000034] Unknown error
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> DELETED
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> DELETED
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> DELETED
[ZeroAccess][File] @ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\@ [-] --> DELETED
[ZeroAccess][Folder] L : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 000000cb.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\000000cb.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000000.@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][Folder] ???ﯹ๛ : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛ [-] --> DELETED
[ZeroAccess][Folder] ??? : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\??? [-] --> DELETED
[ZeroAccess][Folder] ??? : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\??? [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][File] @ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\@ [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\00000004.@ [-] --> DELETED
[ZeroAccess][File] 201d3dde : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\201d3dde [-] --> DELETED
[ZeroAccess][File] 76603ac3 : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L\76603ac3 [-] --> DELETED
[ZeroAccess][Folder] L : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\L [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 000000cb.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\000000cb.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000000.@ [-] --> DELETED
[ZeroAccess][File] 80000032.@ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U\80000032.@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\U [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
[ZeroAccess][Folder] ???ﯹ๛ : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ \???ﯹ๛ [-] --> DELETED
[ZeroAccess][Folder] : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ \ [-] --> DELETED
[ZeroAccess][Folder] : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\ [-] --> DELETED
[ZeroAccess][Folder] {d7848744-75f7-dd6d-6058-92308e78e652} : C:\Program Files\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652} [-] --> DELETED
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_10052013_165906.txt >>
RKreport[0]_S_10052013_165847.txt
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Dan [Admin rights]
Mode : Scan -- Date : 10/05/2013 16:58:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[RUN][ZeroAccess] HKUS\S-1-5-21-1144838760-1349409005-803156783-1005\[...]\Run : Google Update ("C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install\{d7848744-75f7-dd6d-6058-92308e78e652}\???\???\???ﯹ๛\{d7848744-75f7-dd6d-6058-92308e78e652}\GoogleUpdate.exe" >) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] BearShareNAG.job : C:\DOCUME~1\Dan\LOCALS~1\Temp\BearShare_setup.exe - NAGMETHOD=Schedule [x][x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] Install : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Desktop\Install [-] --> FOUND
[ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
˙ž1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST3500630AS +++++
--- User ---
[MBR] 9f82521143eca16e474a6aac42254016
[BSP] dfe4c0bfa859120fb83a6a1aa43abcee : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 473501 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 969844050 | Size: 3380 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10052013_165847.txt >>
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
