Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

double blue underline - malware? help [Closed] [Solved]


  • This topic is locked This topic is locked

#16
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

# AdwCleaner v3.310 - Report created 24/09/2014 at 17:19:26
# Updated 12/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Daniel - V3G33
# Running from : C:\Documents and Settings\Daniel\Ambiente de trabalho\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Daniel\Application Data\eCyber

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\iSafe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v32.0.2 (x86 pt-PT)

[ File : C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\prefs.js ]


[ File : C:\Documents and Settings\Duarte\Application Data\Mozilla\Firefox\Profiles\hrkes8qm.default\prefs.js ]


[ File : C:\Documents and Settings\Marta\Application Data\Mozilla\Firefox\Profiles\7xtkcsyh.default\prefs.js ]


[ File : C:\Documents and Settings\Teresa\Application Data\Mozilla\Firefox\Profiles\yyxn6rr9.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Daniel\Definições locais\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Marta\Definições locais\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Teresa\Definições locais\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36477 octets] - [16/09/2014 09:46:03]
AdwCleaner[R1].txt - [1711 octets] - [16/09/2014 10:13:39]
AdwCleaner[R2].txt - [2088 octets] - [22/09/2014 16:50:11]
AdwCleaner[R3].txt - [2148 octets] - [24/09/2014 17:16:51]
AdwCleaner[S0].txt - [34874 octets] - [16/09/2014 09:49:39]
AdwCleaner[S1].txt - [1772 octets] - [16/09/2014 10:15:38]
AdwCleaner[S2].txt - [2075 octets] - [24/09/2014 17:19:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2135 octets] ##########
 


  • 0

Advertisements


#17
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

here are the TDSSKiller (2 files)

 

1.

 

17:25:14.0015 0x0dd0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:25:26.0671 0x0dd0  ============================================================
17:25:26.0671 0x0dd0  Current date / time: 2014/09/24 17:25:26.0671
17:25:26.0671 0x0dd0  SystemInfo:
17:25:26.0671 0x0dd0  
17:25:26.0671 0x0dd0  OS Version: 5.1.2600 ServicePack: 2.0
17:25:26.0671 0x0dd0  Product type: Workstation
17:25:26.0671 0x0dd0  ComputerName: V3G33
17:25:26.0671 0x0dd0  UserName: Daniel
17:25:26.0671 0x0dd0  Windows directory: C:\WINDOWS
17:25:26.0671 0x0dd0  System windows directory: C:\WINDOWS
17:25:26.0671 0x0dd0  Processor architecture: Intel x86
17:25:26.0671 0x0dd0  Number of processors: 2
17:25:26.0671 0x0dd0  Page size: 0x1000
17:25:26.0671 0x0dd0  Boot type: Normal boot
17:25:26.0671 0x0dd0  ============================================================
17:25:29.0093 0x0dd0  KLMD registered as C:\WINDOWS\system32\drivers\34854112.sys
17:25:29.0265 0x0dd0  System UUID: {9EE86917-F175-5FB9-C9BD-48D136282B1D}
17:25:30.0015 0x0dd0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:25:30.0031 0x0dd0  ============================================================
17:25:30.0031 0x0dd0  \Device\Harddisk0\DR0:
17:25:30.0031 0x0dd0  MBR partitions:
17:25:30.0031 0x0dd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
17:25:30.0046 0x0dd0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x10E713B5
17:25:30.0046 0x0dd0  ============================================================
17:25:30.0062 0x0dd0  C: <-> \Device\Harddisk0\DR0\Partition1
17:25:30.0109 0x0dd0  D: <-> \Device\Harddisk0\DR0\Partition2
17:25:30.0140 0x0dd0  ============================================================
17:25:30.0140 0x0dd0  Initialize success
17:25:30.0140 0x0dd0  ============================================================
17:26:46.0296 0x09c0  KLMD registered as C:\WINDOWS\system32\drivers\12559354.sys
17:26:49.0453 0x09c0  Deinitialize success
 

2.

 

17:28:49.0656 0x0ed0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:28:50.0437 0x0ed0  ============================================================
17:28:50.0437 0x0ed0  Current date / time: 2014/09/24 17:28:50.0437
17:28:50.0437 0x0ed0  SystemInfo:
17:28:50.0437 0x0ed0  
17:28:50.0437 0x0ed0  OS Version: 5.1.2600 ServicePack: 2.0
17:28:50.0437 0x0ed0  Product type: Workstation
17:28:50.0437 0x0ed0  ComputerName: V3G33
17:28:50.0437 0x0ed0  UserName: Daniel
17:28:50.0437 0x0ed0  Windows directory: C:\WINDOWS
17:28:50.0437 0x0ed0  System windows directory: C:\WINDOWS
17:28:50.0437 0x0ed0  Processor architecture: Intel x86
17:28:50.0437 0x0ed0  Number of processors: 2
17:28:50.0437 0x0ed0  Page size: 0x1000
17:28:50.0437 0x0ed0  Boot type: Normal boot
17:28:50.0437 0x0ed0  ============================================================
17:28:50.0437 0x0ed0  BG loaded
17:28:50.0625 0x0ed0  System UUID: {9EE86917-F175-5FB9-C9BD-48D136282B1D}
17:28:51.0265 0x0ed0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
17:28:51.0281 0x0ed0  ============================================================
17:28:51.0281 0x0ed0  \Device\Harddisk0\DR0:
17:28:51.0281 0x0ed0  MBR partitions:
17:28:51.0281 0x0ed0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
17:28:51.0296 0x0ed0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x10E713B5
17:28:51.0296 0x0ed0  ============================================================
17:28:51.0328 0x0ed0  C: <-> \Device\Harddisk0\DR0\Partition1
17:28:51.0359 0x0ed0  D: <-> \Device\Harddisk0\DR0\Partition2
17:28:51.0437 0x0ed0  ============================================================
17:28:51.0437 0x0ed0  Initialize success
17:28:51.0437 0x0ed0  ============================================================
17:29:00.0812 0x081c  ============================================================
17:29:00.0812 0x081c  Scan started
17:29:00.0812 0x081c  Mode: Manual; SigCheck; TDLFS;
17:29:00.0812 0x081c  ============================================================
17:29:00.0812 0x081c  KSN ping started
17:29:17.0265 0x081c  KSN ping finished: true
17:29:32.0843 0x081c  ================ Scan system memory ========================
17:29:32.0843 0x081c  System memory - ok
17:29:32.0843 0x081c  ================ Scan services =============================
17:29:35.0234 0x081c  [ 86D7B1E70661D754685B9AC6D749AAE5, 6C5B8A706984E3F36E3E0303CC23C4583AAE03B0532220F910BD4DCD72070063 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
17:29:45.0703 0x081c  61883 - ok
17:29:46.0015 0x081c  Abiosdsk - ok
17:29:46.0031 0x081c  abp480n5 - ok
17:29:46.0203 0x081c  [ 73B5CA89E9803720D119A03E1A8AA381, 73F4BC4CEF0B491DCBEEC9335BA22CA53432CB622EAF0786F5C327A8F60BB2F0 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:29:46.0515 0x081c  ACPI - ok
17:29:46.0531 0x081c  [ 4CBBD5516D8F7EB18314C9A593DA7744, 93350F02DD6BA240A9F84E5483A57412E06DED32F3B96D8DE9123B3EB26229FF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:29:46.0765 0x081c  ACPIEC - ok
17:29:46.0921 0x081c  [ C1EB9968EC89FBA5F3A264E2E57923AB, DEB0FC346C84FBF1192CC21D177BD1A8D86D552D5056BF95AE86B93C94124049 ] Adobe LM Service C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
17:29:47.0031 0x081c  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
17:29:49.0593 0x081c  Detect skipped due to KSN trusted
17:29:49.0593 0x081c  Adobe LM Service - ok
17:29:49.0687 0x081c  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:29:49.0796 0x081c  AdobeFlashPlayerUpdateSvc - ok
17:29:49.0796 0x081c  adpu160m - ok
17:29:50.0031 0x081c  [ 1EE7B434BA961EF845DE136224C30FEC, 0216D2277B6B4AB9B0E47E093CEEAC2030EFB4B87BA048EA730E40119AA06444 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:29:50.0546 0x081c  aec - ok
17:29:50.0718 0x081c  [ 55E6E1C51B6D30E54335750955453702, 49BE694FB65F195A65EC631558BA599345C6641A6A5AA2F1053611B715F4677A ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:29:50.0812 0x081c  AFD - ok
17:29:50.0812 0x081c  Aha154x - ok
17:29:50.0812 0x081c  aic78u2 - ok
17:29:50.0812 0x081c  aic78xx - ok
17:29:50.0890 0x081c  [ 2480CD0B62C3AC334DC3EED3216368AA, 8B780DEF5D72C2CB16B5806CFB6AD542ED647C55393E057F43DC7BE81B4D2E1A ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:29:51.0015 0x081c  Alerter - ok
17:29:51.0031 0x081c  [ AD8048DCC8382ABD902CB93A9E47B580, F8D852CC9087E169C7247A20F37F34380A8A5666F245304045D85FE178E98D69 ] ALG             C:\WINDOWS\System32\alg.exe
17:29:51.0156 0x081c  ALG - ok
17:29:51.0156 0x081c  AliIde - ok
17:29:51.0156 0x081c  amsint - ok
17:29:51.0328 0x081c  [ 116BFF96077A4A724E0AAB800525CEB5, 483C263B7E8183CFFC83DC4D422536FA40ADE7B3BD1709B8FAF99BE6A5A48995 ] AN983           C:\WINDOWS\system32\DRIVERS\AN983.sys
17:29:51.0468 0x081c  AN983 - ok
17:29:51.0890 0x081c  [ B4837FE56D76B2E9EA90E5365CF6A2BE, 4379A0BA850C787D6AD01F50D6FCEEA96E2F4800BAF1A0EEEC6BEFA6851762C1 ] AntiVirSchedulerService C:\Programas\Avira\AntiVir Desktop\sched.exe
17:29:52.0046 0x081c  AntiVirSchedulerService - ok
17:29:52.0109 0x081c  [ DF5A3016052755C910A206058B4A1729, 0E15807370B8EA28002D713490FD8DDD3E7FCFAE78477197CE2C0EFB5F176896 ] AntiVirService  C:\Programas\Avira\AntiVir Desktop\avguard.exe
17:29:52.0203 0x081c  AntiVirService - ok
17:29:52.0296 0x081c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:29:52.0328 0x081c  Apple Mobile Device - ok
17:29:52.0375 0x081c  [ 501BED0237742945CEE6EB7E94FF6DE1, 4F6A84D303F7BB9347886C7FD52228CE8AF7FDDB82E0FFA33D32D964CA2D5274 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:29:52.0500 0x081c  AppMgmt - ok
17:29:52.0515 0x081c  [ F0D692B0BFFB46E30EB3CEA168BBC49F, 745BE951F18C90FCD30C9A59BB861375C29FA49AF38D27EBFE4158FB7CAC86ED ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:29:52.0671 0x081c  Arp1394 - ok
17:29:52.0671 0x081c  asc - ok
17:29:52.0671 0x081c  asc3350p - ok
17:29:52.0687 0x081c  asc3550 - ok
17:29:52.0812 0x081c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:29:52.0906 0x081c  aspnet_state - ok
17:29:52.0937 0x081c  [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:29:53.0046 0x081c  AsyncMac - ok
17:29:53.0078 0x081c  [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:29:53.0187 0x081c  atapi - ok
17:29:53.0187 0x081c  Atdisk - ok
17:29:53.0218 0x081c  [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:29:53.0312 0x081c  Atmarpc - ok
17:29:53.0343 0x081c  [ E517173DD7C1A7F86AC862F5567297D3, 87DD98F159CE261EB2B9B1074E74594C1C2E89A5D168EDCBCA96118C51171F56 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:29:53.0468 0x081c  AudioSrv - ok
17:29:53.0500 0x081c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:29:53.0578 0x081c  audstub - ok
17:29:53.0656 0x081c  [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Programas\Ficheiros comuns\Autodesk Shared\Service\AdskScSrv.exe
17:29:53.0687 0x081c  Autodesk Licensing Service - ok
17:29:53.0718 0x081c  [ 87C223ADB8F7596B31CAAE3C67B16DDD, 8890EC45F3A604DD5F0158584D53F2B81ED687C35880CCAB3CC4B13EEF489C9D ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
17:29:53.0859 0x081c  Avc - ok
17:29:53.0890 0x081c  [ 0B497C79824F8E1BF22FA6AACD3DE3A0, D9238EFCE3BD9C280B8EC0766C2E99940CB97B1FE5354E6D5B714C13097BAB70 ] avgio           C:\Programas\Avira\AntiVir Desktop\avgio.sys
17:29:53.0906 0x081c  avgio - ok
17:29:53.0921 0x081c  [ 1E4114685DE1FFA9675E09C6A1FB3F4B, A9A558BBF5D1EFDC7C82D58307CE3C48FE41A0905A3C4010C3F24D083EC891AC ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:29:54.0156 0x081c  avgntflt - ok
17:29:54.0250 0x081c  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2, 0E06E5DE67BCFF8028311DE492279F9D8B3B11B68C49CA8B2AFA19FFFADCC18F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:29:54.0875 0x081c  avipbb - ok
17:29:54.0921 0x081c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:29:55.0015 0x081c  Beep - ok
17:29:55.0062 0x081c  [ 1D9287D157977954B68B5727C4C2502E, 9AC0AD968908DF9E67AD1A8397377651B1CF3A5B0EB4B48E575F891EEF0C44DC ] BITS            C:\WINDOWS\system32\qmgr.dll
17:29:55.0281 0x081c  BITS - ok
17:29:55.0312 0x081c  [ 01BB9E040038C7C24A70C86EC9DC5C7C, F0376F7ED23824469A433E4EF5A4848ACE0E55C01EBB721AFAF54215AADB197C ] Browser         C:\WINDOWS\System32\browser.dll
17:29:55.0437 0x081c  Browser - ok
17:29:55.0484 0x081c  [ D24B8D1784C68A25060FFFBE8ED34B76, E96FBABDB2B24050DD963C0CF39980DFBADB4DCE03CF5DC1C7CB0AE72A644608 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:29:55.0578 0x081c  BthEnum - ok
17:29:55.0609 0x081c  [ 10355270BE12641B9764235DA39DCF0F, 325EECDF0B062BDF0CE76BC0B42885197315CFDEAF3336566B5EFCA0860FF0F0 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:29:55.0703 0x081c  BthPan - ok
17:29:55.0765 0x081c  [ E8032B3B4CA963BEA2EE23530C59A32D, D946D4C192C04E76053EB62D123C0AB4D0D24C7AE024781F9E7512316F20C270 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
17:29:55.0875 0x081c  BTHPORT - ok
17:29:55.0921 0x081c  [ ECAA2A2B9A2BE308752871DC3C78036C, 4774AD650CDFCBA5AEFD45D78ADD092BF2899A934D87AF89DC98F06590A7A1C6 ] BthServ         C:\WINDOWS\System32\bthserv.dll
17:29:56.0031 0x081c  BthServ - ok
17:29:56.0046 0x081c  [ F06D4CB9918B462A84D9AC00027EFC30, 1F949DF5B768FB176A0203CD2C1260C15C7B4C5A3658230DA3BD7D8014614FD3 ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:29:56.0140 0x081c  BTHUSB - ok
17:29:56.0156 0x081c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:29:56.0265 0x081c  cbidf2k - ok
17:29:56.0312 0x081c  [ 6163ED60B684BAB19D3352AB22FC48B2, 5A7ED636D8B2178EA21FA986CC9168DEF258AA4FFB9DCD792A81A1D615AC5D5E ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:29:56.0421 0x081c  CCDECODE - ok
17:29:56.0437 0x081c  cd20xrnt - ok
17:29:56.0453 0x081c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:29:56.0546 0x081c  Cdaudio - ok
17:29:56.0578 0x081c  [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:29:56.0687 0x081c  Cdfs - ok
17:29:56.0734 0x081c  [ 7B53584D94E9D8716B2DE91D5F1CB42D, 2042D5D26ED7D43B4C69384F4E2D383761A57B0765F2501A844F98BD220C5246 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:29:57.0000 0x081c  Cdrom - ok
17:29:57.0031 0x081c  [ DAF1A8193B6CAF0FB858CADCC5C4AF4A, 1040AA15B1D739F8E3BD2B1BB2D5FEE2B2E3F27B16656025836037CD356781DA ] Changer         C:\WINDOWS\system32\drivers\Changer.sys
17:29:57.0125 0x081c  Changer - ok
17:29:57.0156 0x081c  [ FBB5A2268D3C98D27247DB809EB4204E, 2508E713E6B85044F4F34E6E50CE438D47C72B1559B4FFBB9888180A34D52BB1 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:29:57.0281 0x081c  CiSvc - ok
17:29:57.0281 0x081c  [ 05A26391201618430F915CCDA72E8C0E, 1441BE2AF5394930F832F63531B513CEABE6E45DF8683AC32C9B9218A13833FE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:29:57.0421 0x081c  ClipSrv - ok
17:29:57.0437 0x081c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:29:57.0656 0x081c  clr_optimization_v2.0.50727_32 - ok
17:29:57.0796 0x081c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:29:57.0953 0x081c  clr_optimization_v4.0.30319_32 - ok
17:29:57.0953 0x081c  CmdIde - ok
17:29:57.0953 0x081c  COMSysApp - ok
17:29:57.0968 0x081c  Cpqarray - ok
17:29:58.0015 0x081c  [ A61B4E39DD2A04D49C2DE4E887B67356, 73008271967192C860F33DC7CA0D90EABD8532C3777E766F9DC1D03C4A7F0DA0 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:29:58.0140 0x081c  CryptSvc - ok
17:29:58.0140 0x081c  dac2w2k - ok
17:29:58.0140 0x081c  dac960nt - ok
17:29:58.0203 0x081c  [ 800189F90CFE4E6CFF9147F0CBB65F78, 7E96BB5B2CAB90D4D63AC4A6C53D21B4071E91DCC3FE556B5F776C39AB590497 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:29:58.0312 0x081c  DcomLaunch - ok
17:29:58.0359 0x081c  [ F79FFC1694CE3E6D2AA61B389AFCD0D4, 24AE3D562776C2D249DE260713349D8EF256A9DCC8B5186F2EE7DBF264973339 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:29:58.0578 0x081c  Dhcp - ok
17:29:58.0625 0x081c  [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:29:58.0750 0x081c  Disk - ok
17:29:58.0750 0x081c  dmadmin - ok
17:29:58.0812 0x081c  [ 9C22D8206CBD15A3572A0C978952984E, 438A287A44554692D442D77F49E408BF1EC10429EA99F8A9B41894C83CC99856 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:29:58.0953 0x081c  dmboot - ok
17:29:58.0984 0x081c  [ 372CDC4C55405FB4FC82CD492C3A71B8, 84C6F62358F071DD6413A9275E293C94D0B0DF2EAD2CD6D7C2F4116793732420 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:29:59.0109 0x081c  dmio - ok
17:29:59.0156 0x081c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:29:59.0234 0x081c  dmload - ok
17:29:59.0265 0x081c  [ 282C89E7DCC6122ED435425102FAA924, 4BC576A36499D009E4C0C9B0337D33F06D71393FF8169FED042F9C223F067DEE ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:29:59.0359 0x081c  dmserver - ok
17:29:59.0406 0x081c  [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:29:59.0484 0x081c  DMusic - ok
17:29:59.0515 0x081c  [ 99FAFCB7F9A56CCA5535F8B48609ED7A, 9341472404C6614E50547A3C173AE56084781BAF22F88F88ECFEEDAC0471DB23 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:29:59.0796 0x081c  Dnscache - ok
17:29:59.0812 0x081c  dpti2o - ok
17:29:59.0828 0x081c  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:29:59.0906 0x081c  drmkaud - ok
17:29:59.0953 0x081c  [ 917DBC8693EAB879605908F7235DDFB0, 7C6402154630D39C0F8E7943DE42C36339891F1394C221B337EA53EC314D0163 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:30:00.0046 0x081c  ERSvc - ok
17:30:00.0078 0x081c  [ 04D7B81C1FF2154FD44D729795223359, C9D2E037BD344355D042BD99BF29210D48C3F8F35F94DC53D803424827F80393 ] Eventlog        C:\WINDOWS\system32\services.exe
17:30:00.0156 0x081c  Eventlog - ok
17:30:00.0203 0x081c  [ 8BE3CEC26578030D61BFDB7A514A5FB0, 93BDF685CD66A4122F98F4AEF2298315C4721CF9B66B13F0D95144CCA17F7B46 ] EventSystem     C:\WINDOWS\system32\es.dll
17:30:00.0250 0x081c  EventSystem - ok
17:30:00.0281 0x081c  [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:30:00.0375 0x081c  Fastfat - ok
17:30:00.0406 0x081c  [ 08693B64B2004210E15179DF4C16BBA6, A17EF9129CF2C3A38CFDF27B8A9CF6B9B4D1975FBAEA6EFEE9FD16426D6CBBB6 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:30:00.0640 0x081c  FastUserSwitchingCompatibility - ok
17:30:00.0656 0x081c  [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
17:30:00.0734 0x081c  Fdc - ok
17:30:00.0750 0x081c  [ A028AF04CF101BCF5E46DD16B6131818, 32480D875BFB3AD6FA6A5F335EEC84B87BFC3C052C0FC6C15C3FB84ADD61AE31 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:30:00.0828 0x081c  Fips - ok
17:30:00.0859 0x081c  [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:30:00.0937 0x081c  Flpydisk - ok
17:30:00.0968 0x081c  [ 3D234FB6D6EE875EB009864A299BEA29, 9FEB003BDE7900AECDE9F9FFE0ECD7079B460714B582B7EB8EDB89E7F4D1FE59 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:30:01.0187 0x081c  FltMgr - ok
17:30:01.0250 0x081c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:30:01.0281 0x081c  FontCache3.0.0.0 - ok
17:30:01.0312 0x081c  [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
17:30:01.0328 0x081c  fssfltr - ok
17:30:01.0375 0x081c  [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc          C:\Programas\Windows Live\Family Safety\fsssvc.exe
17:30:01.0421 0x081c  fsssvc - ok
17:30:01.0437 0x081c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:30:01.0515 0x081c  Fs_Rec - ok
17:30:01.0562 0x081c  [ AAE88D91B75EEFD3429CA49B07451812, D725CF4E1C581DB689393540BB5935C7F75F197DE7798F282BA3086EEA303AA8 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:30:01.0640 0x081c  Ftdisk - ok
17:30:01.0671 0x081c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
17:30:01.0687 0x081c  GEARAspiWDM - ok
17:30:01.0703 0x081c  [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:30:01.0781 0x081c  Gpc - ok
17:30:01.0859 0x081c  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Programas\Google\Update\GoogleUpdate.exe
17:30:01.0875 0x081c  gupdate - ok
17:30:01.0890 0x081c  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Programas\Google\Update\GoogleUpdate.exe
17:30:01.0890 0x081c  gupdatem - ok
17:30:01.0937 0x081c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
17:30:01.0953 0x081c  gusvc - ok
17:30:01.0984 0x081c  [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:30:02.0031 0x081c  HDAudBus - ok
17:30:02.0093 0x081c  [ 1BD3E215A4DBC73A95B5294F5864D1A6, 566B902415E6D0EAFEC647D171C112312D2761B6314051620F9FDDCB7A18EBCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:30:02.0171 0x081c  helpsvc - ok
17:30:02.0203 0x081c  [ 110D83DD5EDCF0E5A9574FB56D3809DD, 34231C4A712A373F7254499CF436F005CBF3C96F770AD0EA9438A24FC9A0CD0A ] HidServ         C:\WINDOWS\System32\hidserv.dll
17:30:02.0296 0x081c  HidServ - ok
17:30:02.0328 0x081c  [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:30:02.0406 0x081c  HidUsb - ok
17:30:02.0406 0x081c  hpn - ok
17:30:02.0421 0x081c  [ 863CC3A82C63C9F60ACF2E85D5310620, 51CBC73D696BB87FBF3F4CD31ADE38DF9B8476DFAC38356A5C0ABD8CA63A5494 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:30:02.0468 0x081c  HPZid412 - ok
17:30:02.0484 0x081c  [ 08CB72E95DD75B61F2966B311D0E4366, 3C4CBCA84B67DBFD00C3A2470EE0CBE1F66AF549E9579B016C659BEE40219D24 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:30:02.0546 0x081c  HPZipr12 - ok
17:30:02.0562 0x081c  [ CA990306ED4EF732AF9695BFF24FC96F, 083532116547447D4A82CA02181AB4099944082405036EE38D7A3FB09CFDDC95 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:30:02.0671 0x081c  HPZius12 - ok
17:30:02.0718 0x081c  [ CB77BB47E67E84DEB17BA29632501730, C31841DF59E56C7B5DE7C98C7E98836CB81089165F55D3E44D5CE8072CA09CB1 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:30:02.0953 0x081c  HTTP - ok
17:30:02.0968 0x081c  [ 0F1C61B94056F8B3B1ECF8BB1E38A26E, 1ACE1B29F7528469FC5303DEB597662F15D278C56CE93C5AC79F0CB2606BAA88 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:30:03.0062 0x081c  HTTPFilter - ok
17:30:03.0093 0x081c  [ 8F09F91B5C91363B77BCD15599570F2C, D855AA7187616E056EA01A0CB1DC9AC16A13B54143FF3C61333BD9A2C0CF3D29 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
17:30:03.0171 0x081c  i2omgmt - ok
17:30:03.0171 0x081c  i2omp - ok
17:30:03.0203 0x081c  [ DA367F4E3C1E8DA66F4095DB9818D828, E12E9CFC53411B05FDF5D3C79540E17CFC441A8802B866706B4505A1C9B77E50 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:30:03.0281 0x081c  i8042prt - ok
17:30:03.0515 0x081c  [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:30:03.0921 0x081c  ialm - ok
17:30:04.0015 0x081c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:30:04.0078 0x081c  idsvc - ok
17:30:04.0125 0x081c  [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:30:04.0203 0x081c  Imapi - ok
17:30:04.0234 0x081c  [ C9981CF32F7069D82D9D601493675164, 60F8EA192C82E7FFD3A85CA3F103CBDF633BAF25DD2FBFB0A208DA9E4A884074 ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:30:04.0312 0x081c  ImapiService - ok
17:30:04.0312 0x081c  ini910u - ok
17:30:04.0500 0x081c  [ B29781B9A90CD55FC5D859C0B1C243BC, 2FE6DBC518BE0D4F963A5FBACC6197DD6F85317436D887386D5184C72EBF2302 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:30:04.0765 0x081c  IntcAzAudAddService - ok
17:30:04.0781 0x081c  IntelIde - ok
17:30:04.0796 0x081c  [ 42808BB3E5428A3530340A22B9F2EE38, A78479E19B372B5EE9286D1B26B89FAAE6004F93D985E588E13004A93593E33A ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:30:04.0875 0x081c  intelppm - ok
17:30:04.0890 0x081c  [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:30:04.0984 0x081c  Ip6Fw - ok
17:30:05.0000 0x081c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:30:05.0078 0x081c  IpFilterDriver - ok
17:30:05.0078 0x081c  [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:30:05.0171 0x081c  IpInIp - ok
17:30:05.0203 0x081c  [ E2168CBC7098FFE963C6F23F472A3593, 93B60D02ACBDDCE78BD4020B9CE0C132A8DD28FC2266B2748A22717B93AFF7C9 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:30:05.0437 0x081c  IpNat - ok
17:30:05.0484 0x081c  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Programas\iPod\bin\iPodService.exe
17:30:05.0546 0x081c  iPod Service - ok
17:30:05.0578 0x081c  [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:30:05.0718 0x081c  IPSec - ok
17:30:05.0765 0x081c  [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:30:05.0843 0x081c  IRENUM - ok
17:30:05.0875 0x081c  [ 3CEA73763AF6F1967E90BEF111C4BEB0, 3BC886B6D7DB7D1E2E08A6B7C8075CA84439D4AD90F299403FD246862B1968C1 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:30:05.0984 0x081c  isapnp - ok
17:30:06.0140 0x081c  [ B591E761161D1EF547D76EF236EAA6A5, 9A4125350F96C248380E6E834C65C14700F9CCEDB9CD34DEDF1119ED2274697A ] JavaQuickStarterService C:\Programas\Java\jre7\bin\jqs.exe
17:30:06.0203 0x081c  JavaQuickStarterService - ok
17:30:06.0218 0x081c  [ 1DE083CCA497801E99247F6A8A605BAC, 20278A7D3CCED09F520C8FB1C3F3C6AA161681BB1D58BA778F745D6BD6F1DC9C ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:30:06.0296 0x081c  Kbdclass - ok
17:30:06.0328 0x081c  [ 90BBD6C6D82C18884E7D5A1C24E72F46, AE8CEDB35AB59BD1B039DDF246FDD9D6ECE7BFA80E75C960855E6B9A388ACA4F ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:30:06.0406 0x081c  kbdhid - ok
17:30:06.0453 0x081c  [ BA5DEDA4D934E6288C2F66CAF58D2562, 2250B75EEAD92CA56A1F8BB3F6523F9A5625676E38845A4DE0BFECE5EA17DBFA ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:30:06.0671 0x081c  kmixer - ok
17:30:06.0687 0x081c  [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:30:06.0765 0x081c  KSecDD - ok
17:30:06.0796 0x081c  [ 6D5A3E34D5111870C085B048A4E242C7, 3A3B30EC9C194A91F1A56736BF32ED78C1CB5BF278C91682BECAB54B23C790EF ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:30:07.0015 0x081c  lanmanserver - ok
17:30:07.0046 0x081c  [ 8379637C29ACF9E7282AFE6DD39D1C6C, DAFBE33745636E15F990FC4451DF35EA11BAA9E253B5135CC300B5AC3C891C01 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:30:07.0296 0x081c  lanmanworkstation - ok
17:30:07.0328 0x081c  [ CC50A66548C2F285BC8A7B0B8AA578E3, E83B02D01520FE74670E6BFE4AAD8FF346B935FE38FF5538DEDC36616B5B7E0D ] lbrtfdc         C:\WINDOWS\system32\drivers\lbrtfdc.sys
17:30:07.0406 0x081c  lbrtfdc - ok
17:30:07.0453 0x081c  [ 6E5DAC168D1FF9843E84A59D51D31107, A847CFEB0D18E7865D483C74560DF67772DCB8EC22DB0F5910F3A68BFA9F3DCD ] LightScribeService C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
17:30:07.0468 0x081c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
17:30:09.0828 0x081c  Detect skipped due to KSN trusted
17:30:09.0828 0x081c  LightScribeService - ok
17:30:09.0859 0x081c  [ 22B32FAC6BB36B5A69BE7913511E4545, 8623FF7E2E587653E46AE8417C158BF6B538CB769D04F285E6B5C2BCCC8CF2A3 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:30:09.0937 0x081c  LmHosts - ok
17:30:09.0968 0x081c  [ 8BE71D7EDB8C7494913722059F760DD0, BA02D1EC025BDA8ADAE34483AB6B422A75D0C11392761F83BCB0D0ADB5B1EAE2 ] LVPr2Mon        C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
17:30:10.0000 0x081c  LVPr2Mon - ok
17:30:10.0046 0x081c  [ 2333057542C91AE8228BDCCC2E5F2632, 51324D2D468DCDEA039F848585F6C78F99801D2725F7ACED2466E2D20BF112CD ] LVPrcSrv        C:\Programas\Ficheiros comuns\Logishrd\LVMVFM\LVPrcSrv.exe
17:30:10.0062 0x081c  LVPrcSrv - ok
17:30:10.0109 0x081c  [ A1857FBB9B4930EEB2FD92386C45C529, E28BF754FE5F6F9AF466B1433FDAC934EDAD4AD95F8AF5DAF5A37FB71A3FEB67 ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
17:30:10.0125 0x081c  LVRS - ok
17:30:10.0468 0x081c  [ 3703406AF0726BADD24C5E552493E5B1, 224A39EE2C3724FD10D462A5A9182C99957051475FD7928270B89F92C96EC03D ] LVUVC           C:\WINDOWS\system32\DRIVERS\lvuvc.sys
17:30:11.0265 0x081c  LVUVC - ok
17:30:11.0437 0x081c  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Programas\McAfee Security Scan\3.8.130\McCHSvc.exe
17:30:11.0531 0x081c  McComponentHostService - ok
17:30:12.0046 0x081c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
17:30:12.0734 0x081c  MDM - ok
17:30:12.0796 0x081c  [ C00DBFFCE443F7A3572D4AA4519D7AE8, EAED45C1B223E80FEFD468E3754C5334FDF9A5C389020F67FBCA7B07478B9EAD ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:30:12.0968 0x081c  Messenger - ok
17:30:13.0328 0x081c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:30:13.0484 0x081c  mnmdd - ok
17:30:14.0140 0x081c  [ F1B0B18FA56F81785AEEA8D2C1963612, F4018AC168B2E14E4EE0A01B1B8A469521EBB0F5B91F290DD9EAD65D0D8AF6C5 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:30:14.0343 0x081c  mnmsrvc - ok
17:30:14.0359 0x081c  [ 9F540D8E246C1CF5B8E3CC471081DB57, AD868D1178495A37F4D51FF878A4EC617C304D3623D6EDBE2A2CB5B9D0A20C29 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:30:14.0562 0x081c  Modem - ok
17:30:14.0687 0x081c  [ 79B1D3DFAD7FD78BBADF480E43664551, 58FD151BA03DACD9FF1017F68231F78EDE255DA1FE1E8C407243D97A4E81B41E ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:30:14.0890 0x081c  Mouclass - ok
17:30:14.0953 0x081c  [ FFB65F7837E634E2F5A4C4141479F019, B4556E367BAB932A05F7C803569924B1B307266B85C46474A3D14DC8E50512F3 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:30:15.0078 0x081c  mouhid - ok
17:30:15.0406 0x081c  [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:30:15.0546 0x081c  MountMgr - ok
17:30:15.0718 0x081c  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe
17:30:15.0953 0x081c  MozillaMaintenance - ok
17:30:15.0968 0x081c  mraid35x - ok
17:30:17.0218 0x081c  [ 29414447EB5BDE2F8397DC965DBB3156, 351D359CC6C1C35522BB55B7CAC6C881B25FD6A0E057A8D7F84EE5A193029A23 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:30:17.0750 0x081c  MRxDAV - ok
17:30:18.0562 0x081c  [ FB6C89BB3CE282B08BDB1E3C179E1C39, 0558617DB859228332F4B7E44875AB3CDBA370E78C23BB5E80B159AAA7087B3E ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:30:18.0765 0x081c  MRxSmb - ok
17:30:18.0812 0x081c  [ E9729B2F3060E82635BE788A326C8021, 4E1E7D167E5B82E9D226BFA8B77A05F63C7F7D03D33A98DF11CBA6476FC05AE0 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:30:18.0937 0x081c  MSDTC - ok
17:30:19.0000 0x081c  [ 6DD721DFD2648F3F6D5808B5BA6CB095, 477F2B9A83457BA7C891D74A7E6FEE8971B0EBFC5E6B4C20EFB5D0E21E6CBCA1 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
17:30:19.0187 0x081c  MSDV - ok
17:30:19.0484 0x081c  [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:30:19.0609 0x081c  Msfs - ok
17:30:19.0609 0x081c  MSIServer - ok
17:30:19.0656 0x081c  [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:30:19.0765 0x081c  MSKSSRV - ok
17:30:19.0843 0x081c  [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:30:19.0968 0x081c  MSPCLOCK - ok
17:30:20.0015 0x081c  [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:30:20.0125 0x081c  MSPQM - ok
17:30:20.0312 0x081c  [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:30:20.0437 0x081c  mssmbios - ok
17:30:20.0765 0x081c  [ BF13612142995096AB084F2DB7F40F77, E23FA89B54772A33A0A92A0701F02CB9683823FCA5CC192235378E1433FB21CF ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:30:20.0890 0x081c  MSTEE - ok
17:30:20.0937 0x081c  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:30:21.0046 0x081c  MTsensor - ok
17:30:21.0093 0x081c  [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:30:21.0265 0x081c  Mup - ok
17:30:21.0343 0x081c  [ 5C8DC6429C43DC6177C1FA5B76290D1A, BBD145E87D4CF25A873CAE89DF29DF297187B604D42CD36AD8D3F62A033D906E ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:30:21.0546 0x081c  NABTSFEC - ok
17:30:21.0625 0x081c  [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:30:21.0875 0x081c  NDIS - ok
17:30:21.0937 0x081c  [ 520CE427A8B298F54112857BCF6BDE15, 521BFFC460D64CD69D12F8C9D61CEBE409A63F1F1FB928450E4564DA29C0FFEA ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:30:22.0031 0x081c  NdisIP - ok
17:30:22.0109 0x081c  [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:30:22.0281 0x081c  NdisTapi - ok
17:30:22.0312 0x081c  [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:30:22.0453 0x081c  Ndisuio - ok
17:30:22.0656 0x081c  [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:22.0796 0x081c  NdisWan - ok
17:30:22.0937 0x081c  [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:30:23.0078 0x081c  NDProxy - ok
17:30:23.0140 0x081c  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
17:30:23.0218 0x081c  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
17:30:33.0296 0x081c  Netaapl ( UnsignedFile.Multi.Generic ) - warning
17:30:35.0656 0x081c  [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:30:35.0750 0x081c  NetBIOS - ok
17:30:35.0765 0x081c  [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:30:35.0875 0x081c  NetBT - ok
17:30:35.0906 0x081c  [ 13548D2EA24D6A991EFCF98709CD55CD, FD56D6CB6079D00449868111316BFFF0AEB69D7F49EFD1B8A10B57367A2ECC0C ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:30:36.0000 0x081c  NetDDE - ok
17:30:36.0000 0x081c  [ 13548D2EA24D6A991EFCF98709CD55CD, FD56D6CB6079D00449868111316BFFF0AEB69D7F49EFD1B8A10B57367A2ECC0C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:30:36.0359 0x081c  NetDDEdsdm - ok
17:30:36.0390 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:30:36.0468 0x081c  Netlogon - ok
17:30:36.0500 0x081c  [ A35DEBD574ED8BAC425B6B02A9FBDC1E, 4A13E36EB16C5C44DF0E3CF5B8B504096BE3D47088B4E35F907C923EE4B1519B ] Netman          C:\WINDOWS\System32\netman.dll
17:30:36.0734 0x081c  Netman - ok
17:30:36.0765 0x081c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:30:36.0781 0x081c  NetTcpPortSharing - ok
17:30:36.0812 0x081c  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC, AD1FD07DD9E745C29986C2A25E9EF80B93CBF0F47FCF76741DD6E9CC81C7D241 ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:30:36.0906 0x081c  NIC1394 - ok
17:30:36.0937 0x081c  [ AD76F24EA9A38C9A920D94DBA2C14D78, D1DCD50D47A6F2134147FA277F55996E77604ECC51ACFDB005BC6AE891DC0BE0 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:30:37.0000 0x081c  Nla - ok
17:30:37.0062 0x081c  [ C4EBBBD7165BE535F0BFD06B80601D91, BA8C8A42081E3F87690CC8312B106A9297F3D25F29E3C3F84F460B98FC18C201 ] NMIndexingService C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
17:30:37.0093 0x081c  NMIndexingService - detected UnsignedFile.Multi.Generic ( 1 )
17:30:39.0453 0x081c  Detect skipped due to KSN trusted
17:30:39.0453 0x081c  NMIndexingService - ok
17:30:39.0468 0x081c  [ F6C40E0A565EE3CE5AEEB325E10054F2, 30C8BA41B1C235ECB2C7F29CD76C8F41B8D705BE7DD44F66666C28275EA56BAC ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
17:30:39.0906 0x081c  nmwcd - ok
17:30:39.0953 0x081c  [ 2A394E9E1FA3565E4B2FEA470FFE4D6B, 879BE61C4256C9B855AA269C241A0D24E9ECE3CA0F3AFFB2E11D9340C0428D31 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
17:30:40.0031 0x081c  nmwcdc - ok
17:30:40.0062 0x081c  [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:30:40.0156 0x081c  Npfs - ok
17:30:40.0218 0x081c  [ 19A811EF5F1ED5C926A028CE107FF1AF, 97606850041DE4E568188FB28AA3D5B10A4E96DB9551A77BC3A17ED67D5D4474 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:30:40.0484 0x081c  Ntfs - ok
17:30:40.0515 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:30:40.0593 0x081c  NtLmSsp - ok
17:30:40.0625 0x081c  [ E310509A2D0E7344E20DD6E19B4187EB, F50F4ECA88DE37555DF7328504CCE0C1788BC239D89BF12A64F585EB6EDDE2C1 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:30:40.0734 0x081c  NtmsSvc - ok
17:30:40.0750 0x081c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:30:40.0828 0x081c  Null - ok
17:30:40.0843 0x081c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:30:40.0937 0x081c  NwlnkFlt - ok
17:30:40.0953 0x081c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:30:41.0046 0x081c  NwlnkFwd - ok
17:30:41.0062 0x081c  [ 0951DB8E5823EA366B0E408D71E1BA2A, EAF0E680BC476D8CEBAD0C21F2EDB958F333B731E8B131DA450D716FEC2C87B0 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:30:41.0140 0x081c  ohci1394 - ok
17:30:41.0171 0x081c  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE
17:30:41.0187 0x081c  ose - ok
17:30:41.0218 0x081c  [ EE97CF9536FEF3884B3F6CBC6A4B1B2B, 74A1C07041FB7586FF337AC55E1C188FDA6ADF06BC9EAD8AB686B1AAE5C962C0 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:30:41.0312 0x081c  Parport - ok
17:30:41.0312 0x081c  [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:30:41.0390 0x081c  PartMgr - ok
17:30:41.0421 0x081c  [ 5BE4416A102731C5271BADD028608452, 0366C1C20EBB6661C87986D7AECD778D2038721D6ED60D375E04C67505FE6BDC ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:30:41.0500 0x081c  ParVdm - ok
17:30:41.0531 0x081c  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:30:41.0578 0x081c  pccsmcfd - ok
17:30:41.0593 0x081c  [ 0662A7C9B8FD3DFB46F54F47C2EA54FF, 88C24E927B60D6D0936A8F5F1BC16C86B6201609BE6E4F347A3634BEF72C71C9 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:30:41.0703 0x081c  PCI - ok
17:30:41.0703 0x081c  PCIDump - ok
17:30:41.0703 0x081c  [ 935346D9049480BA68E31A41EC92627B, 60D2B137E1674C4F63FF03A49D6C298B124D9F6AAAB647802E9D713D37094292 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:30:41.0796 0x081c  PCIIde - ok
17:30:41.0828 0x081c  [ 99F830817F2647612D0D955C0F150449, 070EA6C4BAC2B7BB47E89A849AD57119586FD7FC19AE9FCB703A84DA4336DD4E ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:30:41.0906 0x081c  Pcmcia - ok
17:30:41.0921 0x081c  PDCOMP - ok
17:30:41.0921 0x081c  PDFRAME - ok
17:30:41.0921 0x081c  PDRELI - ok
17:30:41.0921 0x081c  PDRFRAME - ok
17:30:41.0921 0x081c  perc2 - ok
17:30:41.0921 0x081c  perc2hib - ok
17:30:41.0953 0x081c  [ 04D7B81C1FF2154FD44D729795223359, C9D2E037BD344355D042BD99BF29210D48C3F8F35F94DC53D803424827F80393 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:30:42.0000 0x081c  PlugPlay - ok
17:30:42.0015 0x081c  [ FB03F341FF5380394BF2EE52F1979925, 50795312FB3C90FFE3BF6F6C3FCDC489A3C8DA9801F13689C8A7B78C56D571A2 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:30:42.0031 0x081c  Pml Driver HPZ12 - ok
17:30:42.0031 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:30:42.0109 0x081c  PolicyAgent - ok
17:30:42.0125 0x081c  [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:30:42.0203 0x081c  PptpMiniport - ok
17:30:42.0218 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:30:42.0281 0x081c  ProtectedStorage - ok
17:30:42.0281 0x081c  [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:30:42.0359 0x081c  PSched - ok
17:30:42.0406 0x081c  [ 0B6DEA0A1662CAB8F2BF339DC0752EF4, 596400163A8021C886D06B8469E67A1AC88EDFB904FC5B7CF726DCAB1F293E0F ] PSI_SVC_2       c:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe
17:30:42.0421 0x081c  PSI_SVC_2 - ok
17:30:42.0421 0x081c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:30:42.0500 0x081c  Ptilink - ok
17:30:42.0500 0x081c  ql1080 - ok
17:30:42.0515 0x081c  Ql10wnt - ok
17:30:42.0515 0x081c  ql12160 - ok
17:30:42.0515 0x081c  ql1240 - ok
17:30:42.0515 0x081c  ql1280 - ok
17:30:42.0531 0x081c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:30:42.0625 0x081c  RasAcd - ok
17:30:42.0640 0x081c  [ 3A0C728492C0BD4B86AC44BD85AA5508, 213B50ED80C06F4D666E0A4DEF88B9A19CCE76CCF049A2A952E2AEDC79D8F515 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:30:42.0718 0x081c  RasAuto - ok
17:30:42.0718 0x081c  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:30:42.0812 0x081c  Rasl2tp - ok
17:30:42.0859 0x081c  [ 8D162968C40AC984E6B2C1361A72B5FC, 872E2546A1977B01656E8CEE32C0BCB653CCAC719835D9CCB695D3F00987A1E3 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:30:43.0062 0x081c  RasMan - ok
17:30:43.0078 0x081c  [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:30:43.0156 0x081c  RasPppoe - ok
17:30:43.0156 0x081c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:30:43.0234 0x081c  Raspti - ok
17:30:43.0281 0x081c  [ 03B965B1CA47F6EF60EB5E51CB50E0AF, 56B0F5FC470385F2FF4E4573099C96772EDB985398859B9F7ACE0AA704BB47B7 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:30:43.0500 0x081c  Rdbss - ok
17:30:43.0531 0x081c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:30:43.0609 0x081c  RDPCDD - ok
17:30:43.0625 0x081c  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:30:43.0703 0x081c  rdpdr - ok
17:30:43.0734 0x081c  [ B54CD38A9EBFBF2B3561426E3FE26F62, 2BE75A68C598A2E162F09BCBA140909B9480A7E06A733B5D58673A172CAD8084 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:30:43.0953 0x081c  RDPWD - ok
17:30:43.0984 0x081c  [ FADB7AF4B25D2092D077EE377D5A8E88, 8CCC4D9D85CACAC7CE0EC31C8A0785313D7E02D6042206089795F737794BDE91 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:30:44.0062 0x081c  RDSessMgr - ok
17:30:44.0093 0x081c  [ 3CAB70E0FB2B838D93FC9E95AB303C49, CAA393E8F2A4B297B2716D57269537B3D811827486AD3F21A4187115C5ADE706 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:30:44.0171 0x081c  redbook - ok
17:30:44.0203 0x081c  [ 734C8259001DDB2BDEAE14EF2BE05EF6, 38F6E3B06AB29D8BAFA7209BD6952494F195BF9AB18609869D8C5BEEC37F4864 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:30:44.0296 0x081c  RemoteAccess - ok
17:30:44.0312 0x081c  [ 4D76C45DE2A470BE36B71EACD535A32B, 3F71DBC539BBDE371D42A5D75B66CEB8A97F99C94AE32C29A195D7FD5CE8B3A5 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:30:44.0406 0x081c  RemoteRegistry - ok
17:30:44.0421 0x081c  [ 99C4B74981A1413F142A3903130088CB, 46F17447F4E5C90AA726BE9076288D4726FB3E5B0AC5B57059452213F46C15CC ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:30:44.0515 0x081c  RFCOMM - ok
17:30:44.0531 0x081c  [ F3B4141C14B4F97282CFFB5CAD146DB7, 8D0AE59D429535F2B0A293C2DC1E4A3493319E88A0B9A308BEA524ECE62C1827 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:30:44.0640 0x081c  RpcLocator - ok
17:30:44.0656 0x081c  [ 800189F90CFE4E6CFF9147F0CBB65F78, 7E96BB5B2CAB90D4D63AC4A6C53D21B4071E91DCC3FE556B5F776C39AB590497 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:30:44.0718 0x081c  RpcSs - ok
17:30:44.0765 0x081c  [ 09405A46F4BD1D19074C71841DA1159E, 745D60A3FA1279644737D6878606FCB4F62713AC44D8E534DFBBA7DD01045FB7 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:30:44.0843 0x081c  RSVP - ok
17:30:44.0859 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] SamSs           C:\WINDOWS\system32\lsass.exe
17:30:44.0921 0x081c  SamSs - ok
17:30:44.0953 0x081c  [ 2A29DA95C8127397F5B691605515E2DF, 720B0E44F108006D420700FCC48B083AABD95CE956635768470A37AADA11FADE ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:30:45.0046 0x081c  SCardSvr - ok
17:30:45.0078 0x081c  [ 3B9F47CF0071146F7A93C9E9BD932D83, 15724BE53DBB349D9A3297AC716922D207306742F3425966AE0A3EA643B8E722 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:30:45.0171 0x081c  Schedule - ok
17:30:45.0234 0x081c  [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort         C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:30:45.0265 0x081c  SeaPort - ok
17:30:45.0281 0x081c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:30:45.0500 0x081c  Secdrv - ok
17:30:45.0515 0x081c  [ E9EF4B801C7312702A467CEE052A17C7, DF8630F9F865BA8AEEBD2BDCC9F0043A3F04FD20AB2E584DB04EB83CCB3AE327 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:30:45.0593 0x081c  seclogon - ok
17:30:45.0593 0x081c  [ 411C77BBA18C584B9537F5F7F712F0B8, CB6D5E9ED564C400FAC5AD01EC2A2AFE7A229FD971CB6845FDDB83CA13C24285 ] SENS            C:\WINDOWS\system32\sens.dll
17:30:45.0687 0x081c  SENS - ok
17:30:45.0687 0x081c  [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:30:45.0765 0x081c  serenum - ok
17:30:45.0765 0x081c  [ 666033F36C32616AF7EF551F6EC30B3C, D9A58E12E917E51FE437E0FF963DE2A6B40E6737D09C6B667320C1D39B6EC09A ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:30:45.0843 0x081c  Serial - ok
17:30:45.0921 0x081c  [ C3BB6CF8F9EE199005A2AAE2815AD756, 7A817599C2F3AD819D643223AA714CCCB790EE5983096D8D9CD2D626D6924837 ] ServiceLayer    C:\Programas\PC Connectivity Solution\ServiceLayer.exe
17:30:45.0968 0x081c  ServiceLayer - ok
17:30:46.0000 0x081c  [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:30:46.0078 0x081c  Sfloppy - ok
17:30:46.0093 0x081c  [ 8C3AAFE9DA7345E3DE6CFFDBA41E61E6, F047BE8EA747513BCDDCD010FDA02551B1D9A2124684E9A7B91AF16322CEF755 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:30:46.0203 0x081c  SharedAccess - ok
17:30:46.0218 0x081c  [ 08693B64B2004210E15179DF4C16BBA6, A17EF9129CF2C3A38CFDF27B8A9CF6B9B4D1975FBAEA6EFEE9FD16426D6CBBB6 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:30:46.0437 0x081c  ShellHWDetection - ok
17:30:46.0453 0x081c  Simbad - ok
17:30:46.0468 0x081c  [ 5CAEED86821FA2C6139E32E9E05CCDC9, 63F91C95FD2914DAEC648A6EAF75EE5E18EAA7754F5A03A57D693AC49C66479E ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:30:46.0562 0x081c  SLIP - ok
17:30:46.0640 0x081c  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Programas\Sony\Sony PC Companion\PCCService.exe
17:30:46.0656 0x081c  Sony PC Companion - ok
17:30:46.0671 0x081c  Sparrow - ok
17:30:46.0687 0x081c  [ 0CE218578FFF5F4F7E4201539C45C78F, 2C87C8993C3B9CE3589262E178B2B12FF9F2D83E5E8C2B97648D7FA24E3BD985 ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:30:46.0906 0x081c  splitter - ok
17:30:46.0937 0x081c  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F, 521257429493F31516EDE549869EFA4B7A262F6A69EA1E82A9C875456C10E702 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:30:47.0171 0x081c  Spooler - ok
17:30:47.0203 0x081c  [ 01CB00E1AA76021500DCB9DD80AAA53E, 3385BF17102AB58AD30D722C4835084A56A9F7504A7E5AAF88D2F95FB0580835 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:30:47.0265 0x081c  sr - ok
17:30:47.0281 0x081c  [ 994275FDDF55D6BECFA4E54EF80ED2C2, 8AD195572580598D821F2CB7C22ABD4D2FF0D01EFF9FAC589BFE9B37302E348D ] srservice       C:\WINDOWS\system32\srsvc.dll
17:30:47.0343 0x081c  srservice - ok
17:30:47.0375 0x081c  [ AB9C79ED12D65E800AAAD3D72A04792F, D834A904F665761AF9958D99F5420EC5FF8DE868F2A645B7EE2FE908AF26108F ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:30:47.0437 0x081c  Srv - ok
17:30:47.0468 0x081c  [ CD3DA10ACA4EDAB0E54551D42B3B64E7, 8316C7C49909A52ACE2192E5D189720565FBDD29C8A7C062F33868DD7959BDDE ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:30:47.0531 0x081c  SSDPSRV - ok
17:30:47.0562 0x081c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:30:47.0562 0x081c  ssmdrv - ok
17:30:47.0593 0x081c  [ 5A1D0CA8A5F1E7B4EC50B9D76C001F0E, 8DD6C559F447B6228F5A9FBE3EA0D1CA1569DDF9539CA9B1DFA51B570700E6A9 ] ss_bus          C:\WINDOWS\system32\DRIVERS\ss_bus.sys
17:30:47.0609 0x081c  ss_bus - ok
17:30:47.0640 0x081c  [ F0A85580E36A3A85059037D39A9CF079, EFA871BB28B34D61F50E72EFAED90BA23BC92BDDD0DE7920955D8AAD3492F39D ] ss_mdfl         C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
17:30:47.0640 0x081c  ss_mdfl - ok
17:30:47.0656 0x081c  [ 84C3DBFD1BFA4ADC0A950B3D5506CB00, E6122282959FE7F27314AF811552ABC4C768B98FA78B69D419A65E6E89A914C7 ] ss_mdm          C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
17:30:47.0671 0x081c  ss_mdm - ok
17:30:47.0703 0x081c  [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
17:30:47.0703 0x081c  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
17:30:50.0156 0x081c  Detect skipped due to KSN trusted
17:30:50.0156 0x081c  StarOpen - ok
17:30:50.0171 0x081c  [ 5037A1F6A10D6DD577DA7C5085814CEA, BB3C0E854EA74825D780DB8221659554F5E4D1017D6EFABB32F5E3EDA7B09637 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
17:30:50.0250 0x081c  StillCam - ok
17:30:50.0281 0x081c  [ 172DC74756CDB38C23BA84AC99D8C344, C1D01C5539DDBFE52DBAA5165E4520DAE8DE37979C22FA501CD244F1805ECEAC ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:30:50.0531 0x081c  stisvc - ok
17:30:50.0562 0x081c  [ 284C57DF5DC7ABCA656BC2B96A667AFB, 7E3CAE1911E710B1CC37571AE1B92DC981FCD46E67A3AD3C258672D17781C709 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:30:50.0640 0x081c  streamip - ok
17:30:50.0656 0x081c  [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:30:50.0734 0x081c  swenum - ok
17:30:50.0765 0x081c  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:30:50.0843 0x081c  swmidi - ok
17:30:50.0843 0x081c  SwPrv - ok
17:30:50.0859 0x081c  symc810 - ok
17:30:50.0859 0x081c  symc8xx - ok
17:30:50.0859 0x081c  sym_hi - ok
17:30:50.0859 0x081c  sym_u3 - ok
17:30:50.0859 0x081c  [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:30:50.0937 0x081c  sysaudio - ok
17:30:50.0968 0x081c  [ AF9396FBE44C9FF9F14A6DFAAD3FB70A, DD62B387D73A2F499739026F3A2CA41045F569B8124ACEA6F325BED3A1D18E69 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:30:51.0046 0x081c  SysmonLog - ok
17:30:51.0078 0x081c  [ F9112546B9EF4769DC0CBC0DD559B802, D6B0BC37ED838B234F26D472D60B823D702DE088514EC36F707E1460849151EA ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:30:51.0296 0x081c  TapiSrv - ok
17:30:51.0343 0x081c  [ 2A5554FC5B1E04E131230E3CE035C3F9, 97CD31598A95BAF227BD4763AE721DCBF2E7BBB951E95F33B56C94C3B1D7CF4A ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:30:51.0421 0x081c  Tcpip - ok
17:30:51.0453 0x081c  [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:30:51.0531 0x081c  TDPIPE - ok
17:30:51.0546 0x081c  [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:30:51.0625 0x081c  TDTCP - ok
17:30:51.0640 0x081c  [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:30:51.0718 0x081c  TermDD - ok
17:30:51.0750 0x081c  [ A9DE6E538EED0F9C6C7D4A4A5DDEA7ED, 7B27DD8CB94A48D290777708DE5563C5117DF2D62CF2A3C8EA1D24500153EFD2 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:30:51.0843 0x081c  TermService - ok
17:30:51.0859 0x081c  [ 08693B64B2004210E15179DF4C16BBA6, A17EF9129CF2C3A38CFDF27B8A9CF6B9B4D1975FBAEA6EFEE9FD16426D6CBBB6 ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:30:52.0062 0x081c  Themes - ok
17:30:52.0093 0x081c  [ AF5722B9BBFEE4086FE7696C33F1575B, 958AD31C050D8D8C5D9A146EDA1078346A0455685365E4C4530499283E7CD015 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:30:52.0156 0x081c  TlntSvr - ok
17:30:52.0171 0x081c  TosIde - ok
17:30:52.0203 0x081c  [ B3C676D1F895610175CF1CCF85993054, AD5C012F94775FBD81C3DBC6EF20ED93D43E6B80023C3102C46EB905DDF381AC ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:30:52.0281 0x081c  TrkWks - ok
17:30:52.0375 0x081c  [ 8B500667814B3F4FAD3AB04336EE4A0E, 38D8BB8535E1D37F79364546912F2E58B7D15073C42D8EB91B5DE8008CB634C1 ] TuneUp.UtilitiesSvc C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:30:52.0437 0x081c  TuneUp.UtilitiesSvc - ok
17:30:52.0484 0x081c  [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:30:52.0484 0x081c  TuneUpUtilitiesDrv - ok
17:30:52.0531 0x081c  [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:30:52.0609 0x081c  Udfs - ok
17:30:52.0625 0x081c  ultra - ok
17:30:52.0656 0x081c  [ CED744117E91BDC0BEB810F7D8608183, 8D429F6B4A206D82C3BB18C7675B6C3910D5A1CB892F5D07EA8E8080D729AD07 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:30:52.0890 0x081c  Update - ok
17:30:52.0921 0x081c  [ CE74A31C934204F4A5B6977FB42FE011, D35D5089420AB225EB51F95E90E4A2396B7C8B3326FA7803C02A6090CAA94F12 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:30:53.0156 0x081c  upnphost - ok
17:30:53.0187 0x081c  [ 47F5F9D837D80FFD5882A14DB9DA0A67, 3B32E69B77E21CF98ED6E97B231B9633BE39D74328152EDFA7656FB16E3FF93A ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
17:30:53.0250 0x081c  upperdev - ok
17:30:53.0265 0x081c  [ CC10BD526CF52D511BAF2BE5C7A5E62B, 728FFEB717808DB41CB65224F40CCF6249124B37E4E02E105EE00470E0CFE633 ] UPS             C:\WINDOWS\System32\ups.exe
17:30:53.0359 0x081c  UPS - ok
17:30:53.0390 0x081c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
17:30:53.0406 0x081c  USBAAPL - ok
17:30:53.0437 0x081c  [ 45A0D14B26C35497AD93BCE7E15C9941, F88F51D03BE33D19E98EA0B45273E84AB77C9927669ADBE7D175354034D9610F ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
17:30:53.0515 0x081c  usbaudio - ok
17:30:53.0546 0x081c  [ BFFD9F120CC63BCBAA3D840F3EEF9F79, 0183D82E341473200FB1A05F6ABBBA3F2BD635654F49599E4CEB3E6394A33D36 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:30:53.0656 0x081c  usbccgp - ok
17:30:53.0671 0x081c  [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:30:53.0750 0x081c  usbehci - ok
17:30:53.0765 0x081c  [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:30:53.0843 0x081c  usbhub - ok
17:30:53.0875 0x081c  [ A42369B7CD8886CD7C70F33DA6FCBCF5, EEDAA16F906A2F8FF40009ED10243F66A5CCE878111F1001DA6060A42DD79047 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:30:53.0953 0x081c  usbprint - ok
17:30:53.0984 0x081c  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85, E40B73D4E2417F4874D155885C86E4FB44557324616AABD84EFE6C4751DCC46B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:30:54.0062 0x081c  usbscan - ok
17:30:54.0093 0x081c  [ 49106EE29074E6A3D3AC9E24C6D791D8, B96B19A92E720F284741F8A2DCB30A9423AD58BA8F795D4F2E30403CEEF20099 ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
17:30:54.0187 0x081c  usbser - ok
17:30:54.0203 0x081c  [ E44F0D17BE0908B58DCC99CCB99C6C32, 6C5E62A688CD3A299FBE2C8CD87F2A860340CDE4616348D83C6FB3DDB561E6C9 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
17:30:54.0281 0x081c  UsbserFilt - ok
17:30:54.0312 0x081c  [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:30:54.0390 0x081c  USBSTOR - ok
17:30:54.0421 0x081c  [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:30:54.0500 0x081c  usbuhci - ok
17:30:54.0531 0x081c  [ 8968FF3973A883C49E8B564200F565B9, 64811243DA03B8B538E6B10954655C2A87D8CF8090F4BF4537A97947D4E6C3DC ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
17:30:54.0625 0x081c  usbvideo - ok
17:30:54.0640 0x081c  [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:30:54.0718 0x081c  VgaSave - ok
17:30:54.0718 0x081c  ViaIde - ok
17:30:54.0718 0x081c  [ 0C75717937B930A3BE7B81BEE1ED78A0, 859E09A632FACA0ECDAC13BBD2680D03171B176E82FE20CC838950DF89A20B80 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:30:54.0796 0x081c  VolSnap - ok
17:30:54.0828 0x081c  [ 47CB20A4E8133FF1C6E741EAFDC2589C, 93B145C96EF8DB313F3FB5D932154F7EA74BB5DF960BD37C43E115CDCE9C41C4 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:30:54.0921 0x081c  VSS - ok
17:30:54.0968 0x081c  [ AE6287C4748352A61D987DD02423473D, 26BE473561CEEAF0C0D8F757CE3BE2E338C0CFC209E101F122938544F84F9EFC ] W32Time         C:\WINDOWS\system32\w32time.dll
17:30:55.0046 0x081c  W32Time - ok
17:30:55.0062 0x081c  [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:30:55.0140 0x081c  Wanarp - ok
17:30:55.0187 0x081c  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:30:55.0218 0x081c  Wdf01000 - ok
17:30:55.0218 0x081c  WDICA - ok
17:30:55.0234 0x081c  [ EFD235CA22B57C81118C1AEB4798F1C1, 16EE95A1D51F318224152492FB1663D96E61EC1706E85AE820CD023CBA1CF1F3 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:30:55.0453 0x081c  wdmaud - ok
17:30:55.0484 0x081c  [ B0B152351EF073B00419C0B9E312D725, 178AA63517223B73406653D5258D44A1A23B5F6B484DC2D45E8BEED58D7890E0 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:30:55.0718 0x081c  WebClient - ok
17:30:55.0796 0x081c  [ CAF395B0006C8430797EBC5D7792B6F6, 0165FCE0C4B21F658E451BDB4AFECC88A1EDC6E70D45ADB133B5CC863ECA414D ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:30:55.0875 0x081c  winmgmt - ok
17:30:55.0906 0x081c  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:30:55.0968 0x081c  WmdmPmSN - ok
17:30:56.0015 0x081c  [ 293FBC0372F3E714B0A5CC9B496C7337, 88B071F77F16B6F310909266EFF83B5C5E3A5C0AD64EAFBA2C06F912C8908258 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:30:56.0093 0x081c  Wmi - ok
17:30:56.0140 0x081c  [ F38D7B86C193FC53D94500FADC9B0A41, DD389F98FBBBC9CA5B9E705F1335F0392E33796456657D725847705A702DE11C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:30:56.0234 0x081c  WmiApSrv - ok
17:30:56.0312 0x081c  [ C12D2A4923A1370A99A8FE4E79D40420, A08E7951D2A335DFC66F7725165C7C48500394C9A3263DEB3A67040F087B950B ] WMPNetworkSvc   C:\Programas\Windows Media Player\WMPNetwk.exe
17:30:56.0390 0x081c  WMPNetworkSvc - ok
17:30:56.0406 0x081c  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:30:56.0437 0x081c  WpdUsb - ok
17:30:56.0515 0x081c  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:30:56.0578 0x081c  WPFFontCache_v0400 - ok
17:30:56.0609 0x081c  [ F5E153C7A2F6956962B000443B312195, A3C497F5029F2B6C28BF067891EB00F6A5737413C9DD4797CD290AF4CBED05DA ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:30:56.0687 0x081c  wscsvc - ok
17:30:56.0703 0x081c  WSearch - ok
17:30:56.0718 0x081c  [ D5842484F05E12121C511AA93F6439EC, 531888E914578172534BBC3220A86C99D1FCE423E89834B533E0A79F583436F3 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:30:56.0796 0x081c  WSTCODEC - ok
17:30:56.0828 0x081c  [ CE9C230B94296567A63CBBCA5A518A8D, B95A8B12DE8E16645B37445086B3B6BA027849BA54F14E3C9087678D6AD49FED ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:30:56.0937 0x081c  wuauserv - ok
17:30:56.0968 0x081c  [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:30:57.0015 0x081c  WudfPf - ok
17:30:57.0031 0x081c  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:30:57.0046 0x081c  WudfRd - ok
17:30:57.0062 0x081c  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:30:57.0078 0x081c  WudfSvc - ok
17:30:57.0125 0x081c  [ 21171EC700B080D68C4C1A8CC1A50B2C, 945401CEF8363A2D906CEF05D6F33010651A0A2D921F362330F23301B4CB75E1 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:30:57.0265 0x081c  WZCSVC - ok
17:30:57.0281 0x081c  [ 2C7F11733149AAEA9EC29C18145548A3, 6A18A0D37E3D129AC123AEA8D3F76DFAF6886E2114F9D5EDFB295ECE6C95BF67 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:30:57.0375 0x081c  xmlprov - ok
17:30:57.0390 0x081c  [ 05D48E56EA2612D39A4E7F0ECC17B917, 8BDCA6BC0C1DC899916A08337646308E59913732BC68317EDABD9EDF15AD18AD ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
17:30:57.0468 0x081c  yukonwxp - ok
17:30:57.0484 0x081c  [ 12C89079D951FC8F1BE33D9E65159412, D4BF971E04E3831CC91BB191AC1CA675797380C598ABB994184FD4CAF322EF0F ] ZSMC301b        C:\WINDOWS\system32\Drivers\usbVM31b.sys
17:30:57.0531 0x081c  ZSMC301b - ok
17:30:57.0546 0x081c  ================ Scan global ===============================
17:30:57.0578 0x081c  [ 3658D59383C02700F0668A2D6AD469E9, AE3BDA1E209C00C285610BA39C27554D491830DF3E155AE601205F66CBEB9369 ] C:\WINDOWS\system32\basesrv.dll
17:30:57.0609 0x081c  [ A5F682BB5918FDA05C44569F1B6E3E97, 3EAC4672C4B2A02AED24ADD773D84F8132329D767D8AE294CC665BFDAF74FB29 ] C:\WINDOWS\system32\winsrv.dll
17:30:57.0625 0x081c  [ A5F682BB5918FDA05C44569F1B6E3E97, 3EAC4672C4B2A02AED24ADD773D84F8132329D767D8AE294CC665BFDAF74FB29 ] C:\WINDOWS\system32\winsrv.dll
17:30:57.0656 0x081c  [ 04D7B81C1FF2154FD44D729795223359, C9D2E037BD344355D042BD99BF29210D48C3F8F35F94DC53D803424827F80393 ] C:\WINDOWS\system32\services.exe
17:30:57.0656 0x081c  [ Global ] - ok
17:30:57.0656 0x081c  ================ Scan MBR ==================================
17:30:57.0671 0x081c  [ DA78E083D0717E99AF44EDA1BB65F878 ] \Device\Harddisk0\DR0
17:30:57.0859 0x081c  \Device\Harddisk0\DR0 - ok
17:30:57.0859 0x081c  ================ Scan VBR ==================================
17:30:57.0859 0x081c  [ E48BBC6941B6CA95D5ECB185948D8A52 ] \Device\Harddisk0\DR0\Partition1
17:30:57.0875 0x081c  \Device\Harddisk0\DR0\Partition1 - ok
17:30:57.0875 0x081c  [ 6C5013897532D34E8F282F8D0CB15FDE ] \Device\Harddisk0\DR0\Partition2
17:30:57.0906 0x081c  \Device\Harddisk0\DR0\Partition2 - ok
17:30:57.0906 0x081c  ================ Scan active images ========================
17:30:57.0906 0x081c  [ 42808BB3E5428A3530340A22B9F2EE38, A78479E19B372B5EE9286D1B26B89FAAE6004F93D985E588E13004A93593E33A ] C:\WINDOWS\system32\drivers\intelppm.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\intelppm.sys - ok
17:30:57.0906 0x081c  [ D5A9D123F5ED7C9965A481BD20CF66D8, E89C49FF047F85728D69C83E3F544F035FA1672BA08E6D78CB454877D0F4C281 ] C:\WINDOWS\system32\drivers\videoprt.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\videoprt.sys - ok
17:30:57.0906 0x081c  [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] C:\WINDOWS\system32\drivers\igxpmp32.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\igxpmp32.sys - ok
17:30:57.0906 0x081c  [ 2034CA78F9C6E787B4B76D81AC888351, DF04A1C19D5E4A62122DBD57A9D3D5190CA15930AB6D13CA6085657B1AFC6F50 ] C:\WINDOWS\system32\drivers\usbport.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\usbport.sys - ok
17:30:57.0906 0x081c  [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] C:\WINDOWS\system32\drivers\usbehci.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\usbehci.sys - ok
17:30:57.0906 0x081c  [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] C:\WINDOWS\system32\drivers\usbuhci.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
17:30:57.0906 0x081c  [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
17:30:57.0906 0x081c  [ 05D48E56EA2612D39A4E7F0ECC17B917, 8BDCA6BC0C1DC899916A08337646308E59913732BC68317EDABD9EDF15AD18AD ] C:\WINDOWS\system32\drivers\yk51x86.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\yk51x86.sys - ok
17:30:57.0906 0x081c  [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] C:\WINDOWS\system32\drivers\fdc.sys
17:30:57.0906 0x081c  C:\WINDOWS\system32\drivers\fdc.sys - ok
17:30:57.0921 0x081c  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] C:\WINDOWS\system32\drivers\ASACPI.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\ASACPI.sys - ok
17:30:57.0921 0x081c  [ EE97CF9536FEF3884B3F6CBC6A4B1B2B, 74A1C07041FB7586FF337AC55E1C188FDA6ADF06BC9EAD8AB686B1AAE5C962C0 ] C:\WINDOWS\system32\drivers\parport.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\parport.sys - ok
17:30:57.0921 0x081c  [ 666033F36C32616AF7EF551F6EC30B3C, D9A58E12E917E51FE437E0FF963DE2A6B40E6737D09C6B667320C1D39B6EC09A ] C:\WINDOWS\system32\drivers\serial.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\serial.sys - ok
17:30:57.0921 0x081c  [ DA367F4E3C1E8DA66F4095DB9818D828, E12E9CFC53411B05FDF5D3C79540E17CFC441A8802B866706B4505A1C9B77E50 ] C:\WINDOWS\system32\drivers\i8042prt.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
17:30:57.0921 0x081c  [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] C:\WINDOWS\system32\drivers\serenum.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\serenum.sys - ok
17:30:57.0921 0x081c  [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] C:\WINDOWS\system32\drivers\imapi.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\imapi.sys - ok
17:30:57.0921 0x081c  [ 1DE083CCA497801E99247F6A8A605BAC, 20278A7D3CCED09F520C8FB1C3F3C6AA161681BB1D58BA778F745D6BD6F1DC9C ] C:\WINDOWS\system32\drivers\kbdclass.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
17:30:57.0921 0x081c  [ 7B53584D94E9D8716B2DE91D5F1CB42D, 2042D5D26ED7D43B4C69384F4E2D383761A57B0765F2501A844F98BD220C5246 ] C:\WINDOWS\system32\drivers\cdrom.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\cdrom.sys - ok
17:30:57.0921 0x081c  [ B9540E258F952650DE8DEC68719A5C97, C4706B09AAC1D3585F1E4207B0A5287BF9752ED7B427DF378AC8CAC826F8837F ] C:\WINDOWS\system32\drivers\ks.sys
17:30:57.0921 0x081c  C:\WINDOWS\system32\drivers\ks.sys - ok
17:30:57.0937 0x081c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\audstub.sys - ok
17:30:57.0937 0x081c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
17:30:57.0937 0x081c  [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] C:\WINDOWS\system32\drivers\ndistapi.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
17:30:57.0937 0x081c  [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] C:\WINDOWS\system32\drivers\ndiswan.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
17:30:57.0937 0x081c  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
17:30:57.0937 0x081c  [ 3CAB70E0FB2B838D93FC9E95AB303C49, CAA393E8F2A4B297B2716D57269537B3D811827486AD3F21A4187115C5ADE706 ] C:\WINDOWS\system32\drivers\redbook.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\redbook.sys - ok
17:30:57.0937 0x081c  [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] C:\WINDOWS\system32\drivers\raspppoe.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
17:30:57.0937 0x081c  [ 6891B74AB9A016064E82A419388D0601, EB4C813D551D73ADA539946AB1BDF2D1DABF8EE27BD8E94A0DACA75CC117E6C1 ] C:\WINDOWS\system32\drivers\tdi.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\tdi.sys - ok
17:30:57.0937 0x081c  [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] C:\WINDOWS\system32\drivers\psched.sys
17:30:57.0937 0x081c  C:\WINDOWS\system32\drivers\psched.sys - ok
17:30:57.0937 0x081c  [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] C:\WINDOWS\system32\drivers\raspptp.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\raspptp.sys - ok
17:30:57.0953 0x081c  [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] C:\WINDOWS\system32\drivers\msgpc.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\msgpc.sys - ok
17:30:57.0953 0x081c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\ptilink.sys - ok
17:30:57.0953 0x081c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\raspti.sys - ok
17:30:57.0953 0x081c  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] C:\WINDOWS\system32\drivers\rdpdr.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
17:30:57.0953 0x081c  [ 79B1D3DFAD7FD78BBADF480E43664551, 58FD151BA03DACD9FF1017F68231F78EDE255DA1FE1E8C407243D97A4E81B41E ] C:\WINDOWS\system32\drivers\mouclass.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\mouclass.sys - ok
17:30:57.0953 0x081c  [ 5037A1F6A10D6DD577DA7C5085814CEA, BB3C0E854EA74825D780DB8221659554F5E4D1017D6EFABB32F5E3EDA7B09637 ] C:\WINDOWS\system32\drivers\serscan.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\serscan.sys - ok
17:30:57.0953 0x081c  [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] C:\WINDOWS\system32\drivers\swenum.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\swenum.sys - ok
17:30:57.0953 0x081c  [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] C:\WINDOWS\system32\drivers\termdd.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\termdd.sys - ok
17:30:57.0953 0x081c  [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] C:\WINDOWS\system32\drivers\mssmbios.sys
17:30:57.0953 0x081c  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
17:30:57.0968 0x081c  [ CED744117E91BDC0BEB810F7D8608183, 8D429F6B4A206D82C3BB18C7675B6C3910D5A1CB892F5D07EA8E8080D729AD07 ] C:\WINDOWS\system32\drivers\update.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\update.sys - ok
17:30:57.0968 0x081c  [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] C:\WINDOWS\system32\drivers\ndproxy.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
17:30:57.0968 0x081c  [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\usbd.sys - ok
17:30:57.0968 0x081c  [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] C:\WINDOWS\system32\drivers\usbhub.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\usbhub.sys - ok
17:30:57.0968 0x081c  [ FF86422268DE771D571E123EB7092C6A, 4F1D9BBA2C1B36EA114F8D88EA8BEBA0A18236913B9233CB794BFB048B9E831B ] C:\WINDOWS\system32\drivers\drmk.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\drmk.sys - ok
17:30:57.0968 0x081c  [ BC6B2BC69C1E009443E8B1FE2DB96101, B01AF9938ABDFF9EF56B10F8D5532A6FBA807BEE06E8BD8C8A9B4356A27CC704 ] C:\WINDOWS\system32\drivers\portcls.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\portcls.sys - ok
17:30:57.0968 0x081c  [ B29781B9A90CD55FC5D859C0B1C243BC, 2FE6DBC518BE0D4F963A5FBACC6197DD6F85317436D887386D5184C72EBF2302 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
17:30:57.0968 0x081c  [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] C:\WINDOWS\system32\drivers\flpydisk.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
17:30:57.0968 0x081c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\Cdaudio.sys
17:30:57.0968 0x081c  C:\WINDOWS\system32\drivers\Cdaudio.sys - ok
17:30:57.0984 0x081c  [ DAF1A8193B6CAF0FB858CADCC5C4AF4A, 1040AA15B1D739F8E3BD2B1BB2D5FEE2B2E3F27B16656025836037CD356781DA ] C:\WINDOWS\system32\drivers\changer.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\changer.sys - ok
17:30:57.0984 0x081c  [ 8F09F91B5C91363B77BCD15599570F2C, D855AA7187616E056EA01A0CB1DC9AC16A13B54143FF3C61333BD9A2C0CF3D29 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
17:30:57.0984 0x081c  [ CC50A66548C2F285BC8A7B0B8AA578E3, E83B02D01520FE74670E6BFE4AAD8FF346B935FE38FF5538DEDC36616B5B7E0D ] C:\WINDOWS\system32\drivers\lbrtfdc.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\lbrtfdc.sys - ok
17:30:57.0984 0x081c  [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] C:\WINDOWS\system32\drivers\Sfloppy.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\Sfloppy.sys - ok
17:30:57.0984 0x081c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\beep.sys - ok
17:30:57.0984 0x081c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
17:30:57.0984 0x081c  [ 5FFF41CD5108E9051D255C37825AF697, 8EEEF1A89DAE3EE27A344D98D2E930DFFB39010482C2BAC5E8D6A84DFA522E82 ] C:\WINDOWS\system32\drivers\hidparse.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\hidparse.sys - ok
17:30:57.0984 0x081c  [ 90BBD6C6D82C18884E7D5A1C24E72F46, AE8CEDB35AB59BD1B039DDF246FDD9D6ECE7BFA80E75C960855E6B9A388ACA4F ] C:\WINDOWS\system32\drivers\kbdhid.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
17:30:57.0984 0x081c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
17:30:57.0984 0x081c  [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] C:\WINDOWS\system32\drivers\msfs.sys
17:30:57.0984 0x081c  C:\WINDOWS\system32\drivers\msfs.sys - ok
17:30:58.0000 0x081c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\null.sys - ok
17:30:58.0000 0x081c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
17:30:58.0000 0x081c  [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] C:\WINDOWS\system32\drivers\vga.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\vga.sys - ok
17:30:58.0000 0x081c  [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] C:\WINDOWS\system32\drivers\ipsec.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\ipsec.sys - ok
17:30:58.0000 0x081c  [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] C:\WINDOWS\system32\drivers\npfs.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\npfs.sys - ok
17:30:58.0000 0x081c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\rasacd.sys - ok
17:30:58.0000 0x081c  [ 2A5554FC5B1E04E131230E3CE035C3F9, 97CD31598A95BAF227BD4763AE721DCBF2E7BBB951E95F33B56C94C3B1D7CF4A ] C:\WINDOWS\system32\drivers\tcpip.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\tcpip.sys - ok
17:30:58.0000 0x081c  [ E2168CBC7098FFE963C6F23F472A3593, 93B60D02ACBDDCE78BD4020B9CE0C132A8DD28FC2266B2748A22717B93AFF7C9 ] C:\WINDOWS\system32\drivers\ipnat.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\ipnat.sys - ok
17:30:58.0000 0x081c  [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] C:\WINDOWS\system32\drivers\netbt.sys
17:30:58.0000 0x081c  C:\WINDOWS\system32\drivers\netbt.sys - ok
17:30:58.0015 0x081c  [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] C:\WINDOWS\system32\drivers\wanarp.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\wanarp.sys - ok
17:30:58.0015 0x081c  [ 55E6E1C51B6D30E54335750955453702, 49BE694FB65F195A65EC631558BA599345C6641A6A5AA2F1053611B715F4677A ] C:\WINDOWS\system32\drivers\afd.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\afd.sys - ok
17:30:58.0015 0x081c  [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] C:\WINDOWS\system32\drivers\netbios.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\netbios.sys - ok
17:30:58.0015 0x081c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] C:\WINDOWS\system32\drivers\ssmdrv.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\ssmdrv.sys - ok
17:30:58.0015 0x081c  [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] C:\WINDOWS\system32\drivers\StarOpen.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\StarOpen.sys - ok
17:30:58.0015 0x081c  [ FB6C89BB3CE282B08BDB1E3C179E1C39, 0558617DB859228332F4B7E44875AB3CDBA370E78C23BB5E80B159AAA7087B3E ] C:\WINDOWS\system32\drivers\mrxsmb.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
17:30:58.0015 0x081c  [ 03B965B1CA47F6EF60EB5E51CB50E0AF, 56B0F5FC470385F2FF4E4573099C96772EDB985398859B9F7ACE0AA704BB47B7 ] C:\WINDOWS\system32\drivers\rdbss.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\rdbss.sys - ok
17:30:58.0015 0x081c  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2, 0E06E5DE67BCFF8028311DE492279F9D8B3B11B68C49CA8B2AFA19FFFADCC18F ] C:\WINDOWS\system32\drivers\avipbb.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\avipbb.sys - ok
17:30:58.0015 0x081c  [ A028AF04CF101BCF5E46DD16B6131818, 32480D875BFB3AD6FA6A5F335EEC84B87BFC3C052C0FC6C15C3FB84ADD61AE31 ] C:\WINDOWS\system32\drivers\fips.sys
17:30:58.0015 0x081c  C:\WINDOWS\system32\drivers\fips.sys - ok
17:30:58.0015 0x081c  [ 0B497C79824F8E1BF22FA6AACD3DE3A0, D9238EFCE3BD9C280B8EC0766C2E99940CB97B1FE5354E6D5B714C13097BAB70 ] C:\Programas\Avira\AntiVir Desktop\avgio.sys
17:30:58.0015 0x081c  C:\Programas\Avira\AntiVir Desktop\avgio.sys - ok
17:30:58.0031 0x081c  [ 67962C570F0E36A348A88B2BB34C0262, 13F6BDD0E92C6C180C2A0FD1CB6C3E79B2DAE0D4F1209D0CB137A8B72BFEAB78 ] C:\WINDOWS\system32\ntdll.dll
17:30:58.0031 0x081c  C:\WINDOWS\system32\ntdll.dll - ok
17:30:58.0031 0x081c  [ 6B1E55955162554CBF5F069B9035B08A, A8F00CE6CB4E02003A098EBB46A404CF8790506F0A87BEB51631D6B013BB23FA ] C:\WINDOWS\system32\smss.exe
17:30:58.0031 0x081c  C:\WINDOWS\system32\smss.exe - ok
17:30:58.0031 0x081c  [ 0EFE534BAAE8416CE732F5C4F977DE36, 191F956CFA8B39ED3517287531C6344902EAB673D5EE9BCE5E86C8EE9056DD81 ] C:\WINDOWS\system32\autochk.exe
17:30:58.0031 0x081c  C:\WINDOWS\system32\autochk.exe - ok
17:30:58.0031 0x081c  [ 378055AB8DDA86228683C697C4E11685, A292400432C8EDB84DAD9DA3719D5349F218DCA487450478EC3372E5B3C8818D ] C:\WINDOWS\system32\drivers\hidclass.sys
17:30:58.0031 0x081c  C:\WINDOWS\system32\drivers\hidclass.sys - ok
17:30:58.0031 0x081c  [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] C:\WINDOWS\system32\drivers\hidusb.sys
17:30:58.0031 0x081c  C:\WINDOWS\system32\drivers\hidusb.sys - ok
17:30:58.0031 0x081c  [ 34C8913C356BC56613EE39A76810B666, 353C2C0D74AB62ED3B6218E9925BEE06B43EDFAA58091C89FB9A1878A97830AE ] C:\WINDOWS\system32\sfcfiles.dll
17:30:58.0031 0x081c  C:\WINDOWS\system32\sfcfiles.dll - ok
17:30:58.0031 0x081c  [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] C:\WINDOWS\system32\drivers\cdfs.sys
17:30:58.0031 0x081c  C:\WINDOWS\system32\drivers\cdfs.sys - ok
17:30:58.0031 0x081c  [ BFFD9F120CC63BCBAA3D840F3EEF9F79, 0183D82E341473200FB1A05F6ABBBA3F2BD635654F49599E4CEB3E6394A33D36 ] C:\WINDOWS\system32\drivers\usbccgp.sys
17:30:58.0031 0x081c  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
17:30:58.0031 0x081c  [ FFB65F7837E634E2F5A4C4141479F019, B4556E367BAB932A05F7C803569924B1B307266B85C46474A3D14DC8E50512F3 ] C:\WINDOWS\system32\drivers\mouhid.sys
17:30:58.0031 0x081c  C:\WINDOWS\system32\drivers\mouhid.sys - ok
17:30:58.0046 0x081c  [ 3703406AF0726BADD24C5E552493E5B1, 224A39EE2C3724FD10D462A5A9182C99957051475FD7928270B89F92C96EC03D ] C:\WINDOWS\system32\drivers\lvuvc.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\lvuvc.sys - ok
17:30:58.0046 0x081c  [ 45A0D14B26C35497AD93BCE7E15C9941, F88F51D03BE33D19E98EA0B45273E84AB77C9927669ADBE7D175354034D9610F ] C:\WINDOWS\system32\drivers\USBAUDIO.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\USBAUDIO.sys - ok
17:30:58.0046 0x081c  [ A1857FBB9B4930EEB2FD92386C45C529, E28BF754FE5F6F9AF466B1433FDAC934EDAD4AD95F8AF5DAF5A37FB71A3FEB67 ] C:\WINDOWS\system32\drivers\lvrs.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\lvrs.sys - ok
17:30:58.0046 0x081c  [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] C:\WINDOWS\system32\drivers\USBSTOR.SYS
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\USBSTOR.SYS - ok
17:30:58.0046 0x081c  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\wmilib.sys - ok
17:30:58.0046 0x081c  [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] C:\WINDOWS\system32\drivers\atapi.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\atapi.sys - ok
17:30:58.0046 0x081c  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\drivers\dxapi.sys - ok
17:30:58.0046 0x081c  [ C9BF2F12C4E6C12F8A85FBA4B6BC6208, 711E5874F15E4125ED521382F0BBE71C4A21FB96E3ECAAF7A95F8F2C6E551B96 ] C:\WINDOWS\system32\watchdog.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\watchdog.sys - ok
17:30:58.0046 0x081c  [ 545543A668EFB21E06F7D35D4E663553, D54B600F7C60F33F2BD582960905F8C0E8B0B8CB02EC38106206D264451290BE ] C:\WINDOWS\system32\win32k.sys
17:30:58.0046 0x081c  C:\WINDOWS\system32\win32k.sys - ok
17:30:58.0046 0x081c  [ 3658D59383C02700F0668A2D6AD469E9, AE3BDA1E209C00C285610BA39C27554D491830DF3E155AE601205F66CBEB9369 ] C:\WINDOWS\system32\basesrv.dll
17:30:58.0046 0x081c  C:\WINDOWS\system32\basesrv.dll - ok
17:30:58.0062 0x081c  [ AD4D2874E28E7444AF65341B731DEC9C, D072B2E8D5F674643F623211700EDFAC28D91B34C460152F1F4AA5A7FCAE5B0A ] C:\WINDOWS\system32\csrsrv.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\csrsrv.dll - ok
17:30:58.0062 0x081c  [ E0FB38F9CD9680AD158519425BEEF2BF, AEEA05D06C73FE889ED45DA4EAF0EADC5672F466DB9EA03AF56379F83C1C7EAF ] C:\WINDOWS\system32\csrss.exe
17:30:58.0062 0x081c  C:\WINDOWS\system32\csrss.exe - ok
17:30:58.0062 0x081c  [ A5F682BB5918FDA05C44569F1B6E3E97, 3EAC4672C4B2A02AED24ADD773D84F8132329D767D8AE294CC665BFDAF74FB29 ] C:\WINDOWS\system32\winsrv.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\winsrv.dll - ok
17:30:58.0062 0x081c  [ 1E995E17AE7B300ABB2C48AAF2EF4205, E6F32068D7E6EC59E4D718DEEC316FA82F4A1776D1A40AB31732EBCBEC7C2A8E ] C:\WINDOWS\system32\gdi32.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\gdi32.dll - ok
17:30:58.0062 0x081c  [ D59DB1A98044CD578DE61662E039E661, 73CF50040234CF0B101FFD1A20BDBE177A0001A29F6E007C124CBE79B69B7AA5 ] C:\WINDOWS\system32\kernel32.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\kernel32.dll - ok
17:30:58.0062 0x081c  [ 63BFB7579E8530CCA5587BBBF1CE3FD2, 9A96634C669BED6C45C1D54501F29547AF8529C763A660C9FFCB48E7F1E92BF1 ] C:\WINDOWS\system32\user32.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\user32.dll - ok
17:30:58.0062 0x081c  [ D3DAC8432110AAD0B02A58B4459AB835, CA44B2A02554E76CCBE95623AD129EDAB3AADFA5E675CB528E62F6440DFC295D ] C:\WINDOWS\system32\drivers\dxg.sys
17:30:58.0062 0x081c  C:\WINDOWS\system32\drivers\dxg.sys - ok
17:30:58.0062 0x081c  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
17:30:58.0062 0x081c  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
17:30:58.0062 0x081c  [ 49DAD1C2DFDE9D3B13138DC12D4D9AC4, F194927CDB4750B2DB40A98DBC2FBC7CF08A254AD9E7174C3759410E99DD3CD7 ] C:\WINDOWS\system32\igxpgd32.dll
17:30:58.0062 0x081c  C:\WINDOWS\system32\igxpgd32.dll - ok
17:30:58.0078 0x081c  [ BE32F42CA4FA7ED43665514ADF268575, 55846368F266CAFDB26A160E267422B04DE53C3EF677826BAD73323B5B260907 ] C:\WINDOWS\system32\igxprd32.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\igxprd32.dll - ok
17:30:58.0078 0x081c  [ BFD7B996FA42DBD6B0DF195DFDB95228, BEDD474ABEDE48E03997D9F38779665923BB5EFB8273F4DE5E4486CDDF9F0877 ] C:\WINDOWS\system32\vga.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\vga.dll - ok
17:30:58.0078 0x081c  [ 4214464B38469F1AD82DC03593D4AF11, D898547CD95F5756E3448ADED33BD509F43DEE4522C462B465BE3BED35B10E84 ] C:\WINDOWS\system32\igxpdv32.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\igxpdv32.dll - ok
17:30:58.0078 0x081c  [ 66A2FCA8A8BA4C4E9731E0733698B488, BF10C274B9D3ABBA6403B418F3A443F01FFB86A0FD8E73F35C1B98116DA6C8C4 ] C:\WINDOWS\system32\igxpdx32.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\igxpdx32.dll - ok
17:30:58.0078 0x081c  [ 410F13A4657B9C1F096B474E4031C293, D93E63506C7F8F5F267F77F5322770840A9005E4BFD13723197360C9468188F5 ] C:\WINDOWS\system32\winlogon.exe
17:30:58.0078 0x081c  C:\WINDOWS\system32\winlogon.exe - ok
17:30:58.0078 0x081c  [ 293FBC0372F3E714B0A5CC9B496C7337, 88B071F77F16B6F310909266EFF83B5C5E3A5C0AD64EAFBA2C06F912C8908258 ] C:\WINDOWS\system32\advapi32.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\advapi32.dll - ok
17:30:58.0078 0x081c  [ 313739527FD469F809F270E3C70130A5, CF59D02BD8385B4578F157AA2064AF0CE2D8135BF206EECC24701E822AE86740 ] C:\WINDOWS\system32\rpcrt4.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\rpcrt4.dll - ok
17:30:58.0078 0x081c  [ 1430F40C0EAE787641A7550B75728A71, 94F80FA2AEA89910441CB4EB3E72159AE24677991753D0420D08E72CAA5FADD9 ] C:\WINDOWS\system32\authz.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\authz.dll - ok
17:30:58.0078 0x081c  [ CC630F526078C56605DD6B814764620E, 73AAD9CEF3ED0E0D63C1BF0DC319C28936EFC0F0202CA21572C8ECFF8690429A ] C:\WINDOWS\system32\msvcrt.dll
17:30:58.0078 0x081c  C:\WINDOWS\system32\msvcrt.dll - ok
17:30:58.0093 0x081c  [ 1EC0DED8A92847269E0A65B553983591, C8AC3FC3935A0B011F303D9FD2A5273BD2134AB023CC4736E4046D0D8A1D37D5 ] C:\WINDOWS\system32\crypt32.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\crypt32.dll - ok
17:30:58.0093 0x081c  [ D5ABB33A293B9AE953CE6DAA6FB05110, BEFAB1BDF58500EE3B12E1F4E2F750EF118E7F43C1C6FCBFAD1F9878ACC588A0 ] C:\WINDOWS\system32\msasn1.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\msasn1.dll - ok
17:30:58.0093 0x081c  [ 53015C1C4605F42A84227A37FA5235BF, 0C33074888570DA25369BEA0B4B055DF8BD40E064E563BBF64DC1E16CFFAE7C4 ] C:\WINDOWS\system32\nddeapi.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\nddeapi.dll - ok
17:30:58.0093 0x081c  [ 560825D27F34EAF97AEF3F55414534E2, 66C88C50A2358401A0BEBD1F85F2601A46AB69E4F3A574419D60761BBCD606AE ] C:\WINDOWS\system32\netapi32.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\netapi32.dll - ok
17:30:58.0093 0x081c  [ B09334CC2035B060D05901642665A2AA, BA4C27A767E6A8DC818848FD3D0D6BF2CAA29EE81E2A6C1081AE7CD7F9ADE182 ] C:\WINDOWS\system32\profmap.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\profmap.dll - ok
17:30:58.0093 0x081c  [ 813861168F212EEB267532CC2737EC81, B1E35E56F3C2F06E295CEAF599F6315A9D698CD32D1316F3312E9C04C832E62A ] C:\WINDOWS\system32\userenv.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\userenv.dll - ok
17:30:58.0093 0x081c  [ CA85BDD06124FEABECD82A412ABD9DB5, F30472301C012538E64C666D915772AA9AAACE43DB885AFF963044EF5EFB832E ] C:\WINDOWS\system32\psapi.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\psapi.dll - ok
17:30:58.0093 0x081c  [ 5934717519C07DC8814C96F3A91A4BFC, 678A3EB5C029F247E7D500C54FF45A7E7776DEE246AFE68EF6928BCE3FBCEA43 ] C:\WINDOWS\system32\regapi.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\regapi.dll - ok
17:30:58.0093 0x081c  [ F6909C912F174A82AF43F6826C0C9344, 78BACF0AA44F779EFA13BFE0CBEC9332463A1EED1E5736A812030D06DF4CB8AC ] C:\WINDOWS\system32\secur32.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\secur32.dll - ok
17:30:58.0093 0x081c  [ BF83BE5A779FE2FC13474EE01C6329B0, 48322652949864E8834EC9448B81B31F9164DD4BB5269BD330AB6F2922D28EF1 ] C:\WINDOWS\system32\setupapi.dll
17:30:58.0093 0x081c  C:\WINDOWS\system32\setupapi.dll - ok
17:30:58.0109 0x081c  [ 16A824D014774A5CF23FCD4EF86A31BB, 9273EF3975C0DD92CD628B4A283B02E3496D51D22E564E55157898191B33108E ] C:\WINDOWS\system32\version.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\version.dll - ok
17:30:58.0109 0x081c  [ 543FE68F4AC8A69848B88576B53AB6D4, A02394853C18FC2B88482362BED6143F578BEC3921EB79834670F08BA51957EE ] C:\WINDOWS\system32\winsta.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\winsta.dll - ok
17:30:58.0109 0x081c  [ 3D49A18C1CB0D91343EEA005DE511B26, 3E9C620B908A79C3CAAF3CB592C04C4D7A27D8AB91C5EEE99AB458697DA450CD ] C:\WINDOWS\system32\imagehlp.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\imagehlp.dll - ok
17:30:58.0109 0x081c  [ EAE59B14366BB3B72EE6897EAD2827B1, 9E65B6E0A29C1E12D00AEA802006893739FE1B7DAC8D377B47BF2DB75388EBA7 ] C:\WINDOWS\system32\wintrust.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\wintrust.dll - ok
17:30:58.0109 0x081c  [ F82BC970EB33198F3DCF0EB6D422B4B4, BDEB603F48D429BAEF7570AB0213FDA1A2CD4689808A992C436B008C9642E2D6 ] C:\WINDOWS\system32\imm32.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\imm32.dll - ok
17:30:58.0109 0x081c  [ 5713A519619FC93C30BF9AB23B14885A, 0366AF661E88A58FE99DBD54A5793D716EC9738CF713DB7ADFB401FCB3417793 ] C:\WINDOWS\system32\kbdpo.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\kbdpo.dll - ok
17:30:58.0109 0x081c  [ 54CD4A72F731769058D0531CEF92BB99, F67C4D1486D0D9D6E0567239E7D145C81A85A5FA74174A56B2EFBEB40E94D15D ] C:\WINDOWS\system32\ws2help.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\ws2help.dll - ok
17:30:58.0109 0x081c  [ C95D1AA8283F930A31196EC9AA937CA5, 4A28C542B43E090329A3C56426C7C93EEDBD8384D638897FCD18FB5ED34653C5 ] C:\WINDOWS\system32\ws2_32.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\ws2_32.dll - ok
17:30:58.0109 0x081c  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
17:30:58.0109 0x081c  C:\WINDOWS\system32\kbdus.dll - ok
17:30:58.0109 0x081c  [ FCEAEE103289B26E9D4CFE20BC3E9B6D, D3F9519F5AD679FD1C2DE101C74588685643D3B01F2C66A169186C40DFE1BD40 ] C:\WINDOWS\system32\msgina.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\msgina.dll - ok
17:30:58.0125 0x081c  [ 0EB6A67F684FB71A5B2F97335B5E815D, 729DFAB5B82FC7C6528BD311A93217CFCEF4988AEFEA5FC728BBE5FAC915D437 ] C:\WINDOWS\system32\shell32.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\shell32.dll - ok
17:30:58.0125 0x081c  [ 3A7CAF09DECFD090C0C75828B1A7B401, 832237841F8D0058C6DE1C4FE91B2020489204CA728729EF121AC7FB103956A4 ] C:\WINDOWS\system32\shlwapi.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\shlwapi.dll - ok
17:30:58.0125 0x081c  [ 992C126E1622570E5353EA7A22F95FE3, 7548D56BF2ED0121743551AD1D6CDE17CBA8A6CB5E65ACC3EDDABA172A0770BC ] C:\WINDOWS\system32\comctl32.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\comctl32.dll - ok
17:30:58.0125 0x081c  [ DD325C222868A3351B28A3BDAA3F5EEB, 4DAFD5C5CE4E2C54552782DC2C592C814FE8F97ED0BAADC7CA64B504054F82ED ] C:\WINDOWS\system32\odbc32.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\odbc32.dll - ok
17:30:58.0125 0x081c  [ E75F2C0DB0201A3599A0EC7680529A6C, F28408E3289D903E0AD8787F76D6751805334A625CEB8CB73BD403C30DD7BFEF ] C:\WINDOWS\system32\comdlg32.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\comdlg32.dll - ok
17:30:58.0125 0x081c  [ F754459A7C9EE0729790CE78621F1281, 62C685FC1EC73EB3AE4390568E9AE8D1BCD4372700485351F6B8A7548B353F3E ] C:\WINDOWS\system32\sxs.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\sxs.dll - ok
17:30:58.0125 0x081c  [ 3879C32F0C2F65A16D35B3799AA34DE0, F559DC542700ADA68EEE2A7EEA37B39789953738050EB77129C5396A77EA8CE9 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
17:30:58.0125 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll - ok
17:30:58.0125 0x081c  [ ECCDC18FE82620B606E322C85655A729, 080B5815260EBE61092FBE1BBE77E28B23DD0FBFE284AC616A4E7E759B4E0DA2 ] C:\WINDOWS\system32\odbcint.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\odbcint.dll - ok
17:30:58.0125 0x081c  [ 14A43012D9ECEEA084C0E956B73C4BBA, 86D05290CF2F9BB89959A981707E2B3F23D613C29B20EB07A5B2F524E945DC03 ] C:\WINDOWS\system32\sfc.dll
17:30:58.0125 0x081c  C:\WINDOWS\system32\sfc.dll - ok
17:30:58.0140 0x081c  [ 73918291B35225E754553A19D11AECE6, 34E139DF93781167B1E1C3946772F9369DAA5AC23248E25BB2F046701C5CF978 ] C:\WINDOWS\system32\sfc_os.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\sfc_os.dll - ok
17:30:58.0140 0x081c  [ 08693B64B2004210E15179DF4C16BBA6, A17EF9129CF2C3A38CFDF27B8A9CF6B9B4D1975FBAEA6EFEE9FD16426D6CBBB6 ] C:\WINDOWS\system32\shsvcs.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\shsvcs.dll - ok
17:30:58.0140 0x081c  [ E33489E6F76EF40A5AE74540CB0BA46E, 957C8F15B509B724713401159F117AA295623ACE6AD6CE6AD5FA224B455054CF ] C:\WINDOWS\system32\ole32.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\ole32.dll - ok
17:30:58.0140 0x081c  [ BF7C54CD350D232B02AA0CE7B39D0D6A, 56DE2E0142BD0F3F6FD442F6863AAE4EAAA14483517E7E0E50E9FD46E339F165 ] C:\WINDOWS\system32\apphelp.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\apphelp.dll - ok
17:30:58.0140 0x081c  [ 4795EE604A505E58F9E7D6D17F4B7D32, 1EB7842ED9CE08EE39AEE5602106F277885488F7914FD9529FB45F82B5EC587C ] C:\WINDOWS\system32\lsass.exe
17:30:58.0140 0x081c  C:\WINDOWS\system32\lsass.exe - ok
17:30:58.0140 0x081c  [ 04D7B81C1FF2154FD44D729795223359, C9D2E037BD344355D042BD99BF29210D48C3F8F35F94DC53D803424827F80393 ] C:\WINDOWS\system32\services.exe
17:30:58.0140 0x081c  C:\WINDOWS\system32\services.exe - ok
17:30:58.0140 0x081c  [ 13BC2025464D79760404873ECED09431, DB37320ABED2AE25B2BECE839184EA50A7B1169E67A86CB6F2C4F50A2CF97141 ] C:\WINDOWS\system32\lsasrv.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\lsasrv.dll - ok
17:30:58.0140 0x081c  [ C0EFCC08E229A10ED9906B7F1301167C, 8EE88FBCE4726F9298F2F671AE306EE449B09ABBBEBBCDE3BD00210B59FC7AB3 ] C:\WINDOWS\system32\ncobjapi.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\ncobjapi.dll - ok
17:30:58.0140 0x081c  [ 656DD0093159E4325D4045B133726CAF, E5FC81ACF4C1C659DDFB88DAD8AE973092EC0FF830CD2656901E8D319427F1EF ] C:\WINDOWS\system32\msvcp60.dll
17:30:58.0140 0x081c  C:\WINDOWS\system32\msvcp60.dll - ok
17:30:58.0156 0x081c  [ 2BA2B743FDD39B2E67AAC212B969DAAC, 26DB7A5249A08FBB6DA201E99825F74C1D834D5EE60A6A8959998BAB205CA4D0 ] C:\WINDOWS\system32\mpr.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\mpr.dll - ok
17:30:58.0156 0x081c  [ 7BE1D2DBDE5670D678861F1B7FF1FAAB, 24635E2660401C1278E15D217E54CAF072DEDE90F29C1392496FF2355C1C5291 ] C:\WINDOWS\system32\scesrv.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\scesrv.dll - ok
17:30:58.0156 0x081c  [ 4646D48592C939B1292C5CDA15F886C3, 429AAB4F22926EFDCFC72CD63BB223C5865C548211FCC8FA0DE6C660E03DDBF6 ] C:\WINDOWS\system32\dnsapi.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\dnsapi.dll - ok
17:30:58.0156 0x081c  [ 8A3366A08410C869710E1278D8BFA99B, 62F3FA1C919506F12CC0C726635D040D197CA2029A5C03C45B248832F2A56BF4 ] C:\WINDOWS\system32\ntdsapi.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\ntdsapi.dll - ok
17:30:58.0156 0x081c  [ EC94A321737FF46EDA698061EF36202E, 80F6487435EDF18E5BDB9F90090BA512C044233F292B38305858E84C6BD2AF68 ] C:\WINDOWS\system32\umpnpmgr.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\umpnpmgr.dll - ok
17:30:58.0156 0x081c  [ AF521E76BD268523904EA7DCAD5459A8, F875D5EA1BA636A2724ECAE6E69459DA347B8757CB12F6E1575905EFC7EC90EB ] C:\WINDOWS\system32\wldap32.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\wldap32.dll - ok
17:30:58.0156 0x081c  [ 28715EDCC41C1F3D7006900D3F9A685C, 6033AFA350423D39A35A0D0914110A54BF61A7A45AFE344941F52561F472E285 ] C:\WINDOWS\AppPatch\AcGenral.dll
17:30:58.0156 0x081c  C:\WINDOWS\AppPatch\AcGenral.dll - ok
17:30:58.0156 0x081c  [ C63612E3E7EAEC9036A2ADF8757C5899, B80D7542A3E468B9512EFC7F8C183191BE9E1F708818621C28786BFBEB7C8CE4 ] C:\WINDOWS\system32\samlib.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\samlib.dll - ok
17:30:58.0156 0x081c  [ 85ED8170972C248068EE30D4CA14A23F, 431417093AF27C2D5670CC510A2EA673B47609B56A36193D112E573C5D5881B1 ] C:\WINDOWS\system32\samsrv.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\samsrv.dll - ok
17:30:58.0156 0x081c  [ 783C008672533916CB9537A04C7671BC, 4BFA6C801B7E602EACFB7375E43CDD8A1D6F54E250A82DE31DCAE94694F9BBE9 ] C:\WINDOWS\system32\shimeng.dll
17:30:58.0156 0x081c  C:\WINDOWS\system32\shimeng.dll - ok
17:30:58.0171 0x081c  [ 7D6896CA72DFCB92274C9041C5F0D32A, 562C541E390D570D27074E5CBC0DFFF0DDE676114919C673DA4C027F4320CACD ] C:\WINDOWS\system32\cryptdll.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\cryptdll.dll - ok
17:30:58.0171 0x081c  [ 91716BFA72FB89ABA10E6CED4DB0582E, 4D9BB311D0CAC21A3EA305B1A4E5C5D3C4F5CA879DF634DDBF6025F1292F5E4C ] C:\WINDOWS\system32\winmm.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\winmm.dll - ok
17:30:58.0171 0x081c  [ 65A33F43999BBA258F3820C505AB3A12, D14300F52623209F71B504BCE862B88C77171C20C020172F8F1BAEE21BA0E093 ] C:\WINDOWS\system32\oleaut32.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\oleaut32.dll - ok
17:30:58.0171 0x081c  [ 4BF6C32505F6E817A141D1B002313F2E, D4447447CBBA148871DC1C8677AD71DFDD9877AAA1D605FA3DE42716CBF47031 ] C:\WINDOWS\system32\msacm32.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\msacm32.dll - ok
17:30:58.0171 0x081c  [ A8C9F32AE7CAD55BCF72F900D72625A2, DB65F211EFE6A90B91F6D3D8287D5B7EFD7B537A2824313881E5636C790917AC ] C:\WINDOWS\system32\uxtheme.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\uxtheme.dll - ok
17:30:58.0171 0x081c  [ 5F4E97A492AB4BAB4531CBA2FBB89EF9, 41B213F92636497AF2B6A4DA52E4CE042DFC1AFBAED78A0EFAF602CD8E02985B ] C:\WINDOWS\system32\digest.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\digest.dll - ok
17:30:58.0171 0x081c  [ C0F0C17D3084B5E176CD611AC97514A9, 1B2BCCB5A25CDCA658AD8FB845B2B5184AE24D941B9A8D0BD02EF0D05622BEF5 ] C:\WINDOWS\system32\msapsspc.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\msapsspc.dll - ok
17:30:58.0171 0x081c  [ 0029D7B043FAFBBBEFB7301904F370C7, F6CE91F4145CB74F081F6D088B43ECE34559505252CE8B1103816E5FFDB8BA5D ] C:\WINDOWS\system32\msnsspc.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\msnsspc.dll - ok
17:30:58.0171 0x081c  [ 146D198E3AD9D4B69C9EB0AEA6EF333B, 26A013A8C2AACA9D9DDCC286047A682E6A272A99B06DD4195FF95852DF86B528 ] C:\WINDOWS\system32\msvcrt40.dll
17:30:58.0171 0x081c  C:\WINDOWS\system32\msvcrt40.dll - ok
17:30:58.0187 0x081c  [ 2FB0FFD62850216104B278C1CA40F179, 1EF3588B06C61C2C68544B2B0D258FE03D150B497EB0C0552E3D0D46A19BE8C5 ] C:\WINDOWS\system32\schannel.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\schannel.dll - ok
17:30:58.0187 0x081c  [ F1A09D96CBC60612980ECFF030B51DB0, C27A7D6E54F4E193CB330B10B3D32A3CF4D17C800928BA02383204464CE13EAD ] C:\WINDOWS\system32\MSCTFIME.IME
17:30:58.0187 0x081c  C:\WINDOWS\system32\MSCTFIME.IME - ok
17:30:58.0187 0x081c  [ 069DB33E51911CAAA9DBED442CB1E1C2, 2577090E29A9812CF23D58435E2661D5ECBA21CB64594D5203C64EA5C6C7C2AC ] C:\WINDOWS\system32\msprivs.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\msprivs.dll - ok
17:30:58.0187 0x081c  [ DE5872522CBFFD529C98C7F3FF0C3100, 554078C9D6D7AE58357DB4B9109814D543DFB412AED76F2C68E35E60090FE2AE ] C:\WINDOWS\system32\kerberos.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\kerberos.dll - ok
17:30:58.0187 0x081c  [ A87B75DF28DC337D606E9B23DB46F401, F80F0BA497FE38773453DD6DC658AFE614D1C2D422B68D28BD96E1F8CB619B0F ] C:\WINDOWS\system32\iphlpapi.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\iphlpapi.dll - ok
17:30:58.0187 0x081c  [ 1F685EC9392AE17B43AE80D2789C4F50, F26A559726A681847ED64AC8B46312CF97119C59AF13C1C24E9991187496D4A4 ] C:\WINDOWS\system32\msv1_0.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\msv1_0.dll - ok
17:30:58.0187 0x081c  [ 8497920F143EE0089585BAF461E8FBA4, 5724DCB2B9BD8A8431A9A3F8B0C0D80DCABD955E258FC5E8971133813F5DC89A ] C:\WINDOWS\system32\netlogon.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\netlogon.dll - ok
17:30:58.0187 0x081c  [ E0EC9C86E28DA2C0166CAB8F386ECA63, 9F8DAF510FAA6C69DAE08573FB6274FB0EDC771D963EB0DDF03E3C17018C6CE4 ] C:\WINDOWS\system32\atmfd.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\atmfd.dll - ok
17:30:58.0187 0x081c  [ 26ACBD865F8CFF730F1791C4D0854352, 66FA5845ED397538F92B30CB06202470071B6F45698647E1F86E784942F6C4C4 ] C:\WINDOWS\system32\rsaenh.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\rsaenh.dll - ok
17:30:58.0187 0x081c  [ AE6287C4748352A61D987DD02423473D, 26BE473561CEEAF0C0D8F757CE3BE2E338C0CFC209E101F122938544F84F9EFC ] C:\WINDOWS\system32\w32time.dll
17:30:58.0187 0x081c  C:\WINDOWS\system32\w32time.dll - ok
17:30:58.0203 0x081c  [ 90A9F1A9CB1A588E7A2CD9EBE3B06954, 372C1AAD3AA044CE68F4ECD863A71D3BB51D2C7FEE6C41D35640B0B80936F2F1 ] C:\WINDOWS\system32\wdigest.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\wdigest.dll - ok
17:30:58.0203 0x081c  [ 2BD097B072D90B37DB1574672CF27E9A, 5DB3E110F78C49918CE2CBBDAB53B482B81DBE07CEDB12588DB58A8092965E68 ] C:\WINDOWS\system32\winscard.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\winscard.dll - ok
17:30:58.0203 0x081c  [ D94250B09C2FB8DF010DE8B5D55F2778, 17E542433CB017ED6A9FF4B5D6F21B10A6A76992052E8325CF1D9BC99193A254 ] C:\WINDOWS\system32\wtsapi32.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\wtsapi32.dll - ok
17:30:58.0203 0x081c  [ 0FFEDF47D37A47E507AB4663924484E5, C249B3981FF63B89712C97ABB4DFAC669A022369F39B2BEB51C4E8AA3490E73F ] C:\WINDOWS\system32\scecli.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\scecli.dll - ok
17:30:58.0203 0x081c  [ 1E4114685DE1FFA9675E09C6A1FB3F4B, A9A558BBF5D1EFDC7C82D58307CE3C48FE41A0905A3C4010C3F24D083EC891AC ] C:\WINDOWS\system32\drivers\avgntflt.sys
17:30:58.0203 0x081c  C:\WINDOWS\system32\drivers\avgntflt.sys - ok
17:30:58.0203 0x081c  [ B62FC77D3CFC8B1C74763742D3214D3E, 96B3BB7AE79D6D6357DEF24DA1485E8E1BFA7F8C684A6173B9339C51251C8D6B ] C:\WINDOWS\system32\svchost.exe
17:30:58.0203 0x081c  C:\WINDOWS\system32\svchost.exe - ok
17:30:58.0203 0x081c  [ 167DBD27E23F62C465619FEA2EC8D682, A0365EB532E98199D5A08E05886E9F7EAB1C114DFC91E0EC6255CA91084C79AB ] C:\WINDOWS\system32\ntmarta.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\ntmarta.dll - ok
17:30:58.0203 0x081c  [ 800189F90CFE4E6CFF9147F0CBB65F78, 7E96BB5B2CAB90D4D63AC4A6C53D21B4071E91DCC3FE556B5F776C39AB590497 ] C:\WINDOWS\system32\rpcss.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\rpcss.dll - ok
17:30:58.0203 0x081c  [ D8A5A37F6CBFEA534E2297A57AD0AFC5, BC9CAA9696448FD055C377F480B560139C7AE9C69E2B104BBAAAB74118FD499D ] C:\WINDOWS\system32\xpsp2res.dll
17:30:58.0203 0x081c  C:\WINDOWS\system32\xpsp2res.dll - ok
17:30:58.0218 0x081c  [ 9120FBFF941AA5C4F11079004C6C806D, 3886B96BBF9A8E0849921F7906FEDA0378BEB0736FADAAAA121F0D9B4A9EBA43 ] C:\WINDOWS\system32\eventlog.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\eventlog.dll - ok
17:30:58.0218 0x081c  [ AD76F24EA9A38C9A920D94DBA2C14D78, D1DCD50D47A6F2134147FA277F55996E77604ECC51ACFDB005BC6AE891DC0BE0 ] C:\WINDOWS\system32\mswsock.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\mswsock.dll - ok
17:30:58.0218 0x081c  [ A8671EB405288C170A7C4D0520CD15DF, 9CD8851933991865D72BC37B75B28F6DA37DE6E7E6B31EC195B8D555EB6D5F12 ] C:\WINDOWS\system32\hnetcfg.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\hnetcfg.dll - ok
17:30:58.0218 0x081c  [ 55886B927787DF0C76A8320061801EFC, 162FA1F374837E66235F1AA619FD8F8B109C20C6311EEC428456DDB0C84D4312 ] C:\WINDOWS\system32\rasadhlp.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\rasadhlp.dll - ok
17:30:58.0218 0x081c  [ 3F89620BA3097052FBF25FE202268335, 883E58DCCB3F0D959F192BCDA0E88CC3984C8CEDCD543A547074D552CD3A55D0 ] C:\WINDOWS\system32\winrnr.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\winrnr.dll - ok
17:30:58.0218 0x081c  [ B1E3D674DC27A27309640D223FD1C0FB, 8B89D36CEB005D28C6D64D95E3E54C569728B09A3E1C79AE28875012453F34F6 ] C:\WINDOWS\system32\wshbth.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\wshbth.dll - ok
17:30:58.0218 0x081c  [ 9641CCCDDD70F4715A1127556DAF8923, B7980C4CCE95735821C9BAFF7A13947A5CCADF2A6E9A4004E133291278267938 ] C:\WINDOWS\system32\wshtcpip.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\wshtcpip.dll - ok
17:30:58.0218 0x081c  [ 708E6997420592E033CF01B60E6E4223, 63A827CB24E97AC8C01AA70D8C4769EC1127FA9207604AA4D53EC1AB610A6DEC ] C:\WINDOWS\system32\WudfPlatform.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\WudfPlatform.dll - ok
17:30:58.0218 0x081c  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] C:\WINDOWS\system32\WudfSvc.dll
17:30:58.0218 0x081c  C:\WINDOWS\system32\WudfSvc.dll - ok
17:30:58.0218 0x081c  [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
17:30:58.0218 0x081c  C:\WINDOWS\system32\drivers\fssfltr_tdi.sys - ok
17:30:58.0234 0x081c  [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] C:\WINDOWS\system32\drivers\ndisuio.sys
17:30:58.0234 0x081c  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
17:30:58.0234 0x081c  [ F79FFC1694CE3E6D2AA61B389AFCD0D4, 24AE3D562776C2D249DE260713349D8EF256A9DCC8B5186F2EE7DBF264973339 ] C:\WINDOWS\system32\dhcpcsvc.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\dhcpcsvc.dll - ok
17:30:58.0234 0x081c  [ 99FAFCB7F9A56CCA5535F8B48609ED7A, 9341472404C6614E50547A3C173AE56084781BAF22F88F88ECFEEDAC0471DB23 ] C:\WINDOWS\system32\dnsrslvr.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\dnsrslvr.dll - ok
17:30:58.0234 0x081c  [ 7457A4FA8A05F6A9F68AE08A308469C6, 0B5596729BF32D42A4281B3AD1B10759B483DE4CFBCA0B780040288927725552 ] C:\WINDOWS\system32\logonui.exe
17:30:58.0234 0x081c  C:\WINDOWS\system32\logonui.exe - ok
17:30:58.0234 0x081c  [ 00802696741A3E23145862BE8B488AF7, 1CA434A5F6E212E076AD54A2016D0B655303213D1A04B34D6720E9571019DDE1 ] C:\WINDOWS\system32\cscdll.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\cscdll.dll - ok
17:30:58.0234 0x081c  [ 3D2B81EEBE5994A723AB16B7AA582339, D812BB18A1743279FB76AABE75589E8402B81F0E96898E5B86F61C94388EA956 ] C:\WINDOWS\system32\duser.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\duser.dll - ok
17:30:58.0234 0x081c  [ 22B32FAC6BB36B5A69BE7913511E4545, 8623FF7E2E587653E46AE8417C158BF6B538CB769D04F285E6B5C2BCCC8CF2A3 ] C:\WINDOWS\system32\lmhsvc.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\lmhsvc.dll - ok
17:30:58.0234 0x081c  [ 21171EC700B080D68C4C1A8CC1A50B2C, 945401CEF8363A2D906CEF05D6F33010651A0A2D921F362330F23301B4CB75E1 ] C:\WINDOWS\system32\wzcsvc.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\wzcsvc.dll - ok
17:30:58.0234 0x081c  [ B39A4A7C84CD33AB8CCD90EC0D41730D, 47A04D1AA859012E8929E262F64B46B0106F10F40DDB5E1EEF69AF9D42B73C12 ] C:\WINDOWS\system32\wlnotify.dll
17:30:58.0234 0x081c  C:\WINDOWS\system32\wlnotify.dll - ok
17:30:58.0250 0x081c  [ ECA9BCA64F3A1D300DB81559B2C6B55E, 70B91510008E0CF896B1DB9F1AC95CC4FD5434EFD6A4D0459B0534FE998D254B ] C:\WINDOWS\system32\esent.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\esent.dll - ok
17:30:58.0250 0x081c  [ A24679C27C15EFFCE19CF7FC433CD8C7, 6D608C1AAE2D7A59FB980704F99370DA9A67CDBCACCAF4E1F2861087351E6F7E ] C:\WINDOWS\system32\msimg32.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\msimg32.dll - ok
17:30:58.0250 0x081c  [ C864059EC3F88D3B05C788DE96EEA17F, 07467656FDEECE4850015D9ED1A459F5BAAD5C2A33F237C2F6CD617F85231931 ] C:\WINDOWS\system32\oleacc.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\oleacc.dll - ok
17:30:58.0250 0x081c  [ 2D2A7293513F33E72BCD1177420CBDB2, CE5CA397173246F6CF220FDD23373884C843835FE23F61D01995D1732961629A ] C:\WINDOWS\system32\rtutils.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\rtutils.dll - ok
17:30:58.0250 0x081c  [ C73859EC790A42393A8C47AA6B734B61, BA62E8929470819E0CB3B53B4A8FD0B1CB37AE9A1D1E26FBD87201B45A645CCA ] C:\WINDOWS\system32\winspool.drv
17:30:58.0250 0x081c  C:\WINDOWS\system32\winspool.drv - ok
17:30:58.0250 0x081c  [ 82DD413E459935D530B5A0C06CC2469A, 7C0B65C1CC917553CFA287ACB4301D82504DC4F6E56516645AC50D1B283D3EAD ] C:\WINDOWS\system32\wmi.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\wmi.dll - ok
17:30:58.0250 0x081c  [ C87B02639685FB74DEB0CA206343D8AB, CB0992FAD06FD76CB50150EA66163EBE7DDF85EF1B53510D60382A11243CB090 ] C:\WINDOWS\system32\WgaLogon.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\WgaLogon.dll - ok
17:30:58.0250 0x081c  [ 317588D1E55DF36DDD73B47ACC12A110, EF7AD3C317209A298F93BDD5E211B8D5E8D3EA8F4F5C58E6CF622025FD17BA56 ] C:\WINDOWS\system32\atl.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\atl.dll - ok
17:30:58.0250 0x081c  [ 55C9C3092A541884810482A8282E3313, 6CE94075B0C90BC652623BEAD513A1375825F6D4D8DB71679C04A23B25A52E0D ] C:\WINDOWS\system32\clbcatq.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\clbcatq.dll - ok
17:30:58.0250 0x081c  [ D7BB6AA00FD8494DDE22594E47B4175D, 7F0764050A391FD22CF62A54360119C22E243330E94FD6515C6C7D92D7FCB037 ] C:\WINDOWS\system32\comres.dll
17:30:58.0250 0x081c  C:\WINDOWS\system32\comres.dll - ok
17:30:58.0265 0x081c  [ DE5048813E59664F23D29EFBCD5C5CED, 8598666A0DAD7D680C46BA726358D7AA5F958D58574BE32B504C9360F1E51FE3 ] C:\WINDOWS\system32\msxml3.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\msxml3.dll - ok
17:30:58.0265 0x081c  [ 1E7A7C627F9B35D80E921FC007CE7033, 1BE1D77EE4F087B0554D5606E2F6AD8524664FE314EDE6C056C257D57DB6FF25 ] C:\WINDOWS\system32\shgina.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\shgina.dll - ok
17:30:58.0265 0x081c  [ 881C480989C61A87A99ED3884EB4E5B0, 0491109BB8C6F19CD0119613764498D90B24A65629EAFC393C022FC5061C0160 ] C:\WINDOWS\system32\cryptui.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\cryptui.dll - ok
17:30:58.0265 0x081c  [ A2BFC6706E930828389161A188CFC11C, 5FEABD03E6B937850739700D8EAAB622E58B54A949362356C4C75D4EA96384B4 ] C:\WINDOWS\system32\rastls.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\rastls.dll - ok
17:30:58.0265 0x081c  [ D58815B20E2E3E9731CFE499796261E7, 2EA7810899561D13BFD329E01A45658366C2D12BA01B6A070F1BFFEE225414AA ] C:\WINDOWS\system32\wininet.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\wininet.dll - ok
17:30:58.0265 0x081c  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\normaliz.dll - ok
17:30:58.0265 0x081c  [ 2C49CCF71F86C2086139B725D22ABB0C, 8151F9FF6B7261C9DB76A3D9BB3A6F83A042717118C8ABDDE85189C6401D6C2A ] C:\WINDOWS\system32\urlmon.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\urlmon.dll - ok
17:30:58.0265 0x081c  [ 2164026836CC4E7C2AA88BF3D1F806B2, 30D4E26B6C63B9EDAC0D2E5839D5E0A103CE3B2DF5E500FEA477ABF1130C297C ] C:\WINDOWS\system32\iertutil.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\iertutil.dll - ok
17:30:58.0265 0x081c  [ C87527B8063EA254357099E39D3E21DC, 33ED206B70B78111C107070399427FAF6F2DE50421897955F82ED462FEF29A83 ] C:\WINDOWS\system32\mprapi.dll
17:30:58.0265 0x081c  C:\WINDOWS\system32\mprapi.dll - ok
17:30:58.0281 0x081c  [ A5BA4661A0AC31DA417A688BFB49BACE, 38D7533BB73E504CDDC1102E8FB7E93C4A24C75F1A0F8AF0518C617D36B56B99 ] C:\WINDOWS\system32\activeds.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\activeds.dll - ok
17:30:58.0281 0x081c  [ DB46E1348656DA006BD2662C4682EC60, 68FCA9F7F2C3A56B963F2714970FE5079661229186B7FDD6D734B5B98C95E601 ] C:\WINDOWS\system32\adsldpc.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\adsldpc.dll - ok
17:30:58.0281 0x081c  [ D2A8A8421C4F7283164BB6FAB19AE3C3, 8CA0E65F280CB3A4130DB9DB84379C89732F78605EC4D6A64834D14905A2DFDC ] C:\WINDOWS\system32\rasapi32.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\rasapi32.dll - ok
17:30:58.0281 0x081c  [ 8D9ACBE9B689C3E4418CBEF62A149567, 3002D8AD211B3FE75CDFB2DBFDA95318B350340C0503D64BE5D2F173B554DEFE ] C:\WINDOWS\system32\rasman.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\rasman.dll - ok
17:30:58.0281 0x081c  [ 150E37EFA2D6005618194A3E9865F2A0, B11E701C37A2395467E7A6357887B1119704F1EBCB176BAB0BFFCF62D7518649 ] C:\WINDOWS\system32\tapi32.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\tapi32.dll - ok
17:30:58.0281 0x081c  [ A604AB51052B65AB6875AF9672D44966, 95421BEE104534F1057E3DB28838ACDDE504194B0C62FB1DD24CA80D5D90357E ] C:\WINDOWS\system32\riched20.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\riched20.dll - ok
17:30:58.0281 0x081c  [ F8167EBAD50FBC57DAD1EF99132D8C50, D74B47211711F8043491B39998CDF2FB4EC6A9DBE28E7C81C3878581593326AC ] C:\WINDOWS\system32\raschap.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\raschap.dll - ok
17:30:58.0281 0x081c  [ 3B9F47CF0071146F7A93C9E9BD932D83, 15724BE53DBB349D9A3297AC716922D207306742F3425966AE0A3EA643B8E722 ] C:\WINDOWS\system32\schedsvc.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\schedsvc.dll - ok
17:30:58.0281 0x081c  [ FE7A47F0D064B440E6EB5020F83B544D, E9F5AB5FF9C3274D46DD9D48AC97ED7757A3AD38D63214C8B91A31C7082B17E4 ] C:\WINDOWS\system32\msidle.dll
17:30:58.0281 0x081c  C:\WINDOWS\system32\msidle.dll - ok
17:30:58.0281 0x081c  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F, 521257429493F31516EDE549869EFA4B7A262F6A69EA1E82A9C875456C10E702 ] C:\WINDOWS\system32\spoolsv.exe
17:30:58.0281 0x081c  C:\WINDOWS\system32\spoolsv.exe - ok
17:30:58.0296 0x081c  [ E517173DD7C1A7F86AC862F5567297D3, 87DD98F159CE261EB2B9B1074E74594C1C2E89A5D168EDCBCA96118C51171F56 ] C:\WINDOWS\system32\audiosrv.dll
17:30:58.0296 0x081c  C:\WINDOWS\system32\audiosrv.dll - ok
17:30:58.0296 0x081c  [ B4837FE56D76B2E9EA90E5365CF6A2BE, 4379A0BA850C787D6AD01F50D6FCEEA96E2F4800BAF1A0EEEC6BEFA6851762C1 ] C:\Programas\Avira\AntiVir Desktop\sched.exe
17:30:58.0296 0x081c  C:\Programas\Avira\AntiVir Desktop\sched.exe - ok
17:30:58.0296 0x081c  [ B2EEE3DEE31F50E082E9C720A6D7757D, 4608BEEDD8CF9C3FC5AB03716B4AB6F01C7B7D65A7C072AF04F514FFB0E02D01 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
17:30:58.0296 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
17:30:58.0296 0x081c  [ 7538050656FE5D63CB4B80349DD1CFE3, E16BC9B66642151DE612EE045C2810CA6146975015BD9679A354567F56DA2099 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
17:30:58.0296 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
17:30:58.0296 0x081c  [ 8379637C29ACF9E7282AFE6DD39D1C6C, DAFBE33745636E15F990FC4451DF35EA11BAA9E253B5135CC300B5AC3C891C01 ] C:\WINDOWS\system32\wkssvc.dll
17:30:58.0296 0x081c  C:\WINDOWS\system32\wkssvc.dll - ok
17:30:58.0296 0x081c  [ 13A86FF71B5E57DA8C9A6E2316CE1EAA, BB979F50DE40F555190CFF62BA9588203C6528598399AEC27ED7CBE630DA510D ] C:\Programas\Avira\AntiVir Desktop\schedr.dll
17:30:58.0296 0x081c  C:\Programas\Avira\AntiVir Desktop\schedr.dll - ok
17:30:58.0296 0x081c  [ 4C3EED40C3F2A9FC9956B0511D431304, 91DE01BBAEE4B80B29A222D911DD075B04FEB5DFD1CD20B8EE25C69A9698CCDE ] C:\Programas\Avira\AntiVir Desktop\avevtlog.dll
17:30:58.0296 0x081c  C:\Programas\Avira\AntiVir Desktop\avevtlog.dll - ok
17:30:58.0296 0x081c  [ 01936B92434B6AB994D9BB2139729CFB, 310BAED5D612C5FBE01AA9E1E6BAF52EE07B37CF11B44F09D8FED6BAC097289F ] C:\Programas\Avira\AntiVir Desktop\cfglib.dll
17:30:58.0296 0x081c  C:\Programas\Avira\AntiVir Desktop\cfglib.dll - ok
17:30:58.0296 0x081c  [ 0815AFF09E50A3CF1349396F5B2EBC6A, 876938AFE4BF13F4F42089B3CE97712AD853747E192B51175F7CB95B01D003E2 ] C:\Programas\Avira\AntiVir Desktop\sqlite3.dll
17:30:58.0296 0x081c  C:\Programas\Avira\AntiVir Desktop\sqlite3.dll - ok
17:30:58.0312 0x081c  [ CA74F364D83848A824A27FADBEA88ABE, DB8116EFC2DE5B446D58C512CA0E58F8E966C0583C1A650A1D8F3A541EA2236E ] C:\WINDOWS\system32\cscui.dll
17:30:58.0312 0x081c  C:\WINDOWS\system32\cscui.dll - ok
17:30:58.0312 0x081c  [ DB54DA2B19F906EDB4734C8FCDEA3457, B324524C5C61E9EF9EAD508C76377FD15EE0B662C348211A839AEA90EC1E0DEB ] C:\WINDOWS\system32\powrprof.dll
17:30:58.0312 0x081c  C:\WINDOWS\system32\powrprof.dll - ok
17:30:58.0312 0x081c  [ EE83DB9B6570E50901960CFE901B5252, 5EC88C2F852E7D1C33086C564D42474A81FBDDD33418050C03463AC88DEBC0DD ] C:\WINDOWS\system32\dpcdll.dll
17:30:58.0312 0x081c  C:\WINDOWS\system32\dpcdll.dll - ok
17:30:58.0312 0x081c  [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] C:\WINDOWS\system32\drivers\sysaudio.sys
17:30:58.0312 0x081c  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
17:30:58.0312 0x081c  [ EFD235CA22B57C81118C1AEB4798F1C1, 16EE95A1D51F318224152492FB1663D96E61EC1706E85AE820CD023CBA1CF1F3 ] C:\WINDOWS\system32\drivers\wdmaud.sys
17:30:58.0312 0x081c  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
17:30:58.0312 0x081c  [ CB0C786B477FA67CA0C791AB7A6CBD7E, 6B5CAC642EF88D90DD6564D801EDCDBE8CF2111F95BE80500043A82C1E4EBB45 ] C:\WINDOWS\system32\wdmaud.drv
17:30:58.0312 0x081c  C:\WINDOWS\system32\wdmaud.drv - ok
17:30:58.0312 0x081c  [ 1EE7B434BA961EF845DE136224C30FEC, 0216D2277B6B4AB9B0E47E093CEEAC2030EFB4B87BA048EA730E40119AA06444 ] C:\WINDOWS\system32\drivers\aec.sys
17:30:58.0312 0x081c  C:\WINDOWS\system32\drivers\aec.sys - ok
17:30:58.0312 0x081c  [ 0CE218578FFF5F4F7E4201539C45C78F, 2C87C8993C3B9CE3589262E178B2B12FF9F2D83E5E8C2B97648D7FA24E3BD985 ] C:\WINDOWS\system32\drivers\splitter.sys
17:30:58.0312 0x081c  C:\WINDOWS\system32\drivers\splitter.sys - ok
17:30:58.0312 0x081c  [ 68E7C26452F13E43B101DA596FF9DD31, C1ABD3E7DC87F67026998868F563CB7399332EE772BB92919A36E789753B5C1E ] C:\WINDOWS\system32\userinit.exe
17:30:58.0312 0x081c  C:\WINDOWS\system32\userinit.exe - ok
17:30:58.0312 0x081c  [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] C:\WINDOWS\system32\drivers\dmusic.sys
17:30:58.0312 0x081c  C:\WINDOWS\system32\drivers\dmusic.sys - ok
17:30:58.0328 0x081c  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] C:\WINDOWS\system32\drivers\swmidi.sys
17:30:58.0328 0x081c  C:\WINDOWS\system32\drivers\swmidi.sys - ok
17:30:58.0328 0x081c  [ B8987A6CEC93423C98F8A00F3814F5C7, 226085E2D71FDB718197E0C6A8F5CC69577D1D59496B623799ABE300E65A2B45 ] C:\WINDOWS\system32\WgaTray.exe
17:30:58.0328 0x081c  C:\WINDOWS\system32\WgaTray.exe - ok
17:30:58.0328 0x081c  [ BA5DEDA4D934E6288C2F66CAF58D2562, 2250B75EEAD92CA56A1F8BB3F6523F9A5625676E38845A4DE0BFECE5EA17DBFA ] C:\WINDOWS\system32\drivers\kmixer.sys
17:30:58.0328 0x081c  C:\WINDOWS\system32\drivers\kmixer.sys - ok
17:30:58.0328 0x081c  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] C:\Programas\Google\Update\GoogleUpdate.exe
17:30:58.0328 0x081c  C:\Programas\Google\Update\GoogleUpdate.exe - ok
17:30:58.0328 0x081c  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] C:\WINDOWS\system32\drivers\drmkaud.sys
17:30:58.0328 0x081c  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
17:30:58.0328 0x081c  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Programas\Google\Update\1.3.24.15\goopdate.dll
17:30:58.0328 0x081c  C:\Programas\Google\Update\1.3.24.15\goopdate.dll - ok
17:30:58.0328 0x081c  [ 450B8E8EE23F8633863C0FB857CAFB45, 613336B8A7CB29B6B0E588272D2683381B888BF5728FA4D80588806D80DE9AF4 ] C:\WINDOWS\system32\msacm32.drv
17:30:58.0328 0x081c  C:\WINDOWS\system32\msacm32.drv - ok
17:30:58.0328 0x081c  [ 3CDCDD422080E7498D3D23AE8E5A39B7, 3A10C7C7ED12D8CC3AA1AA272C0E8AE3DF74F6126ACA54D0F5E6A2AE96B4FD78 ] C:\WINDOWS\system32\msi.dll
17:30:58.0328 0x081c  C:\WINDOWS\system32\msi.dll - ok
17:30:58.0328 0x081c  [ 88EE67E74B188F9E3D2D03DB279D2209, 4D0755A9E3ED51833F9AE639E4CC86F640A781FB79367D1A6F8C6275D957C6D6 ] C:\WINDOWS\system32\midimap.dll
17:30:58.0328 0x081c  C:\WINDOWS\system32\midimap.dll - ok
17:30:58.0328 0x081c  [ 24C1E528284D46D6DF384915C580F247, F8977E883728AB835DA96EF6F562642C05EA46D0DCE3624B223C3B678773D0DE ] C:\WINDOWS\system32\dbghelp.dll
17:30:58.0328 0x081c  C:\WINDOWS\system32\dbghelp.dll - ok
17:30:58.0343 0x081c  [ 3CC2D28FCBEAF9C84F2FBBE4800DAE52, 98210F94D711B222113DC7BEF09BCA8EEE72DB2A7D08080A67839D3CC646D287 ] C:\WINDOWS\system32\cryptnet.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\cryptnet.dll - ok
17:30:58.0343 0x081c  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Programas\Google\Update\1.3.24.15\GoogleCrashHandler.exe
17:30:58.0343 0x081c  C:\Programas\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
17:30:58.0343 0x081c  [ E33D51ECE9047331FCF59DBFA4F4B856, 9204F7C59B2C1C76A4360BEF8712C22CD7A918DEFECD1A627DC6B7BAA5EE2C55 ] C:\WINDOWS\explorer.exe
17:30:58.0343 0x081c  C:\WINDOWS\explorer.exe - ok
17:30:58.0343 0x081c  [ 05ED5559A17C5BC5F010DA8DF9AFD271, F0E25DD486E8130D8175D9BAC9C4C94160C580904F0E107515D8D0EAD5BD9B3D ] C:\WINDOWS\system32\mstask.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\mstask.dll - ok
17:30:58.0343 0x081c  [ B005F3DF818EA86BFA4DF5FE9135B100, 8CDFCF88150CE74194A95EC8939C92BC4755327D63142A3C9D202294870A6F7F ] C:\WINDOWS\system32\winhttp.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\winhttp.dll - ok
17:30:58.0343 0x081c  [ B15DC74F5BB4C4270B718000EC1633B9, C37C22F30BB1D65642F5536887CBA180C9D82D8BEFF7CB8D91A6114B022F506E ] C:\WINDOWS\system32\sensapi.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\sensapi.dll - ok
17:30:58.0343 0x081c  [ B99FF349BF53BD91FBDDCD6B1EDE8980, F805DF1B29B9E64214ACE4B884D1879A9E4BA63EE83A674AC0982C451C055917 ] C:\WINDOWS\system32\browseui.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\browseui.dll - ok
17:30:58.0343 0x081c  [ D0E44C9C8BD85350828458EAD715BD30, A559A8205756C37229C8B946E6E8E4C136BFD978F184E4A1BE52131478CA8418 ] C:\WINDOWS\system32\LegitCheckControl.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\LegitCheckControl.dll - ok
17:30:58.0343 0x081c  [ 559B2D22A1EE947A7EAED530C7FF9320, BB144889A0096F84BFBB6BD496C593D8A0726EA047AD65399D91D612B6AE1C07 ] C:\WINDOWS\system32\shdocvw.dll
17:30:58.0343 0x081c  C:\WINDOWS\system32\shdocvw.dll - ok
17:30:58.0359 0x081c  [ 20F5E3D070BC1CB7E7E44B1AA4FD7DFD, D587DEC4124E0B9D26CC73E3F97A1D1C5A73D1240B856409677AB24970465239 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
17:30:58.0359 0x081c  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
17:30:58.0359 0x081c  [ 7F9B0A36D6954100D8A619338D8C99AE, CFE9D134DA98E10DAF23E556E5796ABCD3AF5CB6DDC9F45C59EB7F0501155C28 ] C:\WINDOWS\system32\wbem\wbemprox.dll
17:30:58.0359 0x081c  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
17:30:58.0359 0x081c  [ A659ADBC53A82F558CB5059454554675, 362E960BD1D1C984AA09B116EF734DF02824589AE7B992A8705961B0D0D92ECC ] C:\Documents and Settings\Daniel\Application Data\Dropbox\bin\DropboxExt.24.dll
17:30:58.0359 0x081c  C:\Documents and Settings\Daniel\Application Data\Dropbox\bin\DropboxExt.24.dll - ok
17:30:58.0359 0x081c  [ F28ADCF2E9B3574F25089A69B03DC756, B1C87873A58903FB4A4EF1F15683A643959F8620A3E5B0CAA6541E5CB88A94CC ] C:\WINDOWS\system32\AcSignIcon.dll
17:30:58.0359 0x081c  C:\WINDOWS\system32\AcSignIcon.dll - ok
17:30:58.0359 0x081c  [ CCC2E312486AE6B80970211DA472268B, 18BE5D3C656236B7E3CD6D619D62496FE3E7F66BF2859E460F8AC3D1A6BDAA9A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
17:30:58.0359 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll - ok
17:30:58.0359 0x081c  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
17:30:58.0359 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
17:30:58.0359 0x081c  [ 4124B13DA07F829C4136F827B22663F6, 1AD15D25081FA4A07FEDBDD3FE33B359E1874526C8EC4F9FC1B0F76C32E021B9 ] C:\WINDOWS\system32\desk.cpl
17:30:58.0359 0x081c  C:\WINDOWS\system32\desk.cpl - ok
17:30:58.0359 0x081c  [ D7C2C0FF666E486B9289D13599BB3FDE, 808CCB73CA15A9F2BE1A6F0ACAE38C352E36B1DEB88A2F48A7ABAF9B9B7B5E2F ] C:\WINDOWS\system32\themeui.dll
17:30:58.0359 0x081c  C:\WINDOWS\system32\themeui.dll - ok
17:30:58.0359 0x081c  [ 6C2E2DBEC36E559CEFA222B22B82711D, FDCE0AB593F41EDA6048712658D69CFAC8EF2AF4790D0A98137D1B498D6CE635 ] C:\WINDOWS\system32\actxprxy.dll
17:30:58.0359 0x081c  C:\WINDOWS\system32\actxprxy.dll - ok
17:30:58.0359 0x081c  [ 9A451D3B7EEFE572D7B4B852F0F151F1, AE8E3BEC67EF1D26B43BE15EC8D9BA88B98CE1EE348896E3C476703ADCCE8CC7 ] C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll
17:30:58.0359 0x081c  C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll - ok
17:30:58.0375 0x081c  [ 777CED02363B6BFA1D5879DF4AB0D146, B55662A34F9D021C44E9F4846D7A544D2EE2EA5202AA2124EDFB7027BACB4976 ] C:\WINDOWS\system32\cmd.exe
17:30:58.0375 0x081c  C:\WINDOWS\system32\cmd.exe - ok
17:30:58.0375 0x081c  [ 907D711F70D329352A0B7F63CDA71953, EFC3B5B11B99B9887E2A8D163BEC0E2889F8E288A5C1BF518471AD0BAEE34B0C ] C:\WINDOWS\system32\ieframe.dll
17:30:58.0375 0x081c  C:\WINDOWS\system32\ieframe.dll - ok
17:30:58.0375 0x081c  [ E87ED5DC97DFDDBDD3C952B77199DC62, 9103B4DDFCE0ED9C23BE0CB2DFA41578270E361B4DCB77AFB5B8D7ED0BF79CF7 ] C:\WINDOWS\system32\cabinet.dll
17:30:58.0375 0x081c  C:\WINDOWS\system32\cabinet.dll - ok
17:30:58.0375 0x081c  [ 5BE4416A102731C5271BADD028608452, 0366C1C20EBB6661C87986D7AECD778D2038721D6ED60D375E04C67505FE6BDC ] C:\WINDOWS\system32\drivers\parvdm.sys
17:30:58.0375 0x081c  C:\WINDOWS\system32\drivers\parvdm.sys - ok
17:30:58.0375 0x081c  [ DF5A3016052755C910A206058B4A1729, 0E15807370B8EA28002D713490FD8DDD3E7FCFAE78477197CE2C0EFB5F176896 ] C:\Programas\Avira\AntiVir Desktop\avguard.exe
17:30:58.0375 0x081c  C:\Programas\Avira\AntiVir Desktop\avguard.exe - ok
17:30:58.0375 0x081c  [ 020E9A91B8DA0927E8A60868D90F515A, D3634E3F6FC1AE8B521446C22615B17FE8EC569194361DA67FDCF8662A3F89E6 ] C:\Programas\Avira\AntiVir Desktop\libdb44.dll
17:30:58.0375 0x081c  C:\Programas\Avira\AntiVir Desktop\libdb44.dll - ok
17:30:58.0375 0x081c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:58.0375 0x081c  C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
17:30:58.0375 0x081c  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
17:30:58.0375 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
17:30:58.0375 0x081c  [ 848BC9A0BB2361E549FD4C22D7548FB8, 40D1B1DFE64A1FE256DEE7E911CD7D020F945E4E9D05C86609E7FB2880C2E3AA ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\AppleVersions.dll
17:30:58.0375 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\AppleVersions.dll - ok
17:30:58.0390 0x081c  [ 92D9EB35797530FEDC07B1D75533F68E, 4FF6E44ACF492AA97D15A62FF53F5C63DCF4149B32449C69D9A1547FC5A04D0C ] C:\Programas\Avira\AntiVir Desktop\guardmsg.dll
17:30:58.0390 0x081c  C:\Programas\Avira\AntiVir Desktop\guardmsg.dll - ok
17:30:58.0390 0x081c  [ 6953E980ADCA0BE816C7FF463695499A, 86FF463C3997B790BC6CFE8D5605FE858BF0FF841A61481C8890C7EFCEE28351 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\CoreFoundation.dll
17:30:58.0390 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\CoreFoundation.dll - ok
17:30:58.0390 0x081c  [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\YSCrashDump.dll
17:30:58.0390 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\YSCrashDump.dll - ok
17:30:58.0390 0x081c  [ 5252BB49A0B35E1127D3771E21C7AF6D, CB4A2CD4675B78D217C3D770960C204A72D57FD3390340D660ACF21BC1558783 ] C:\Programas\Avira\AntiVir Desktop\avpref.dll
17:30:58.0390 0x081c  C:\Programas\Avira\AntiVir Desktop\avpref.dll - ok
17:30:58.0390 0x081c  [ DFCA644502DFA491384A53F87AE03FB6, 1747DEA4AE73C0B16C93C7C331FB18F3E459CD67DD3FC19C9C05A81AE54DE591 ] C:\Programas\Avira\AntiVir Desktop\avsmtp.dll
17:30:58.0390 0x081c  C:\Programas\Avira\AntiVir Desktop\avsmtp.dll - ok
17:30:58.0390 0x081c  [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\objc.dll
17:30:58.0390 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\objc.dll - ok
17:30:58.0390 0x081c  [ 152F8772D5A5CD7883305C3B8D28470E, 8353B56461E889D277B6FB7DBF97D7C60AD11748C0818FBA9D80DCE5D89C6CC4 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\pthreadVC2.dll
17:30:58.0390 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\pthreadVC2.dll - ok
17:30:58.0390 0x081c  [ 9189E042D53F6A46940E12F3D4FA7055, 22FD9AA2E07D4FB5CC848D42468F3834DA1EACDF8B2366A472F4EEACA19FAB5C ] C:\WINDOWS\system32\wsock32.dll
17:30:58.0390 0x081c  C:\WINDOWS\system32\wsock32.dll - ok
17:30:58.0390 0x081c  [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libdispatch.dll
17:30:58.0390 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libdispatch.dll - ok
17:30:58.0406 0x081c  [ 5A963C340DE1A01BA6E24945CE05D16A, 0CC79B72D03621D6FA4E7A8F3B10125A531C1D19098189671FBE3687E3E70E33 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libicuin.dll
17:30:58.0406 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libicuin.dll - ok
17:30:58.0406 0x081c  [ 8C91BD35AE9AA8B628EEC5E637BB1D0F, E5C4157B7EB962135CFB6B069CE35092CBBD02A385060FBAE1BBE57AFC7F8667 ] C:\Programas\Avira\AntiVir Desktop\avshadow.exe
17:30:58.0406 0x081c  C:\Programas\Avira\AntiVir Desktop\avshadow.exe - ok
17:30:58.0406 0x081c  [ 3DA9A45D10CA718D5CC9A400F6361058, 219F4EC8675C0F2BCBFDD6E8031F9CA3A16BFFBAF8325DE486614F6CEBEC8043 ] C:\WINDOWS\system32\vssapi.dll
17:30:58.0406 0x081c  C:\WINDOWS\system32\vssapi.dll - ok
17:30:58.0406 0x081c  [ 06990855177B4AB5366864738C43D459, DD2BB73ECB627D4EF45E7FDF5FF57707F70DC57ED95187E2E4EA4B4CE723FCF7 ] C:\Programas\Avira\AntiVir Desktop\avipc.dll
17:30:58.0406 0x081c  C:\Programas\Avira\AntiVir Desktop\avipc.dll - ok
17:30:58.0406 0x081c  [ F4BC62990E7E5C29799A895B80FC3177, 57772AB986BA00B3C2730184D94A76E932CA94000119D0E63407F3DF9867238A ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libicuuc.dll
17:30:58.0406 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libicuuc.dll - ok
17:30:58.0406 0x081c  [ 149D74E1128A86DC9CFB2851FBEA11EB, 95E2FF3379DEE729089CF85140C4D4C202B7FEFE239024D48DFFD5CB1E7415BC ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\icudt46.dll
17:30:58.0406 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\icudt46.dll - ok
17:30:58.0406 0x081c  [ 5EE5C132D47BA6F331099BFF1D1DB539, 6CCF6C691B837E0E1A436B77F7E48057B7AE6241A9E45BA25BFD801DAC509D23 ] C:\Programas\Avira\AntiVir Desktop\avgio.dll
17:30:58.0406 0x081c  C:\Programas\Avira\AntiVir Desktop\avgio.dll - ok
17:30:58.0406 0x081c  [ 8E633850180AC04E0024093BC0273E8A, CD0FD1A915718C04C4A93937A2C0AC7D3AF4FA6092F8072D5100F19ED63184A8 ] C:\Programas\Avira\AntiVir Desktop\aecore.dll
17:30:58.0406 0x081c  C:\Programas\Avira\AntiVir Desktop\aecore.dll - ok
17:30:58.0406 0x081c  [ 5E09D9E5A7512B1C4F1F27EB726E641F, 5A1C3D80434EE93DE0728FCA17FE9A148CD8CC3D94E4D0A8BDE8221186FABB7F ] C:\WINDOWS\system32\fltlib.dll
17:30:58.0406 0x081c  C:\WINDOWS\system32\fltlib.dll - ok
17:30:58.0406 0x081c  [ 6A9692792BEFC27B06B763342B74BB6D, 5D13C00449EAB0103883F5EA1A1D2D27AD26F7E385FDED91A3D0BEEF513325E6 ] C:\Programas\Avira\AntiVir Desktop\aevdf.dll
17:30:58.0406 0x081c  C:\Programas\Avira\AntiVir Desktop\aevdf.dll - ok
17:30:58.0421 0x081c  [ DEDBD6BF512A194AA5C2101CBDDD54E0, 9B7C317C785B088D5E6C64615E924468E900553B9E4B865FB7B50844B3D725C4 ] C:\Programas\Avira\AntiVir Desktop\aescript.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aescript.dll - ok
17:30:58.0421 0x081c  [ 7954EC74667D298DB411D9E57401F8CA, CFD85E9E9ED83BBCE42A4B8E69819E2ADF1C5807924DFBC6F4849D913071B4D5 ] C:\Programas\Avira\AntiVir Desktop\aescn.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aescn.dll - ok
17:30:58.0421 0x081c  [ B6B495A0263138D3E2F06441B35EA4DD, FE4CAA8B6C0A76F195D444FA134384DDAC348A36E5CECBA3F9A2D8127AEB4624 ] C:\Programas\Avira\AntiVir Desktop\aesbx.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aesbx.dll - ok
17:30:58.0421 0x081c  [ 39050A12A2EFBEC944C3585374898E54, 77E0EB9FFE26E317C338A7E6426AE6FCA75E8E2AC923149FC33000208026646A ] C:\Programas\Avira\AntiVir Desktop\aerdl.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aerdl.dll - ok
17:30:58.0421 0x081c  [ 42476A9992B471B9B590A3F90B2203E8, FAF35FA1ADBFC840C2CD832BB41259A8240977137A4BFE912CDF8158C059CEFB ] C:\Programas\Avira\AntiVir Desktop\aepack.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aepack.dll - ok
17:30:58.0421 0x081c  [ E32844F51539C893B4BDD00DFC486C06, 579C6E96327F39FAB312A2F162AD3B2ED310AB69EE5043197E7D6C8B2F551804 ] C:\Programas\Avira\AntiVir Desktop\aeoffice.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aeoffice.dll - ok
17:30:58.0421 0x081c  [ A8649C111A7F68269C928C7D64C73A3A, C83AF5F4FA9D7D06531563C28CE20BD5EAE4C615EF314B803FF0B486080493F1 ] C:\Programas\Avira\AntiVir Desktop\aeheur.dll
17:30:58.0421 0x081c  C:\Programas\Avira\AntiVir Desktop\aeheur.dll - ok
17:30:58.0421 0x081c  [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\ASL.dll
17:30:58.0421 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\ASL.dll - ok
17:30:58.0421 0x081c  [ 4D9B3DFBAB2EA93B594B74D47E0B4E5D, 01DD03D27E27BC7E8B454543C36F83D9F71BD7A17D39D72B815DA5F5AFF115BF ] C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
17:30:58.0421 0x081c  C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
17:30:58.0437 0x081c  [ 245B0C95ED04056E0A89BCEB8B511DDA, 0A371FC428844A88B2AAB7ABE71374A5940AF2B20D791EF73953861A0DB9D94D ] C:\Programas\Avira\AntiVir Desktop\aehelp.dll
17:30:58.0437 0x081c  C:\Programas\Avira\AntiVir Desktop\aehelp.dll - ok
17:30:58.0437 0x081c  [ 1A551F1E5D82C49D879A12DB3EA2475A, A252A188BF96E75FFE715432814DF78B8E5B611D2E610A067A2D75991C38C60F ] C:\Programas\Avira\AntiVir Desktop\aegen.dll
17:30:58.0437 0x081c  C:\Programas\Avira\AntiVir Desktop\aegen.dll - ok
17:30:58.0437 0x081c  [ FBDC1D23E595C22805BFE35D677732DA, C2D17DB780F45D408AC14296B4CE2F4C32CDC479599DCB176CA7708A57CDA5A2 ] C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\MobileDevice.dll
17:30:58.0437 0x081c  C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\MobileDevice.dll - ok
17:30:58.0437 0x081c  [ EBE9769C873F7B30E0711F9E0B560EA4, 84DA9268F0FE92C6CFC641E45C7EC92B65B3D9423C80BB0A081C3D80FE3E90C8 ] C:\Programas\Avira\AntiVir Desktop\aeexp.dll
17:30:58.0437 0x081c  C:\Programas\Avira\AntiVir Desktop\aeexp.dll - ok
17:30:58.0437 0x081c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:58.0437 0x081c  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
17:30:58.0437 0x081c  [ ECAA2A2B9A2BE308752871DC3C78036C, 4774AD650CDFCBA5AEFD45D78ADD092BF2899A934D87AF89DC98F06590A7A1C6 ] C:\WINDOWS\system32\bthserv.dll
17:30:58.0437 0x081c  C:\WINDOWS\system32\bthserv.dll - ok
17:30:58.0437 0x081c  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
17:30:58.0437 0x081c  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
17:30:58.0437 0x081c  [ 76E5BF8C3DAD02DC942CF625C5434190, F40D0087C99F49ECF40ACD6D74308B7999780EB4A6F966317C9351F4E4ACEA54 ] C:\Programas\Avira\AntiVir Desktop\aeemu.dll
17:30:58.0437 0x081c  C:\Programas\Avira\AntiVir Desktop\aeemu.dll - ok
17:30:58.0437 0x081c  [ AE80657661F164C09D802B339539DDC2, 1973B60640DBF0340626A877A8963FBC9F9882A0A7A84DC743A535E9D679F0FE ] C:\Programas\Avira\AntiVir Desktop\aebb.dll
17:30:58.0437 0x081c  C:\Programas\Avira\AntiVir Desktop\aebb.dll - ok
17:30:58.0453 0x081c  [ 00C1F27FF4B4E575C4160EB4A4464BE7, 1D37FCD4B521D44A9816F598C0D612F076148B6DDE852EAC24A1D8FFD7F413CE ] C:\Programas\Avira\AntiVir Desktop\aedroid.dll
17:30:58.0453 0x081c  C:\Programas\Avira\AntiVir Desktop\aedroid.dll - ok
17:30:58.0453 0x081c  [ 2E14406E05789F91C9282AE7CFCA3A07, BDB403FC7EDDF5B3F24F1E8232C6EEFE888C5D72A819567EEA73D0AF7D511095 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\zlib1.dll
17:30:58.0453 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\zlib1.dll - ok
17:30:58.0453 0x081c  [ 08A73B0E7EE6E32983B5F9E540A8E380, D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ] C:\WINDOWS\system32\mscoree.dll
17:30:58.0453 0x081c  C:\WINDOWS\system32\mscoree.dll - ok
17:30:58.0453 0x081c  [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\CFNetwork.dll
17:30:58.0453 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\CFNetwork.dll - ok
17:30:58.0453 0x081c  [ A61B4E39DD2A04D49C2DE4E887B67356, 73008271967192C860F33DC7CA0D90EABD8532C3777E766F9DC1D03C4A7F0DA0 ] C:\WINDOWS\system32\cryptsvc.dll
17:30:58.0453 0x081c  C:\WINDOWS\system32\cryptsvc.dll - ok
17:30:58.0453 0x081c  [ 090787CD3E74AE0C801E0DA51EEFDFD2, 61304F8D27BED636E432984C6F0D12D8CE0623B703C0F692A20B10E9FC5860CA ] C:\WINDOWS\system32\certcli.dll
17:30:58.0453 0x081c  C:\WINDOWS\system32\certcli.dll - ok
17:30:58.0453 0x081c  [ 8BE3CEC26578030D61BFDB7A514A5FB0, 93BDF685CD66A4122F98F4AEF2298315C4721CF9B66B13F0D95144CCA17F7B46 ] C:\WINDOWS\system32\es.dll
17:30:58.0453 0x081c  C:\WINDOWS\system32\es.dll - ok
17:30:58.0453 0x081c  [ F3918787F9D5F5FF2DA57CDEFB858EC5, A109319C427A023A9705ACEC9D8943C5E84FFCA7A35F8EF4217E7FD893B43818 ] C:\Programas\Ficheiros comuns\LightScribe\LSSProxy.dll
17:30:58.0453 0x081c  C:\Programas\Ficheiros comuns\LightScribe\LSSProxy.dll - ok
17:30:58.0453 0x081c  [ 6E5DAC168D1FF9843E84A59D51D31107, A847CFEB0D18E7865D483C74560DF67772DCB8EC22DB0F5910F3A68BFA9F3DCD ] C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
17:30:58.0453 0x081c  C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe - ok
17:30:58.0453 0x081c  [ 282C89E7DCC6122ED435425102FAA924, 4BC576A36499D009E4C0C9B0337D33F06D71393FF8169FED042F9C223F067DEE ] C:\WINDOWS\system32\dmserver.dll
17:30:58.0453 0x081c  C:\WINDOWS\system32\dmserver.dll - ok
17:30:58.0468 0x081c  [ 110D83DD5EDCF0E5A9574FB56D3809DD, 34231C4A712A373F7254499CF436F005CBF3C96F770AD0EA9438A24FC9A0CD0A ] C:\WINDOWS\system32\hidserv.dll
17:30:58.0468 0x081c  C:\WINDOWS\system32\hidserv.dll - ok
17:30:58.0468 0x081c  [ 1162E465687273735CD89759E7E6A0A4, 1244679E54042ECF661C57FD9EB02472BAB94B51B0E65413262CF7503462C1BC ] C:\WINDOWS\system32\hid.dll
17:30:58.0468 0x081c  C:\WINDOWS\system32\hid.dll - ok
17:30:58.0468 0x081c  [ 6D5A3E34D5111870C085B048A4E242C7, 3A3B30EC9C194A91F1A56736BF32ED78C1CB5BF278C91682BECAB54B23C790EF ] C:\WINDOWS\system32\srvsvc.dll
17:30:58.0468 0x081c  C:\WINDOWS\system32\srvsvc.dll - ok
17:30:58.0468 0x081c  [ C1A3AF85DBFC67988FB71CE5E8F3B570, D13C923E1A501FF240AA2B29579635AB5387D756C11B01B17DC2FDA6FA0811E5 ] C:\Programas\Ficheiros comuns\LightScribe\LSLog.dll
17:30:58.0468 0x081c  C:\Programas\Ficheiros comuns\LightScribe\LSLog.dll - ok
17:30:58.0468 0x081c  [ E360667FA4A4DA8E83A8A3D56F067A57, 2F2E5ACD38A457D904BCDFAFACCD94A760EAC24F9A16ADF90BE4B7EA877F01AB ] C:\WINDOWS\system32\netmsg.dll
17:30:58.0468 0x081c  C:\WINDOWS\system32\netmsg.dll - ok
17:30:58.0468 0x081c  [ 2333057542C91AE8228BDCCC2E5F2632, 51324D2D468DCDEA039F848585F6C78F99801D2725F7ACED2466E2D20BF112CD ] C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
17:30:58.0468 0x081c  C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe - ok
17:30:58.0468 0x081c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
17:30:58.0468 0x081c  C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
17:30:58.0468 0x081c  [ AB9C79ED12D65E800AAAD3D72A04792F, D834A904F665761AF9958D99F5420EC5FF8DE868F2A645B7EE2FE908AF26108F ] C:\WINDOWS\system32\drivers\srv.sys
17:30:58.0468 0x081c  C:\WINDOWS\system32\drivers\srv.sys - ok
17:30:58.0468 0x081c  [ 0B6DEA0A1662CAB8F2BF339DC0752EF4, 596400163A8021C886D06B8469E67A1AC88EDFB904FC5B7CF726DCAB1F293E0F ] C:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe
17:30:58.0468 0x081c  C:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe - ok
17:30:58.0484 0x081c  [ A35DEBD574ED8BAC425B6B02A9FBDC1E, 4A13E36EB16C5C44DF0E3CF5B8B504096BE3D47088B4E35F907C923EE4B1519B ] C:\WINDOWS\system32\netman.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\netman.dll - ok
17:30:58.0484 0x081c  [ 7060F3F9A19784014DCDD63E1BBDB9E6, 3AAEE27E45D25319A7C75F5291AF971A702A96D3D9A87E0D073BAC41B63822C5 ] C:\WINDOWS\system32\pstorsvc.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\pstorsvc.dll - ok
17:30:58.0484 0x081c  [ B00C1315BDFDF39CCFB8EDEFF4256C56, BF6EF159EB06E8CB82F252490DB75C92BB9D81326E579C00E556E8F6846304A2 ] C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\csm.dll
17:30:58.0484 0x081c  C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\csm.dll - ok
17:30:58.0484 0x081c  [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:30:58.0484 0x081c  C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
17:30:58.0484 0x081c  [ 3EAEFA892C9BFFBA06A224E6FA6FC3C2, 82CBA46737824DE559DAED924FDB5204146036722D7BC136F9A7B0443F4472DB ] C:\WINDOWS\system32\psbase.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\psbase.dll - ok
17:30:58.0484 0x081c  [ 3D811BF538D6F359735D757C94F484B6, 695A28B06EE3106A75D75619A0C72F63E1C81994CBDBEB63C02CECD360A5BE41 ] C:\WINDOWS\system32\msdbg2.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\msdbg2.dll - ok
17:30:58.0484 0x081c  [ E81D79D5A17270D90C85AF1A2CB3BE87, 1C8050B1EE89A639E3C83C27D758FBCD6134073FE4B5E17220BE4716580A8C50 ] C:\WINDOWS\system32\netshell.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\netshell.dll - ok
17:30:58.0484 0x081c  [ 8BA9851E671E8B5E49E303748FFD530C, A2CBF71C3449BA71739E9E805D2EB9F9242AD9D839AF5B4C4F7ADC00C239FB38 ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\SQLite3.dll
17:30:58.0484 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\SQLite3.dll - ok
17:30:58.0484 0x081c  [ 73862FF693168369A90F046E7F227B83, 938D71674C8856A0F7FE5A096F92D71977F5ABA62374287F49394F25B67713BA ] C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libxml2.dll
17:30:58.0484 0x081c  C:\Programas\Ficheiros comuns\Apple\Apple Application Support\libxml2.dll - ok
17:30:58.0484 0x081c  [ 01990E1DBAFF4116E91E860EC2F57BC2, 47EB1AE0CB8FCF5B964A31E0FA4320BAEBB997DBAE58C3E41DD1BB5DAA108C3A ] C:\WINDOWS\system32\credui.dll
17:30:58.0484 0x081c  C:\WINDOWS\system32\credui.dll - ok
17:30:58.0500 0x081c  [ 062890F770F3488B7FB2E6269A3C694B, FFD83EB0A5A670EAC51A03B930D42BC50D26FDADDE52C3F81E088296234CD901 ] C:\WINDOWS\system32\wzcsapi.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\wzcsapi.dll - ok
17:30:58.0500 0x081c  [ E9EF4B801C7312702A467CEE052A17C7, DF8630F9F865BA8AEEBD2BDCC9F0043A3F04FD20AB2E584DB04EB83CCB3AE327 ] C:\WINDOWS\system32\seclogon.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\seclogon.dll - ok
17:30:58.0500 0x081c  [ 411C77BBA18C584B9537F5F7F712F0B8, CB6D5E9ED564C400FAC5AD01EC2A2AFE7A229FD971CB6845FDDB83CA13C24285 ] C:\WINDOWS\system32\sens.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\sens.dll - ok
17:30:58.0500 0x081c  [ 994275FDDF55D6BECFA4E54EF80ED2C2, 8AD195572580598D821F2CB7C22ABD4D2FF0D01EFF9FAC589BFE9B37302E348D ] C:\WINDOWS\system32\srsvc.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\srsvc.dll - ok
17:30:58.0500 0x081c  [ 8B500667814B3F4FAD3AB04336EE4A0E, 38D8BB8535E1D37F79364546912F2E58B7D15073C42D8EB91B5DE8008CB634C1 ] C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
17:30:58.0500 0x081c  C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe - ok
17:30:58.0500 0x081c  [ 172DC74756CDB38C23BA84AC99D8C344, C1D01C5539DDBFE52DBAA5165E4520DAE8DE37979C22FA501CD244F1805ECEAC ] C:\WINDOWS\system32\wiaservc.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\wiaservc.dll - ok
17:30:58.0500 0x081c  [ 54D33538E69E9A502973478F52E71355, EE0E00EE5C0967FBD89D5513A5CB6F79D96504722418E8D971562A81A7A3B0EE ] C:\WINDOWS\system32\cfgmgr32.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\cfgmgr32.dll - ok
17:30:58.0500 0x081c  [ 6F61636AF142D18C06EE26930763664F, 3899CE432C3B12B179FD1B3D861D5204E562DE84D82CD03BB818E7CAB26F17AC ] C:\WINDOWS\system32\mscms.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\mscms.dll - ok
17:30:58.0500 0x081c  [ CAF395B0006C8430797EBC5D7792B6F6, 0165FCE0C4B21F658E451BDB4AFECC88A1EDC6E70D45ADB133B5CC863ECA414D ] C:\WINDOWS\system32\wbem\wmisvc.dll
17:30:58.0500 0x081c  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
17:30:58.0515 0x081c  [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] C:\WINDOWS\system32\wuaueng.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\wuaueng.dll - ok
17:30:58.0515 0x081c  [ CE9C230B94296567A63CBBCA5A518A8D, B95A8B12DE8E16645B37445086B3B6BA027849BA54F14E3C9087678D6AD49FED ] C:\WINDOWS\system32\wuauserv.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\wuauserv.dll - ok
17:30:58.0515 0x081c  [ 242402D385A2FC4233D63FC23AE38D1E, 3F15EA08C7A6FDE9495C418A18E8AFD116F23502F9FB2D71C6A603F39FFA2697 ] C:\WINDOWS\system32\HPWia1_DJ3050A_J611.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\HPWia1_DJ3050A_J611.dll - ok
17:30:58.0515 0x081c  [ 3D8FC49312BC7370B047CA4165ED0698, 3171E6905FFBEAE063E573BD503B96F19ECE3639DD5AED1996210CBFBF4AD72F ] C:\WINDOWS\system32\linkinfo.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\linkinfo.dll - ok
17:30:58.0515 0x081c  [ DB0AED102A9BD664BF71E6D3B9FF5539, A6205C0BF5CFA07FDC6A3C90C69BC8D75013F25EA6EFE87C4AE91CF7AA5C8CA6 ] C:\WINDOWS\system32\ntshrui.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\ntshrui.dll - ok
17:30:58.0515 0x081c  [ 1ED51DB128EA2CD29CA5640E21DE22CF, AB550B2A870286892B708FCA921DD4F505694985ED87074A7ABB6D43DC6343DB ] C:\WINDOWS\system32\HPScanTRDrv_DJ3050A_J611.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\HPScanTRDrv_DJ3050A_J611.dll - ok
17:30:58.0515 0x081c  [ 1531FDE8462F908B095601CCCBD01D1B, CF272FAE94454B5668A858614EF0FF54B6327A6C4C1C775A53B81C7514E592AC ] C:\WINDOWS\system32\mspatcha.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\mspatcha.dll - ok
17:30:58.0515 0x081c  [ 01BB9E040038C7C24A70C86EC9DC5C7C, F0376F7ED23824469A433E4EF5A4848ACE0E55C01EBB721AFAF54215AADB197C ] C:\WINDOWS\system32\browser.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\browser.dll - ok
17:30:58.0515 0x081c  [ 8C3AAFE9DA7345E3DE6CFFDBA41E61E6, F047BE8EA747513BCDDCD010FDA02551B1D9A2124684E9A7B91AF16322CEF755 ] C:\WINDOWS\system32\ipnathlp.dll
17:30:58.0515 0x081c  C:\WINDOWS\system32\ipnathlp.dll - ok
17:30:58.0531 0x081c  [ 44D65289B420EC7819FDDB5B5AF74BAB, AE46DE47E7BF392FD77F3DA417A3DA80F7D93F191C8AFB4A46C1C951254BAF11 ] C:\WINDOWS\system32\wiavusd.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\wiavusd.dll - ok
17:30:58.0531 0x081c  [ B9859B54237D4D46DF00098C0F203833, 2241A72474E696F299DFD90765A2AE2D42A8DDFF4AAE725A1337114A01503924 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
17:30:58.0531 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll - ok
17:30:58.0531 0x081c  [ F5E153C7A2F6956962B000443B312195, A3C497F5029F2B6C28BF067891EB00F6A5737413C9DD4797CD290AF4CBED05DA ] C:\WINDOWS\system32\wscsvc.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\wscsvc.dll - ok
17:30:58.0531 0x081c  [ E4875A44982B245681C9BE3FDB37BE30, FC7F2775F7AA8C4C158BC0F22F47A6001D6EA17CEFA963F86D099EF740A5B091 ] C:\WINDOWS\system32\comsvcs.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\comsvcs.dll - ok
17:30:58.0531 0x081c  [ 65E8BB0F2E37240481A1B7AA17BDD91F, 72252926E96B596E46A69F7B8816938F3FA04EF10A19ED1D3737DC0D8EADD2AC ] C:\WINDOWS\system32\colbact.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\colbact.dll - ok
17:30:58.0531 0x081c  [ 929814D4B7D54D003630540A4478B85B, 4725996ADD023EA96A54C3E387FFE0E52E00F0E8F3ED540E890CC8AE0722F2DF ] C:\WINDOWS\system32\shfolder.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\shfolder.dll - ok
17:30:58.0531 0x081c  [ 458BA8B3FC2D9033F3F252FF3FF561AD, 82FC49BBF9F60B97750CFFF4F15C649B6ED12064B3C2340FD62C320C1B8666A1 ] C:\WINDOWS\system32\clusapi.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\clusapi.dll - ok
17:30:58.0531 0x081c  [ 4B417BAF812CD730847279A94F6F7FBA, F02A24C222C3E266452BDA79895A787F725F9387B86949C5FDF8CE0BF41B5E1D ] C:\WINDOWS\system32\mtxclu.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\mtxclu.dll - ok
17:30:58.0531 0x081c  [ AFF86DF3243D762FD2F46CC90FD4B285, A075CC9DE547B28C867666DCE89ED8CF15EC4F62E5166CF1C8AE221F478B41AA ] C:\WINDOWS\system32\resutils.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\resutils.dll - ok
17:30:58.0531 0x081c  [ A78945B1145DAC7E41D3B86F9E64FC25, 0B150B02933C07648FD38E6387EDFAEFD1CA86068E2A8FFAC711D73B1395D38A ] C:\WINDOWS\system32\wbem\wbemcore.dll
17:30:58.0531 0x081c  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
17:30:58.0546 0x081c  [ 49B87012C32D1E5D4382CE6C917FA8D2, 7A826723933B5536E22C60D202AE3CC630F7F3C27B094E874B229FD1A46B153F ] C:\WINDOWS\system32\wbem\esscli.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\esscli.dll - ok
17:30:58.0546 0x081c  [ 2CF47D128CFC78D794BAAA9004FAC9A0, B497E91A80688A4287BFA6F284873A5C964D7C300AF1B593225B01BBBA3B8186 ] C:\WINDOWS\system32\wbem\fastprox.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\fastprox.dll - ok
17:30:58.0546 0x081c  [ 4DE6372EC937C0FD4F63BE32F9439B19, 99AE72031836431E535EF86A3703E96C2E7E744EC84E6D37FF361863507FD88E ] C:\WINDOWS\system32\wbem\wbemsvc.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
17:30:58.0546 0x081c  [ 0F76930D3536880F13701CA57440F627, 223379BA2427D1D854A6B854BBBBD889AA8B6C1FF1DD3CBE0CEBA703CEE4AAEA ] C:\WINDOWS\system32\wbem\wmiutils.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
17:30:58.0546 0x081c  [ 1D326842006C4BE77ECD848CF89F01AB, D79EBBA1184DDF1C0BE3781AB8490FAF3BACA26D2A062A4C9A6DEBC348F9B827 ] C:\WINDOWS\system32\wups.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wups.dll - ok
17:30:58.0546 0x081c  [ CD068FC5FF082E5B7FB316CCF83B002C, 5F5FECBA09EFE1071C72A52F4C98CE5BA7597BB476B8B1E4623E030E37FE6AFC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
17:30:58.0546 0x081c  [ 5BD1234E11B39C63BBA87022AF6D43C2, 4306B6F88BB42CDACB6BF691B94DD4E621EE856D4A5D3A95499BCC951686D626 ] C:\WINDOWS\system32\wups2.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wups2.dll - ok
17:30:58.0546 0x081c  [ 3D86E57C53DA605CF71873DA6E3E3130, 67F5286524C436499BD5EFAF86596FAE40B8574C7A617FD7ADD40567A804A91B ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
17:30:58.0546 0x081c  [ B572FB61AEB4A89DFC91E2E2BA4646CD, C4141AC79ACAFEEFEE660A76F22515741B3100890EE4E81F87D8DAB04166398C ] C:\WINDOWS\system32\wbem\wbemess.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wbem\wbemess.dll - ok
17:30:58.0546 0x081c  [ 009758CC06B7F55B4A4D16A66E243C24, B3993D09584736B0FA80839450B1A4F46C6C8FE393CE25ECB0B51EE9545B5E55 ] C:\WINDOWS\system32\wuapi.dll
17:30:58.0546 0x081c  C:\WINDOWS\system32\wuapi.dll - ok
17:30:58.0562 0x081c  [ 62BB79160F86CD962F312C68C6239BFD, 2FA2506B5C8B4469D2B36C803CCEAC15E831C3F8A4AF065ACA72DA8F385F24C0 ] C:\WINDOWS\system32\wuauclt.exe
17:30:58.0562 0x081c  C:\WINDOWS\system32\wuauclt.exe - ok
17:30:58.0562 0x081c  [ F9B6D6129F53F422B3E984BD51775534, 11ED554A24C6EF6681BFA4CB89E0094D692880A5CEF0E92E2704615FCC5C24F0 ] C:\WINDOWS\system32\wbem\ncprov.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\wbem\ncprov.dll - ok
17:30:58.0562 0x081c  [ 312C8B39D3E94952506A743492A5CCC7, 355AC97212E39CB5E2D62418683FEFB2A060A5D5CD3900254613F1EB76F522CD ] C:\WINDOWS\system32\spoolss.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\spoolss.dll - ok
17:30:58.0562 0x081c  [ 8490E8F59C2BA6C9C1CBD9CB5CEEDCFB, 7D9AC65602B786B2D459FD99D4A39A87F583291A5F265901B7C1416158D49D64 ] C:\WINDOWS\system32\localspl.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\localspl.dll - ok
17:30:58.0562 0x081c  [ F100EE264165CAC6A784A313D47A2819, 2A04B210427336C371EE7FAF2CA679AF572E6A065C6B58C59AF12BD667181819 ] C:\WINDOWS\system32\AdobePDF.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\AdobePDF.dll - ok
17:30:58.0562 0x081c  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\msvcr71.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\msvcr71.dll - ok
17:30:58.0562 0x081c  [ 0CA441C8ABA518B50F437C29AA083ECD, 7C225B4B8751D0CE312469D04D8EA92914B576E784A8BAA1FC2ADDC53895BF2C ] C:\Programas\Adobe\Acrobat 7.0\Distillr\AdistRes.PTB
17:30:58.0562 0x081c  C:\Programas\Adobe\Acrobat 7.0\Distillr\AdistRes.PTB - ok
17:30:58.0562 0x081c  [ 97D6C74E3192CD0C66F7C1281D9D2166, B686A511AD0BEAE046CA66566BD76D6D84162C3D65C03E7BD8CB8B8B30A4C289 ] C:\WINDOWS\system32\cnbjmon.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\cnbjmon.dll - ok
17:30:58.0562 0x081c  [ 92879783D812B924568782AAA66C7191, F983489A54CEFF7BBCEBA06AF55A55543FC9F979826D8D4ECCE5AE2C7C710F8E ] C:\WINDOWS\system32\hpinkstsa011LM.dll
17:30:58.0562 0x081c  C:\WINDOWS\system32\hpinkstsa011LM.dll - ok
17:30:58.0578 0x081c  [ 64CEC16EEC6F29FBFA8A41BD8768DA76, E68DCC4F9F6C90B5A6036B7EFE075F0039A3C7444544F56478D072632CB95103 ] C:\WINDOWS\system32\HPDiscoPMa011.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\HPDiscoPMa011.dll - ok
17:30:58.0578 0x081c  [ B52363DD0823C1720E6FAC39FBDE7EDF, C7DA2A07D828872C854651BD49E31CFCC8676CC6E835BC0CCE00273F1AC8C97C ] C:\WINDOWS\system32\wsnmp32.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\wsnmp32.dll - ok
17:30:58.0578 0x081c  [ FB44C8568224451A43B745C39C182406, C2579F6CBA6FCA8983E534AE68168A0254B5379AE76FD50E3C675F0387A54053 ] C:\WINDOWS\system32\hpzsnt07.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\hpzsnt07.dll - ok
17:30:58.0578 0x081c  [ 15A9294B81D0FF0E4AC75276C13FD04B, 064E6842EBF6C2D068C1F9DBB329B17BB5AD8BCF96EFC03AD6758DF930125AE6 ] C:\WINDOWS\system32\mdimon.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\mdimon.dll - ok
17:30:58.0578 0x081c  [ 7C06B5684CE873CF57A0A4FAB9D37B1E, 829D9D191475D8816BA551BD60A7FE8220832B35D3762792A2CA4A746D5DB70C ] C:\WINDOWS\system32\pjlmon.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\pjlmon.dll - ok
17:30:58.0578 0x081c  [ 163AA48E805DF77076899E7401827A7D, 8BE3D18A20181610F243AD84C83A887B9D8BB8745DDF17368F9D71C7AB406657 ] C:\WINDOWS\system32\tcpmon.dll
17:30:58.0578 0x081c  C:\WINDOWS\system32\tcpmon.dll - ok
17:30:58.0593 0x081c  [ 16581C33453F62E7B06F71A478CA93DD, 1F27EC356094CFDC0E49EB406BE791F760B242A7B8FC437C39DEADF30F4EA051 ] C:\WINDOWS\system32\usbmon.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\usbmon.dll - ok
17:30:58.0593 0x081c  [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
17:30:58.0593 0x081c  [ 063457262374B224226710D8DB74C37C, FBA0944C18A9F282868A933D48EDCBB42A372D25C90DEEC2805D4B9D444BCD65 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
17:30:58.0593 0x081c  [ A6B89E269B829C14C89B1B446E3A041E, 99BFACC0D23D29BA92BB8951778E0C2A4BFEC61CF9CD3AB00BB80BFD765C7D74 ] C:\WINDOWS\system32\win32spl.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\win32spl.dll - ok
17:30:58.0593 0x081c  [ E5D00A85A224419F97D9F523C654E5E8, 56D3E53B2C2BC9EAE226858011D2571C8092AEB72A2F12B5AC20F3CD3EF5A85D ] C:\WINDOWS\system32\inetpp.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\inetpp.dll - ok
17:30:58.0593 0x081c  [ 0837842B3BF98C2CFA82FCEF001C3102, 66C775B6D79BE3E98E14C851F91F8CA5B43F4D9C33F643FF19B2D5F275B3FBE9 ] C:\WINDOWS\system32\netrap.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\netrap.dll - ok
17:30:58.0593 0x081c  [ 05D568D158B2AAA4FF1549B157D0E994, 68A5ABB5804A2B62BD9B0F949D0B5A59B1030603DED64EFED08BE76F6AE3658B ] C:\Programas\Avira\AntiVir Desktop\avwinll.dll
17:30:58.0593 0x081c  C:\Programas\Avira\AntiVir Desktop\avwinll.dll - ok
17:30:58.0593 0x081c  [ A9DE6E538EED0F9C6C7D4A4A5DDEA7ED, 7B27DD8CB94A48D290777708DE5563C5117DF2D62CF2A3C8EA1D24500153EFD2 ] C:\WINDOWS\system32\termsrv.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\termsrv.dll - ok
17:30:58.0593 0x081c  [ 59AB0E27BDD65E73BA65DC07F502548C, 3F4E29C49FA49A35A63613D2B87359339F6445F58CF5952D3A8F352BBED2FDF8 ] C:\WINDOWS\system32\icaapi.dll
17:30:58.0593 0x081c  C:\WINDOWS\system32\icaapi.dll - ok
17:30:58.0609 0x081c  [ 151706626C77A005E75BE29232D0FDCD, 2D9EF063E1011C5B763C708E8B811DAB2C0DCE34660DDF4C788C603838D7A3DB ] C:\WINDOWS\system32\mstlsapi.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\mstlsapi.dll - ok
17:30:58.0609 0x081c  [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
17:30:58.0609 0x081c  C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys - ok
17:30:58.0609 0x081c  [ 8BE71D7EDB8C7494913722059F760DD0, BA02D1EC025BDA8ADAE34483AB6B422A75D0C11392761F83BCB0D0ADB5B1EAE2 ] C:\WINDOWS\system32\drivers\LVPr2Mon.sys
17:30:58.0609 0x081c  C:\WINDOWS\system32\drivers\LVPr2Mon.sys - ok
17:30:58.0609 0x081c  [ F9112546B9EF4769DC0CBC0DD559B802, D6B0BC37ED838B234F26D472D60B823D702DE088514EC36F707E1460849151EA ] C:\WINDOWS\system32\tapisrv.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\tapisrv.dll - ok
17:30:58.0609 0x081c  [ 65D984AEC6A5E3CE7CFA15514C2007C4, 96E67B72822B98ECDBD0A59E4D2C43D0070F4B9C6FBBD0CFC15264187698241C ] C:\WINDOWS\system32\wbem\wbemcons.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
17:30:58.0609 0x081c  [ 431468B06347835CEF9D3BC760A0BAF0, 046C4DAEC09167227CE389CBBB24C0B622A55E6D3D0D280902173BA2568EC0A4 ] C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
17:30:58.0609 0x081c  C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe - ok
17:30:58.0609 0x081c  [ 8D162968C40AC984E6B2C1361A72B5FC, 872E2546A1977B01656E8CEE32C0BCB653CCAC719835D9CCB695D3F00987A1E3 ] C:\WINDOWS\system32\rasmans.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\rasmans.dll - ok
17:30:58.0609 0x081c  [ EA35DBCD495626EF7D4CF65C08B953FD, 416E9C70514427909C9576F717CBE2D1EA8D2C2F5F7B2CAEBB780AE61E192B8F ] C:\WINDOWS\system32\winipsec.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\winipsec.dll - ok
17:30:58.0609 0x081c  [ 91233922BBB9D1B3D76BA99FBE4B0B9E, C7E3C2EB45E829C130B8290CB7A1A66DABD57CB57B11325C1A9D01B85FCD1058 ] C:\WINDOWS\system32\logishrd\LVPrcInj01.dll
17:30:58.0609 0x081c  C:\WINDOWS\system32\logishrd\LVPrcInj01.dll - ok
17:30:58.0625 0x081c  [ 31FA172657E941E7CB15C5CCFE36A03E, 606AF5AB6F16D02D915A61B360E1EDBEA577E9BB477D5E6E104B23412877030F ] C:\WINDOWS\system32\wbem\wmiprvse.exe
17:30:58.0625 0x081c  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
17:30:58.0625 0x081c  [ 010281EC06449D6ED383A1514A563132, 6BD9990DC0759F19F74B8A8FCA72F8CADD7F52E3118415DC674F8D3B6A7E706C ] C:\WINDOWS\system32\netcfgx.dll
17:30:58.0625 0x081c  C:\WINDOWS\system32\netcfgx.dll - ok
17:30:58.0625 0x081c  [ DCD6D1027959C11AC61EC5654A5B10BB, B47B1DDB7F23A299BC07D24F55C3ED7AE89CE53AD8F8FBDCB41B7C8D90770269 ] C:\WINDOWS\system32\rastapi.dll
17:30:58.0625 0x081c  C:\WINDOWS\system32\rastapi.dll - ok
17:30:58.0625 0x081c  [ AD8048DCC8382ABD902CB93A9E47B580, F8D852CC9087E169C7247A20F37F34380A8A5666F245304045D85FE178E98D69 ] C:\WINDOWS\system32\alg.exe
17:30:58.0625 0x081c  C:\WINDOWS\system32\alg.exe - ok
17:30:58.0625 0x081c  [ 7AFCAD2CC53ADA2DAFABF8A656E9EAB9, 6099012E5CAA1E64835E06886DEB268B04B5B078667F99BD23A15B05AC04ED35 ] C:\WINDOWS\system32\unimdm.tsp
17:30:58.0625 0x081c  C:\WINDOWS\system32\unimdm.tsp - ok
17:30:58.0625 0x081c  [ 13CF4625E6C78BA372E1DEC8B3C70E62, C4CDF1FF3A8F6EACFFB14C5C76DFB1DD145139377866813FD05495951C1C79F0 ] C:\WINDOWS\system32\uniplat.dll
17:30:58.0625 0x081c  C:\WINDOWS\system32\uniplat.dll - ok
17:30:58.0625 0x081c  [ 10C0A7B8466801EE12F839849CB913B3, 8C10B7FC7FBC61E707BF80D2801EF07C1D742D7D762FBC26361B61D2D613C74B ] C:\WINDOWS\system32\kmddsp.tsp
17:30:58.0625 0x081c  C:\WINDOWS\system32\kmddsp.tsp - ok
17:30:58.0625 0x081c  [ E97D88063BAC4EFE481694F82CED4EF4, AF151EEA8E24BB4EA7C78CB27CDDFB754730C7F7DB983CA7DD79F5F3B24A6D19 ] C:\WINDOWS\system32\ndptsp.tsp
17:30:58.0625 0x081c  C:\WINDOWS\system32\ndptsp.tsp - ok
17:30:58.0625 0x081c  [ 54966BAEBE8B0A105B3390A89B1D0612, 24CF966BD10A24D7E9BB582B97904C3E81EEAF8386D45E4118D57CB8A370F9FD ] C:\WINDOWS\system32\ipconf.tsp
17:30:58.0625 0x081c  C:\WINDOWS\system32\ipconf.tsp - ok
17:30:58.0625 0x081c  [ ECD8BB626B911BEB407CE169669A750C, A38005F1EBF48B528BEA8366AB03C2465E269CD44F5D2FC8099A9404F69954E9 ] C:\WINDOWS\system32\h323.tsp
17:30:58.0625 0x081c  C:\WINDOWS\system32\h323.tsp - ok
17:30:58.0640 0x081c  [ FF5D191D9A3CE12A93C1213B68ECD259, F4D3D4F663B17E074C20DCC6021F005E40E34F01EBA6B5FFCD039343168CA5A3 ] C:\WINDOWS\system32\hidphone.tsp
17:30:58.0640 0x081c  C:\WINDOWS\system32\hidphone.tsp - ok
17:30:58.0640 0x081c  [ 1900641D75E5F78196663216DA52CC20, 4A7D01A81532B5D1EA252659E0808415DE4F7B35F162A1A677AAB8E05B6FE1C3 ] C:\WINDOWS\system32\rasppp.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\rasppp.dll - ok
17:30:58.0640 0x081c  [ B2FCCA3AA1F116A34195CC30B41C8636, 5BE6AC4BA2ABF2A37BBEE1564C4934FE73E92C453F0AED2AD2A114C55526916C ] C:\WINDOWS\system32\ntlsapi.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\ntlsapi.dll - ok
17:30:58.0640 0x081c  [ 3517AC4E4F76184B2B43DC9EB7900D92, B3DE01D30CC3F23EBC3A9F3C026A7BC6171ED2F18B582AAFE418F91520FE582A ] C:\WINDOWS\system32\licwmi.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\licwmi.dll - ok
17:30:58.0640 0x081c  [ 5AB61F434FC83CF87EFF68A20E5F93E2, EE6BF10A57BFC8F5D828F1C5F01156D87AC2F77DE0EE0C897FC42A2364DAC0AB ] C:\WINDOWS\system32\framedyn.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\framedyn.dll - ok
17:30:58.0640 0x081c  [ E2D42D298BD46203DDD3F62D4785E8F6, C58A8B7DF220271918A11A4B1CEFC72DCAC8A55638D11A2735550F2BF316C1A9 ] C:\WINDOWS\system32\licdll.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\licdll.dll - ok
17:30:58.0640 0x081c  [ 1755F4933644F656C7F30BFB81A8ECD0, 2454995EA39F50A8E873522516B5160DA1836A731A914F5E106AD80E831A6766 ] C:\Programas\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL
17:30:58.0640 0x081c  C:\Programas\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL - ok
17:30:58.0640 0x081c  [ 7AE1B12C29B35F391BFCEFCE8776F9D2, C32D31973543537C1D4918650793F8F35AF768C12BFB9328A4C50278E8F15832 ] C:\WINDOWS\system32\msxml6.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\msxml6.dll - ok
17:30:58.0640 0x081c  [ 7AF09E37566AD1F7E872BB173862A7F3, E9ADDAE5D78A0D60C273B0E1A91428A2C738171591DADB7022F738BD6E6ADF5D ] C:\WINDOWS\system32\wbem\cimwin32.dll
17:30:58.0640 0x081c  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
17:30:58.0656 0x081c  [ 1F4AD4BC5747F7F150F6D53CC52482F2, 00E98BB7182D3CF39D82C28FDA4D78A18FE215B9F71DB1DA58BD125CC677F430 ] C:\Programas\Avira\AntiVir Desktop\avwsc.exe
17:30:58.0656 0x081c  C:\Programas\Avira\AntiVir Desktop\avwsc.exe - ok
17:30:58.0656 0x081c  [ 423069307FB726E51E2A66F1C3F738FE, 314EF0E1C636AC553C0E09F992B34573DA4A89ACCB759BDA27335E8125C08E35 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
17:30:58.0656 0x081c  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok
17:30:58.0656 0x081c  [ 4B3A4639DD281B709162A2120B3DAEFC, E2F1709CD37D4895250295CF4B083F48A5567444FE48D0EF1A05C108F3C16AC4 ] C:\Programas\Avira\AntiVir Desktop\ccguard.dll
17:30:58.0656 0x081c  C:\Programas\Avira\AntiVir Desktop\ccguard.dll - ok
17:30:58.0656 0x081c  [ 47766F6B79A25AF04ED3F6F2B02AA4CB, 81F004875EBD7E65D8475878B381F0CF9839AE4D02942F7BF4A354129DDB7429 ] C:\Programas\Avira\AntiVir Desktop\ccwkrlib.dll
17:30:58.0656 0x081c  C:\Programas\Avira\AntiVir Desktop\ccwkrlib.dll - ok
17:30:58.0656 0x081c  [ 298B49E02025ADD1D12AAF27937A3549, 255BE5D7B4BFEBBD263732D0BCE2CF6F09DAA1C7217F6B27C4A9375A1F300568 ] C:\Programas\Avira\AntiVir Desktop\ccgrdrc.dll
17:30:58.0656 0x081c  C:\Programas\Avira\AntiVir Desktop\ccgrdrc.dll - ok
17:30:58.0656 0x081c  [ 41303E032613D2C4E29BE8B8EB5F027B, EBADF417CA9D9B988523FB804C29C7DB20FDA7D2DD963A737E1F33E28B6368AE ] C:\Programas\Avira\AntiVir Desktop\ccgrdw.dll
17:30:58.0656 0x081c  C:\Programas\Avira\AntiVir Desktop\ccgrdw.dll - ok
17:30:58.0656 0x081c  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{C83A1952-9E30-4779-BEFA-E230250B09FD}.exe
17:30:58.0656 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{C83A1952-9E30-4779-BEFA-E230250B09FD}.exe - ok
17:30:58.0656 0x081c  [ AE462EB824D58FDDAC462ED22550ADE9, B58F30708110B733FB58E9F97806F5A901962FDCB133EF0085699DC22741CFCA ] C:\WINDOWS\system32\msutb.dll
17:30:58.0656 0x081c  C:\WINDOWS\system32\msutb.dll - ok
17:30:58.0656 0x081c  [ D19DE89A14BEAFC74673A59450DE7D12, 3634905E7C13D4DEEDD3389E4D155686C190955BBD0086DF4480D1EC09FBAE5F ] C:\WINDOWS\system32\msctf.dll
17:30:58.0656 0x081c  C:\WINDOWS\system32\msctf.dll - ok
17:30:58.0656 0x081c  [ 7F317D4826FDA6682B63942D248AF96E, F58C2DA0FD2A84349DEC02A288CA5FAC1DE9A8AB0B2DACD5DA6EFC526BC69D88 ] C:\Programas\Ficheiros comuns\Autodesk Shared\AcSignCore16.dll
17:30:58.0656 0x081c  C:\Programas\Ficheiros comuns\Autodesk Shared\AcSignCore16.dll - ok
17:30:58.0671 0x081c  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{38DEF6E9-BEA7-43B8-99B5-66FCBE7B2A11}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{38DEF6E9-BEA7-43B8-99B5-66FCBE7B2A11}.tmp - ok
17:30:58.0671 0x081c  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{A6A6ED01-F0E1-42CC-96F4-15CD7D7934EF}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{A6A6ED01-F0E1-42CC-96F4-15CD7D7934EF}.tmp - ok
17:30:58.0671 0x081c  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{44193A5D-CE0F-428E-8A20-AFE59E958776}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{44193A5D-CE0F-428E-8A20-AFE59E958776}.tmp - ok
17:30:58.0671 0x081c  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{C224DAAE-0E5A-4AC7-A602-6AB8476CCB77}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{C224DAAE-0E5A-4AC7-A602-6AB8476CCB77}.tmp - ok
17:30:58.0671 0x081c  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{B332BF21-DDD3-4C55-A4C6-26A58744F8D9}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{B332BF21-DDD3-4C55-A4C6-26A58744F8D9}.tmp - ok
17:30:58.0671 0x081c  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{67EEB1A1-0C65-474D-A20E-3559878115E0}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{67EEB1A1-0C65-474D-A20E-3559878115E0}.tmp - ok
17:30:58.0671 0x081c  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{2B408915-8538-451A-9845-8C6A03E4B00A}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{2B408915-8538-451A-9845-8C6A03E4B00A}.tmp - ok
17:30:58.0671 0x081c  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{98CED88F-FAD1-4D64-8C68-E53253FE1576}.tmp
17:30:58.0671 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{98CED88F-FAD1-4D64-8C68-E53253FE1576}.tmp - ok
17:30:58.0687 0x081c  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{35A8F2E2-C1AB-4FDC-AFA4-3A203F2860DA}.tmp
17:30:58.0687 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{35A8F2E2-C1AB-4FDC-AFA4-3A203F2860DA}.tmp - ok
17:30:58.0687 0x081c  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{26A1B761-5428-46F6-A90E-F0C5AD502EB4}.tmp
17:30:58.0687 0x081c  C:\DOCUME~1\Daniel\DEFINI~1\Temp\{CF5A3E43-E3D2-4AC2-B38D-290E8CDF43B7}\{26A1B761-5428-46F6-A90E-F0C5AD502EB4}.tmp - ok
17:30:58.0687 0x081c  [ 32A71F37940DE5997FBB8F7BF76BD246, F4C1C95F354DA1973B04F6F893C249D9B9BE1294F31150DB038DE587224E5A62 ] C:\WINDOWS\system32\verclsid.exe
17:30:58.0687 0x081c  C:\WINDOWS\system32\verclsid.exe - ok
17:30:58.0687 0x081c  [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
17:30:58.0687 0x081c  C:\WINDOWS\system32\webcheck.dll - ok
17:30:58.0687 0x081c  [ C9981CF32F7069D82D9D601493675164, 60F8EA192C82E7FFD3A85CA3F103CBDF633BAF25DD2FBFB0A208DA9E4A884074 ] C:\WINDOWS\system32\imapi.exe
17:30:58.0687 0x081c  C:\WINDOWS\system32\imapi.exe - ok
17:30:58.0687 0x081c  [ 8501F003C3F4916257E7C96D7A61D5D4, 1873C5DFFE9F02808FFB5FF370D90A25417EE5C1C24120C3CB83EF8CC11FD1FB ] C:\WINDOWS\system32\mlang.dll
17:30:58.0687 0x081c  C:\WINDOWS\system32\mlang.dll - ok
17:30:58.0687 0x081c  [ C74B86642F131D76C0EDE673FDF137B2, 91659969CF94979FA980A3C13AB3E7421048E4E2720DE6064E9B61FD4DF96666 ] C:\WINDOWS\SkyTel.exe
17:30:58.0687 0x081c  C:\WINDOWS\SkyTel.exe - ok
17:30:58.0687 0x081c  [ C23B6F225B17F5137C2B33673F90C636, 2977A86555202172CE4966684C9E8B7E8E9DA07D3A28D6E37E6F347A15EB487B ] C:\WINDOWS\system32\stobject.dll
17:30:58.0687 0x081c  C:\WINDOWS\system32\stobject.dll - ok
17:30:58.0687 0x081c  [ 38E266FB6327759CE4733FA0C75E06D8, BDEB10791A33B943A424F45D0B1EBA7BB75FC7DE0A2D4652D2B60E3197777AFA ] C:\WINDOWS\system32\upnp.dll
17:30:58.0687 0x081c  C:\WINDOWS\system32\upnp.dll - ok
17:30:58.0687 0x081c  [ 8E498F146B036DB04A4C9D35F49346E1, 3A3073412091E5A42845F2BE6A905AA3DEEF08B511B4DF071A640B061ED23FD2 ] C:\WINDOWS\system32\batmeter.dll
17:30:58.0687 0x081c  C:\WINDOWS\system32\batmeter.dll - ok
17:30:58.0703 0x081c  [ 122F6D612517C8801D4EC64743B46D6F, F013DCE17BAEFF2AC2DB52B8BD6C8D3E85AB6633F91465E89A63300F2BD3D15A ] C:\WINDOWS\system32\ssdpapi.dll
17:30:58.0703 0x081c  C:\WINDOWS\system32\ssdpapi.dll - ok
17:30:58.0703 0x081c  [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll
17:30:58.0703 0x081c  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
17:30:58.0703 0x081c  [ CB77BB47E67E84DEB17BA29632501730, C31841DF59E56C7B5DE7C98C7E98836CB81089165F55D3E44D5CE8072CA09CB1 ] C:\WINDOWS\system32\drivers\http.sys
17:30:58.0703 0x081c  C:\WINDOWS\system32\drivers\http.sys - ok
17:30:58.0703 0x081c  [ D352D90B674DEBC4B5C6FC3F27EF68B4, A24872412FA9D2DC464EBC75BD20F91155D9C4E507454EFB7ECDF230A8BECC11 ] C:\WINDOWS\system32\mydocs.dll
17:30:58.0703 0x081c  C:\WINDOWS\system32\mydocs.dll - ok
17:30:58.0703 0x081c  [ CD3DA10ACA4EDAB0E54551D42B3B64E7, 8316C7C49909A52ACE2192E5D189720565FBDD29C8A7C062F33868DD7959BDDE ] C:\WINDOWS\system32\ssdpsrv.dll
17:30:58.0703 0x081c  C:\WINDOWS\system32\ssdpsrv.dll - ok
17:30:58.0703 0x081c  [ 0339B5A449CE7F66082F4EAC8EAA2F14, 254C163BAD48CB46A2015E6B90D7C85602AB735F2726E9889B9A9D568C9BD235 ] C:\Programas\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
17:30:58.0703 0x081c  C:\Programas\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
17:30:58.0703 0x081c  [ 570A2F439709B4A3A70FAD059F1BBF75, 8773AA38E7639F71C087F5461EB44FB20E35C3E1488B6EED0A7490F186B717A7 ] C:\Programas\Nokia\Nokia PC Suite 7\NGSCM.dll
17:30:58.0703 0x081c  C:\Programas\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
17:30:58.0703 0x081c  [ A5AFD9C0C8FA8437288D6661F49CA394, D624E9FC271011C8BE40F23736CCC26D7BD1C9DE8259BEC6E57F2F877C7813B8 ] C:\WINDOWS\system32\olepro32.dll
17:30:58.0703 0x081c  C:\WINDOWS\system32\olepro32.dll - ok
17:30:58.0703 0x081c  [ C914B8D37B4A8900C578280DD02105D2, 57FE6D7D51A093E4DD6D5C16FFE6C75052332DD49C62237F0157F74FCA7E07A3 ] C:\Programas\Nokia\Nokia PC Suite 7\PCSL.dll
17:30:58.0703 0x081c  C:\Programas\Nokia\Nokia PC Suite 7\PCSL.dll - ok
17:30:58.0718 0x081c  [ 66A3A29B7C4A60F676F7686E1B31F695, 405FD1B5690E8D8CE59F35E24F454995FC3828846CE22C7577DA6B7CD6F63971 ] C:\Programas\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_por.NLR
17:30:58.0718 0x081c  C:\Programas\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_por.NLR - ok
17:30:58.0718 0x081c  [ A09FF9F0F262488624DBDB3A88B1CF23, C2F537E594109B815E5B324B63EE16E29839627AFB276D556F1CE617AEE58ADB ] C:\Programas\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
17:30:58.0718 0x081c  C:\Programas\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
17:30:58.0718 0x081c  [ 901D251617EE3C80E8701311C2DE4295, 8524B08676DC87E53FAE90FFB29F7BDA9E44B7338AABFA1A200544A8CE73103C ] C:\WINDOWS\RTHDCPL.exe
17:30:58.0718 0x081c  C:\WINDOWS\RTHDCPL.exe - ok
17:30:58.0718 0x081c  [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
17:30:58.0718 0x081c  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
17:30:58.0718 0x081c  [ C983E62B6FB74457D173BA93F66F6068, BAB6E98592B50868321B4A244EB0938F6F0B05D2D8F5C95992C6FB71FACDA86C ] C:\Programas\Avira\AntiVir Desktop\avgnt.exe
17:30:58.0718 0x081c  C:\Programas\Avira\AntiVir Desktop\avgnt.exe - ok
17:30:58.0718 0x081c  [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll
17:30:58.0718 0x081c  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
17:30:58.0718 0x081c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe
17:30:58.0718 0x081c  C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe - ok
17:30:58.0718 0x081c  [ 8409DD22699D4CA8B92C5EC99FE5F8C0, 04B8C237F5180ADB668C4574F7083DCD9513696A6C0E5E2F70987F60A068CB1C ] C:\WINDOWS\system32\dumprep.exe
17:30:58.0718 0x081c  C:\WINDOWS\system32\dumprep.exe - ok
17:30:58.0718 0x081c  [ EFDA18D50D05405369F14BF9D8490FA6, 9D94A44AC4C68954FF9FF7130C4C7224996EE672D1F3A38ECAA6015AD256582B ] C:\WINDOWS\system32\rasdlg.dll
17:30:58.0718 0x081c  C:\WINDOWS\system32\rasdlg.dll - ok
17:30:58.0734 0x081c  [ 6F2F1363BBCD85F9DE016D84AB15E476, 0FEC56E5E0781124F47AC35940B6BB82116023ED47E5E67C1483B031BB10854C ] C:\Programas\Sony\Sony PC Companion\PCCompanion.exe
17:30:58.0734 0x081c  C:\Programas\Sony\Sony PC Companion\PCCompanion.exe - ok
17:30:58.0734 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\ctfmon.exe
17:30:58.0734 0x081c  C:\WINDOWS\system32\ctfmon.exe - ok
17:30:58.0734 0x081c  [ 15DFB3CAF377FC93440BA5756637D37F, 2F96ECDD6344EDCFB8477EC244EFAD3D563CF87FF0601A1E69554CB1A9330FA1 ] C:\Programas\Avira\AntiVir Desktop\scewxmlw.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\scewxmlw.dll - ok
17:30:58.0734 0x081c  [ F7263B4E58E0346178CAD70EAC7F35E6, 282C7F859BF54E553D148F6BD9E389B9BA55A55335360D5A83B2002E0B0DF67A ] C:\Programas\Avira\AntiVir Desktop\ccgen.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\ccgen.dll - ok
17:30:58.0734 0x081c  [ F05A5753C308425749B37ACD39A5F760, BF48EE0F38AC669E1AFFFF4B71F921D5AE4746FA38489D9AF50A0FEBFD636929 ] C:\Programas\Avira\AntiVir Desktop\ccgenrc.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\ccgenrc.dll - ok
17:30:58.0734 0x081c  [ ACFEC9B963B04268856823051D08251C, 5B4506DD3FCEFDB4A05FFB61BB56E0A1BF3C4B19AB978EDDDE1394B89F5D84DC ] C:\Programas\Avira\AntiVir Desktop\ccprofil.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\ccprofil.dll - ok
17:30:58.0734 0x081c  [ AD676891B172562C0B19EDD0BE701940, 229608EA30901985F17FD71ADC382B5E3D0C5E6DB3629240175721CD575338EB ] C:\Programas\Avira\AntiVir Desktop\ccscanrc.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\ccscanrc.dll - ok
17:30:58.0734 0x081c  [ AC5B9750955444109F44BE1F6920091B, 82BCF344CFBF6DD6B1EF2B8ACDA7AB0CEDFC23F8B25B93A0F13DB1FB22108008 ] C:\WINDOWS\system32\faultrep.dll
17:30:58.0734 0x081c  C:\WINDOWS\system32\faultrep.dll - ok
17:30:58.0734 0x081c  [ 84F045A39B6DCFA6018F7D8F68E1F80C, A764D1648BDFAFBD00861174738C5E116129A6E6DFC7BF2FE45EA26BCDBD6F15 ] C:\Programas\Avira\AntiVir Desktop\ccquamgr.dll
17:30:58.0734 0x081c  C:\Programas\Avira\AntiVir Desktop\ccquamgr.dll - ok
17:30:58.0734 0x081c  [ DEB5A2EC30153BA570FAD054A7A12684, 063138B035DE6496350A676313A91E1B4BE715D8461A67DC2F2591C4B5966E76 ] C:\WINDOWS\system32\security.dll
17:30:58.0734 0x081c  C:\WINDOWS\system32\security.dll - ok
17:30:58.0750 0x081c  [ 48620181236476EC845CB96D453EDF54, 75FDA5766DAF0D05B3EF0D78E939CA11CB7DB0BA7124F26EBE13BBE9E23A19C4 ] C:\Programas\Avira\AntiVir Desktop\ccquarc.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccquarc.dll - ok
17:30:58.0750 0x081c  [ EEBB9A28B06BFFF6B801A7B3B0263194, B27F45A9AB96A99F3ADC9AB7E24BF1EFD888F199D883FEFD4362F22B785472A6 ] C:\Programas\Avira\AntiVir Desktop\ccsched.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccsched.dll - ok
17:30:58.0750 0x081c  [ 0CA0530BDA80A75A63EF95D7DDFD6B4C, 542A758A409EEAFFC167A9FE6925A2D951B7EB36E14A639CB3DB3DAB221DB820 ] C:\Programas\Avira\AntiVir Desktop\ccscherc.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccscherc.dll - ok
17:30:58.0750 0x081c  [ C2C9BE593D6FF85C236667A754248210, 529D7EB775A070AD9E145CFDDBF023AB051C95576416E90C7A100007AFBE1270 ] C:\Programas\Avira\AntiVir Desktop\ccreport.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccreport.dll - ok
17:30:58.0750 0x081c  [ 5757FD95F10D5307292BF2F874F06CE9, 06C4B0B80B41D031C31C4655A6C860CEFAC4F73F2D08B66B5BC40A62B5D253E5 ] C:\Programas\Avira\AntiVir Desktop\ccreporc.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccreporc.dll - ok
17:30:58.0750 0x081c  [ CACD2C63A79268D131EA37E85524CC44, 956D2D6E86D16A92345252255247DCC07E566B52C9687E85027F7AA9CAC0C409 ] C:\WINDOWS\system32\dssenh.dll
17:30:58.0750 0x081c  C:\WINDOWS\system32\dssenh.dll - ok
17:30:58.0750 0x081c  [ 18C6ABB238E53B513391E9B22EC015F7, C8C5E9715851CE2FA4A1FE44FA17CA6C0FE1CEF53F421A425945EBE00BBF061D ] C:\Programas\Avira\AntiVir Desktop\ccev.dll
17:30:58.0750 0x081c  C:\Programas\Avira\AntiVir Desktop\ccev.dll - ok
17:30:58.0750 0x081c  [ 4D9A302C2AB92F1DFE69EA7A75A87713, 85C26B8F058132919596D6BEB3A91A100F502A980B5EC6C72F821BC2076D4719 ] C:\WINDOWS\ime\SPTIP.dll
17:30:58.0750 0x081c  C:\WINDOWS\ime\SPTIP.dll - ok
17:30:58.0750 0x081c  [ DA23A12845607133ACF1DB3502D4E575, CACBC2940693D704D489F90015D24A01EC509B426BD96FEBC1852131A53977B8 ] C:\WINDOWS\system32\msisip.dll
17:30:58.0750 0x081c  C:\WINDOWS\system32\msisip.dll - ok
17:30:58.0765 0x081c  [ 1C8244C24F208591D7BDECFFE5856D44, 68E0469C70339A25D33C526727CAAA9D1B6EAA71BE7474699B8A4E16ED9D9CB9 ] C:\Programas\Avira\AntiVir Desktop\ccevrc.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\ccevrc.dll - ok
17:30:58.0765 0x081c  [ BD655A8ECAF694C48684B89C745F52FA, BF69F903EA98EBA5DD86CFF206F1C636AF50E0568C64FE470E679C3FEAC7DA16 ] C:\Programas\Avira\AntiVir Desktop\ccupdate.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\ccupdate.dll - ok
17:30:58.0765 0x081c  [ AE10BEDCFD1EAFC1EAD7BF68A6D4730F, 32B37AA722B3B0205783D8145A471F9E000BD44B7D9D3DD43D61E861710ADBF9 ] C:\WINDOWS\system32\wshext.dll
17:30:58.0765 0x081c  C:\WINDOWS\system32\wshext.dll - ok
17:30:58.0765 0x081c  [ 3F7CD7873FA942C38F9831F286698414, 5D7F7D7E999BD5A4DD0D31D5DFFC325E53F52496B14D2DA179192FDB149DCF0A ] C:\Programas\Adobe\Reader 11.0\Reader\reader_sl.exe
17:30:58.0765 0x081c  C:\Programas\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
17:30:58.0765 0x081c  [ A93A23D1D8922FE1E625D9884C275FF5, 46146B8804E372DA49F2D37CD5B9E48A5A094C5949D8B99350CCC8A434021E1D ] C:\Programas\Avira\AntiVir Desktop\ccupdrc.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\ccupdrc.dll - ok
17:30:58.0765 0x081c  [ C0245ED1F48397D41632CAB0AFA842CE, 26097E9FF54FA08D39ED29E52E10C8150D4BB2D8BD4512306368B559D828BB85 ] C:\Programas\Avira\AntiVir Desktop\cclic.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\cclic.dll - ok
17:30:58.0765 0x081c  [ 127C74D3C715A51D70F2C4DD190F57A5, 80E58F410447822FE660F4F42D739F43AA519644D0758BB2FD7E18A3943C4720 ] C:\WINDOWS\system32\wbem\wmipcima.dll
17:30:58.0765 0x081c  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
17:30:58.0765 0x081c  [ 939286B2D5177E88D1FA804413AC8862, 77F94A8C30257450C39D369AACCAC84954A48F1D996BA56A1D04D12C8F7BCBB3 ] C:\Programas\Avira\AntiVir Desktop\cclicrc.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\cclicrc.dll - ok
17:30:58.0765 0x081c  [ 98D551A16398529F181570A001843231, 594D4921061B1AD196C879C840D27D78B0AD81C9E897A522C533F97911D801D7 ] C:\Programas\Avira\AntiVir Desktop\ccmsg.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\ccmsg.dll - ok
17:30:58.0765 0x081c  [ 76D19B395001F884EEED44D582FD5658, BA21798E7D3DD37C4D4B7D156B8C293598F74718B6928EFE246A5C9321E47D73 ] C:\Programas\Avira\AntiVir Desktop\ccmsgrc.dll
17:30:58.0765 0x081c  C:\Programas\Avira\AntiVir Desktop\ccmsgrc.dll - ok
17:30:58.0781 0x081c  [ A285373EAB723D7F3FCFDB70ACCB60A1, 1F4962037D0738A2A1D087A12C5A220548DCEE3E6D3FCA0FDE94B43EFA931EDE ] C:\Programas\Avira\AntiVir Desktop\rcimage.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\rcimage.dll - ok
17:30:58.0781 0x081c  [ 0014339814C89ABF148F49976146941C, 4116B5070C7E424C88462DCB52FBDCB7914AE064D99893FB5C963FDF20ED0B35 ] C:\Programas\Avira\AntiVir Desktop\ccwgrd.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\ccwgrd.dll - ok
17:30:58.0781 0x081c  [ E679BFACA916613BDFBF0844DE248EF0, B2F28EFD675C4CC5228678F77058D450179E6AF0C432C8FD5CACA49BE5DFB124 ] C:\Programas\Avira\AntiVir Desktop\ccwgrdrc.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
17:30:58.0781 0x081c  [ D41A02871F992A2C47B84A95C2A78B40, 1E64382A73FF4AF0DBE15AC1404BEDF387211275755F02152DD5C2D4939D95EE ] C:\Programas\Avira\AntiVir Desktop\ccwgrdw.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\ccwgrdw.dll - ok
17:30:58.0781 0x081c  [ FB29E986F789B6A104022525589B3866, 5C45D75F8B4DCB9A593C762343B0BF6FD070D5DEE83B52100B1BCF78E4AA58AE ] C:\Programas\Avira\AntiVir Desktop\ccavscanex.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\ccavscanex.dll - ok
17:30:58.0781 0x081c  [ 6F6E35D1EBAF6A2F7F1F6AB6B1CA42B8, A9CFE7D79EFB1C1FAB1321F98B1E31618F08C9FF88E34C77683DD70FCDCDB6E8 ] C:\Programas\Avira\AntiVir Desktop\ccavscanexrc.dll
17:30:58.0781 0x081c  C:\Programas\Avira\AntiVir Desktop\ccavscanexrc.dll - ok
17:30:58.0781 0x081c  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
17:30:58.0781 0x081c  C:\WINDOWS\system32\msvcp100.dll - ok
17:30:58.0781 0x081c  [ 1D9287D157977954B68B5727C4C2502E, 9AC0AD968908DF9E67AD1A8397377651B1CF3A5B0EB4B48E575F891EEF0C44DC ] C:\WINDOWS\system32\qmgr.dll
17:30:58.0781 0x081c  C:\WINDOWS\system32\qmgr.dll - ok
17:30:58.0796 0x081c  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\msvcr100.dll - ok
17:30:58.0796 0x081c  [ 6ED03DBDAA8E647DF13B1ABFDE1BA7C1, 740BF5C468E60C655389F329D8891A7FDC7B3387B3BA7A310FE37DA488006104 ] C:\WINDOWS\system32\mfc42.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\mfc42.dll - ok
17:30:58.0796 0x081c  [ 293CF57D16335DAFA189064E2B6951F3, 73F4A0F34CD79BDC5538FD904CF1D620769662C4370E7673EF8395E3D7BF6B07 ] C:\WINDOWS\system32\dsound.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\dsound.dll - ok
17:30:58.0796 0x081c  [ 2CC83008DC2A1D7BE0A68A886A908636, FCAB45671AC432B7916ECCD9CB6DC2B1B3F21FBDB06FFD51DDE7B08DB108042E ] C:\WINDOWS\system32\hhctrl.ocx
17:30:58.0796 0x081c  C:\WINDOWS\system32\hhctrl.ocx - ok
17:30:58.0796 0x081c  [ 871CEAB2C39D8452ECE8E5D8E70565E6, 604524364685F92F54D714066825BF3D3AE5C4164B8288C225D408E4CF6087D1 ] C:\WINDOWS\system32\qmgrprxy.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\qmgrprxy.dll - ok
17:30:58.0796 0x081c  [ 26C67894F7D500D830D963EC448C24AE, 1869B00C143CE7FC3D86EF12E43CFCE8B3DCADCF5453255AE5713E02300F3EEA ] C:\WINDOWS\system32\mui\0016\hhctrlui.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\mui\0016\hhctrlui.dll - ok
17:30:58.0796 0x081c  [ 2D5EFD7B850CDC336908675EF82A36F7, DB222C3E36A98875F98CC95826AF5544F955FB1C85B9DFAE9DB0E7E5B5BCB559 ] C:\WINDOWS\system32\mfc42loc.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\mfc42loc.dll - ok
17:30:58.0796 0x081c  [ F64E599B6AFBCC072BF3779AABAD4B03, C0E25E930F5CFCE2F79865DE216993EE996B62D4D0FE6FA07C1EE4A8A58C7A65 ] C:\WINDOWS\system32\wshptg.dll
17:30:58.0796 0x081c  C:\WINDOWS\system32\wshptg.dll - ok
17:30:58.0796 0x081c  [ 89A5DDD8729DE5F0416042C8A0E65C6A, E90059400EFF29918BED8951AC1A32C528DA67158A2A2EBAD024B4104B8ED893 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
17:30:58.0796 0x081c  C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok
17:30:58.0796 0x081c  [ 679694A6E0FF1E3F75483F36072504A9, DFD72A93F4AF7F86B2EFB84BBFC7DE4CD1098A489B63849183ABC5006FC1BBA1 ] C:\Programas\Microsoft Silverlight\xapauthenticodesip.dll
17:30:58.0796 0x081c  C:\Programas\Microsoft Silverlight\xapauthenticodesip.dll - ok
17:30:58.0812 0x081c  [ DCD62C40142DF3B41F64AC837FEB5716, 95359248ED13114E8F47E64D240D265A4992C085E900DFC33D8489452312BD30 ] C:\Programas\Avira\AntiVir Desktop\ccmainrc.dll
17:30:58.0812 0x081c  C:\Programas\Avira\AntiVir Desktop\ccmainrc.dll - ok
17:30:58.0812 0x081c  [ 1958644DA9DB1462D53A22281C9F6F12, BFE7A5FFA9D1E07AA0AEC6F99E0C1644577CDB622497D02F408E07598489D9DD ] C:\Programas\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
17:30:58.0812 0x081c  C:\Programas\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe - ok
17:30:58.0812 0x081c  [ EA35DEC2BDA6310F48EA724B2CDC3FFE, 2DC43CA14A9A8ADFBAE2E10BF9923AF33331AD2627AFFA924F40C97D1BB761DA ] C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
17:30:58.0812 0x081c  C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe - ok
17:30:58.0812 0x081c  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\msvcp71.dll
17:30:58.0812 0x081c  C:\WINDOWS\system32\msvcp71.dll - ok
17:30:58.0812 0x081c  [ 90CA71F3664DDC09F284B4FCE2009E5D, 88A4A8C5DECCC32990656FDD971A7004377DFE0125137FB17C3ACE08D4067113 ] C:\WINDOWS\system32\ksuser.dll
17:30:58.0812 0x081c  C:\WINDOWS\system32\ksuser.dll - ok
17:30:58.0812 0x081c  [ 547B75E566792651A313956C299CF9C4, CD4766273AFAE2A667D3970D25F37EA79AE4F6FCA55CD163E7BBBF5A13CBD481 ] C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll
17:30:58.0812 0x081c  C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll - ok
17:30:58.0812 0x081c  [ CC9B2B1C42766A18A42226F41637B789, AA7CF8CE2ECE7788CAE77C58F79FC0F0C18DC3786E795BC9C678A148C517DB52 ] C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll
17:30:58.0812 0x081c  C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll - ok
17:30:58.0812 0x081c  [ 42AC50FBA7D6038D3E695B0699B4A327, FBDE6FDFEC33BFC7AD0DEC79F1E13B9DB5F5C22CDACB578396531EC95CA3B47B ] C:\Programas\Sony\Sony PC Companion\NewUI.dll
17:30:58.0812 0x081c  C:\Programas\Sony\Sony PC Companion\NewUI.dll - ok
17:30:58.0812 0x081c  [ 7C47CFB2E70AC090AB4DB46BA3B00B47, F7BBD7087B91956EF4D7A04AC57524AA81AFA87DD14ED2821DD9A6A99EF738FD ] C:\Programas\Sony\Sony PC Companion\bvrpctln.dll
17:30:58.0812 0x081c  C:\Programas\Sony\Sony PC Companion\bvrpctln.dll - ok
17:30:58.0828 0x081c  [ 6A91F47CC8FE2CBD7DD7AB6664F86B34, 8B5CD3AA45153DE15F48B96E4652F35F4C45870623F91CEA207D758080DD879F ] C:\WINDOWS\system32\msvfw32.dll
17:30:58.0828 0x081c  C:\WINDOWS\system32\msvfw32.dll - ok
17:30:58.0828 0x081c  [ C2FB4CC314A45CD8D8A1A1FA0B2F5896, 316A53B848D8444C1A7C646C3E48AE0A97214F3361EABECE478B5348BDBACC5D ] C:\Programas\Sony\Sony PC Companion\TMonitorAPI.dll
17:30:58.0828 0x081c  C:\Programas\Sony\Sony PC Companion\TMonitorAPI.dll - ok
17:30:58.0828 0x081c  [ 72AB99E2C08E17F177292E54C970FA35, 61DFA26ADC1E443C0AEEA2AC61D91563AA8AAE188B442374E4FDE2E6A33FEE0E ] C:\WINDOWS\system32\avifil32.dll
17:30:58.0828 0x081c  C:\WINDOWS\system32\avifil32.dll - ok
17:30:58.0828 0x081c  [ 2137128818CE964376E66C56ADCA1A35, 84F0A2F5C6150392997F5F499A503C612AE7C8579C78E049812FA656CDE3EE8B ] C:\WINDOWS\system32\oledlg.dll
17:30:58.0828 0x081c  C:\WINDOWS\system32\oledlg.dll - ok
17:30:58.0828 0x081c  [ 06169DDE7A01AC4C38B9CE7040EBD75D, F9A22D0A442B5E819E931EF20B56EE4197E3A3CCC63C84AD9C1BC6FC2353F609 ] C:\Programas\Sony\Sony PC Companion\PCCompanionInfo.exe
17:30:58.0828 0x081c  C:\Programas\Sony\Sony PC Companion\PCCompanionInfo.exe - ok
17:30:58.0828 0x081c  [ 1E84291B3323F4929550C7269BCF483E, 2FA7F8AB488BC291FACE9EA9977B36E5A4DD4FDAA4F9BFF45DD75A15C464219E ] C:\Programas\Sony\Sony PC Companion\Device.dll
17:30:58.0828 0x081c  C:\Programas\Sony\Sony PC Companion\Device.dll - ok
17:30:58.0828 0x081c  [ 7BB2731F01E58391B3BEE7375D872113, C3DE5CEEBCFA77C2000E0A81782C2AF9CAED039703CB62D31CF4B9AE3EEAE787 ] C:\Programas\Sony\Sony PC Companion\MExplorer.dll
17:30:58.0828 0x081c  C:\Programas\Sony\Sony PC Companion\MExplorer.dll - ok
17:30:58.0828 0x081c  [ 6D251326609149B742D617735999068C, D9D9C5E1F7B258BC3F13241FB6C09630375EEB52D71E1F8B3584413690CE8F39 ] C:\Programas\Sony\Sony PC Companion\WUNPACLN.dll
17:30:58.0828 0x081c  C:\Programas\Sony\Sony PC Companion\WUNPACLN.dll - ok
17:30:58.0828 0x081c  [ B68BB180DCD3E9BFECF0885E145B975D, 742FACEBC2545BDC14282479188598E9AFA9C3DDACE85061FBC97419EEC771BA ] C:\WINDOWS\system32\newdev.dll
17:30:58.0828 0x081c  C:\WINDOWS\system32\newdev.dll - ok
17:30:58.0843 0x081c  [ 7A481B4DF7E617EB4AB2C78917E0CE89, 9A06A5EBA4275F54A220D25AEF680A8A529894489B6ACD75DE2236083D454050 ] C:\Programas\Sony\Sony PC Companion\PCCompanion.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\PCCompanion.dll - ok
17:30:58.0843 0x081c  [ FE4E739AD8C60D7100C19DD89F8A9694, 638364E60ABAA168D79F8AF4A92D6D7A85050787A645E60A402E44C7D4C74F03 ] C:\Programas\Sony\Sony PC Companion\PluginManager.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\PluginManager.dll - ok
17:30:58.0843 0x081c  [ ED61A2941CAB4893961AFBA371BD2E10, 7571B928B04BFCC3CDF7157F2D0C05F7A575D0B33F981EAA4CA105FBEFDFEE29 ] C:\Programas\Sony\Sony PC Companion\PhoneUpdateTools.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\PhoneUpdateTools.dll - ok
17:30:58.0843 0x081c  [ A9D8AF014F1859EC06BA053EBF8D93A2, 6210CC8CB35C57956494DBEDA43620176EEF686070B028FBC8C2F089DABCD191 ] C:\Programas\Sony\Sony PC Companion\DownloadManager.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\DownloadManager.dll - ok
17:30:58.0843 0x081c  [ 7469B9D06F0299273769C3E5365F5469, B53D6823E868B20980D8AB10B412994A94197FF1B6D7BD3734F7DF7A7444D67E ] C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
17:30:58.0843 0x081c  C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok
17:30:58.0843 0x081c  [ 02AF3E5ED22933865FE6D11D03074E54, C493DBE6D694BA1CB4DA7D991F0EF39A98F28474799A51046B73111604E840E2 ] C:\Programas\Sony\Sony PC Companion\BackupRestore.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\BackupRestore.dll - ok
17:30:58.0843 0x081c  [ D38020F9AA3428E7E1023DA19BC30174, 155F9583AD0A2E9D5D4CDFBFE61305A8A72DA6A8912CC65886018A38D2F2BD37 ] C:\Programas\Sony\Sony PC Companion\Report.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\Report.dll - ok
17:30:58.0843 0x081c  [ DA991D435930F6ADC5C570E2284F73F6, A056B23588695BB50CCF6BC95FAD1A4F5CADAE905595842AEA5D34CA66D7AC60 ] C:\Programas\Sony\Sony PC Companion\sqlite3.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\sqlite3.dll - ok
17:30:58.0843 0x081c  [ E301DCCB86F16066D14C0CF0FA175B09, 773A9212CDFACB16E54C61A7A63AC76666FBEDDD44006878CE0E19A0485837EB ] C:\WINDOWS\system32\xpob2res.dll
17:30:58.0843 0x081c  C:\WINDOWS\system32\xpob2res.dll - ok
17:30:58.0843 0x081c  [ 5646CD2ECB59D480993BCB6EEC5CB595, 0D072763935163D5410E684FAF02E3E4C9A2C7EF229EF6523CA357B1C28F68BE ] C:\Programas\Sony\Sony PC Companion\CrashDump.dll
17:30:58.0843 0x081c  C:\Programas\Sony\Sony PC Companion\CrashDump.dll - ok
17:30:58.0859 0x081c  [ 4B8BFA3A7DECC1CEEFB62869C1BB9B79, B8ACC7CCFA776FB527EE9FA09521CBA840AB7C16EED9DC6C6D53E3EB060007D5 ] C:\WINDOWS\system32\mshtml.dll
17:30:58.0859 0x081c  C:\WINDOWS\system32\mshtml.dll - ok
17:30:58.0859 0x081c  [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
17:30:58.0859 0x081c  C:\WINDOWS\system32\msls31.dll - ok
17:30:58.0859 0x081c  ================ Scan generic autorun ======================
17:30:58.0984 0x081c  [ C74B86642F131D76C0EDE673FDF137B2, 91659969CF94979FA980A3C13AB3E7421048E4E2720DE6064E9B61FD4DF96666 ] C:\WINDOWS\SkyTel.EXE
17:30:59.0171 0x081c  SkyTel - ok
17:30:59.0765 0x081c  [ 901D251617EE3C80E8701311C2DE4295, 8524B08676DC87E53FAE90FFB29F7BDA9E44B7338AABFA1A200544A8CE73103C ] C:\WINDOWS\RTHDCPL.EXE
17:31:00.0812 0x081c  RTHDCPL - ok
17:31:00.0921 0x081c  [ C983E62B6FB74457D173BA93F66F6068, BAB6E98592B50868321B4A244EB0938F6F0B05D2D8F5C95992C6FB71FACDA86C ] C:\Programas\Avira\AntiVir Desktop\avgnt.exe
17:31:00.0937 0x081c  avgnt - ok
17:31:01.0000 0x081c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe
17:31:01.0031 0x081c  Adobe ARM - ok
17:31:01.0046 0x081c  KernelFaultCheck - ok
17:31:01.0078 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\CTFMON.EXE
17:31:01.0140 0x081c  CTFMON.EXE - ok
17:31:01.0156 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\CTFMON.EXE
17:31:01.0218 0x081c  CTFMON.EXE - ok
17:31:01.0218 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\ctfmon.exe
17:31:01.0296 0x081c  CTFMON.EXE - ok
17:31:01.0328 0x081c  [ CE8D6FF5BEDDA023F7A1BB3FA34130DE, 84495FC41BAD38000059B393F5EFDE06ED936A4CC14B95861AE8F650E71B65A4 ] C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
17:31:01.0359 0x081c  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - detected UnsignedFile.Multi.Generic ( 1 )
17:31:03.0734 0x081c  Detect skipped due to KSN trusted
17:31:03.0734 0x081c  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
17:31:03.0796 0x081c  [ 429C00E25AFA42015311C092E49BFD07, 91582247FFD226669BC1937A698E08E6A7CAE4D008FCF64890442B08E6E27934 ] C:\Programas\Picasa2\PicasaMediaDetector.exe
17:31:03.0859 0x081c  Picasa Media Detector - ok
17:31:04.0000 0x081c  [ 5425B0E1A2FBEE08E5FE3F8A54FE487F, FAC9FCF83674A0DE584A6A942A4FD7E02B23445E1CD14FE8F2C269A7F0C4EFAF ] C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe
17:31:04.0062 0x081c  PC Suite Tray - ok
17:31:04.0218 0x081c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Documents and Settings\Marta\Definições locais\Application Data\Google\Update\GoogleUpdate.exe
17:31:04.0250 0x081c  Google Update - ok
17:31:04.0281 0x081c  [ 704D3C3ADF8823161DFD73A89DA4954E, EEE4EA136CB04BFB82949246E9170280B107699371BF945FD664EC2DDBACF95B ] C:\WINDOWS\system32\rundll32.exe
17:31:04.0375 0x081c  NTRedirect - ok
17:31:04.0406 0x081c  [ 6F2F1363BBCD85F9DE016D84AB15E476, 0FEC56E5E0781124F47AC35940B6BB82116023ED47E5E67C1483B031BB10854C ] C:\Programas\Sony\Sony PC Companion\PCCompanion.exe
17:31:04.0437 0x081c  Sony PC Companion - ok
17:31:04.0468 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\ctfmon.exe
17:31:04.0531 0x081c  CTFMON.EXE - ok
17:31:04.0546 0x081c  [ CE8D6FF5BEDDA023F7A1BB3FA34130DE, 84495FC41BAD38000059B393F5EFDE06ED936A4CC14B95861AE8F650E71B65A4 ] C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
17:31:04.0562 0x081c  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - detected UnsignedFile.Multi.Generic ( 1 )
17:31:04.0562 0x081c  Detect skipped due to KSN trusted
17:31:04.0562 0x081c  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
17:31:04.0562 0x081c  [ 6F2F1363BBCD85F9DE016D84AB15E476, 0FEC56E5E0781124F47AC35940B6BB82116023ED47E5E67C1483B031BB10854C ] C:\Programas\Sony\Sony PC Companion\PCCompanion.exe
17:31:04.0593 0x081c  Sony PC Companion - ok
17:31:04.0593 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\ctfmon.exe
17:31:04.0671 0x081c  ctfmon.exe - ok
17:31:04.0671 0x081c  [ 62B37F1F519A08AF502E6F6BB41D2DFF, F4523A00C10923C26C2A5B5D3C610FA931D257F072EF665F6D1D34A8BBFEF20D ] C:\WINDOWS\system32\ctfmon.exe
17:31:04.0734 0x081c  CTFMON.EXE - ok
17:31:04.0812 0x081c  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Programas\QuickTime\QTTask.exe
17:31:04.0859 0x081c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
17:31:07.0218 0x081c  Detect skipped due to KSN trusted
17:31:07.0218 0x081c  QuickTime Task - ok
17:31:07.0312 0x081c  [ 5425B0E1A2FBEE08E5FE3F8A54FE487F, FAC9FCF83674A0DE584A6A942A4FD7E02B23445E1CD14FE8F2C269A7F0C4EFAF ] C:\Programas\Nokia\Nokia PC Suite 7\PCSuite.exe
17:31:07.0421 0x081c  PC Suite Tray - ok
17:31:07.0421 0x081c  Waiting for KSN requests completion. In queue: 7
17:31:08.0421 0x081c  Waiting for KSN requests completion. In queue: 7
17:31:09.0421 0x081c  Waiting for KSN requests completion. In queue: 7
17:31:10.0453 0x081c  AV detected via SS1: AntiVir Desktop, 10.0.1.59, enabled, updated
17:31:10.0453 0x081c  Win FW state via NFM: enabled
17:31:12.0828 0x081c  ============================================================
17:31:12.0828 0x081c  Scan finished
17:31:12.0828 0x081c  ============================================================
17:31:12.0859 0x0814  Detected object count: 1
17:31:12.0859 0x0814  Actual detected object count: 1
17:32:16.0031 0x0814  Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:16.0031 0x0814  Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip
 


  • 0

#18
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

Ok; the scans are fine and your system shows no signs of hidden rootkits. Let us see what a malware scanner shows.

Malwarebytes' Anti-Malware
Please download the latest version of Malwarebytes' Anti-Malware from Here

Double Click on the mbam-setup.exe file to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

Notice that I want this to scan your system but I will be reviewing the log to manually remove anything it finds.

When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link

2a308da4-c469-4a72-b86c-84c05ca1e6a6_zps

Once the program has loaded and updated, select "Scan Now >>" to start the scan.
5f2fe168-2571-4c73-a1e8-945d5aae9e1e_zps

The scan may take some time to finish, so please be patient.

If any malware is found, you will be presented with a screen like the one below.

MBAMfoundMalwarescan_zpsafe36848.png
Please click on the Export Log button and select the As text file from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop).

After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that.

Please Copy and Paste the report file to a post here; I will review the file and script what needs to be removed.


  • 0

#19
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27-09-2014
Scan Time: 16:40:37
Logfile: a.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.27.06
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 2
CPU: x86
File System: NTFS
User: Daniel

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 436779
Time Elapsed: 23 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 36
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}, , [ffa3777be497ab8bf4df159c7b87bb45],
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{494E6CEC-7483-A4EE-0938-895519A84BC7}, , [f7ab79795625ac8aeef11c954cb64cb4],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [3f63bc36b7c4d363852a5240d72b6799],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [3f63bc36b7c4d363852a5240d72b6799],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [0d95f7fb3e3d300620d9fc9618ea46ba],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [0d95f7fb3e3d300620d9fc9618ea46ba],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [0d95f7fb3e3d300620d9fc9618ea46ba],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [0d95f7fb3e3d300620d9fc9618ea46ba],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311531136}, , [0b97f4fe88f3c373dff34088cb370ff1],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}, , [0b97f4fe88f3c373dff34088cb370ff1],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [1d8547abe09bc6704c8a4d62e51d9e62],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [1d8547abe09bc6704c8a4d62e51d9e62],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [059d658daad130062bf61f926b97b050],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [059d658daad130062bf61f926b97b050],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [f4ae3cb687f4cd69e7fd238cdc26639d],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [f4ae3cb687f4cd69e7fd238cdc26639d],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [00a2d41e1b609b9b11d4a20dd62cc23e],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [00a2d41e1b609b9b11d4a20dd62cc23e],
Adware.BarDiscover, HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_BARDISCOVER_SERVICE, , [f7ab9b5703784ceac57294414fb440c0],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [267c6a88f388c67078329b1425de50b0],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [edb5da18314a6fc76447bef18a796e92],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [5a4806ecd6a5db5b8b34c2817c873ac6],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [247edf136d0e8aac18a5e1d9e122c937],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir, , [8b17bc36631896a05cdfbf99b054669a],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [277b30c2e398aa8cea52fd5bdb29bf41],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [6141c72bb6c5e74faa99b5a3c83c48b8],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, , [5d45549e2d4ec96d4c8c8cc9768efe02],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [40623eb4b9c24bebc9a13de026dd6f91],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [2c7611e1225957dfa096ee4223e0619f],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [01a1569c2556b581eac0c5eab35052ae],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [fca6b53d146761d5bcef96197b8820e0],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [d7cb638f1b6070c6bb04d76c8e75b44c],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [8220cc26cbb081b5417cdedc659e6e92],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [f3af5b978cefe452152e4711fa0a9967],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [5f43bf33bebda4928e3185bef310c43c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [c5ddb042601bc76f63e028309074639d],

Registry Values: 11
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [059d658daad130062bf61f926b97b050]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [059d658daad130062bf61f926b97b050]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [1b876f830279ea4c7aa79e135da513ed],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [376b30c2fd7eaa8c0120dad756ac59a7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [6141c72bb6c5e74faa99b5a3c83c48b8]
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, , [5d45549e2d4ec96d4c8c8cc9768efe02],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, http://u-search.net/?a=1&e=1, , [5151d61c9eddf541c46d144ae61e738d]
Trojan.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://u-search.net/?a=1&e=1, , [663c92608af1999d2e583f0a62a134cc]
PUP.Optional.BabSolution.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NTRedirect, C:\WINDOWS\system32\rundll32.exe  "C:\Documents and Settings\Marta\Application Data\BabSolution\Shared\enhancedNT.dll",Run, , [c2e0db17abd049ed40772e2625df758b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [f3af5b978cefe452152e4711fa0a9967]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [c5ddb042601bc76f63e028309074639d]

Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://u-search.net/?a=1&e=1, Good: (http://www.google.com), Bad: (http://u-search.net/?a=1&e=1),,[4260589a1b602a0cdf81e027ca3b34cc]

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Bandoo, D:\Daniel\Downloads\iLividSetup-r1110-n-bf.exe, , [9012975bd9a2da5ccbafbc5fae53e917],
PUP.Optional.OneClickDownloader.A, C:\Downloads\StreamhuntAppsSetup(18_3f)3_ff.exe, , [911114de5f1cc4720ebf52d1758c7090],

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#20
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts
Looks like there was a lot of registry settings left over from past adware; we will remove those with a different tool and then scan with an online malware scanner.

OTLI.gifOTL

Download OTL to your Desktop.

XP users should double click on the OTL icon to run it. Make sure all other windows are closed and to let the tool run uninterrupted.

Note: The script text listed below is for this user / system only. Any other useage may lead to system damage and is not condoned or advised.

Please right click on the OTL file on your desktop and select Run as Administrator.

Copy the fix text in the code box below by clicking at the : in the left corner and dragging the mouse curser to the bottom past the ] in the last line, right click and select COPY.
Return to the OTL menu that is open, right click on the open box below Custom Scans/Fixes and select PASTE. If you did this properly, the first line in the Custom Scans/Fixes box should read :Commands and the last line should read [EMPTYTEMP] .

Click on the Run Fix button.

OTL will process the fix text, close the desktop, reboot your system and produce a log file named MMDDYYYY_hhmmss.log . If the log is not opened in Notepad after the system reboots, you can find the file in the C:\_OTL\MovedFiles directory. Please copy and paste the log file contents in a reply post here.

This is the code box with the Fix Text to copy =>
 
:Commands
[CREATERESTOREPOINT]

:Reg
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{494E6CEC-7483-A4EE-0938-895519A84BC7}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
[-HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311531136}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}]
[-HKLM\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_BARDISCOVER_SERVICE]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA]

[HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS]
"Tabs"=""

[HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN]
"NTRedirect"=-

[-HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]
[-HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER]

[HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN]
"Start Page"="http://www.google.com"


:Files
C:\Documents and Settings\Marta\Application Data\BabSolution
D:\Daniel\Downloads\iLividSetup-r1110-n-bf.exe
C:\Downloads\StreamhuntAppsSetup(18_3f)3_ff.exe

:commands
[EMPTYTEMP]


Please post the OTL fix result log here before moving onto the next step. This next step may take some time for the scan to finish (it can take a long time as it is very through in its scanning).


ESET Online Scanner:

Note: You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here. Also, please note that this scan can take a while to run.
  • Please go here to run the scan and click on Run ESET Online Scanner
  • abfacb96-0c99-4b59-b9e9-9298aa0ee3ec_zps
  • The next screen will be the ESET Online Scanner installer
  • Getinstallerpopup_zps569f8772.png
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer and select Save File
  • downloadsave_zpsb758563f.png
  • Save the file to your desktop; you should see a file like this when the download is finished
  • desktopfile_zps98a1ee89.png Double click on this to start the installation of the ESET Online Scanner
  • In the new window that appears select the option YES, I accept the Terms of Use then click on Start
  • TOU_zps4ecd3406.png
  • Now in the Computer scan settings window that appears:-
  • Make sure that the option Enable detection of potentially unwanted applications is selected.
  • Now click on Advanced Settings and configure the options as follows:
    • Remove found threats is Not checked
    • Scan archives is checked
    • Scan for potentially unsafe applications is checked
    • Enable Anti-Stealth Technology is checked
  • Now click on: Start
  • Loadsettings_2014-08-23_zps3f2d0c88.png
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • Downloadingsignatures_zps36c38587.png
  • When completed the Online Scan will begin automatically.
  • Scanningdisplay_zpsec3aac14.png
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed, if any malware was detected, the summary screen will show a warning.
  • Threatsfound_zpsfe95fb4e.png
  • On the Scan results detail window, select to Export to text file, name the file ESET scan results.txt and save it to your desktop.
  • Exporttotextfile_zps16cb487f.png
  • Click <<Back once the file is saved, select 'Uninstall application on close' and click on Finish.
  • UninstallcheckedandFinish_zps6fb26ad8.pn
  • Use Notepad to open the logfile you save on your desktop.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

#21
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

hi dbreeze

here is the OTL fix result log (next step: eset online scanner):

 

All processes killed
========== COMMANDS ==========
System Restore Service not available.
========== REGISTRY ==========
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{494E6CEC-7483-A4EE-0938-895519A84BC7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{494E6CEC-7483-A4EE-0938-895519A84BC7}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311531136}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311531136}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311531136}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4A02-9D20-520B59A9F9B2}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4A02-9D20-520B59A9F9B2}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4A02-9D20-520B59A9F9B3}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5428486-50A0-4A02-9D20-520B59A9F9B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_BARDISCOVER_SERVICE\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\ not found.
Unable to set value : HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS\\"Tabs"|"" /E!
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Registry key HKEY_USERS\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER\ not found.
Unable to set value : HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\\"Start Page"|"http://www.google.com" /E!
========== FILES ==========
File\Folder C:\Documents and Settings\Marta\Application Data\BabSolution not found.
D:\Daniel\Downloads\iLividSetup-r1110-n-bf.exe moved successfully.
C:\Downloads\StreamhuntAppsSetup(18_3f)3_ff.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Daniel
->Temp folder emptied: 5588383 bytes
->Temporary Internet Files folder emptied: 1605766 bytes
->Java cache emptied: 639380 bytes
->FireFox cache emptied: 369650368 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 17389358 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Duarte
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 137346 bytes
->FireFox cache emptied: 104362680 bytes
->Flash cache emptied: 18990 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33866 bytes
 
User: Marta
->Temp folder emptied: 358442 bytes
->Temporary Internet Files folder emptied: 487565 bytes
->Java cache emptied: 8749436 bytes
->FireFox cache emptied: 113976427 bytes
->Google Chrome cache emptied: 366318418 bytes
->Flash cache emptied: 203129 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Teresa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 345407 bytes
->FireFox cache emptied: 934796961 bytes
->Google Chrome cache emptied: 77475975 bytes
->Flash cache emptied: 18192 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 3052 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 142959 bytes
RecycleBin emptied: 1682911 bytes
 
Total Files Cleaned = 1.913,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10012014_230115

Files\Folders moved on Reboot...
C:\Documents and Settings\Marta\Definições locais\Temp\NGLATempNokia\Nokia Sans Wide Bold v3.1.ttf moved successfully.
C:\Documents and Settings\Marta\Definições locais\Temp\NGLALog.txt moved successfully.
File\Folder C:\Documents and Settings\Marta\Definições locais\Temp\~DF5104.tmp not found!
File\Folder C:\Documents and Settings\Marta\Definições locais\Temp\~DFCBE4.tmp not found!
File\Folder C:\Documents and Settings\Marta\Definições locais\Temporary Internet Files\Content.Word\~WRF0001.tmp not found!
File\Folder C:\Documents and Settings\Marta\Definições locais\Temporary Internet Files\Content.Word\~WRS0000.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 


  • 0

#22
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

here the ESET scan results log:

 

C:\AdwCleaner\Backup\C\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\prefs_16_09_2014_09_50_33.js    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\AdwCleaner\Backup\C\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\prefs_16_09_2014_10_15_42.js    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\AdwCleaner\Backup\C\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\prefs_24_09_2014_17_19_31.js    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\invalidprefs.js.vir    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\user.js.vir    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\ConduitEngine\ConduitEngin0.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\ConduitEngine\ConduitEngine.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\NCH\ldrtbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\NCH\tbNC0.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\NCH\tbNC1.dll.vir    a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Daniel\Definições locais\Application Data\NCH\tbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Application Data\BabSolution\Shared\BabMaint.exe.vir    Win32/Toolbar.Babylon.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Application Data\BabSolution\Shared\enhancedNT.dll.vir    a variant of Win32/Toolbar.Babylon.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Application Data\BabSolution\Shared\NTRedirect.dll.vir    Win32/Toolbar.Babylon.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Application Data\Mozilla\Firefox\Profiles\7xtkcsyh.default\Extensions\[email protected]\uninstall.exe.vir    Win32/Toolbar.Montiera.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Application Data\OpenCandy\4012EE04C21A49B4954295200EDBF6C6\DeltaTB.exe.vir    a variant of Win32/Toolbar.Babylon.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\Conduit\CT2117678\NCHAutoUpdaterHelper.exe.vir    a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\hk64tbNC0.dll.vir    Win64/Toolbar.Conduit.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\hktbNC0.dll.vir    Win32/Toolbar.Conduit.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\ldrtbNC0.dll.vir    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\ldrtbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\tbNC0.dll.vir    a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\tbNC1.dll.vir    a variant of Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Marta\Definições locais\Application Data\NCH\tbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Teresa\Definições locais\Application Data\ConduitEngine\ConduitEngine.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Teresa\Definições locais\Application Data\NCH\tbNC1.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Teresa\Definições locais\Application Data\NCH\tbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\Conduit\Community Alerts\Alert0.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\Conduit\Community Alerts\Alert1.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\FreeHDSport.TV\freehdsporttvIE.exe.vir    Win32/Packed.ScrambleWrapper.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\FreeHDSport.TV\LSextsetup.exe.vir    Win32/Packed.ScrambleWrapper.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\hk64tbNC0.dll.vir    Win64/Toolbar.Conduit.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\hktbNC0.dll.vir    Win32/Toolbar.Conduit.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\ldrtbNC0.dll.vir    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\ldrtbNC2.dll.vir    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\NCHToolbarHelper.exe.vir    Win32/Toolbar.Conduit.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\NCHToolbarHelper1.exe.vir    Win32/Toolbar.Conduit.V potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\prxtbNC0.dll.vir    Win32/Toolbar.Conduit.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\tbNC0.dll.vir    a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\tbNC1.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH\tbNCH.dll.vir    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH Software\VideoPad\uninst.exe.vir    a variant of Win32/Toolbar.Conduit.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH Software\VideoPad\videopad.exe.vir    a variant of Win32/Toolbar.Conduit.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Programas\NCH Software\VideoPad\vpsetup_v2.09.exe.vir    a variant of Win32/Toolbar.Conduit.I potentially unwanted application
C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\prefs.js    JS/SecurityDisabler.A.Gen potentially unwanted application
C:\Documents and Settings\Marta\Application Data\DVDVideoSoft\FreeYouTubeToMP3Converter.exe    Win32/OpenCandy potentially unsafe application
C:\Documents and Settings\Marta\Os meus documentos\Downloads\SoftonicDownloader_para_free-youtube-to-mp3-converter.exe    Win32/SoftonicDownloader.E potentially unwanted application
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio(1).exe    Win32/SoftonicDownloader.E potentially unwanted application
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio.exe    Win32/SoftonicDownloader.E potentially unwanted application
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_groovedown.exe    Win32/SoftonicDownloader.E potentially unwanted application
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hk64tbNC0.dll    Win64/Toolbar.Conduit.A potentially unwanted application
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hktbNC0.dll    Win32/Toolbar.Conduit.W potentially unwanted application
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\ldrtbNC2.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC0.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC2.dll    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Programas\Avira\AntiVir Desktop\ApnIC.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Programas\Avira\AntiVir Desktop\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Programas\Avira\AntiVir Desktop\ApnToolbarInstaller.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Programas\NCH Swift Sound\ExpressBurn\burnsetup_v4.37.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\Programas\NCH Swift Sound\ExpressBurn\expressburn.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\Programas\NCH Swift Sound\ExpressBurn\uninst.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\Programas\NCH Swift Sound\WavePad\uninst.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\Programas\NCH Swift Sound\WavePad\wavepad.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\Programas\NCH Swift Sound\WavePad\wpsetup_v4.43.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application
C:\_OTL\MovedFiles\10012014_230115\C_Downloads\StreamhuntAppsSetup(18_3f)3_ff.exe    Win32/AdWare.1ClickDownload.AT application
C:\_OTL\MovedFiles\10012014_230115\D_Daniel\Downloads\iLividSetup-r1110-n-bf.exe    a variant of Win32/iLivid.A potentially unwanted application
D:\Daniel\Transferências\OrbitDownloaderSetup.exe    Win32/OpenCandy potentially unsafe application
D:\Daniel\Transferências\SoftonicDownloader_for_free-video-cutter.exe    Win32/SoftonicDownloader.D potentially unwanted application
D:\Daniel\Transferências\SoftonicDownloader_for_vidcrop.exe    Win32/SoftonicDownloader.D potentially unwanted application
D:\Daniel\Transferências\SoftonicDownloader_para_free-file-recovery.exe    Win32/SoftonicDownloader.E potentially unwanted application
D:\Daniel\Transferências\SoftonicDownloader_para_freemp3get.exe    Win32/SoftonicDownloader.D potentially unwanted application
D:\Daniel\Transferências\SoftonicDownloader_para_pc-inspector-smart-recovery.exe    Win32/SoftonicDownloader.E potentially unwanted application
D:\Daniel\Transferências\SoftonicDownloader_para_simpleocr.exe    a variant of Win32/SoftonicDownloader.F potentially unwanted application
D:\Danielin\FreeStudio.exe    Win32/Toolbar.Conduit potentially unwanted application
D:\Danielin\CASA\Centtury21- Artéria- Restelo Ana Morgado- Rodrigues Cabrilho - [email protected] - Gmail_ficheiros\mo.js    JS/Kryptik.I trojan
D:\Danielin\DORIA\AVS Media Player.exe    MSIL/Solimba potentially unwanted application
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter.zip    Win32/InstallMonetizer.AF potentially unwanted application
D:\Danielin\Transferências\pstagesetup.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter\Pazera_Free_MOV_to_AVI_Converter.exe    Win32/InstallMonetizer.AF potentially unwanted application
D:\TRABALHOS 2012\le petit bazar\IObit_Uninstaller_downloader.exe    a variant of Win32/FreeNew.B potentially unwanted application
 


  • 0

#23
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

There may have been some permission errors / settings I missed in cleaning the malicious registry data that MalwareBytes Antimalware found. We will go back and clean them with MBAM.


Malwarebytes' Anti-Malware

  • Please Launch Malwarebytes' Anti-Malware from your desktop icon or the start menu item.
  • When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link
  • 2a308da4-c469-4a72-b86c-84c05ca1e6a6_zps
  • Once the program has loaded and updated, select "Scan Now >>" to start the scan.
  • 5f2fe168-2571-4c73-a1e8-945d5aae9e1e_zps
  • The scan may take some time to finish, so please be patient.
  • If any malware is found, make sure that everything is checked, and click Remove Selected.
  • When the scan is complete, click View detailed log >> to view the results.
  • 386d1e7f-0e85-4425-b4dc-fa8ad24a4855_zps
  • The report screen will open
  • a50e2fb7-0c07-4ff6-917c-19e7329dab8a_zps
  • At the bottom click on Export and select as txt file, save the file to your desktop and click OK. When the export is complete, select OPEN.
  • ExportSaved_zpsac3a71eb.png
  • The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
 


  • 0

#24
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

hi

i did the scan and i dont know what to do

please check your IM - i've sent a print screen of the scan

 

should i do something (action)???

 

here is the export log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03-10-2014
Scan Time: 16:24:26
Logfile: malware_log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.03.04
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 2
CPU: x86
File System: NTFS
User: Daniel

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 431768
Time Elapsed: 15 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 34
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}, , [76dae42c0a7288ae5adf863022e005fb],
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{494E6CEC-7483-A4EE-0938-895519A84BC7}, , [7dd39a76364643f3bf86e3d3e81aa25e],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [63edd43c0d6f67cfda3b890ed1316b95],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [63edd43c0d6f67cfda3b890ed1316b95],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311531136}, , [d47ccb452b514fe7f147ceff21e17f81],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}, , [d47ccb452b514fe7f147ceff21e17f81],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [64ece7293b4137ff49f3496be81a728e],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [64ece7293b4137ff49f3496be81a728e],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [331d54bc8af2300620676352976bae52],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [331d54bc8af2300620676352976bae52],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [ee6234dc59231f174109e6cea06206fa],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [ee6234dc59231f174109e6cea06206fa],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [47090b05a3d92b0b66e5ad0727db18e8],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [47090b05a3d92b0b66e5ad0727db18e8],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [5af6da363b418da90052c4ed6f94e020],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [8cc4060aadcf9c9a70e3bef345be8c74],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [024ead63413bef47ff69ee57c93aef11],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [cb8554bcd0acf93d075e44783cc7e31d],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir, , [9db38987c5b73501d40e4c0d5ba9926e],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [95bb927e3b41c076469d5405c53ff010],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [0c44d7394834e2544b9fd1880301cf31],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, , [f35d70a0a7d580b684fb2334f212d52b],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [044c30e06d0ff541918939e6fc072dd3],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [381856ba3d3f4de9cc162a076c97ea16],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [470955bbbcc0de58c290763bed16be42],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [e8686da3c5b7dc5ae172753c6e958779],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [dc744bc5adcfd75f95d315306e959a66],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [80d0d53b5824a88eda8b3b810df6bb45],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [fd537e92b0cc94a24f9bee6b1de73ac6],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [a2aef51b5428e056da8ee560f60d8080],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [6de362aed8a47cba7b6f0752798b2dd3],

Registry Values: 10
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [331d54bc8af2300620676352976bae52]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [331d54bc8af2300620676352976bae52]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [c090759bc5b7d4627116674e1be7768a],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [94bcf41c7705142288ff07ae4cb67d83],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [0c44d7394834e2544b9fd1880301cf31]
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, , [f35d70a0a7d580b684fb2334f212d52b],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, http://u-search.net/?a=1&e=1, , [0d43947cd3a96ec802d4dd8261a341bf]
Trojan.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://u-search.net/?a=1&e=1, , [80d09e72f983072f2b04c487e221b24e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [fd537e92b0cc94a24f9bee6b1de73ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [6de362aed8a47cba7b6f0752798b2dd3]

Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://u-search.net/?a=1&e=1, Good: (http://www.google.com), Bad: (http://u-search.net/?a=1&e=1),,[2d23759b07750c2a992d7c8da95ce21e]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#25
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts

I'm sorry; I should have changed my directions.  Once the scan is finished, you should be presented with a screen like this:

MBAMfoundMalwarescan_zpsafe36848.png
 

Once at this screen, ignore the directions in the picture (those were for just making a log) and click "Quarantine All" and then "Apply Actions".  This will remove all the malware found by MBAM.

 

Sorry for the confusion.


  • 0

Advertisements


#26
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03-10-2014
Scan Time: 16:24:26
Logfile: malware_log1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.03.04
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 2
CPU: x86
File System: NTFS
User: Daniel

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 431768
Time Elapsed: 15 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 34
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}, , [76dae42c0a7288ae5adf863022e005fb],
Backdoor.Bot, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\{494E6CEC-7483-A4EE-0938-895519A84BC7}, , [7dd39a76364643f3bf86e3d3e81aa25e],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [63edd43c0d6f67cfda3b890ed1316b95],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [63edd43c0d6f67cfda3b890ed1316b95],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6de3f917e5970f27302f8d0abe44fb05],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311531136}, , [d47ccb452b514fe7f147ceff21e17f81],
PUP.Optional.FreeHDSport.A, HKU\S-1-5-21-1060284298-764733703-725345543-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311531136}, , [d47ccb452b514fe7f147ceff21e17f81],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [64ece7293b4137ff49f3496be81a728e],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{100EB1FD-D03E-47FD-81F3-EE91287F9465}, , [64ece7293b4137ff49f3496be81a728e],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [331d54bc8af2300620676352976bae52],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [331d54bc8af2300620676352976bae52],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [ee6234dc59231f174109e6cea06206fa],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B2}, , [ee6234dc59231f174109e6cea06206fa],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [47090b05a3d92b0b66e5ad0727db18e8],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C5428486-50A0-4A02-9D20-520B59A9F9B3}, , [47090b05a3d92b0b66e5ad0727db18e8],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [5af6da363b418da90052c4ed6f94e020],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [8cc4060aadcf9c9a70e3bef345be8c74],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [024ead63413bef47ff69ee57c93aef11],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [cb8554bcd0acf93d075e44783cc7e31d],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir, , [9db38987c5b73501d40e4c0d5ba9926e],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [95bb927e3b41c076469d5405c53ff010],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [0c44d7394834e2544b9fd1880301cf31],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, , [f35d70a0a7d580b684fb2334f212d52b],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [044c30e06d0ff541918939e6fc072dd3],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [381856ba3d3f4de9cc162a076c97ea16],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Hotbar, , [470955bbbcc0de58c290763bed16be42],
Adware.Hotbar, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\hotbarsa, , [e8686da3c5b7dc5ae172753c6e958779],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [dc744bc5adcfd75f95d315306e959a66],
Adware.ShopperReports, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ShoppingReport, , [80d0d53b5824a88eda8b3b810df6bb45],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [fd537e92b0cc94a24f9bee6b1de73ac6],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-2.2, , [a2aef51b5428e056da8ee560f60d8080],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [6de362aed8a47cba7b6f0752798b2dd3],

Registry Values: 10
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [331d54bc8af2300620676352976bae52]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, a·¸Â+Ã?¬H»à¼Ã?:Ââ?º;, , [331d54bc8af2300620676352976bae52]
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [c090759bc5b7d4627116674e1be7768a],
Adware.Zango, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}, , [94bcf41c7705142288ff07ae4cb67d83],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [0c44d7394834e2544b9fd1880301cf31]
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, , [f35d70a0a7d580b684fb2334f212d52b],
PUP.Optional.Delta.A, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, http://u-search.net/?a=1&e=1, , [0d43947cd3a96ec802d4dd8261a341bf]
Trojan.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://u-search.net/?a=1&e=1, , [80d09e72f983072f2b04c487e221b24e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [fd537e92b0cc94a24f9bee6b1de73ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1060284298-764733703-725345543-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 4d52bebaac01989a140444e133b05a5c, , [6de362aed8a47cba7b6f0752798b2dd3]

Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-1060284298-764733703-725345543-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://u-search.net/?a=1&e=1, Good: (http://www.google.com), Bad: (http://u-search.net/?a=1&e=1),,[2d23759b07750c2a992d7c8da95ce21e]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#27
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts
Did you tell MalwareBytes Antimalware to Quarantine / Remove the detected malware?
  • 0

#28
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Yes I did
  • 0

#29
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,213 posts
Alright danix22, that's great news. :spoton: Let's let FRST clean out the malware files ESET found and get a fresh FRST scan on the system.

FRST Fixlist script run >>>>

Download attached fixlist.txt file and save it to the Desktop. Attached File  Fixlist.txt   1.97KB   39 downloads

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


Fresh FRST scan >>>>
  • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Allow the update process to happen if the program informs you there is an update.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
Security Check scan >>>>
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Items I need to see next >>>>
  • The Fixlog.txt log file.
  • The fresh FRST scan log.
  • The checkup.txt log from SecurityCheck scan.
  • How is your system running now?
  • Any questions you may have.

  • 0

#30
danix22

danix22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-10-2014 01
Ran by Daniel at 2014-10-08 20:32:38 Run:2
Running from C:\Documents and Settings\Daniel\Ambiente de trabalho
Loaded Profiles: Marta & Daniel (Available profiles: Marta & Teresa & Daniel & Duarte)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
C:\Documents and Settings\Marta\Application Data\DVDVideoSoft\FreeYouTubeToMP3Converter.exe
C:\Documents and Settings\Marta\Os meus documentos\Downloads\SoftonicDownloader_para_free-youtube-to-mp3-converter.exe
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio(1).exe
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio.exe
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_groovedown.exe
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hk64tbNC0.dll
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hktbNC0.dll
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\ldrtbNC2.dll
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC0.dll
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC2.dll
D:\Daniel\Transferências\OrbitDownloaderSetup.exe
D:\Daniel\Transferências\SoftonicDownloader_for_free-video-cutter.exe
D:\Daniel\Transferências\SoftonicDownloader_for_vidcrop.exe
D:\Daniel\Transferências\SoftonicDownloader_para_free-file-recovery.exe
D:\Daniel\Transferências\SoftonicDownloader_para_freemp3get.exe
D:\Daniel\Transferências\SoftonicDownloader_para_pc-inspector-smart-recovery.exe
D:\Daniel\Transferências\SoftonicDownloader_para_simpleocr.exe
D:\Danielin\FreeStudio.exe
D:\Danielin\CASA\Centtury21- Artéria- Restelo Ana Morgado- Rodrigues Cabrilho - [email protected] - Gmail_ficheiros\mo.js
D:\Danielin\DORIA\AVS Media Player.exe
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter.zip
D:\Danielin\Transferências\pstagesetup.exe
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter\Pazera_Free_MOV_to_AVI_Converter.exe
D:\TRABALHOS 2012\le petit bazar\IObit_Uninstaller_downloader.exe
EmptyTemp:
end

*****************

Processes closed successfully.
C:\Documents and Settings\Marta\Application Data\DVDVideoSoft\FreeYouTubeToMP3Converter.exe => Moved successfully.
C:\Documents and Settings\Marta\Os meus documentos\Downloads\SoftonicDownloader_para_free-youtube-to-mp3-converter.exe => Moved successfully.
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio(1).exe => Moved successfully.
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_camtasia-studio.exe => Moved successfully.
C:\Documents and Settings\Marta\Os meus documentos\Transferências\SoftonicDownloader_para_groovedown.exe => Moved successfully.
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hk64tbNC0.dll => Moved successfully.
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\hktbNC0.dll => Moved successfully.
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\ldrtbNC2.dll => Moved successfully.
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC0.dll => Moved successfully.
C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH\tbNC2.dll => Moved successfully.
D:\Daniel\Transferências\OrbitDownloaderSetup.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_for_free-video-cutter.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_for_vidcrop.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_para_free-file-recovery.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_para_freemp3get.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_para_pc-inspector-smart-recovery.exe => Moved successfully.
D:\Daniel\Transferências\SoftonicDownloader_para_simpleocr.exe => Moved successfully.
D:\Danielin\FreeStudio.exe => Moved successfully.
D:\Danielin\CASA\Centtury21- Artéria- Restelo Ana Morgado- Rodrigues Cabrilho - [email protected] - Gmail_ficheiros\mo.js => Moved successfully.
D:\Danielin\DORIA\AVS Media Player.exe => Moved successfully.
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter.zip => Moved successfully.
D:\Danielin\Transferências\pstagesetup.exe => Moved successfully.
D:\Danielin\Transferências\Pazera_Free_MOV_to_AVI_Converter\Pazera_Free_MOV_to_AVI_Converter.exe => Moved successfully.
D:\TRABALHOS 2012\le petit bazar\IObit_Uninstaller_downloader.exe => Moved successfully.
 

 

I run the FRST scan but not "as an administrator" because something went wrong and the FRST felt down anytime i tried.

 

here is the  log file of the scan result (double cliked the FRST icon for run the program)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01
Ran by Daniel (administrator) on V3G33 on 08-10-2014 21:46:00
Running from C:\Documents and Settings\Daniel\Ambiente de trabalho
Loaded Profile: Daniel (Available profiles: Marta & Teresa & Daniel & Duarte)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: Português (Portugal)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira GmbH) C:\Programas\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Programas\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira GmbH) C:\Programas\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Programas\Ficheiros comuns\LogiShrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Programas\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programas\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
(Protexis Inc.) C:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TuneUp Software) C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Malwarebytes Corporation) C:\Programas\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Avira GmbH) C:\Programas\Avira\AntiVir Desktop\avgnt.exe
(Sony) C:\Programas\Sony\Sony PC Companion\PCCompanion.exe
(Adobe Systems Incorporated) C:\Programas\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
(Hewlett-Packard) C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
() C:\Programas\Sony\Sony PC Companion\PCCompanionInfo.exe
(Dropbox, Inc.) C:\Documents and Settings\Daniel\Application Data\Dropbox\bin\Dropbox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16116224 2007-01-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] => C:\Programas\Avira\AntiVir Desktop\avgnt.exe [281768 2010-11-03] (Avira GmbH)
HKLM\...\Run: [Adobe ARM] => C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-1060284298-764733703-725345543-1008\...\Run: [Sony PC Companion] => C:\Programas\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
IFEO: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\acad.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\aclauncher.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\acsignapply.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\admigrator.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\adrefman.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\dwgcheckstandards.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\expressburn.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\expressviewer.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\googleearth.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\hpohmr08.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\javaw.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\javaws.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\pc3exe.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\photoproduct.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\plu26.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\presentationhost.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\softwareupdate.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\styexe.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\videopad.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\wavepad.exe: [Debugger] "C:\Programas\TuneUp Utilities 2012\TUAutoReactivator32.exe"
Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\WINDOWS\Installer\{AC76BA86-1034-4700-7760-000000000002}\SC_Acrobat.exe ()
Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\hp psc 1000 series.lnk
ShortcutTarget: hp psc 1000 series.lnk -> C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\hpoddt01.exe.lnk
ShortcutTarget: hpoddt01.exe.lnk -> C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Documents and Settings\Daniel\Menu Iniciar\Programas\Arranque\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Daniel\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
BHO: Facilitador de Leitor de Link Adobe PDF -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Programas\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {3B1E1AB9-98C2-4B7E-AE01-59C84302BBDB} http://update.rayv.c...rayvactivex.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programas\Ficheiros comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programas\Ficheiros comuns\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Rotina de controlo exec de URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8501760 2008-07-03] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll [294400 2007-02-05] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programas\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programas\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Programas\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programas\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Programas\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=2.5 -> C:\Programas\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Programas\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programas\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programas\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.16 -> C:\Programas\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Programas\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Programas\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Daniel\Definições locais\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programas\mozilla firefox\plugins\npuuseep.dll ( )
FF SearchPlugin: C:\Programas\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Programas\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Programas\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Programas\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\mfw8iwaf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-22]

Chrome:
=======
CHR CustomProfile: C:\Documents and Settings\Daniel\Definições locais\Application Data\Google\Chrome\User Data\Default
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Marta\Definições locais\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2007-10-25] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Programas\Avira\AntiVir Desktop\sched.exe [136360 2011-05-15] (Avira GmbH)
R2 AntiVirService; C:\Programas\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-01] (Avira GmbH)
R2 Apple Mobile Device; C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624 2013-09-07] (Apple Inc.)
S4 Autodesk Licensing Service; C:\Programas\Ficheiros comuns\Autodesk Shared\Service\AdskScSrv.exe [85096 2007-10-25] (Autodesk)
S3 fsssvc; C:\Programas\Windows Live\Family Safety\fsssvc.exe [704864 2009-08-05] (Microsoft Corporation)
S2 gupdate; C:\Programas\Google\Update\GoogleUpdate.exe [135664 2010-02-01] (Google Inc.)
S3 gupdatem; C:\Programas\Google\Update\GoogleUpdate.exe [135664 2010-02-01] (Google Inc.)
S3 gusvc; C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-10-04] (Google)
S3 iPod Service; C:\Programas\iPod\bin\iPodService.exe [553288 2013-11-02] (Apple Inc.)
S4 JavaQuickStarterService; C:\Programas\Java\jre7\bin\jqs.exe [161768 2012-10-22] (Oracle Corporation)
R2 LightScribeService; C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 LVPrcSrv; C:\Programas\Ficheiros comuns\Logishrd\LVMVFM\LVPrcSrv.exe [162648 2010-05-07] (Logitech Inc.)
R2 MBAMScheduler; C:\Programas\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Programas\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Programas\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 MDM; C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-09-27] (Mozilla Foundation)
S4 NMIndexingService; C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [File not signed]
S3 ose; C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe [189728 2009-07-24] (Protexis Inc.)
R2 SeaPort; C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656 2009-01-14] (Microsoft Corp.)
S3 ServiceLayer; C:\Programas\PC Connectivity Solution\ServiceLayer.exe [724376 2012-06-11] (Nokia)
S3 Sony PC Companion; C:\Programas\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 TuneUp.UtilitiesSvc; C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529656 2013-12-11] (TuneUp Software)
S3 WMPNetworkSvc; C:\Programas\Windows Media Player\WMPNetwk.exe [915968 2007-01-05] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2004-08-04] (Microsoft Corporation)
S3 AN983; C:\WINDOWS\System32\DRIVERS\AN983.sys [36224 2004-08-03] (ADMtek Incorporated.)
R1 avgio; C:\Programas\Avira\AntiVir Desktop\avgio.sys [11608 2009-05-11] (Avira GmbH)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [66616 2011-07-01] (Avira GmbH)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [138192 2011-07-01] (Avira GmbH)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation)
S1 Changer; C:\WINDOWS\system32\Drivers\Changer.sys [8192 2004-08-04] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
S1 lbrtfdc; C:\WINDOWS\system32\Drivers\lbrtfdc.sys [34688 2004-08-03] (Toshiba Corp.)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2011-08-02] (Apple Inc.) [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Programas\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2013-10-15] (TuneUp Software)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [248832 2006-07-26] (Marvell)
S3 ZSMC301b; C:\WINDOWS\System32\Drivers\usbVM31b.sys [93351 2004-11-10] (VM)
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 20:32 - 2014-10-08 20:32 - 00000000 ____D () C:\Documents and Settings\Daniel\Ambiente de trabalho\FRST-OlderVersion
2014-10-08 20:30 - 2014-10-08 20:30 - 00002015 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\Fixlist.txt
2014-10-02 01:20 - 2014-10-02 01:20 - 00012321 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\ESET scan results.txt
2014-10-01 23:16 - 2014-10-01 23:16 - 00000000 ____D () C:\Programas\ESET
2014-10-01 23:15 - 2014-10-01 23:15 - 02347384 _____ (ESET) C:\Documents and Settings\Daniel\Ambiente de trabalho\esetsmartinstaller_enu.exe
2014-10-01 23:01 - 2014-10-01 23:01 - 00000000 ____D () C:\_OTL
2014-10-01 22:54 - 2014-10-01 22:54 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Daniel\Ambiente de trabalho\OTL.exe
2014-09-28 01:40 - 2014-09-28 01:37 - 00031124 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\1.xml
2014-09-28 01:38 - 2014-09-28 01:38 - 00011574 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\a.txt
2014-09-27 16:51 - 2014-09-27 16:52 - 00000000 ____D () C:\Programas\Mozilla Firefox
2014-09-27 16:38 - 2014-10-08 21:42 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-27 16:37 - 2014-09-27 16:37 - 00000749 _____ () C:\Documents and Settings\All Users\Ambiente de trabalho\Malwarebytes Anti-Malware.lnk
2014-09-27 16:37 - 2014-09-27 16:37 - 00000000 ____D () C:\Programas\Malwarebytes Anti-Malware
2014-09-27 16:37 - 2014-09-27 16:37 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes Anti-Malware
2014-09-27 16:37 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-27 16:37 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-27 16:36 - 2014-09-27 16:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Daniel\Ambiente de trabalho\mbam-setup-2.0.2.1012.exe
2014-09-24 17:24 - 2014-09-24 17:24 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Daniel\Ambiente de trabalho\tdsskiller.exe
2014-09-22 23:20 - 2014-09-22 23:20 - 00081920 _____ () C:\WINDOWS\Minidump\Mini092214-01.dmp
2014-09-22 16:49 - 2014-09-22 16:49 - 01373475 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\AdwCleaner.exe
2014-09-22 14:52 - 2014-09-22 23:11 - 00002544 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\aswMBR.txt
2014-09-22 14:52 - 2014-09-22 23:11 - 00000512 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\MBR.dat
2014-09-22 13:52 - 2014-09-22 13:52 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Daniel\Ambiente de trabalho\aswmbr.exe
2014-09-19 16:46 - 2014-09-19 16:46 - 00001703 _____ () C:\Documents and Settings\All Users\Ambiente de trabalho\Sony PC Companion 2.1.lnk
2014-09-19 16:45 - 2014-09-19 16:45 - 00000000 ___RD () C:\Documents and Settings\LocalService\Os meus documentos
2014-09-18 09:13 - 2014-09-18 09:13 - 00033512 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-09-18 09:13 - 2014-09-18 09:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-09-18 09:12 - 2014-09-18 09:12 - 04859480 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\RogueKiller.exe
2014-09-16 17:04 - 2014-09-16 17:04 - 00064672 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\Addition.txt
2014-09-16 17:03 - 2014-10-08 21:46 - 00021589 _____ () C:\Documents and Settings\Daniel\Ambiente de trabalho\FRST.txt
2014-09-16 17:00 - 2014-10-08 21:46 - 00000000 ____D () C:\FRST
2014-09-16 16:57 - 2014-10-08 20:32 - 01101312 _____ (Farbar) C:\Documents and Settings\Daniel\Ambiente de trabalho\FRST.exe
2014-09-16 09:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-16 09:46 - 2014-09-27 16:35 - 00000000 ____D () C:\AdwCleaner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 21:46 - 2007-10-26 18:59 - 00000000 ____D () C:\Documents and Settings\Daniel\Definições locais\Temp
2014-10-08 21:46 - 2007-10-26 18:59 - 00000000 ____D () C:\Documents and Settings\Daniel\Ambiente de trabalho
2014-10-08 21:43 - 2014-03-28 12:26 - 00000000 ____D () C:\Documents and Settings\Daniel\Application Data\Dropbox
2014-10-08 21:41 - 2010-03-18 00:28 - 00000984 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cac6298a8c8d4a.job
2014-10-08 21:41 - 2004-08-04 13:00 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-08 21:40 - 2007-10-25 17:33 - 01573575 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-08 21:38 - 2011-01-10 23:49 - 00000000 ____D () C:\WINDOWS\system32\logishrd
2014-10-08 21:38 - 2007-10-25 18:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-10-08 21:38 - 2007-10-25 18:26 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-10-08 21:38 - 2007-10-25 17:40 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-08 21:38 - 2007-10-25 17:40 - 00000000 __SHD () C:\Documents and Settings\LocalService\Definições locais\Histórico
2014-10-08 21:37 - 2012-04-22 20:15 - 00131072 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-10-08 21:37 - 2007-10-26 19:00 - 00000294 ___SH () C:\Documents and Settings\Marta\ntuser.ini
2014-10-08 21:37 - 2007-10-26 19:00 - 00000000 ____D () C:\Documents and Settings\Marta
2014-10-08 21:37 - 2007-10-26 18:59 - 00000294 ___SH () C:\Documents and Settings\Daniel\ntuser.ini
2014-10-08 21:37 - 2007-10-25 17:40 - 00032420 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-08 21:33 - 2012-07-14 08:18 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-08 21:28 - 2010-02-01 21:07 - 00000988 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 20:32 - 2013-08-01 19:34 - 00000000 ____D () C:\Documents and Settings\Marta\Application Data\DVDVideoSoft
2014-10-08 20:32 - 2010-11-25 23:27 - 00000000 ____D () C:\Documents and Settings\NetworkService\Definições locais\Application Data\NCH
2014-10-08 20:32 - 2007-10-26 19:00 - 00000000 ____D () C:\Documents and Settings\Marta\Definições locais\Temp
2014-10-08 19:58 - 2014-02-06 20:46 - 00082961 _____ () C:\WINDOWS\setupapi.log
2014-10-03 21:54 - 2007-10-26 18:59 - 00000000 ____D () C:\Documents and Settings\Daniel
2014-10-03 16:12 - 2008-06-15 16:59 - 00000294 ___SH () C:\Documents and Settings\Duarte\ntuser.ini
2014-10-03 16:10 - 2008-06-15 16:59 - 00000000 ____D () C:\Documents and Settings\Duarte\Definições locais\Temp
2014-10-03 15:58 - 2008-06-15 16:59 - 00000000 __SHD () C:\Documents and Settings\Duarte\Definições locais\Histórico
2014-10-01 23:16 - 2007-10-25 18:23 - 00000000 ___RD () C:\Programas
2014-10-01 23:07 - 2012-04-28 11:16 - 00000000 ____D () C:\Programas\Mozilla Maintenance Service
2014-10-01 21:36 - 2007-10-26 19:00 - 00000000 ___RD () C:\Documents and Settings\Marta\Os meus documentos
2014-09-28 12:28 - 2010-08-24 19:09 - 00002307 _____ () C:\Documents and Settings\Marta\Ambiente de trabalho\Google Chrome.lnk
2014-09-28 12:15 - 2012-03-20 21:18 - 00002527 _____ () C:\Documents and Settings\Marta\Ambiente de trabalho\Microsoft Office Word 2003.lnk
2014-09-27 17:34 - 2007-10-26 18:59 - 00000000 ___RD () C:\Documents and Settings\Daniel\Menu Iniciar
2014-09-27 16:37 - 2010-06-01 18:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-09-27 16:37 - 2007-10-25 18:23 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar\Programas
2014-09-27 16:37 - 2007-10-25 18:23 - 00000000 ____D () C:\Documents and Settings\All Users\Ambiente de trabalho
2014-09-24 11:30 - 2014-05-09 14:39 - 00000000 ____D () C:\Programas\Firestorm-Release
2014-09-24 11:28 - 2014-05-09 14:41 - 00000000 ____D () C:\Documents and Settings\Daniel\Definições locais\Application Data\Firestorm
2014-09-22 23:20 - 2007-12-14 23:54 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-22 13:48 - 2007-10-26 18:59 - 00000000 ___RD () C:\Documents and Settings\Daniel\Menu Iniciar\Programas\Arranque
2014-09-22 13:46 - 2014-03-28 12:27 - 00000000 ____D () C:\Documents and Settings\Daniel\Menu Iniciar\Programas\Dropbox
2014-09-19 16:46 - 2014-07-15 17:12 - 00465258 _____ () C:\WINDOWS\DPINST.LOG
2014-09-19 16:46 - 2010-07-01 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Sony
2014-09-19 16:45 - 2007-10-25 18:19 - 00000000 ___HD () C:\Programas\InstallShield Installation Information
2014-09-19 16:45 - 2007-10-25 17:40 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-19 16:42 - 2007-10-26 19:00 - 00000000 __SHD () C:\Documents and Settings\Marta\Definições locais\Histórico
2014-09-19 12:51 - 2014-03-28 18:30 - 00000000 ____D () C:\Documents and Settings\Daniel\Application Data\Spotify
2014-09-19 12:47 - 2014-03-28 18:31 - 00000000 ____D () C:\Documents and Settings\Daniel\Definições locais\Application Data\Spotify
2014-09-18 21:18 - 2008-06-15 16:59 - 00000000 ___RD () C:\Documents and Settings\Duarte\Os meus documentos
2014-09-18 09:10 - 2010-12-08 19:18 - 00000000 ___RD () C:\Programas\Skype
2014-09-18 09:10 - 2007-12-14 19:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-09-18 09:10 - 2007-10-25 18:23 - 00000000 ____D () C:\Programas\Ficheiros comuns
2014-09-17 23:16 - 2007-10-26 18:59 - 00000000 __SHD () C:\Documents and Settings\Daniel\Definições locais\Histórico
2014-09-17 23:14 - 2007-10-26 19:04 - 00000000 __SHD () C:\Documents and Settings\Teresa\Definições locais\Histórico
2014-09-17 23:13 - 2007-10-26 19:04 - 00000000 ____D () C:\Documents and Settings\Teresa\Definições locais\Temp
2014-09-17 23:13 - 2007-10-25 18:23 - 00000000 __SHD () C:\Documents and Settings\Default User\Definições locais\Histórico
2014-09-17 23:13 - 2007-10-25 17:36 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Definições locais\Histórico
2014-09-17 23:06 - 2007-10-25 18:23 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar
2014-09-17 12:25 - 2010-10-24 00:02 - 00000000 ____D () C:\Documents and Settings\Daniel\Ambiente de trabalho\Atalhos do ambiente de trabalho não utilizados
2014-09-16 18:09 - 2014-04-09 19:47 - 00864848 _____ () C:\Documents and Settings\LocalService\Definições locais\Application Data\FontCache3.0.0.0.dat
2014-09-16 17:47 - 2007-12-14 19:15 - 00000000 ____D () C:\Documents and Settings\Daniel\Application Data\Skype
2014-09-16 09:50 - 2007-10-26 18:59 - 00000727 _____ () C:\Documents and Settings\Daniel\Menu Iniciar\Programas\Internet Explorer.lnk
2014-09-16 09:50 - 2007-10-26 18:59 - 00000000 ___RD () C:\Documents and Settings\Daniel\Menu Iniciar\Programas
2014-09-10 12:34 - 2012-05-15 22:25 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-10 12:34 - 2011-11-10 23:37 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\Documents and Settings\Marta\hpothb07.dat


Some content of TEMP:
====================
C:\Documents and Settings\Daniel\Definições locais\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9aapho.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe
[2004-08-04 13:00] - [2007-10-25 19:31] - 0505344 ____A (Microsoft Corporation) 410f13a4657b9c1f096b474e4031c293     

C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP