sean1604
-
Posts
51 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by sean1604
-
-
5. GMER
Too big to post, please find attached
-
Hi Blackbird, thanks for the help. Logs below;
1 (DeFogger):
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:46 on 03/01/2015 (Sean)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=-
2. (AdwCleaner)
# AdwCleaner v4.106 - Report created 03/01/2015 at 13:48:49
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sean - SEAN-PC
# Running from : C:\Users\Sean\Desktop\adwcleaner_4.106.exe
# Option : Scan
***** [ Services ] *****
Service Found : HssSrv
Service Found : hsswd
***** [ Files / Folders ] *****
Folder Found : C:\hotspot shield
Folder Found : C:\Program Files (x86)\hotspot shield
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found : C:\ProgramData\StarApp
Folder Found : C:\Users\Sean\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpckgflgdapkpabemgkielbefdildaio
Folder Found : C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\4fba2f0a1f13d@4fba2f0a1f178.info
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG Nation toolbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\kpckgflgdapkpabemgkielbefdildaio
Key Found : HKCU\Software\hotspotshield
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\OCS
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\AVG Nation toolbar
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\hotspotshield
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\OCS
Key Found : HKLM\SOFTWARE\AVG Nation toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKLM\SOFTWARE\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [magicplayer@torrentstream.org]
***** [ Browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
[7r92u0ic.default] - Line Found : user_pref("extensions.4fba2f0a1f1ed.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
-\\ Google Chrome v39.0.2171.95
[C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : kpckgflgdapkpabemgkielbefdildaio
-\\ Chromium v
-\\ Comodo Dragon v15.0
*************************
AdwCleaner[R0].txt - [4203 octets] - [03/01/2015 13:48:49]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4263 octets] ##########
3. (MBAM)
The log didn't seem to save and was blank, there was 6 PUP's as show in this picture:
4 a. (FRST)
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 02
Ran by Sean (administrator) on SEAN-PC on 03-01-2015 15:43:27
Running from C:\Users\Sean\Desktop
Loaded Profile: Sean (Available profiles: Sean)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics Co., Ltd.) D:\Programme Folder (2)\Kies\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Spotify Ltd) C:\Users\Sean\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-07] (COMODO)
HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-11-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [atr.exe] => [X]
HKLM-x32\...\Run: [AnySync] => D:\Programme Folder (2)\AnyTime Organizer\SyncLauncher.exe [41984 2011-03-21] (iAnywhere Solutions, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\Programme Folder (2)\Kies\Kies\KiesTrayAgent.exe [311616 2014-12-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [steam] => D:\Programme Folder (2)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [EADM] => D:\Programme Folder (2)\Origin\Origin.exe [3588952 2014-03-11] (Electronic Arts)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [] => D:\Programme Folder (2)\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [spotify Web Helper] => C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-03] (Spotify Ltd)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\MountPoints2: {2fbc33c5-49de-11e1-b3ac-806e6f6e6963} - D:\Launch.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-07] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-07] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [s-1-5-21-3921608650-3821936656-1871749345-1000] => http://clientconfig.immunicity.org/pacs/all.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-3921608650-3821936656-1871749345-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{911C9907-5394-4444-B1EB-A6DB89251C9C}: [NameServer] 192.168.0.1,192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default
FF Homepage: hxxp://www.google.co.uk/
FF NetworkProxy: "autoconfig_url", "http://clientconfig.immunicity.org/pacs/all.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> D:\Programme Folder (2)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Programme Folder (2)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: @acestream.net/acestreamplugin,version=2.1.7.2 -> C:\Users\Sean\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sean\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\searchplugins\talktalk-search.xml
FF Extension: wxDfast - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\4fba2f0a1f13d@4fba2f0a1f178.info [2012-05-21]
FF Extension: DownloadHelper - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Add Google Search To New Tab Page - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\newtabgoogle@graememcc.co.uk.xpi [2013-05-06]
FF Extension: Adblock Plus - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-02-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-13]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5 [2012-01-30]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2013-10-19]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Magic Player) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpckgflgdapkpabemgkielbefdildaio [2013-12-26]
CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-26]
CHR HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Chrome\Extension: [kpckgflgdapkpabemgkielbefdildaio] - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\chrome_new\magicplayer.crx [2013-10-10]
CHR HKLM-x32\...\Chrome\Extension: [fgnbbmjplnjojimmnihieecplmnhgfem] - C:\ProgramData\wxDfast\fgnbbmjplnjojimmnihieecplmnhgfem.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-07] (COMODO)
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [329544 2012-01-04] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-15] (Avira GmbH)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-07] (COMODO)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-02] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-29] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-07] (COMODO)
U0 ljvhffru; C:\Windows\System32\drivers\mjlr.sys [79064 2015-01-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-01-03] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 15:43 - 2015-01-03 15:43 - 00020086 _____ () C:\Users\Sean\Desktop\FRST.txt
2015-01-03 15:40 - 2015-01-03 15:40 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mjlr.sys
2015-01-03 13:50 - 2015-01-03 13:50 - 00004379 _____ () C:\Users\Sean\Desktop\AdwCleaner[R0].txt
2015-01-03 13:48 - 2015-01-03 13:49 - 00000000 ____D () C:\AdwCleaner
2015-01-03 13:47 - 2015-01-03 13:47 - 02173952 _____ () C:\Users\Sean\Desktop\adwcleaner_4.106.exe
2015-01-03 13:46 - 2015-01-03 13:46 - 00000540 _____ () C:\Users\Sean\Desktop\defogger_disable.log
2015-01-03 13:46 - 2015-01-03 13:46 - 00000168 _____ () C:\Users\Sean\defogger_reenable
2015-01-03 13:45 - 2015-01-03 13:45 - 00050477 _____ () C:\Users\Sean\Desktop\Defogger.exe
2015-01-03 11:04 - 2015-01-03 15:43 - 00000000 ____D () C:\FRST
2015-01-03 10:59 - 2015-01-03 15:43 - 02123776 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
2015-01-03 10:54 - 2015-01-03 11:11 - 00001988 _____ () C:\Windows\PFRO.log
2015-01-03 00:30 - 2015-01-03 11:11 - 00000168 _____ () C:\Windows\setupact.log
2015-01-03 00:30 - 2015-01-03 00:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 19:10 - 2015-01-02 19:10 - 00000000 ____D () C:\Users\Sean\Documents\SelfMV
2015-01-02 19:09 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-01-02 18:42 - 2015-01-02 18:42 - 00000000 ____D () C:\Users\Sean\Desktop\Odin307
2015-01-02 18:41 - 2015-01-02 18:41 - 01207012 _____ () C:\Users\Sean\Downloads\Odin307.zip
2015-01-02 16:17 - 2015-01-02 16:17 - 00974821 _____ () C:\Users\Sean\Downloads\Odin-3.10.0.zip
2015-01-02 15:42 - 2015-01-02 15:43 - 00000000 ____D () C:\Users\Sean\Documents\carbon
2015-01-02 13:54 - 2015-01-02 13:54 - 00000000 ____D () C:\Users\Sean\.android
2015-01-02 13:53 - 2015-01-02 13:53 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2015-01-02 13:53 - 2015-01-02 13:53 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2015-01-02 13:51 - 2015-01-02 13:51 - 11060224 _____ () C:\Users\Sean\Downloads\CarbonSetup.msi
2014-12-21 15:00 - 2014-12-21 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 16:42 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-14 16:42 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-14 16:42 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-14 16:42 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-14 16:42 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-14 16:42 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-14 16:42 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-14 16:42 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-14 16:42 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-14 16:42 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-14 16:00 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-14 16:00 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-14 16:00 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-14 16:00 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-14 16:00 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-14 16:00 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-14 16:00 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-14 16:00 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-14 16:00 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-14 16:00 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-14 16:00 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 22:39 - 2014-06-16 06:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 15:43 - 2012-08-08 16:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-03 15:42 - 2013-04-15 19:19 - 00000000 ____D () C:\Users\Sean\AppData\Local\CrashDumps
2015-01-03 15:40 - 2012-03-31 23:11 - 00000000 ____D () C:\Program Files (x86)\Vuze
2015-01-03 15:40 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2015-01-03 15:38 - 2012-03-26 08:47 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Spotify
2015-01-03 14:49 - 2014-11-22 00:18 - 00000000 ____D () C:\Users\Sean\Desktop\Football Manager 2015
2015-01-03 14:38 - 2014-11-10 23:10 - 01598868 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 14:35 - 2013-09-02 20:50 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-01-03 13:51 - 2014-09-22 21:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 13:46 - 2012-01-28 18:35 - 00000000 ____D () C:\Users\Sean
2015-01-03 11:46 - 2012-01-28 20:29 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\vlc
2015-01-03 11:18 - 2009-07-14 04:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 11:18 - 2009-07-14 04:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-03 11:15 - 2009-07-14 05:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 11:11 - 2013-12-26 13:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 11:11 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 10:58 - 2014-09-22 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-03 10:58 - 2014-09-22 21:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-03 00:42 - 2012-03-31 23:11 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Azureus
2015-01-03 00:30 - 2014-02-13 00:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-02 20:03 - 2012-02-05 19:45 - 00000000 ____D () C:\Users\Sean\Documents\Sports Interactive
2015-01-02 19:11 - 2013-07-07 10:23 - 00000000 ____D () C:\Users\Sean\Documents\samsung
2015-01-02 19:10 - 2013-07-07 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-02 19:09 - 2013-10-06 17:44 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-02 19:09 - 2013-07-07 10:23 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Samsung
2015-01-02 19:09 - 2012-01-28 18:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-02 15:13 - 2013-10-06 16:07 - 00000000 ____D () C:\Users\Sean\Documents\Mobile Phone Back up
2015-01-02 13:49 - 2012-03-26 08:48 - 00000000 ____D () C:\Users\Sean\AppData\Local\Spotify
2015-01-02 02:19 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-01-02 01:11 - 2012-05-24 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-01 21:34 - 2012-08-08 16:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-01 21:34 - 2012-04-12 17:54 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-01 21:34 - 2012-01-29 17:45 - 00000000 ____D () C:\Users\Sean\AppData\Local\Adobe
2015-01-01 21:34 - 2012-01-28 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 16:45 - 2012-06-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-14 16:44 - 2013-08-21 19:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-14 16:42 - 2012-01-28 20:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Sean\jagex_cl_runescape_LIVE.dat
C:\Users\Sean\random.dat
Some content of TEMP:
====================
C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-02 02:11
==================== End Of Log ============================
4. b (Additional)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2015 02
Ran by Sean at 2015-01-03 15:44:00
Running from C:\Users\Sean\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
3TB+Unlock B11.0511.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 2.1.7.2 (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\AceStream) (Version: 2.1.7.2 - Ace Stream Media)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{16D0F693-C066-7E30-854B-CADCFEFF9BE4}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AnySync (HKLM-x32\...\{8E2BC848-4490-4A19-8304-5A9D79DD33FA}) (Version: 7.1 - Sybase iAnywhere)
AnyTime Organizer (HKLM-x32\...\AnyTime Organizer) (Version: 14.1 - Individual Software, Inc)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.3.8518 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bitcoin (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Bitcoin) (Version: 0.8.1 - Bitcoin project)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - )
Cloud OC (HKLM-x32\...\{65B8A697-C77C-473E-8CE5-1FC5D4917C14}) (Version: 1.00.0000 - GIGABYTE)
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.9.25057.2197 - COMODO Security Solutions Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - )
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskInfo 6.0.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
Easy Tune 6 B11.0512.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0512.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Face_Wizard B10.1230.01 (HKLM-x32\...\{E76FCE6B-9999-4250-8C75-B2DA4AD41268}) (Version: 1.00.0000 - Gigabyte)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FileBot (HKLM\...\{501B62C1-B2B6-472F-A1CC-850E2C34FB50}) (Version: 3.8 - Reinhard Pointner)
Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version: - )
Football Manager 2013 (HKLM-x32\...\Steam App 207890) (Version: - Sports Interactive)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Dev Tycoon version 1.3.4 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.4 - Greenheart Games Pty. Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
MailWasher (HKLM-x32\...\{4E0B9AF0-5729-4638-AD62-3916F1890631}) (Version: 7.3.0 - Firetrust)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaInfo 0.7.65 (HKLM\...\MediaInfo) (Version: 0.7.65 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
MKVToolNix 7.1.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.1.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\MyFreeCodec) (Version: - )
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.4.1343 - GetData Pty Ltd)
RuneScape Launcher 1.2 (HKLM-x32\...\{5D87C09F-512F-474A-A306-0FE3B89C396F}) (Version: 1.2.0 - Jagex Ltd)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sky Go Desktop (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\295487528.go.sky.com) (Version: - go.sky.com)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spotify (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The TVDB XML Fetcher for the WDTV Live Hub (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\124d7bfeeda3fda0) (Version: 1.7.1.3 - TVDB XML Fetcher)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
TouchBIOS B11.1201.1 (HKLM-x32\...\{A2EBACDD-09BB-4894-AE25-7168DB3BFA7F}) (Version: 1.00.0000 - GIGABYTE)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update Manager B10.0728.1 (HKLM-x32\...\{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}) (Version: 1.00.0000 - Gigabyte)
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (HKLM-x32\...\WinRAR 4.20) (Version: 4.20 - akhilesh910)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-12-2014 22:47:52 Windows Update
14-12-2014 16:00:36 Windows Update
14-12-2014 16:41:23 Windows Update
21-12-2014 14:52:27 Windows Update
01-01-2015 21:27:26 Windows Update
02-01-2015 13:53:42 Installed Helium
02-01-2015 19:09:33 Installed Samsung Kies3
03-01-2015 14:36:54 Windows Update
03-01-2015 14:37:22 Windows Update
03-01-2015 14:37:45 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03A2A692-2CBD-44A4-87E0-155BF1B7118D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {25619A79-3877-40BE-8C91-AFE18BF16A16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26] (Google Inc.)
Task: {2B2FB2BE-54B5-4859-B606-04D3ACDF97FC} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {31C0C6AE-8639-4DCE-8A72-E0E7D15D0F24} - System32\Tasks\CCleanerSkipUAC => D:\Programme Folder (2)\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {478EAE79-617A-444E-A355-DB31EAD37025} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-01] (Adobe Systems Incorporated)
Task: {8E84773F-E5D1-4CAC-98FA-919BBCD15D76} - System32\Tasks\{F579B0C2-090B-4A66-890C-21B1544A1D1A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/207890
Task: {92C39818-9E82-4166-9C65-03A7641A7FB5} - System32\Tasks\{9711EFC7-69B1-48A0-963E-F7717AFDB806} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {9552ED31-E773-4037-97CF-F221A8780760} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {DB0895D6-5883-458F-85F0-5E8BD6355330} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26] (Google Inc.)
Task: {F362CC32-4732-4905-91A6-7D11FFE3F6B5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F496804D-7789-4588-A106-5E41D182FBFD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-16] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-04 23:02 - 2012-01-04 23:02 - 00329544 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2013-03-30 22:50 - 2013-10-31 20:19 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-26 16:46 - 2013-11-11 14:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2013-02-27 21:45 - 2013-11-22 18:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2013-12-25 22:05 - 2015-01-03 11:33 - 00374840 _____ () C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2015-01-03 00:31 - 2015-01-03 00:31 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010201\algo.dll
2009-03-30 02:34 - 2009-03-30 02:34 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 20:02 - 2009-03-27 20:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 20:02 - 2009-03-27 20:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2014-05-26 16:46 - 2013-10-30 18:06 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2013-02-27 21:45 - 2013-11-01 16:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-02-13 00:19 - 2014-02-13 00:19 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-26 08:48 - 2015-01-03 11:33 - 36966968 _____ () C:\Users\Sean\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-21 21:49 - 2015-01-03 11:33 - 00867896 _____ () C:\Users\Sean\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-12-25 22:05 - 2015-01-03 11:33 - 00886840 _____ () C:\Users\Sean\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-12-25 22:05 - 2015-01-03 11:33 - 00108600 _____ () C:\Users\Sean\AppData\Roaming\Spotify\Data\libegl.dll
2014-12-21 15:00 - 2014-12-21 15:00 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Sean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AnyTime.lnk => C:\Windows\pss\AnyTime.lnk.Startup
MSCONFIG\startupreg: Spotify => "C:\Users\Sean\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
========================= Accounts: ==========================
Administrator (S-1-5-21-3921608650-3821936656-1871749345-500 - Administrator - Disabled)
Guest (S-1-5-21-3921608650-3821936656-1871749345-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3921608650-3821936656-1871749345-1002 - Limited - Enabled)
Sean (S-1-5-21-3921608650-3821936656-1871749345-1000 - Administrator - Enabled) => C:\Users\Sean
WDTV Live (S-1-5-21-3921608650-3821936656-1871749345-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/03/2015 03:42:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fm.exe, version: 15.1.3.0, time stamp: 0x545f6b97
Faulting module name: fm.exe, version: 15.1.3.0, time stamp: 0x545f6b97
Exception code: 0xc0000005
Fault offset: 0x00e7fd96
Faulting process id: 0x1538
Faulting application start time: 0xfm.exe0
Faulting application path: fm.exe1
Faulting module path: fm.exe2
Report Id: fm.exe3
Error: (01/03/2015 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fm.exe, version: 15.1.3.0, time stamp: 0x545f6b97
Faulting module name: fm.exe, version: 15.1.3.0, time stamp: 0x545f6b97
Exception code: 0xc0000005
Fault offset: 0x00e7fd96
Faulting process id: 0x7a0
Faulting application start time: 0xfm.exe0
Faulting application path: fm.exe1
Faulting module path: fm.exe2
Report Id: fm.exe3
Error: (01/03/2015 11:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 10:56:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:30:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 06:41:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bccabfcbcej.exe version 23.23.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 18d0
Start Time: 01d026bb7d29ad3c
Termination Time: 3
Application Path: C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
Report Id:
Error: (01/02/2015 06:41:35 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/">.
Error: (01/02/2015 04:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/02/2015 04:10:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/02/2015 01:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/03/2015 02:37:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f020b: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device.
Error: (01/03/2015 02:37:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f020b: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device.
Error: (01/03/2015 11:11:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira Realtime Protection service failed to start due to the following error:
%%2
Error: (01/03/2015 11:11:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira Scheduler service failed to start due to the following error:
%%2
Error: (01/03/2015 10:59:52 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (01/03/2015 10:59:52 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (01/03/2015 10:56:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/03/2015 03:42:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe15.1.3.0545f6b97fm.exe15.1.3.0545f6b97c000000500e7fd96153801d027648432c0d7C:\Users\Sean\Desktop\Football Manager 2015\fm.exeC:\Users\Sean\Desktop\Football Manager 2015\fm.exe291ee66b-935f-11e4-86aa-1c6f65cdbbf0
Error: (01/03/2015 01:46:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe15.1.3.0545f6b97fm.exe15.1.3.0545f6b97c000000500e7fd967a001d0274ad4c3c070C:\Users\Sean\Desktop\Football Manager 2015\fm.exeC:\Users\Sean\Desktop\Football Manager 2015\fm.exef6649094-934e-11e4-86aa-1c6f65cdbbf0
Error: (01/03/2015 11:11:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 10:56:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:30:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 06:41:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bccabfcbcej.exe23.23.0.018d001d026bb7d29ad3c3C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
Error: (01/02/2015 06:41:35 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/
Error: (01/02/2015 04:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
D:\Programme Folder (2)\Kies\Kies\Kies.exe
Error: (01/02/2015 04:10:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
D:\Programme Folder (2)\Kies\Kies\Kies.exe
Error: (01/02/2015 01:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-06-29 10:48:22.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.822
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.713
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.604
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2012-09-29 20:29:23.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\_Genie Timeline\0\C\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-09-29 20:29:23.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\_Genie Timeline\0\C\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8175.12 MB
Available physical RAM: 4785.54 MB
Total Pagefile: 16348.41 MB
Available Pagefile: 12529.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (SSD Drive) (Fixed) (Total:119.14 GB) (Free:14.15 GB) NTFS
Drive d: (Storage Drive) (Fixed) (Total:586.17 GB) (Free:96.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 85801FD9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=586.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E7F573FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================ -
Hi
This morning when I started up my pc it cut out several times when trying to load the BIOS. I eventually managed to get in after about 5 times of trying. I am unsure if this is a hardware issue or possibly malware. I've copied to logs below if someone could please take a look, thanks!
FRST:Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015
Ran by Sean (administrator) on SEAN-PC on 03-01-2015 11:04:24
Running from C:\Users\Sean\Desktop
Loaded Profile: Sean (Available profiles: Sean)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-07] (COMODO)
HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-11-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [atr.exe] => [X]
HKLM-x32\...\Run: [AnySync] => D:\Programme Folder (2)\AnyTime Organizer\SyncLauncher.exe [41984 2011-03-21] (iAnywhere Solutions, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\Programme Folder (2)\Kies\Kies\KiesTrayAgent.exe [311616 2014-12-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [steam] => D:\Programme Folder (2)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [EADM] => D:\Programme Folder (2)\Origin\Origin.exe [3588952 2014-03-11] (Electronic Arts)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [] => D:\Programme Folder (2)\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [spotify Web Helper] => C:\Users\Sean\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-11] (Spotify Ltd)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\MountPoints2: {2fbc33c5-49de-11e1-b3ac-806e6f6e6963} - D:\Launch.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-07] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-07] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [iDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [s-1-5-21-3921608650-3821936656-1871749345-1000] => http://clientconfig.immunicity.org/pacs/all.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-3921608650-3821936656-1871749345-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-3921608650-3821936656-1871749345-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{911C9907-5394-4444-B1EB-A6DB89251C9C}: [NameServer] 192.168.0.1,192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default
FF Homepage: hxxp://www.google.co.uk/
FF NetworkProxy: "autoconfig_url", "http://clientconfig.immunicity.org/pacs/all.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> D:\Programme Folder (2)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\Programme Folder (2)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: @acestream.net/acestreamplugin,version=2.1.7.2 -> C:\Users\Sean\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sean\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3921608650-3821936656-1871749345-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\searchplugins\talktalk-search.xml
FF Extension: wxDfast - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\4fba2f0a1f13d@4fba2f0a1f178.info [2012-05-21]
FF Extension: DownloadHelper - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Add Google Search To New Tab Page - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\newtabgoogle@graememcc.co.uk.xpi [2013-05-06]
FF Extension: Adblock Plus - C:\Users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\7r92u0ic.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-02-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-13]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5 [2012-01-30]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2013-10-19]
FF HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sean\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Magic Player) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpckgflgdapkpabemgkielbefdildaio [2013-12-26]
CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-26]
CHR HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Chrome\Extension: [kpckgflgdapkpabemgkielbefdildaio] - C:\Users\Sean\AppData\Roaming\ACEStream\extensions\chrome_new\magicplayer.crx [2013-10-10]
CHR HKLM-x32\...\Chrome\Extension: [fgnbbmjplnjojimmnihieecplmnhgfem] - C:\ProgramData\wxDfast\fgnbbmjplnjojimmnihieecplmnhgfem.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-07] (COMODO)
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [329544 2012-01-04] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
S2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-16] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-16] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-16] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-16] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-16] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-16] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-15] (Avira GmbH)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-07] (COMODO)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-02] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-29] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-07] (COMODO)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 11:04 - 2015-01-03 11:04 - 00017758 _____ () C:\Users\Sean\Desktop\FRST.txt
2015-01-03 11:04 - 2015-01-03 11:04 - 00000000 ____D () C:\FRST
2015-01-03 10:59 - 2015-01-03 10:59 - 02123264 _____ (Farbar) C:\Users\Sean\Desktop\FRST64.exe
2015-01-03 10:54 - 2015-01-03 10:54 - 00000332 _____ () C:\Windows\PFRO.log
2015-01-03 00:30 - 2015-01-03 10:27 - 00000112 _____ () C:\Windows\setupact.log
2015-01-03 00:30 - 2015-01-03 00:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 19:10 - 2015-01-02 19:10 - 00000000 ____D () C:\Users\Sean\Documents\SelfMV
2015-01-02 19:09 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-01-02 18:42 - 2015-01-02 18:42 - 00000000 ____D () C:\Users\Sean\Desktop\Odin307
2015-01-02 18:41 - 2015-01-02 18:41 - 01207012 _____ () C:\Users\Sean\Downloads\Odin307.zip
2015-01-02 16:17 - 2015-01-02 16:17 - 00974821 _____ () C:\Users\Sean\Downloads\Odin-3.10.0.zip
2015-01-02 15:42 - 2015-01-02 15:43 - 00000000 ____D () C:\Users\Sean\Documents\carbon
2015-01-02 13:54 - 2015-01-02 13:54 - 00000000 ____D () C:\Users\Sean\.android
2015-01-02 13:53 - 2015-01-02 13:53 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2015-01-02 13:53 - 2015-01-02 13:53 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2015-01-02 13:51 - 2015-01-02 13:51 - 11060224 _____ () C:\Users\Sean\Downloads\CarbonSetup.msi
2014-12-21 15:00 - 2014-12-21 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 16:42 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-14 16:42 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-14 16:42 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-14 16:42 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-14 16:42 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-14 16:42 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-14 16:42 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-14 16:42 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-14 16:42 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-14 16:42 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-14 16:00 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-14 16:00 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-14 16:00 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-14 16:00 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-14 16:00 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-14 16:00 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-14 16:00 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-14 16:00 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-14 16:00 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-14 16:00 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-14 16:00 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-14 16:00 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-14 16:00 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 22:39 - 2014-06-16 06:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 10:59 - 2009-07-14 05:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 10:58 - 2014-09-22 21:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 10:58 - 2014-09-22 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-03 10:58 - 2014-09-22 21:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-03 10:55 - 2012-03-31 23:11 - 00000000 ____D () C:\Program Files (x86)\Vuze
2015-01-03 10:27 - 2013-12-26 13:21 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 10:27 - 2013-09-02 20:50 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-01-03 10:27 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 01:12 - 2014-11-10 23:10 - 01528487 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 00:43 - 2012-08-08 16:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-03 00:42 - 2012-03-31 23:11 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Azureus
2015-01-03 00:37 - 2009-07-14 04:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 00:37 - 2009-07-14 04:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-03 00:30 - 2014-02-13 00:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-02 20:03 - 2012-02-05 19:45 - 00000000 ____D () C:\Users\Sean\Documents\Sports Interactive
2015-01-02 19:54 - 2012-03-26 08:47 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Spotify
2015-01-02 19:11 - 2013-07-07 10:23 - 00000000 ____D () C:\Users\Sean\Documents\samsung
2015-01-02 19:10 - 2013-07-07 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-02 19:09 - 2013-10-06 17:44 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-02 19:09 - 2013-07-07 10:23 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\Samsung
2015-01-02 19:09 - 2012-01-28 18:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-02 15:34 - 2012-01-28 20:29 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\vlc
2015-01-02 15:13 - 2013-10-06 16:07 - 00000000 ____D () C:\Users\Sean\Documents\Mobile Phone Back up
2015-01-02 13:54 - 2012-01-28 18:35 - 00000000 ____D () C:\Users\Sean
2015-01-02 13:49 - 2012-03-26 08:48 - 00000000 ____D () C:\Users\Sean\AppData\Local\Spotify
2015-01-02 02:19 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-01-02 01:11 - 2012-05-24 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-01 21:34 - 2012-08-08 16:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-01 21:34 - 2012-04-12 17:54 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-01 21:34 - 2012-01-29 17:45 - 00000000 ____D () C:\Users\Sean\AppData\Local\Adobe
2015-01-01 21:34 - 2012-01-28 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 16:45 - 2012-06-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-14 16:44 - 2013-08-21 19:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-14 16:42 - 2012-01-28 20:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Sean\jagex_cl_runescape_LIVE.dat
C:\Users\Sean\random.dat
Some content of TEMP:
====================
C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
C:\Users\Sean\AppData\Local\Temp\i4jdel0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-02 02:11
==================== End Of Log ============================ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-01-2015
Ran by Sean at 2015-01-03 11:04:38
Running from C:\Users\Sean\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
3TB+Unlock B11.0511.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 2.1.7.2 (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\AceStream) (Version: 2.1.7.2 - Ace Stream Media)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{16D0F693-C066-7E30-854B-CADCFEFF9BE4}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AnySync (HKLM-x32\...\{8E2BC848-4490-4A19-8304-5A9D79DD33FA}) (Version: 7.1 - Sybase iAnywhere)
AnyTime Organizer (HKLM-x32\...\AnyTime Organizer) (Version: 14.1 - Individual Software, Inc)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.3.8518 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bitcoin (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Bitcoin) (Version: 0.8.1 - Bitcoin project)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - )
Cloud OC (HKLM-x32\...\{65B8A697-C77C-473E-8CE5-1FC5D4917C14}) (Version: 1.00.0000 - GIGABYTE)
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.9.25057.2197 - COMODO Security Solutions Inc.)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - )
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskInfo 6.0.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
Easy Tune 6 B11.0512.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0512.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Face_Wizard B10.1230.01 (HKLM-x32\...\{E76FCE6B-9999-4250-8C75-B2DA4AD41268}) (Version: 1.00.0000 - Gigabyte)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
FileBot (HKLM\...\{501B62C1-B2B6-472F-A1CC-850E2C34FB50}) (Version: 3.8 - Reinhard Pointner)
Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version: - )
Football Manager 2013 (HKLM-x32\...\Steam App 207890) (Version: - Sports Interactive)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Dev Tycoon version 1.3.4 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.4 - Greenheart Games Pty. Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
MailWasher (HKLM-x32\...\{4E0B9AF0-5729-4638-AD62-3916F1890631}) (Version: 7.3.0 - Firetrust)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaInfo 0.7.65 (HKLM\...\MediaInfo) (Version: 0.7.65 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
MKVToolNix 7.1.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.1.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\MyFreeCodec) (Version: - )
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.4.1343 - GetData Pty Ltd)
RuneScape Launcher 1.2 (HKLM-x32\...\{5D87C09F-512F-474A-A306-0FE3B89C396F}) (Version: 1.2.0 - Jagex Ltd)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sky Go Desktop (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\295487528.go.sky.com) (Version: - go.sky.com)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spotify (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The TVDB XML Fetcher for the WDTV Live Hub (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\124d7bfeeda3fda0) (Version: 1.7.1.3 - TVDB XML Fetcher)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
TouchBIOS B11.1201.1 (HKLM-x32\...\{A2EBACDD-09BB-4894-AE25-7168DB3BFA7F}) (Version: 1.00.0000 - GIGABYTE)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKU\S-1-5-21-3921608650-3821936656-1871749345-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update Manager B10.0728.1 (HKLM-x32\...\{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}) (Version: 1.00.0000 - Gigabyte)
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (HKLM-x32\...\WinRAR 4.20) (Version: 4.20 - akhilesh910)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-11-2014 22:48:48 Windows Update
03-12-2014 23:32:35 Windows Update
08-12-2014 22:47:52 Windows Update
14-12-2014 16:00:36 Windows Update
14-12-2014 16:41:23 Windows Update
21-12-2014 14:52:27 Windows Update
01-01-2015 21:27:26 Windows Update
02-01-2015 13:53:42 Installed Helium
02-01-2015 19:09:33 Installed Samsung Kies3
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03A2A692-2CBD-44A4-87E0-155BF1B7118D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {25619A79-3877-40BE-8C91-AFE18BF16A16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26] (Google Inc.)
Task: {2B2FB2BE-54B5-4859-B606-04D3ACDF97FC} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {31C0C6AE-8639-4DCE-8A72-E0E7D15D0F24} - System32\Tasks\CCleanerSkipUAC => D:\Programme Folder (2)\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {478EAE79-617A-444E-A355-DB31EAD37025} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-01] (Adobe Systems Incorporated)
Task: {8E84773F-E5D1-4CAC-98FA-919BBCD15D76} - System32\Tasks\{F579B0C2-090B-4A66-890C-21B1544A1D1A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/207890
Task: {92C39818-9E82-4166-9C65-03A7641A7FB5} - System32\Tasks\{9711EFC7-69B1-48A0-963E-F7717AFDB806} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {9552ED31-E773-4037-97CF-F221A8780760} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {DB0895D6-5883-458F-85F0-5E8BD6355330} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-26] (Google Inc.)
Task: {F362CC32-4732-4905-91A6-7D11FFE3F6B5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F496804D-7789-4588-A106-5E41D182FBFD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-16] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-21 15:00 - 2014-12-21 15:00 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Sean^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AnyTime.lnk => C:\Windows\pss\AnyTime.lnk.Startup
MSCONFIG\startupreg: Spotify => "C:\Users\Sean\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
========================= Accounts: ==========================
Administrator (S-1-5-21-3921608650-3821936656-1871749345-500 - Administrator - Disabled)
Guest (S-1-5-21-3921608650-3821936656-1871749345-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3921608650-3821936656-1871749345-1002 - Limited - Enabled)
Sean (S-1-5-21-3921608650-3821936656-1871749345-1000 - Administrator - Enabled) => C:\Users\Sean
WDTV Live (S-1-5-21-3921608650-3821936656-1871749345-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/03/2015 10:56:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:30:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 06:41:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bccabfcbcej.exe version 23.23.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 18d0
Start Time: 01d026bb7d29ad3c
Termination Time: 3
Application Path: C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
Report Id:
Error: (01/02/2015 06:41:35 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/">.
Error: (01/02/2015 04:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/02/2015 04:10:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/02/2015 01:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 01:42:29 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/">.
Error: (01/02/2015 01:12:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/01/2015 09:23:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/03/2015 10:59:52 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (01/03/2015 10:59:52 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (01/03/2015 10:56:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (01/03/2015 10:55:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/03/2015 10:56:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2015 00:30:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 06:41:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bccabfcbcej.exe23.23.0.018d001d026bb7d29ad3c3C:\Users\Sean\AppData\Local\Temp\bccabfcbcej.exe
Error: (01/02/2015 06:41:35 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/
Error: (01/02/2015 04:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
D:\Programme Folder (2)\Kies\Kies\Kies.exe
Error: (01/02/2015 04:10:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: D:\Programme Folder (2)\Kies\Kies\Kies.exe . Error code = 0x80131f07
D:\Programme Folder (2)\Kies\Kies\Kies.exe
Error: (01/02/2015 01:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2015 01:42:29 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3921608650-3821936656-1871749345-1000}/
Error: (01/02/2015 01:12:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/01/2015 09:23:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-06-29 10:48:22.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.822
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.744
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.713
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2013-06-29 10:42:07.604
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Sean\Desktop\testdisk-6.14-WIP\recup_dir.1\f7025816.exe because the set of per-page image hashes could not be found on the system.
Date: 2012-09-29 20:29:23.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\_Genie Timeline\0\C\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-09-29 20:29:23.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\_Genie Timeline\0\C\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 16%
Total physical RAM: 8175.12 MB
Available physical RAM: 6865.99 MB
Total Pagefile: 16348.41 MB
Available Pagefile: 15103.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (SSD Drive) (Fixed) (Total:119.14 GB) (Free:15.33 GB) NTFS
Drive d: (Storage Drive) (Fixed) (Total:586.17 GB) (Free:96.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 85801FD9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=586.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E7F573FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================ -
I have had to give the pc back to my girlfriends dad so we did as much as we could. Feel free to close the topic now
-
Progress with what how its running?
Seems to be running ok apart from it still won't boot first time on a restart, only after a full shutdown. Also the fact OTL and FRST won't run from the desktop. If these are ok then I think we're all good?
-
Never mind I managed to do it haha:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-11-2013
Ran by Gaitens at 2013-11-21 20:05:54 Run:1
Running from C:\Documents and Settings\Gaitens\Local Settings\Temporary Internet Files\Content.IE5\7CHD5C1M
Boot Mode: Normal==============================================
Content of fixlist:
*****************
C:\Documents and Settings\Gaitens\Local Settings\temp\ntdll_dump.dll
*****************C:\Documents and Settings\Gaitens\Local Settings\temp\ntdll_dump.dll => Moved successfully.
==== End of Fixlog ====
-
Any idea how to do this as I'm not running it off the desktop as I said before i'm running it from the temp folder through Internet explorer so i'm unsure where i would save the fixlist to?!
-
As above changing the name of the file didn't do anything however;
I was able to run FRST through the temp folder i.e clicking on run instead of saving it to the desktop so I will post the log of this below and attach the additional log. I was unable to do the same for the OTL scan as it comes up with an error message saying it cannot be run from the temp folder.
**PLEASE NOTE**
The delta application you asked me uninstall at the begining has reappeared due to me re-installing a driver that was needed for an additional sound card that is attached to this machine which was not being recongnized. When I click on more info on the add/remove programms page it does said for more info see M-Audio which is the driver that is required for the sound card so it appears this is ok ?
FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-11-2013
Ran by Gaitens (administrator) on GAITENS-PC on 21-11-2013 00:49:29
Running from C:\Documents and Settings\Gaitens\Local Settings\Temporary Internet Files\Content.IE5\7CHD5C1M
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
() C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
(Motive Communications, Inc.) C:\Program Files\btbb_wcm\McciTrayApp.exe
(Yahoo! Inc.) C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Yahoo!, Inc.) C:\PROGRA~1\Yahoo!\browser\ycommon.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Lavasoft) C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
(Avid Technology, Inc.) C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Logitech) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Lavasoft Limited) C:\PROGRA~1\AD-AWA~1\AdAware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe
(Farbar) C:\Documents and Settings\Gaitens\Local Settings\Temporary Internet Files\Content.IE5\7CHD5C1M\FRST[2].exe==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Logitech Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [94208 2006-05-10] (Logitech Inc.)
HKLM\...\Run: [btbb_wcm_McciTrayApp] - C:\Program Files\btbb_wcm\McciTrayApp.exe [935936 2006-12-07] (Motive Communications, Inc.)
HKLM\...\Run: [btbb_McciTrayApp] - C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe [1584640 2009-09-14] (Alcatel-Lucent)
HKLM\...\Run: [YBrowser] - C:\Program Files\Yahoo!\browser\ybrwicon.exe [129536 2006-07-21] (Yahoo! Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
HKLM\...\Run: [HTC Sync Loader] - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [634880 2012-04-01] ()
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.exe [16855552 2007-10-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [skyTel] - C:\WINDOWS\SkyTel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [soundMan] - C:\WINDOWS\SoundMan.exe [86016 2006-07-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] - C:\WINDOWS\alcwzrd.exe [2808832 2006-05-04] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)
HKLM\...\Run: [M-Audio Taskbar Icon] - C:\WINDOWS\system32\M-AudioTaskBarIcon.exe [154112 2007-01-25] (Avid Technology, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [LDM] - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2009-09-21] (Logitech)
HKCU\...\Run: [spotify Web Helper] - C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1140736 2007-12-10] (Spotify Ltd)
HKU\Guest\...\Run: [LDM] - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [ 2009-09-21] (Logitech)
HKU\Guest\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Guest\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [ 2009-07-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA1100 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?pc=WLEM&ocid=bb7hp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {930CFB87-EA72-48FF-B187-FF85EB22B758} URL = http://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&qry={searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {1AB07DA3-B035-43A9-AB32-D5615B313E2B} URL = http://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&qry={searchTerms}&type=Web&orig=IMC-IE
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {930CFB87-EA72-48FF-B187-FF85EB22B758} URL =
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.8.05.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253294945875
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: bw+0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw+0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw-0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw-0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw00 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw00s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw10 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw10s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw20 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw20s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw30 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw30s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw40 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw40s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw50 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw50s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw60 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw60s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw70 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw70s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw80 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw80s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw90 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bw90s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwa0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwa0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwb0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwb0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwc0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwc0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwd0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwd0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwe0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwe0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwf0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwf0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwg0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwg0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwh0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwh0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwi0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwi0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwj0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwj0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwk0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwk0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwl0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwl0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwm0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwm0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwn0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwn0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwo0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwo0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwp0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwp0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwq0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwq0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwr0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwr0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bws0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bws0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwt0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwt0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwu0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwu0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwv0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwv0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bww0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bww0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwx0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwx0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwy0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwy0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwz0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: bwz0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: offline-8876480 - {461A0983-ECA8-4BCD-AE42-7EAA2440940F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Injovo Extension Plugin) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.444_0\npbrowserext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Motive Plugin) - C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)========================== Services (Whitelisted) =================
R2 ACS; C:\WINDOWS\system32\acs.exe [495700 2009-02-20] (Atheros)
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1239952 2012-07-12] (Lavasoft Limited)
S3 jswpsapi; C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe [360529 2009-11-05] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3289032 2011-12-19] (GFI Software)
R2 WSWNA1100; C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] ()
S2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S3 YPCService; C:\WINDOWS\system32\YPCSER~1.EXE [86016 2003-05-19] (Yahoo! Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"==================== Drivers (Whitelisted) ====================
S3 AR9271; C:\Windows\System32\DRIVERS\athuw.sys [1759584 2010-09-30] (Atheros Communications, Inc.)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh5.sys [1034240 2011-12-12] (Broadcom Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 DELTA; C:\Windows\System32\DRIVERS\delta.sys [302336 2007-01-25] (Midiman/M-Audio)
R2 fssfltr; C:\Windows\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 HCF_MSFT; C:\Windows\System32\DRIVERS\HCF_MSFT.sys [907456 2001-08-17] (Conexant)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 JSWSCIMD; C:\Windows\System32\DRIVERS\jswscimd.sys [57440 2008-09-25] (Atheros Communications, Inc.)
S3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [41888 2007-05-09] (Logitech Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2009-09-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MREMPR5; C:\Program Files\Common Files\Motive\MREMPR5.sys [19345 2006-05-04] (Motive, Inc.)
S3 MRENDIS5; C:\Program Files\Common Files\Motive\MRENDIS5.sys [18003 2006-05-29] (Motive, Inc.)
R3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2009-09-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [1276832 2007-05-09] (Logitech Inc.)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 RDID1061; C:\Windows\System32\Drivers\rdwm1061.sys [140672 2009-02-18] (Roland Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 sbaphd; C:\Windows\System32\drivers\sbaphd.sys [21240 2011-11-29] (GFI Software)
R2 sbapifs; C:\Windows\System32\drivers\sbapifs.sys [77816 2011-11-29] (GFI Software)
R1 SBRE; C:\WINDOWS\system32\drivers\SBREdrv.sys [101112 2011-10-26] (GFI Software)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimd.sys [58208 2009-01-30] (Atheros Communications, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 DELTAII; system32\DRIVERS\deltaII.sys [x]
S4 IntelIde; No ImagePath
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [x]
S3 Trufos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\trufos.sys [x]==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-21 00:48 - 2013-11-21 00:48 - 00000000 ____D C:\FRST
2013-11-20 19:55 - 2013-11-20 19:55 - 00001446 _____ C:\WINDOWS\COM+.log
2013-11-20 19:50 - 2013-11-20 19:50 - 00000000 ____D C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2013-11-20 19:44 - 2013-11-20 19:52 - 00007514 _____ C:\WINDOWS\bitssetup.log
2013-11-20 19:44 - 2013-11-20 19:45 - 00000558 _____ C:\WINDOWS\Windows Update.log
2013-11-20 19:27 - 2013-11-20 19:54 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-11-20 19:25 - 2013-11-20 19:25 - 00000000 ____D C:\RegBackup
2013-11-20 19:23 - 2013-11-20 19:23 - 00000000 ____D C:\Program Files\Tweaking.com
2013-11-20 19:23 - 2013-11-20 19:23 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2013-11-20 19:22 - 2013-11-20 19:22 - 05045639 _____ C:\Documents and Settings\Gaitens\Desktop\tweaking.com_windows_repair_aio_setup.exe
2013-11-18 20:44 - 2013-11-18 21:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-11-18 20:44 - 2013-11-18 20:44 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 20:43 - 2013-11-18 21:21 - 00000000 ____D C:\Documents and Settings\Gaitens\Desktop\mbar
2013-11-18 20:43 - 2013-11-18 20:43 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\Gaitens\Desktop\mbar-1.07.0.1007.exe
2013-11-18 20:43 - 2013-11-18 20:43 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-11-18 01:17 - 2013-11-18 01:17 - 00001504 _____ C:\Documents and Settings\Gaitens\Desktop\RKreport[0]_S_11182013_011718.txt
2013-11-18 01:15 - 2013-11-18 01:17 - 00000000 ____D C:\Documents and Settings\Gaitens\Desktop\RK_Quarantine
2013-11-18 01:14 - 2013-11-18 01:14 - 03679744 _____ C:\Documents and Settings\Gaitens\Desktop\RogueKiller.exe
2013-11-18 00:59 - 2013-11-18 01:00 - 04121440 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Gaitens\Desktop\TDSSKiller.exe
2013-11-17 20:58 - 2013-11-17 21:52 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt
2013-11-17 20:58 - 2013-11-17 21:49 - 00000000 ____D C:\Documents and Settings\Gaitens\Doctor Web
2013-11-17 20:56 - 2013-11-17 20:56 - 135713120 _____ C:\Documents and Settings\Gaitens\Desktop\drweb-cureit.exe
2013-11-17 13:52 - 2013-11-17 13:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-11-17 13:52 - 2013-11-17 13:51 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-17 13:52 - 2013-11-17 13:51 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-17 13:52 - 2013-11-17 13:51 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-17 13:52 - 2013-11-17 13:51 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-11-16 17:07 - 2013-11-16 17:07 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-16 16:51 - 2013-11-16 16:51 - 00000000 ____D C:\Program Files\M-Audio
2013-11-16 16:51 - 2013-11-16 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\M-Audio
2013-11-16 16:51 - 2007-01-25 11:12 - 00302336 _____ (Midiman/M-Audio) C:\WINDOWS\system32\Drivers\delta.sys
2013-11-16 16:51 - 2007-01-25 11:12 - 00022528 _____ (Avid Technology, Inc.) C:\WINDOWS\system32\deltasio.dll
2013-11-16 16:51 - 2007-01-25 11:12 - 00019456 _____ (M-Audio) C:\WINDOWS\system32\DeltaCPL.cpl
2013-11-16 16:51 - 2007-01-25 11:11 - 01122304 _____ (M-Audio) C:\WINDOWS\system32\deltapnl.exe
2013-11-16 16:51 - 2007-01-25 11:11 - 00046592 _____ (M-Audio) C:\WINDOWS\system32\deltapnl.dll
2013-11-16 16:51 - 2007-01-25 10:54 - 00154112 _____ (Avid Technology, Inc.) C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
2013-11-16 16:51 - 2007-01-24 17:15 - 02502633 _____ (Avid Technology, Inc.) C:\WINDOWS\system32\pcifmdio.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00000601 _____ C:\Documents and Settings\Gaitens\Desktop\eset scan.txt
2013-11-16 14:56 - 2013-11-16 14:57 - 02347384 _____ (ESET) C:\Documents and Settings\Gaitens\Desktop\esetsmartinstaller_enu.exe
2013-11-16 14:45 - 2013-11-16 14:45 - 00008942 _____ C:\WINDOWS\KB2900986.log
2013-11-16 14:45 - 2013-11-16 14:45 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-16 14:45 - 2013-11-16 14:45 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-16 14:44 - 2013-11-16 14:44 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-16 14:42 - 2013-11-16 14:42 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-16 14:41 - 2013-11-16 14:42 - 00011121 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-16 14:41 - 2013-11-16 14:41 - 00000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_NuidFltr_01005.Wdf
2013-11-16 14:41 - 2008-04-14 05:41 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidserv.dll
2013-11-16 14:36 - 2013-11-16 14:45 - 00014617 _____ C:\WINDOWS\KB2868626.log
2013-11-16 14:35 - 2013-11-16 14:44 - 00013605 _____ C:\WINDOWS\KB2862152.log
2013-11-16 14:35 - 2013-11-16 14:43 - 00013168 _____ C:\WINDOWS\KB2876331.log
2013-11-16 14:27 - 2013-11-16 14:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
2013-11-16 13:17 - 2008-04-14 04:42 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\regedit.com
2013-11-15 18:27 - 2013-11-15 18:27 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Ad-Aware Antivirus
2013-11-15 18:24 - 2013-11-15 18:24 - 00000000 ____D C:\WINDOWS\pss
2013-11-14 23:42 - 2013-11-21 00:42 - 00602112 _____ C:\Documents and Settings\Gaitens\Desktop\OTLs.exe
2013-11-14 23:32 - 2013-11-14 23:21 - 01090529 _____ C:\Documents and Settings\Gaitens\Desktop\FRSTs.exe
2013-11-12 23:57 - 2013-11-12 23:57 - 00000000 ____D C:\Program Files\ESET
2013-11-12 19:34 - 2013-11-12 19:34 - 00012955 _____ C:\ComboFix.txt
2013-11-12 19:26 - 2013-11-12 19:26 - 00008192 _____ C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\system.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\software.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\default.tmp.LOG
2013-11-12 17:41 - 2013-11-12 19:34 - 00000000 ____D C:\ComboFix
2013-11-12 17:41 - 2011-06-26 06:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-11-12 17:41 - 2010-11-07 17:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-11-12 17:41 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-11-12 17:41 - 2000-08-31 00:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-11-12 17:39 - 2013-11-12 17:39 - 05145576 ____R (Swearware) C:\Documents and Settings\Gaitens\Desktop\ComboFix.exe
2013-11-10 15:36 - 2013-11-10 15:36 - 01073262 _____ C:\Documents and Settings\Gaitens\Desktop\AdwCleaner.exe
2013-11-10 15:36 - 2013-11-10 15:36 - 01034531 _____ (Thisisu) C:\Documents and Settings\Gaitens\Desktop\JRT.exe
2013-11-10 15:36 - 2013-11-10 15:35 - 01898232 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Gaitens\Desktop\rkill.exe==================== One Month Modified Files and Folders =======
2013-11-21 00:48 - 2013-11-21 00:48 - 00000000 ____D C:\FRST
2013-11-21 00:47 - 2009-10-13 23:02 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-21 00:42 - 2013-11-14 23:42 - 00602112 _____ C:\Documents and Settings\Gaitens\Desktop\OTLs.exe
2013-11-21 00:42 - 2009-09-18 11:03 - 00513916 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-21 00:42 - 2006-02-28 12:00 - 00000451 _____ C:\WINDOWS\system.ini
2013-11-21 00:38 - 2012-08-29 17:26 - 00001615 _____ C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
2013-11-21 00:38 - 2012-03-15 19:45 - 00000000 ____D C:\Documents and Settings\Gaitens\Local Settings\Application Data\Htc
2013-11-21 00:38 - 2009-10-13 23:02 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-21 00:38 - 2009-09-18 11:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-21 00:38 - 2009-09-18 11:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-21 00:38 - 2009-09-18 11:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-21 00:38 - 2009-09-18 10:56 - 01293238 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-21 00:38 - 2006-02-28 12:00 - 00001374 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-20 20:29 - 2012-09-13 18:55 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2013-11-20 20:29 - 2009-09-18 11:07 - 00000278 ___SH C:\Documents and Settings\Gaitens\ntuser.ini
2013-11-20 20:29 - 2009-09-18 11:05 - 00032390 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-20 20:19 - 2012-08-17 10:48 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1303643608-1417001333-1003UA.job
2013-11-20 20:19 - 2012-08-17 10:48 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1303643608-1417001333-1003Core.job
2013-11-20 20:16 - 2009-09-18 17:41 - 00100480 _____ C:\Documents and Settings\Gaitens\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-11-20 20:16 - 2009-09-18 11:01 - 00348992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-20 19:55 - 2013-11-20 19:55 - 00001446 _____ C:\WINDOWS\COM+.log
2013-11-20 19:54 - 2013-11-20 19:27 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-11-20 19:52 - 2013-11-20 19:44 - 00007514 _____ C:\WINDOWS\bitssetup.log
2013-11-20 19:52 - 2009-09-18 10:54 - 00000000 ____D C:\WINDOWS\Registration
2013-11-20 19:50 - 2013-11-20 19:50 - 00000000 ____D C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2013-11-20 19:50 - 2009-09-18 10:57 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2013-11-20 19:50 - 2009-09-18 10:57 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2013-11-20 19:45 - 2013-11-20 19:44 - 00000558 _____ C:\WINDOWS\Windows Update.log
2013-11-20 19:26 - 2012-10-04 19:44 - 00242499 _____ C:\WINDOWS\setupapi.log
2013-11-20 19:26 - 2009-09-18 10:54 - 00000000 ____D C:\WINDOWS\repair
2013-11-20 19:25 - 2013-11-20 19:25 - 00000000 ____D C:\RegBackup
2013-11-20 19:23 - 2013-11-20 19:23 - 00000000 ____D C:\Program Files\Tweaking.com
2013-11-20 19:23 - 2013-11-20 19:23 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2013-11-20 19:22 - 2013-11-20 19:22 - 05045639 _____ C:\Documents and Settings\Gaitens\Desktop\tweaking.com_windows_repair_aio_setup.exe
2013-11-18 21:21 - 2013-11-18 20:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-11-18 21:21 - 2013-11-18 20:43 - 00000000 ____D C:\Documents and Settings\Gaitens\Desktop\mbar
2013-11-18 20:44 - 2013-11-18 20:44 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 20:43 - 2013-11-18 20:43 - 12576792 _____ (Malwarebytes Corp.) C:\Documents and Settings\Gaitens\Desktop\mbar-1.07.0.1007.exe
2013-11-18 20:43 - 2013-11-18 20:43 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-11-18 01:17 - 2013-11-18 01:17 - 00001504 _____ C:\Documents and Settings\Gaitens\Desktop\RKreport[0]_S_11182013_011718.txt
2013-11-18 01:17 - 2013-11-18 01:15 - 00000000 ____D C:\Documents and Settings\Gaitens\Desktop\RK_Quarantine
2013-11-18 01:14 - 2013-11-18 01:14 - 03679744 _____ C:\Documents and Settings\Gaitens\Desktop\RogueKiller.exe
2013-11-18 01:00 - 2013-11-18 00:59 - 04121440 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Gaitens\Desktop\TDSSKiller.exe
2013-11-17 21:52 - 2013-11-17 20:58 - 00065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt
2013-11-17 21:49 - 2013-11-17 20:58 - 00000000 ____D C:\Documents and Settings\Gaitens\Doctor Web
2013-11-17 21:49 - 2008-04-13 23:06 - 00187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-17 21:20 - 2012-08-17 10:49 - 00002300 _____ C:\Documents and Settings\Gaitens\Desktop\Google Chrome.lnk
2013-11-17 20:58 - 2009-09-18 11:06 - 00000000 ____D C:\Documents and Settings\Gaitens
2013-11-17 20:56 - 2013-11-17 20:56 - 135713120 _____ C:\Documents and Settings\Gaitens\Desktop\drweb-cureit.exe
2013-11-17 13:52 - 2013-11-17 13:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-11-17 13:52 - 2009-12-28 10:36 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-17 13:51 - 2013-11-17 13:52 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-17 13:51 - 2013-11-17 13:52 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-17 13:51 - 2013-11-17 13:52 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-17 13:51 - 2013-11-17 13:52 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-11-17 13:51 - 2009-12-28 10:36 - 00000000 ____D C:\Program Files\Java
2013-11-17 13:51 - 2009-09-18 11:02 - 00185990 _____ C:\WINDOWS\setupact.log
2013-11-17 13:51 - 2007-12-10 01:26 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-11-16 17:07 - 2013-11-16 17:07 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-16 17:07 - 2012-02-22 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-11-16 16:51 - 2013-11-16 16:51 - 00000000 ____D C:\Program Files\M-Audio
2013-11-16 16:51 - 2013-11-16 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\M-Audio
2013-11-16 16:51 - 2012-08-29 16:51 - 00000349 _____ C:\WINDOWS\Q813347.log
2013-11-16 16:51 - 2009-09-18 17:22 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2013-11-16 16:48 - 2013-11-16 16:48 - 00000601 _____ C:\Documents and Settings\Gaitens\Desktop\eset scan.txt
2013-11-16 14:57 - 2013-11-16 14:56 - 02347384 _____ (ESET) C:\Documents and Settings\Gaitens\Desktop\esetsmartinstaller_enu.exe
2013-11-16 14:45 - 2013-11-16 14:45 - 00008942 _____ C:\WINDOWS\KB2900986.log
2013-11-16 14:45 - 2013-11-16 14:45 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-16 14:45 - 2013-11-16 14:45 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-16 14:45 - 2013-11-16 14:36 - 00014617 _____ C:\WINDOWS\KB2868626.log
2013-11-16 14:45 - 2009-09-18 18:01 - 00397220 _____ C:\WINDOWS\updspapi.log
2013-11-16 14:45 - 2009-09-18 11:03 - 01864547 _____ C:\WINDOWS\iis6.log
2013-11-16 14:45 - 2009-09-18 11:03 - 01693853 _____ C:\WINDOWS\FaxSetup.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00874159 _____ C:\WINDOWS\ocgen.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00779918 _____ C:\WINDOWS\tsoc.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00573364 _____ C:\WINDOWS\comsetup.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00522864 _____ C:\WINDOWS\msmqinst.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00346547 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00297875 _____ C:\WINDOWS\netfxocm.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00117392 _____ C:\WINDOWS\MedCtrOC.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00094036 _____ C:\WINDOWS\ocmsn.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00085886 _____ C:\WINDOWS\tabletoc.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00085089 _____ C:\WINDOWS\msgsocm.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-16 14:45 - 2009-09-18 11:03 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-16 14:44 - 2013-11-16 14:44 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-16 14:44 - 2013-11-16 14:35 - 00013605 _____ C:\WINDOWS\KB2862152.log
2013-11-16 14:43 - 2013-11-16 14:35 - 00013168 _____ C:\WINDOWS\KB2876331.log
2013-11-16 14:43 - 2009-09-18 17:23 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-11-16 14:42 - 2013-11-16 14:42 - 00000000 ___DC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-16 14:42 - 2013-11-16 14:41 - 00011121 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-16 14:42 - 2009-09-18 18:31 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-16 14:41 - 2013-11-16 14:41 - 00000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_NuidFltr_01005.Wdf
2013-11-16 14:41 - 2007-12-10 01:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-16 14:37 - 2009-09-18 18:29 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-16 14:27 - 2013-11-16 14:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
2013-11-16 13:54 - 2009-09-18 11:00 - 00000211 ___SH C:\boot.ini
2013-11-16 13:54 - 2006-02-28 12:00 - 00000688 _____ C:\WINDOWS\win.ini
2013-11-16 13:53 - 2009-09-18 10:54 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-11-15 18:27 - 2013-11-15 18:27 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Ad-Aware Antivirus
2013-11-15 18:24 - 2013-11-15 18:24 - 00000000 ____D C:\WINDOWS\pss
2013-11-14 23:21 - 2013-11-14 23:32 - 01090529 _____ C:\Documents and Settings\Gaitens\Desktop\FRSTs.exe
2013-11-12 23:57 - 2013-11-12 23:57 - 00000000 ____D C:\Program Files\ESET
2013-11-12 20:28 - 2009-09-18 11:00 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-12 19:34 - 2013-11-12 19:34 - 00012955 _____ C:\ComboFix.txt
2013-11-12 19:34 - 2013-11-12 17:41 - 00000000 ____D C:\ComboFix
2013-11-12 19:34 - 2007-12-12 22:21 - 00000000 ____D C:\Qoobox
2013-11-12 19:33 - 2007-12-12 22:21 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-12 19:30 - 2006-02-28 12:00 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_578
2013-11-12 19:27 - 2009-09-18 11:01 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-11-12 19:27 - 2009-09-18 11:01 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-11-12 19:27 - 2009-09-18 11:00 - 38273024 _____ C:\WINDOWS\system32\config\software.bak
2013-11-12 19:27 - 2009-09-18 11:00 - 09437184 _____ C:\WINDOWS\system32\config\system.bak
2013-11-12 19:27 - 2009-09-18 11:00 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2013-11-12 19:26 - 2013-11-12 19:26 - 00008192 _____ C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\system.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\software.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-11-12 19:26 - 2013-11-12 19:26 - 00000000 _____ C:\WINDOWS\system32\config\default.tmp.LOG
2013-11-12 17:39 - 2013-11-12 17:39 - 05145576 ____R (Swearware) C:\Documents and Settings\Gaitens\Desktop\ComboFix.exe
2013-11-10 15:36 - 2013-11-10 15:36 - 01073262 _____ C:\Documents and Settings\Gaitens\Desktop\AdwCleaner.exe
2013-11-10 15:36 - 2013-11-10 15:36 - 01034531 _____ (Thisisu) C:\Documents and Settings\Gaitens\Desktop\JRT.exe
2013-11-10 15:35 - 2013-11-10 15:36 - 01898232 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Gaitens\Desktop\rkill.exeSome content of TEMP:
====================
C:\Documents and Settings\Gaitens\Local Settings\temp\IadHide5.dll
C:\Documents and Settings\Gaitens\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Gaitens\Local Settings\temp\ntdll_dump.dll==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== End Of Log ============================
-
I assume you mean left click and wait to rename as with any other file..
Well i done this and changed it to OTLs and this didn't change anything.
-
Ran the above, unsure if you want to see any of the logs in this folder:
C:\Program Files\Tweaking.com\Windows Repair (All in One)\LogsThere are a fair amount of them.
Computer still did not boot first time on restart and I'm still unable to run FRST or OTL.
-
-
Only one thing found but it couldn't be deleted apparently:
Infected file C:\WINDOWS\system32\comres.dll could not be remediated because backup file is not available
Logs below:
mbar log:
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.orgDatabase version: v2013.11.18.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gaitens :: GAITENS-PC [administrator]18/11/2013 20:45:03
mbar-log-2013-11-18 (20-45-03).txtScan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 249586
Time elapsed: 36 minute(s), 38 second(s)Memory Processes Detected: 0
(No malicious items detected)Memory Modules Detected: 0
(No malicious items detected)Registry Keys Detected: 0
(No malicious items detected)Registry Values Detected: 0
(No malicious items detected)Registry Data Items Detected: 0
(No malicious items detected)Folders Detected: 0
(No malicious items detected)Files Detected: 0
(No malicious items detected)Physical Sectors Detected: 0
(No malicious items detected)(end)
system log:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007© Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.795000 GHz
Memory total: 2146676736, free: 1209090048Downloaded database version: v2013.11.18.07
Downloaded database version: v2013.10.11.02
Initializing...
======================
------------ Kernel report ------------
11/18/2013 20:44:55
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
sisagp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
Mup.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\Rtenicxp.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\delta.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\jswscimd.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasirda.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\wsimd.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\WINDOWS\system32\drivers\SBREdrv.sys
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\drivers\sbaphd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\system32\DRIVERS\bcmwlhigh5.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\NuidFltr.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\System32\Drivers\wdf01000.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\sbapifs.sys
\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
\SystemRoot\system32\DRIVERS\irda.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\LBeepKE.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8a88cab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-4\
Lower Device Object: 0xffffffff8a919030
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8a88cab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a907e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a88cab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a8b55a0, DeviceName: \Device\00000072\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8a919030, DeviceName: \Device\Ide\IdeDeviceP0T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: EDA9EDA9Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 176506092
Partition file system is NTFS
Partition is bootablePartition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 176506155 Numsec = 409593240Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0Disk Size: 300090728448 bytes
Sector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-62-586094704-586114704)...
Done!
Infected file C:\WINDOWS\system32\comres.dll could not be remediated because backup file is not available
Scan finished
=======================================Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\comres.dll_k.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\comres.dll_u.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\comres.dll_r.mbam...
Removal finished -
RK Log:
RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Gaitens [Admin rights]
Mode : Scan -- Date : 11/18/2013 01:17:18
| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Maxtor 6L300R0 +++++
--- User ---
[MBR] daef3885c3f5e5be5b6123fc841739e0
[bSP] eabd19050fc8e131129dcc55bc431920 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 86184 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 176506155 | Size: 199996 Mo
User = LL1 ... OK!
User = LL2 ... OK!Finished : << RKreport[0]_S_11182013_011718.txt >>
-
and again:
01:10:01.0546 0x060c C:\Program Files\HTC\HTC Sync 3.0\PIMAccess.dll - ok
01:10:01.0546 0x060c [ E7BE61EB1BDE3921FF0CDD24F1535332, C52BD14070E16BC837A9C44FE7FE10E27033BE0F4B0A831F0389B4A2B2D86B35 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
01:10:01.0546 0x060c C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
01:10:01.0562 0x060c [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll
01:10:01.0562 0x060c C:\WINDOWS\system32\oledlg.dll - ok
01:10:01.0562 0x060c [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:10:01.0562 0x060c C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
01:10:01.0562 0x060c [ 93A67AD03FD9C2286A4A5AD9A67F381A, C24EFF10B543D9340DB952B91F80880B93C9EA58FD22E1829875BE844F7334BC ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
01:10:01.0562 0x060c C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
01:10:01.0578 0x060c [ 1E114E34D8C1F6C0C061EAECCC2B7848, C0EB1C5092CD7F1BF691CF401A47D1EA5A902686EA99E52C64542F1D18A7CE5B ] C:\Program Files\HTC\HTC Sync 3.0\UpdateHelper.dll
01:10:01.0578 0x060c C:\Program Files\HTC\HTC Sync 3.0\UpdateHelper.dll - ok
01:10:01.0578 0x060c [ 22D71D1DB6FC789A1CE8AC6963580259, DD5307A108936AAE840F973F7F718A6954E173D4E210A375C75DB644B2162CFD ] C:\WINDOWS\system32\hhctrl.ocx
01:10:01.0578 0x060c C:\WINDOWS\system32\hhctrl.ocx - ok
01:10:01.0578 0x060c [ EEA46BF5D63A96B21E24FD0EFE4CAD56, 01E222D915460C857E19EE337D50A695972B0C690F9E196D3E2063DE0DDFB13A ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
01:10:01.0578 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
01:10:01.0593 0x060c [ FD9BB1596433AE242DEF9320E4645BDC, 7E8F7F5D8A12CBDDFF31F3CDEA12A6078C845F3738FBB2F5A6A1A352B021EE1C ] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe
01:10:01.0593 0x060c C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe - ok
01:10:01.0593 0x060c [ 3AF9BC6B8427923EF2D6E21A19861C58, 0ADE8D6DE6E601DAE00B1324ED64E5C521A9EF08D51FB4719631F8C07B0B48C5 ] C:\PROGRA~1\Yahoo!\browser\ycommon.dll
01:10:01.0593 0x060c C:\PROGRA~1\Yahoo!\browser\ycommon.dll - ok
01:10:01.0593 0x060c [ C5F1D82D9CC8979971CC748FCB2EE7CA, 7580FF135C12AAE5BE110A9949A842CFA4413C7E68186E81C8FF290E1C0EE26A ] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
01:10:01.0593 0x060c C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe - ok
01:10:01.0609 0x060c [ 314B4F7A8F49F056FF1DB8C4E6EB4B64, 3DB01A20C0243FA63E0C28E6147A1F650B17FD440477DFD1AE29D1F6DA36846F ] C:\Program Files\Yahoo!\browser\YCommonPS.dll
01:10:01.0609 0x060c C:\Program Files\Yahoo!\browser\YCommonPS.dll - ok
01:10:01.0609 0x060c [ 8A4D564076F8739C8C0C2B9A461F9408, 0731BDA5D90097D5BEEB8E6B1E3B290DD3820A0F5573A22BB8D5965B651F405B ] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
01:10:01.0609 0x060c C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll - ok
01:10:01.0609 0x060c [ 51201F338ABCB964F79BE0FAB97D4941, E4182F44349119E3A6270958563275A6A22DD995A97162BD0622961C0D159AF5 ] C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
01:10:01.0609 0x060c C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll - ok
01:10:01.0625 0x060c [ 04EEF4FC747068490A993C6A95B5EA7A, BD8AC26FFF5DA66B8E98F600B3B98F4E8E2273111578701F18B309AA4B94261F ] C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
01:10:01.0625 0x060c C:\WINDOWS\system32\M-AudioTaskBarIcon.exe - ok
01:10:01.0625 0x060c [ 06A4250C9E3606CAE3F68DA45702F342, AAC93069838640465D570D76A5E719E2695337CBB81A7D0849549B1EDCD60930 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
01:10:01.0625 0x060c C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
01:10:01.0625 0x060c [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
01:10:01.0625 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
01:10:01.0640 0x060c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
01:10:01.0640 0x060c C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
01:10:01.0640 0x060c [ 165AE7A443F2139DD2C078AD87699F91, 7DAA39FA20AA399548FE907B0614D9AA88A2FF9C0FA7E40F51BE7A0395AF31FB ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
01:10:01.0640 0x060c C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
01:10:01.0640 0x060c [ 5588812731C64305F2579DD8215037E0, 0FA8D3DE660670125C203B96FDA4DDF7A88B66C37F66E5F183C4BC7983E55709 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
01:10:01.0640 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe - ok
01:10:01.0656 0x060c [ 92F0C2F900FA70F2B614FEDCD59832DA, BACC12C88558EADECAE5541580A3DA601E9F186B650620A8A4AD1E9D98B3F267 ] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
01:10:01.0656 0x060c C:\Program Files\Spotify\Data\SpotifyWebHelper.exe - ok
01:10:01.0656 0x060c [ ADC90EBBE2823C23A0406ACD3D6E9312, 81134759A39C0191C72D6C0DEF72200FC9C117DB1FD56DC7465E5045F41AFE52 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
01:10:01.0656 0x060c C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL - ok
01:10:01.0656 0x060c [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
01:10:01.0656 0x060c C:\WINDOWS\system32\ctfmon.exe - ok
01:10:01.0671 0x060c [ 5E57EAB47E565BF754BCF99A410C3354, 23E64DEDBD2546FD84A14EB533C059BEC21866B51C3FD186287894E590247F40 ] C:\PROGRA~1\AD-AWA~1\AdAware.exe
01:10:01.0671 0x060c C:\PROGRA~1\AD-AWA~1\AdAware.exe - ok
01:10:01.0671 0x060c [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
01:10:01.0671 0x060c C:\WINDOWS\system32\msisip.dll - ok
01:10:01.0671 0x060c [ 6DEC53576FFD514FC1FE0688796370D5, 8B34F7E066B1764306DA29E6B586A8FB789E6056881E2556A4584F91808DED0C ] C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll
01:10:01.0671 0x060c C:\Program Files\HTC\HTC Sync 3.0\htcDetect.dll - ok
01:10:01.0687 0x060c [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
01:10:01.0687 0x060c C:\WINDOWS\system32\wshext.dll - ok
01:10:01.0687 0x060c [ A2D6B331E9AE6F0C998A14E2044D11D7, 774DFB70BFD5067FBD612337ED1CE98351ED1CB885A97A8A713B80104AB1A74C ] C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
01:10:01.0687 0x060c C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll - ok
01:10:01.0687 0x060c [ B1609DCD4CFD1BC66DE4B1FA9FDA7FB4, 954BF508E1CF000E668048033B488135C979C46DB322308B5FC4D4A1B8568635 ] C:\Program Files\HTC\HTC Sync 3.0\AutoplayControl.dll
01:10:01.0687 0x060c C:\Program Files\HTC\HTC Sync 3.0\AutoplayControl.dll - ok
01:10:01.0703 0x060c [ 49918803B661367023BF325CF602AFDC, 2821451FD31EAFCB5D3081998756F7274B4C2594E9A378EEE5C1D5D92C1FC58C ] C:\Program Files\iPod\bin\iPodService.exe
01:10:01.0703 0x060c C:\Program Files\iPod\bin\iPodService.exe - ok
01:10:01.0703 0x060c [ 40FA2F035ED88108850757CA51DAD942, C892EDD33F20FED5E8BFDFAC9DC58799B3DBE82BA1ED191929BEBEC3B626B6B0 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
01:10:01.0703 0x060c C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok
01:10:01.0703 0x060c [ 897CBB14ECD56948CF6A2564229C9126, 37E49379ED94994A08659C79B79415700D2A8AB617591F47E8A15B22A5EC2682 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
01:10:01.0703 0x060c C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
01:10:01.0718 0x060c [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\MSCTF.dll
01:10:01.0718 0x060c C:\WINDOWS\system32\MSCTF.dll - ok
01:10:01.0718 0x060c [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
01:10:01.0718 0x060c C:\WINDOWS\system32\msutb.dll - ok
01:10:01.0718 0x060c [ 55CAB0C877337E9E546D45CEA669F5A5, AA90B8099187D3A1BFC9E64DF9E005D65B6976A6945F32E9764A03CC2646BC8B ] C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
01:10:01.0718 0x060c C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll - ok
01:10:01.0734 0x060c [ FEBC6E4831E0A39DB34C69CBDE1B58BA, 8D9A99F222A7FBF5C689BC7B15F4248BABEAC9E33817F5C411D01D76448D2CAC ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\backweb.dll
01:10:01.0734 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\backweb.dll - ok
01:10:01.0734 0x060c [ 9C964C7C72FD732B1A0EEC80421EDAED, 3813EEBD2CA1ADF5C6545028F36333009D5A9F5ACC1B15100E3DED21DFDA033A ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
01:10:01.0734 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe - ok
01:10:01.0734 0x060c [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\SPTIP.dll
01:10:01.0734 0x060c C:\WINDOWS\ime\SPTIP.dll - ok
01:10:01.0750 0x060c [ C87001CBC0E191A4D21D8ABDF966AD0F, 1CA7A41CAFADA493CA84D52DED15C6B3FF470F5C8E332773107499421C676DF5 ] C:\Program Files\HTC\HTC Sync 3.0\FileSyncEngine.dll
01:10:01.0750 0x060c C:\Program Files\HTC\HTC Sync 3.0\FileSyncEngine.dll - ok
01:10:01.0750 0x060c [ 10CCD6842CA0FF024FBC9EE4F9B369BD, AC122268DB69A1CC12E520384727E4B234C2E8CB5B08A9533BD1856938B1F7FC ] C:\Program Files\HTC\HTC Sync 3.0\Utility.dll
01:10:01.0750 0x060c C:\Program Files\HTC\HTC Sync 3.0\Utility.dll - ok
01:10:01.0750 0x060c [ 341357B3632C40D2945E2FB4842E2EF6, CC46077AFA367F6996A3EDF4528AD34D577B4C337D1D49430C4B3A3150D4CDB1 ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwsec.dll
01:10:01.0750 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwsec.dll - ok
01:10:01.0765 0x060c [ A0B7FC085B98DBBC995F6B35CB50280F, 9166DEFCF19A8AFEE3235ADD9931BFE5980C649965BCE452CBF83152A4F5F8E2 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
01:10:01.0765 0x060c C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
01:10:01.0765 0x060c [ 4D3189DAB4A3AC3FF4B41CC5536571CD, EA2A5CF3AA1C68F15140A5ABF915C7D017419AC8747794799F0C49152265E2AF ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\clntutil.dll
01:10:01.0765 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\clntutil.dll - ok
01:10:01.0765 0x060c [ 9B7C7A89C8BEC0A8DF3DBEF3291B2CF7, 494E2201D9E024665BC58799D61C009CF8C04F7502E8EEC80954982402BBBBD3 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
01:10:01.0765 0x060c C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
01:10:01.0781 0x060c [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
01:10:01.0781 0x060c C:\WINDOWS\system32\snmpapi.dll - ok
01:10:01.0781 0x060c [ B2232D645FAD62FD49D7D3EFCB7B5FB4, E21C530B616C6B0E4AC7A42731DB1F289CE686D871977FBC2F4DAEBCC48A76B8 ] C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
01:10:01.0781 0x060c C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll - ok
01:10:01.0781 0x060c [ D9F1B39D3CD78BFD6AFB70490099BDC1, 3B7D58DA911351789370DE14A46E856498172CDB85C24D268481C14B637A6D28 ] C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.137\Program\EN\ClientRc.dll
01:10:01.0781 0x060c C:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.137\Program\EN\ClientRc.dll - ok
01:10:01.0796 0x060c [ DFFEC6479C5E00A103A44AC33A1058AA, 518C660B2F7FE29E21241780BA9C5DF2615A8F84B04D5FE500CD6BE6C1DE99A6 ] C:\WINDOWS\system32\wmvcore.dll
01:10:01.0796 0x060c C:\WINDOWS\system32\wmvcore.dll - ok
01:10:01.0796 0x060c [ 303A63F4B913AA5D8998161CB77A8CE7, 0CE864B852E32F803754DD8827120F717D55E531E4F2BC87ECEB005F30356333 ] C:\WINDOWS\system32\feclient.dll
01:10:01.0796 0x060c C:\WINDOWS\system32\feclient.dll - ok
01:10:01.0796 0x060c [ 7365B5CA9747C84178D42CCA72486277, C056EA9FCDA15964409DAAEB7B6FB2C21A306AA2744B1F1A19E6277A4351BD97 ] C:\WINDOWS\system32\wmasf.dll
01:10:01.0796 0x060c C:\WINDOWS\system32\wmasf.dll - ok
01:10:01.0812 0x060c [ A4E87B2BD2F7A31DBC8DE7C11F3CEE17, 25CC6A5949A304455BE746D0F0DC85D3F64B07E8FC452EF9F3B7D97724DA3BF4 ] C:\PROGRA~1\AD-AWA~1\htmlayout.dll
01:10:01.0812 0x060c C:\PROGRA~1\AD-AWA~1\htmlayout.dll - ok
01:10:01.0812 0x060c [ F7066900109916EE1D426BBD0A7B4DD1, 9A7BA22124974FD3782975EC9E7121029D6BA46FF88F1BA8F0812C4EDFE4AE3A ] C:\Program Files\HTC\HTC Sync 3.0\ItemSyncEngine.dll
01:10:01.0812 0x060c C:\Program Files\HTC\HTC Sync 3.0\ItemSyncEngine.dll - ok
01:10:01.0812 0x060c [ 08C2F2FF814C813DD5B68B313B8A1ABF, BDB2FE33545DA2BECF1B8E449DBDA1E5BA4790A7B4793C3389F01E7486D937F0 ] C:\Program Files\HTC\HTC Sync 3.0\MsgSyncEngine.dll
01:10:01.0812 0x060c C:\Program Files\HTC\HTC Sync 3.0\MsgSyncEngine.dll - ok
01:10:01.0828 0x060c [ F3196D214F08A910EFEB900D7AACD452, 17F97A8723D7732778411765CCCA2E9852B64A8BB99AE7310B489ECEB239D6E5 ] C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
01:10:01.0828 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll - ok
01:10:01.0828 0x060c [ 08A73B0E7EE6E32983B5F9E540A8E380, D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ] C:\WINDOWS\system32\mscoree.dll
01:10:01.0828 0x060c C:\WINDOWS\system32\mscoree.dll - ok
01:10:01.0828 0x060c [ A66A0D790D72E2898829A7B1C9FC61AD, 04ADC3273BBBDC7F57E09A1830BA7F9A881CB1692BBAB3BD6919E8B230CF46F4 ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\Cpuinf32.dll
01:10:01.0828 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\Cpuinf32.dll - ok
01:10:01.0843 0x060c [ 02E05F70A0862BABCB21A2C6569D4BF3, F13A8E54EF58BD87C3AD103E5EC4E6D24143D9514133068F5C4CAF247347CB50 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
01:10:01.0843 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
01:10:01.0843 0x060c [ AA9F767125592D07DB4A0BC841D96D35, 93CEA277D4DC533A2F16F0EBD4AF56838FC71F95DB4A2407A1EB4CA1AEBB2A3C ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll
01:10:01.0843 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll - ok
01:10:01.0843 0x060c [ F11CA562270B3802DBCD51EA9F4731BA, 03A53BAF6780B062FE649490451C76EA6493A0F0583C537157CD1B9A7C010FDF ] C:\Program Files\Logitech\SetPoint\SetPoint.exe
01:10:01.0843 0x060c C:\Program Files\Logitech\SetPoint\SetPoint.exe - ok
01:10:01.0859 0x060c [ 914D283AD234F3AF95905AEB57A8454F, B1689805CD398EEF5E1797A945DB185600B859FA67F7F3D124B91E0A32739459 ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwfiles.dll
01:10:01.0859 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwfiles.dll - ok
01:10:01.0859 0x060c [ 4D674959EA3525ECEE4DC0358E3C4103, F2AB3D5F63F07ADACD4149E389DCCB62254A362FB324DF86093710CA7B27190B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
01:10:01.0859 0x060c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll - ok
01:10:01.0859 0x060c [ D3D4BD94434A9CB4B35E82283EAE8EFB, 0C1B38EC7235CB397238C4D52349F431F0DE9D15FF4A4C6B3244023A9930BBFC ] C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
01:10:01.0859 0x060c C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe - ok
01:10:01.0875 0x060c [ 65675BF408B12FDD5E73F0996F149778, F0660DE91AC7819DEECC447B8698C5D7986AC8C4617B2001CDDAC22CA441B5EF ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\IadHide5.dll
01:10:01.0875 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\IadHide5.dll - ok
01:10:01.0875 0x060c [ AA9F767125592D07DB4A0BC841D96D35, 93CEA277D4DC533A2F16F0EBD4AF56838FC71F95DB4A2407A1EB4CA1AEBB2A3C ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll
01:10:01.0875 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll - ok
01:10:01.0875 0x060c [ FD20854BCA467C439A7A59DFABC6637A, B9DB0D5378853195CFCD84F9E76DB1B0D0471A9F312F44355557F505A5CC6F04 ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWDocMapExt.dll
01:10:01.0875 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWDocMapExt.dll - ok
01:10:01.0875 0x060c [ F69344D93E2BC1118F75D9B2776D2A8C, 0D0FA1BAABD04E340DB8E794D3FD3D303218AD4CB007A895A2C3EC535E37FED3 ] C:\WINDOWS\system32\KemUtil.dll
01:10:01.0875 0x060c C:\WINDOWS\system32\KemUtil.dll - ok
01:10:01.0890 0x060c [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll
01:10:01.0890 0x060c C:\WINDOWS\system32\mslbui.dll - ok
01:10:01.0890 0x060c [ 63E8D944AFBEEBB243F25C4ED07E74C5, 848AEE9975218939F7EB2C3548EA6AE235C54B1B2E2AF6835A034976A0CFDD28 ] C:\WINDOWS\system32\inetmib1.dll
01:10:01.0890 0x060c C:\WINDOWS\system32\inetmib1.dll - ok
01:10:01.0890 0x060c [ 02CFE63C03799157894499A83227F69D, 2126BC4961CB1E967236802B7EB6EA83E0AEA0EDAD09E32ECA6CEB638EA89F17 ] C:\Program Files\Logitech\SetPoint\SetPointCOM.DLL
01:10:01.0890 0x060c C:\Program Files\Logitech\SetPoint\SetPointCOM.DLL - ok
01:10:01.0906 0x060c [ 1509D7459A7EBE9B674ADD4108B74526, 429EB0FBF645DD2F7637768EDC0828606D1FBB8F16853E1423BBF60F65502FC1 ] C:\WINDOWS\system32\kemutb.dll
01:10:01.0906 0x060c C:\WINDOWS\system32\kemutb.dll - ok
01:10:01.0906 0x060c [ 5FEDB5B37FCC11592750BFC7D2C597B3, 402131B918B4CFCF1DC3AA7D00E390025C4F50C8576CA7E73B0B7C41F4A2432B ] C:\WINDOWS\system32\KemWnd.dll
01:10:01.0906 0x060c C:\WINDOWS\system32\KemWnd.dll - ok
01:10:01.0906 0x060c [ 5FD3B02F81B0480D5D6B43EFA0ADD4AD, 1481369E99E82101E74BD6438888BB73DDFD3EB7C314ED78D491A4A3D943A669 ] C:\WINDOWS\system32\KemXML.dll
01:10:01.0906 0x060c C:\WINDOWS\system32\KemXML.dll - ok
01:10:01.0921 0x060c [ C3951FD7FC4AEEC96EC62856B17FA420, B04EEF85064F4D0854B128BEF60144CCEAA80915E6CBB16937697AD41332552C ] C:\Program Files\Logitech\SetPoint\lgscroll.dll
01:10:01.0921 0x060c C:\Program Files\Logitech\SetPoint\lgscroll.dll - ok
01:10:01.0921 0x060c [ 0794CD09BE3D1E7A966C95E76FC86F47, 5D08099504FBDC8601C635F4358272B6E2A4D60B6AA5C7CC750A7EB12C1C6D64 ] C:\WINDOWS\system32\mshtml.dll
01:10:01.0921 0x060c C:\WINDOWS\system32\mshtml.dll - ok
01:10:01.0921 0x060c [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
01:10:01.0921 0x060c C:\WINDOWS\system32\msls31.dll - ok
01:10:01.0937 0x060c [ 1781F55C5C237C9FBD2EB0092F777CD8, 764EADCC0EE6937957434E9B73BA3D45AF468A9E8B9EF070CA8451315F753A1B ] C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
01:10:01.0937 0x060c C:\Program Files\NETGEAR\WNA1100\WNA1100.exe - ok
01:10:01.0937 0x060c [ 3B3835488C3B16127C365376E57CD0A3, 81B64D175D2205BAE4D7938FDC1771638154A5BB3C0C1791A012837B0481E8B3 ] C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll
01:10:01.0937 0x060c C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll - ok
01:10:01.0937 0x060c [ CB21D826D9C39AED19DD431C1880F5DE, F1FD0F1A54F196B19A6F21044092C89C02353DAD173C236D80F6474CB8A7EA7F ] C:\Program Files\HTC\HTC Sync 3.0\msvcp60.dll
01:10:01.0937 0x060c C:\Program Files\HTC\HTC Sync 3.0\msvcp60.dll - ok
01:10:01.0953 0x060c [ 5DA30E2C6D4CBEC3B5BD2ECF21FB7B14, 2750C2C61034C8A749788187DB45E7B7E613CFF0F2A36E0EA1BACBD54B87877B ] C:\Program Files\Logitech\SetPoint\IMHook.dll
01:10:01.0953 0x060c C:\Program Files\Logitech\SetPoint\IMHook.dll - ok
01:10:01.0953 0x060c [ 77D6AB8B4F27F1577BB11D77C87DD6AA, D23B048B58BA54AC521FA41834163D4C0F5A861AE77B4CD25164DFA99912E6EE ] C:\Program Files\Ad-Aware Antivirus\SBAMSvcPS.dll
01:10:01.0953 0x060c C:\Program Files\Ad-Aware Antivirus\SBAMSvcPS.dll - ok
01:10:01.0953 0x060c [ D5E459BED3DB9CF7FC6CC1455F177D2D, FCAB2130FAB57B6728C50D5B9E9924F001C43538DE4F675DE03537FF0D9B84BD ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
01:10:01.0953 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
01:10:01.0968 0x060c [ FC35D7D8D83B3F82A38D3F4FC1413510, 375D07A4C9C9866B3FC70841CD2D15DFC69995819206EC1CABF54B40ADCB4A86 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LiteInstActivator.dll
01:10:01.0968 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LiteInstActivator.dll - ok
01:10:01.0968 0x060c [ AA9F767125592D07DB4A0BC841D96D35, 93CEA277D4DC533A2F16F0EBD4AF56838FC71F95DB4A2407A1EB4CA1AEBB2A3C ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll
01:10:01.0968 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll - ok
01:10:01.0968 0x060c [ ACA938A939E3279DE1D07FB33BC39D02, 21134453665DAF17C9ACF8C797E81C5152273F4E0F507D45DD4CB3413846D900 ] C:\Program Files\HTC\HTC Sync 3.0\Maps\SyncEngine.API.dll
01:10:01.0968 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\SyncEngine.API.dll - ok
01:10:01.0984 0x060c [ C19552CDF948E69DB10500F36E395A6C, 6F642183680F99A5625344B938FE0601591AE624D50E9844D9DF31A3DEC44F15 ] C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWScriptExt.dll
01:10:01.0984 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWScriptExt.dll - ok
01:10:01.0984 0x060c [ 31CF51DCDA1424B813CC97B20F71B431, E3DEE0EA503F5F84B65CFD2A5216EC609313F05616E5F66605E45BA866206D1A ] C:\WINDOWS\system32\vbscript.dll
01:10:01.0984 0x060c C:\WINDOWS\system32\vbscript.dll - ok
01:10:01.0984 0x060c [ 723528449ED0D1B0AD98AF3EDF23101D, 85E00BA1E553367859ED676E0C559A6A79CE296E4B8E2996A315AFACC3CBC393 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
01:10:01.0984 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
01:10:02.0000 0x060c [ 7686EF44D476926BAA3412EDA4D4DD70, 8A51DC9FDEB6D0B5D83FEFD2A10917A01B1E05CB029D6095C2CF38BCE0BB2DC1 ] C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll
01:10:02.0000 0x060c C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll - ok
01:10:02.0000 0x060c [ 35E91579B68832B93F08FB94E0C5F2F1, 45D4DA59FCE1C64040C53C8AF5BCE55BC369CC8066DE7D2E4A12F30604DD5AFB ] C:\Program Files\Common Files\Logitech\KhalShared\KHALAPI.DLL
01:10:02.0000 0x060c C:\Program Files\Common Files\Logitech\KhalShared\KHALAPI.DLL - ok
01:10:02.0000 0x060c [ F0A0EBF086597E645BC14B0D98F8BA58, CB09BDD064F8B07CB7D08340D7DC76DC067EB8692DF0DAE55491CFB3AC7B5E6F ] C:\WINDOWS\system32\scrrun.dll
01:10:02.0000 0x060c C:\WINDOWS\system32\scrrun.dll - ok
01:10:02.0015 0x060c [ 6472932F2B6084EA1FB3F7F9493AC640, B1C4103D2B594194CD9238587990D2A06EB4DF199208FC99D50066639CA89D43 ] C:\WINDOWS\system32\wshom.ocx
01:10:02.0015 0x060c C:\WINDOWS\system32\wshom.ocx - ok
01:10:02.0015 0x060c [ 5F30686DC1E9950F0C62AD7BAB4A2F3C, EB4DC6FDE28547168D0760FDC105829F3B8B2DFBB508004083D0665B7EC45089 ] C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
01:10:02.0015 0x060c C:\Program Files\NETGEAR\WNA3100\WNA3100.exe - ok
01:10:02.0015 0x060c [ A22D2028ACB0504CE2F143042740B6ED, 32507C321F96F24697E9BC58A9E080261204098884226014C53B811D18F08FC5 ] C:\Program Files\Logitech\SetPoint\kgame.dll
01:10:02.0015 0x060c C:\Program Files\Logitech\SetPoint\kgame.dll - ok
01:10:02.0031 0x060c [ D4931277DF5393E84A48B27DF40914E3, 35B175E750B0EFE45ECBBB692561F8D56368ADF36FC7A61A2E9EB78FF8D649B9 ] C:\WINDOWS\system32\riched32.dll
01:10:02.0031 0x060c C:\WINDOWS\system32\riched32.dll - ok
01:10:02.0031 0x060c [ 314EAF513DFDDDD78CFF4DDAF2702727, 51C15E030440EF3100BFCA819E6CE4AA50BA24A5347C3C6F2F7A1AC49793DFF2 ] C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
01:10:02.0031 0x060c C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll - ok
01:10:02.0031 0x060c [ 132847836165759E5948F01A0A9970D7, 655961A57703E0A32DADF178F480116416FBFE50EC3D13F6F514D59372A2A0A5 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll
01:10:02.0031 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll - ok
01:10:02.0046 0x060c [ 3E6CCE1AE2F9BB87C186DADC462C271D, 7EFC64F697D9AD8D9D7154F59CB6B19003EDAF4A071E1705EF1FA56585905A00 ] C:\Program Files\Logitech\SetPoint\gamehook.dll
01:10:02.0046 0x060c C:\Program Files\Logitech\SetPoint\gamehook.dll - ok
01:10:02.0046 0x060c [ 5FA9B930E89B8CBBB51C4DAACC002207, 67728A5161A566BDB1E0B151AAD1CB88BE89859485F9977E559EFCC0AE69CD7F ] C:\Program Files\Ad-Aware Antivirus\oehook.dll
01:10:02.0046 0x060c C:\Program Files\Ad-Aware Antivirus\oehook.dll - ok
01:10:02.0046 0x060c [ 964EC91866D50FFD6A7F7CA7490227C1, A2BF014406CBD3C0661CAE4E2AEFF364CC8039CD7FA219E21CD6DAAAD44A1163 ] C:\Program Files\HTC\HTC Sync 3.0\Maps\SyncEngine.dll
01:10:02.0046 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\SyncEngine.dll - ok
01:10:02.0062 0x060c [ 2A769418ED33AA3E702C7327A6699E17, 4F4348EB76FC78E4DA5B7F6F6A4284C75AF68036115E286EC9C761ECB45EFBD7 ] C:\Program Files\Ad-Aware Antivirus\oecom.dll
01:10:02.0062 0x060c C:\Program Files\Ad-Aware Antivirus\oecom.dll - ok
01:10:02.0062 0x060c [ 84F862608BAA7640576D5A073BF0EF12, A1D7C109596F08F7E4777E69A36C5A32768BA5ACF500E72051DE1BAF0AA17B1F ] C:\Program Files\HTC\HTC Sync 3.0\Maps\ApplicationUtils.dll
01:10:02.0062 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\ApplicationUtils.dll - ok
01:10:02.0062 0x060c [ 89542A319D18140413D719615B5433B5, 11D48742AFD26EDB0057AB61CCC1E8F55C284D4437E682D37DB3D08D7B0BC854 ] C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
01:10:02.0062 0x060c C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
01:10:02.0078 0x060c [ F41EF9D55C52703AD25AB47C86BE4DF4, 65DA04503E15A3E771120FF002F0642DA048C6F8AC48E1707C2696005BD88031 ] C:\Program Files\Logitech\SetPoint\LogitechUpdate.exe
01:10:02.0078 0x060c C:\Program Files\Logitech\SetPoint\LogitechUpdate.exe - ok
01:10:02.0078 0x060c [ FFDE5245589FFA24C5075203D2A9C314, EA1D9D2FB101ECE560CD320696973A26F4867FD3BE1F8691B622E5F40D3FBFDC ] C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
01:10:02.0078 0x060c C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe - ok
01:10:02.0078 0x060c [ 98E6D25747919451C67CB4BF517F33B4, E774CB944AD604B0E2EBDB4523804662931CD95341A7C33F6A1730E9D4FFB277 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
01:10:02.0078 0x060c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll - ok
01:10:02.0093 0x060c [ 1E74DFFD0C9C9CA885159FD1F0B2DD36, 47A6AE97FEEDDC562DBDA4ADF16025B1BE2DE76D3A625B7B89D078FD5ED4C2B9 ] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.dll
01:10:02.0093 0x060c C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.dll - ok
01:10:02.0093 0x060c [ CFF61A7F4FBD3F855B8F15BDCCDF0724, 63202146F60B2DDBADBE9600260256B83B465219E1A8049437911C8D6199B0E2 ] C:\Program Files\HTC\HTC Sync 3.0\Maps\DevicesCommon.dll
01:10:02.0093 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\DevicesCommon.dll - ok
01:10:02.0093 0x060c [ 9F01035D09841E8247C039DDFC12BBF0, AB7CA03E08933ADDEE146C31CBBFADB76B3D6BDF2A0F334AFB32CC2DF4817051 ] C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
01:10:02.0093 0x060c C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
01:10:02.0109 0x060c [ D5158D252C15226D01A633E7240DF0BA, 682DBC1362E9712D00F58E4BB5171216B5BEABF31E750D62639B369901DC2467 ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
01:10:02.0109 0x060c C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
01:10:02.0109 0x060c [ E76C575AA4CB5DD2C1BD23D89AF9B662, F9B105A9E986B38F0771E4957C5B2639C15A0D355201605A29B4DF87A4FD3837 ] C:\Program Files\Common Files\Logitech\KhalShared\KHALITCH.dll
01:10:02.0109 0x060c C:\Program Files\Common Files\Logitech\KhalShared\KHALITCH.dll - ok
01:10:02.0109 0x060c [ 4947BE37C54DF7B9F4DA6AEB52BA9543, 0392AE6AAE898658B76938CF9F1F9CA51E9A160034EB2AEF2D16CB460A5AEFD4 ] C:\Program Files\Common Files\Logitech\KhalShared\KHALHPP.dll
01:10:02.0109 0x060c C:\Program Files\Common Files\Logitech\KhalShared\KHALHPP.dll - ok
01:10:02.0125 0x060c [ 540E133BB34B6E3380E3292282EE1B22, C6176CED123FF0473EEFEEA4106920D2A7F7342720B18DD038A60C96261D54EE ] C:\Program Files\Common Files\Logitech\KhalShared\KHALMW.dll
01:10:02.0125 0x060c C:\Program Files\Common Files\Logitech\KhalShared\KHALMW.dll - ok
01:10:02.0125 0x060c [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe
01:10:02.0125 0x060c C:\WINDOWS\system32\regsvr32.exe - ok
01:10:02.0125 0x060c [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
01:10:02.0125 0x060c C:\WINDOWS\system32\drprov.dll - ok
01:10:02.0140 0x060c [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
01:10:02.0140 0x060c C:\WINDOWS\system32\ntlanman.dll - ok
01:10:02.0140 0x060c [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
01:10:02.0140 0x060c C:\WINDOWS\system32\netui0.dll - ok
01:10:02.0140 0x060c [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
01:10:02.0140 0x060c C:\WINDOWS\system32\netui1.dll - ok
01:10:02.0156 0x060c [ CA88007C86D0B753E0252DEF588C9AE5, E961A56E7BDECC92AED3BA737F35D5317706A19605F3D3BB3D66EC6ADD7B5C3A ] C:\Program Files\Logitech\SetPoint\SetPointCOMMM9.dll
01:10:02.0156 0x060c C:\Program Files\Logitech\SetPoint\SetPointCOMMM9.dll - ok
01:10:02.0156 0x060c [ A59775245C30B9CAC21248308C84E7F8, 74A9708A6366B8ADD6E032849252C2493AC498C4AB1C6CB834943E172BA80A31 ] C:\Program Files\Logitech\SetPoint\SetPointCOMWMP9.dll
01:10:02.0156 0x060c C:\Program Files\Logitech\SetPoint\SetPointCOMWMP9.dll - ok
01:10:02.0156 0x060c [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
01:10:02.0156 0x060c C:\WINDOWS\system32\davclnt.dll - ok
01:10:02.0171 0x060c [ 219AF0F9A54EBEEB3E7E20025D801034, B1E5607C27A7475FFF843428F2FBFA85ACA9829D8AA218CB1AB7B8E108F74DD7 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
01:10:02.0171 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
01:10:02.0171 0x060c [ 81D2A27C916C7830743E4AFA454099F7, 48E0860DE47517ADEF303E3F16BE11D8BAD13CC675FF3BEE7D81B567BFA59FFD ] C:\WINDOWS\system32\WpdShext.dll
01:10:02.0171 0x060c C:\WINDOWS\system32\WpdShext.dll - ok
01:10:02.0171 0x060c [ 4C48F1B30A82583CAEE0DA02DD7259EE, BAD65E874EF5ED0B1BC13224ECF1BF58CF4681EFC8AB5ED41BD20ABBE3F6C12A ] C:\WINDOWS\system32\audiodev.dll
01:10:02.0171 0x060c C:\WINDOWS\system32\audiodev.dll - ok
01:10:02.0187 0x060c [ 51301ACC5E5FDA65CFA1968395E5D951, 105C78CBA5EE7F4AFC1EA22599241C58B4AC1A7182A8506D80227D5F4D6D5DA3 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
01:10:02.0187 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
01:10:02.0187 0x060c [ BF67AC2C1F41BE892B98E9B8E91C0CB8, 431B0C05C1243864CBECE189400EC8BE7C1ABEE37360C40FED40C66051D01F3D ] C:\WINDOWS\system32\wiashext.dll
01:10:02.0187 0x060c C:\WINDOWS\system32\wiashext.dll - ok
01:10:02.0187 0x060c [ 98B17BDA1D0BEA2FC8313DB218C0139F, 0BF678F7FA1A7878042BBF5BE22F798104C78238A879E1F0D488BD2D3561D893 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
01:10:02.0187 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
01:10:02.0203 0x060c [ 30B5A2254561E21CCC7BA21F80165D0B, 0D19E38BF7C94C3F5708F962C7D58EC7D000B91115EE37385492B60C0D83D5B8 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
01:10:02.0203 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
01:10:02.0203 0x060c [ 44DE39CB56D1919346C09C92A4B57C69, BF19497908A0DE0D65FF95C1FA723101BBE9BCB91966B9894DB6AB0C7BE04CDB ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
01:10:02.0203 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
01:10:02.0203 0x060c [ 88E05F3B2031980A48D458EB78C67659, 060A33F770835FA60172C4E02F4C1D3D19D643A2E915D478D07A01788AD5FDB2 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
01:10:02.0203 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
01:10:02.0218 0x060c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] C:\WINDOWS\system32\drivers\fastfat.sys
01:10:02.0218 0x060c C:\WINDOWS\system32\drivers\fastfat.sys - ok
01:10:02.0218 0x060c [ 16F96C1496CBD0965285AB19A9271D02, 14313A0EFD85CCBDE8D6084144DBADD68CFE38241F76F99C356F7BE7B8E93530 ] C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
01:10:02.0218 0x060c C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
01:10:02.0218 0x060c [ 38BAAD389B24454993AA78F70984DADE, 982A98A162DF957C7F63F49D49E11927ABA4461C6EEA9DA9F33ACC3F55521165 ] C:\Program Files\HTC\HTC Sync 3.0\Maps\DeviceScanning.dll
01:10:02.0218 0x060c C:\Program Files\HTC\HTC Sync 3.0\Maps\DeviceScanning.dll - ok
01:10:02.0234 0x060c [ 21AF83894420D47152A8F43C564A359E, 9259C8BA6854746B19E5A3FAC016FCEC322CDF61B008D94598A0A94E9E8F5D7B ] C:\Program Files\HTC\HTC Sync 3.0\HtcUpctApi.dll
01:10:02.0234 0x060c C:\Program Files\HTC\HTC Sync 3.0\HtcUpctApi.dll - ok
01:10:02.0234 0x060c [ 860FAD57B4668A9F5F350A9D5444AE89, 841D463DC71F4B9D511CE8335BDABE59FD4631D6FE6FF946CB4F286602338BE4 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
01:10:02.0234 0x060c C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
01:10:02.0234 0x060c [ A5B31A4397B880EF5A27544E14653DE3, 0693836DA4FDD2A4F2C955924F3ACACEB9D08D4FE922450A64CE941DD5A64FD1 ] C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll
01:10:02.0234 0x060c C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll - ok
01:10:02.0250 0x060c [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\MSIMTF.dll
01:10:02.0250 0x060c C:\WINDOWS\system32\MSIMTF.dll - ok
01:10:02.0250 0x060c [ D43637F8E835DDF2FE95FBE6242494B0, D9F6820E1C8BDB79A065367CFBD05531D47542E4F09A991C0A6CADD9CC19CB0D ] C:\WINDOWS\ime\SPGRMR.dll
01:10:02.0250 0x060c C:\WINDOWS\ime\SPGRMR.dll - ok
01:10:02.0250 0x060c [ A7E8525FA8788CA52F728414A65BA349, 6515D3DA08EBBD721433FDA0829E2A010E6D7DA574B3ACB72DA2C45016F9A579 ] C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL
01:10:02.0250 0x060c C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL - ok
01:10:02.0265 0x060c [ 0689622E6484934EB6E5F4D3A96311F9, A7D417556512F0FB129939F70835529F3EAC3D5ACBECE5B960A97C2605AF0833 ] C:\WINDOWS\system32\jscript.dll
01:10:02.0265 0x060c C:\WINDOWS\system32\jscript.dll - ok
01:10:02.0296 0x060c AV detected via SS1: Lavasoft Ad-Aware, 5.0.5116, disabled, updated
01:10:02.0296 0x060c FW detected via SS1: Lavasoft Ad-Aware, 5.0.5116, disabled
01:10:02.0296 0x060c Win FW state via NFM: enabled
01:10:02.0296 0x060c ============================================================
01:10:02.0296 0x060c Scan finished
01:10:02.0296 0x060c ============================================================
01:10:02.0312 0x0830 Detected object count: 15
01:10:02.0312 0x0830 Actual detected object count: 15
01:10:42.0359 0x0830 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0359 0x0830 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0359 0x0830 DELTA ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0359 0x0830 DELTA ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 LBeepKE ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 LBeepKE ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0375 0x0830 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0375 0x0830 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 RDID1061 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 RDID1061 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 WSWNA1100 ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 WSWNA1100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:10:42.0390 0x0830 YPCService ( UnsignedFile.Multi.Generic ) - skipped by user
01:10:42.0390 0x0830 YPCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:12:03.0687 0x0174 Deinitialize success -
and contined again:
01:10:00.0281 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
01:10:00.0281 0x060c [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
01:10:00.0281 0x060c C:\WINDOWS\system32\certcli.dll - ok
01:10:00.0281 0x060c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
01:10:00.0281 0x060c C:\WINDOWS\system32\dmserver.dll - ok
01:10:00.0296 0x060c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
01:10:00.0296 0x060c C:\WINDOWS\system32\ersvc.dll - ok
01:10:00.0296 0x060c [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Program Files\Google\Update\GoogleUpdate.exe
01:10:00.0296 0x060c C:\Program Files\Google\Update\GoogleUpdate.exe - ok
01:10:00.0296 0x060c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
01:10:00.0296 0x060c C:\WINDOWS\system32\es.dll - ok
01:10:00.0312 0x060c [ 6D6B5D52BB81F82F5D0103E6175D1F4F, 14DE1E4C28FC5F8CFFA7D925561DC1F237D55DD663836E20AA4D7485B01C261D ] C:\Program Files\Google\Update\1.3.21.165\goopdate.dll
01:10:00.0312 0x060c C:\Program Files\Google\Update\1.3.21.165\goopdate.dll - ok
01:10:00.0312 0x060c [ 8BA9851E671E8B5E49E303748FFD530C, A2CBF71C3449BA71739E9E805D2EB9F9242AD9D839AF5B4C4F7ADC00C239FB38 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
01:10:00.0312 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
01:10:00.0312 0x060c [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
01:10:00.0312 0x060c C:\WINDOWS\system32\dbghelp.dll - ok
01:10:00.0328 0x060c [ 5E33C164DC7FA74728D8A83036C438BB, E8E19F3A8D2E91393146FB672478E3DB4F9AF8E87CD8C723B4AF0DBF16E32BB6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
01:10:00.0328 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
01:10:00.0328 0x060c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
01:10:00.0328 0x060c C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
01:10:00.0328 0x060c [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] C:\Program Files\Java\jre7\bin\jqs.exe
01:10:00.0328 0x060c C:\Program Files\Java\jre7\bin\jqs.exe - ok
01:10:00.0343 0x060c [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
01:10:00.0343 0x060c C:\WINDOWS\system32\hid.dll - ok
01:10:00.0343 0x060c [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll
01:10:00.0343 0x060c C:\WINDOWS\system32\hidserv.dll - ok
01:10:00.0343 0x060c [ CF7B0E597C1F34E528285495721DEEE9, 59D8590D487F31DF38E389DF41D96951D14FC759E14F683465C17C0CAABD568F ] C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
01:10:00.0343 0x060c C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe - ok
01:10:00.0359 0x060c [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
01:10:00.0359 0x060c C:\WINDOWS\system32\mstask.dll - ok
01:10:00.0359 0x060c [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files\Java\jre7\bin\msvcr100.dll
01:10:00.0359 0x060c C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
01:10:00.0359 0x060c [ B28C741AE2912A079CF90041A9E5C0A4, D4730585D24E89F1426091E9AAEC4C93D4F4D68BF06796FB9875966130BAC81D ] C:\WINDOWS\system32\drivers\LBeepKE.sys
01:10:00.0359 0x060c C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
01:10:00.0375 0x060c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
01:10:00.0375 0x060c C:\WINDOWS\system32\srvsvc.dll - ok
01:10:00.0375 0x060c [ F8B823414A22DBF3BEC10DCAA5F93CD8, 651C7521033439C0AA9006F1AC2CF376B1588CE781BEE4D10B7622FA3D055F6C ] C:\Program Files\Common Files\Motive\McciCMService.exe
01:10:00.0375 0x060c C:\Program Files\Common Files\Motive\McciCMService.exe - ok
01:10:00.0375 0x060c [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
01:10:00.0375 0x060c C:\WINDOWS\system32\netmsg.dll - ok
01:10:00.0390 0x060c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
01:10:00.0390 0x060c C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
01:10:00.0390 0x060c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
01:10:00.0390 0x060c C:\WINDOWS\system32\drivers\srv.sys - ok
01:10:00.0390 0x060c [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
01:10:00.0390 0x060c C:\WINDOWS\system32\perfos.dll - ok
01:10:00.0406 0x060c [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
01:10:00.0406 0x060c C:\WINDOWS\system32\perfdisk.dll - ok
01:10:00.0406 0x060c [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
01:10:00.0406 0x060c C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe - ok
01:10:00.0406 0x060c [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] C:\WINDOWS\system32\HPZipm12.exe
01:10:00.0406 0x060c C:\WINDOWS\system32\HPZipm12.exe - ok
01:10:00.0421 0x060c [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
01:10:00.0421 0x060c C:\WINDOWS\system32\ipsecsvc.dll - ok
01:10:00.0421 0x060c [ BCE943896289A91AD75CC5652620B1C6, 6D261602C210888DD26215115A43FDCA29A96FFE649ABF0B7E67080B7DEAECED ] C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
01:10:00.0421 0x060c C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe - ok
01:10:00.0421 0x060c [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll
01:10:00.0421 0x060c C:\WINDOWS\system32\oakley.dll - ok
01:10:00.0437 0x060c [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
01:10:00.0437 0x060c C:\WINDOWS\system32\regsvc.dll - ok
01:10:00.0437 0x060c [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
01:10:00.0437 0x060c C:\WINDOWS\system32\pstorsvc.dll - ok
01:10:00.0437 0x060c [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
01:10:00.0437 0x060c C:\WINDOWS\system32\winipsec.dll - ok
01:10:00.0453 0x060c [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
01:10:00.0453 0x060c C:\WINDOWS\system32\psbase.dll - ok
01:10:00.0453 0x060c [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
01:10:00.0453 0x060c C:\WINDOWS\system32\dssenh.dll - ok
01:10:00.0453 0x060c [ 6474634AE2A5BADC279F86C10ABDA06F, 54F24D02DA7535CC7668ADF48C8F991734FCCC074477EA53C3900639E4273C97 ] C:\Program Files\Ad-Aware Antivirus\SpursDownload.dll
01:10:00.0453 0x060c C:\Program Files\Ad-Aware Antivirus\SpursDownload.dll - ok
01:10:00.0468 0x060c [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
01:10:00.0468 0x060c C:\WINDOWS\system32\winhttp.dll - ok
01:10:00.0468 0x060c [ 9C883843FA33BDAD926E237AB5F765E0, E44ED27E3F5FC923E4FD4A2D6C2F6C105CE86EF1714F2A64884654481E6DC720 ] C:\Program Files\Ad-Aware Antivirus\SBTE.dll
01:10:00.0468 0x060c C:\Program Files\Ad-Aware Antivirus\SBTE.dll - ok
01:10:00.0468 0x060c [ E0EB8DDB9CA785F2A0D7EC9E268EFCB0, 47D0BA0D3004A22D74E193D3CA6709D5B99D51402201E525E5AAC64AA11A8966 ] C:\Program Files\Ad-Aware Antivirus\sbap.dll
01:10:00.0468 0x060c C:\Program Files\Ad-Aware Antivirus\sbap.dll - ok
01:10:00.0484 0x060c [ 9B34A300F29D2E9BBD397BC0E3FFAB9B, E0D483AA8C0E1B3821282A6152AD6600803EFFB3A5D352BC56968F6F5291B1C0 ] C:\Program Files\Ad-Aware Antivirus\SBArva.dll
01:10:00.0484 0x060c C:\Program Files\Ad-Aware Antivirus\SBArva.dll - ok
01:10:00.0484 0x060c [ 9CE7BD04EDF43A81685030FF09E7F4D7, 964470B01D1974851358D018C35DD7AB5A2B59DCB6E7961E4DC77C4EE8BCC4FF ] C:\Program Files\Ad-Aware Antivirus\mimepp.dll
01:10:00.0484 0x060c C:\Program Files\Ad-Aware Antivirus\mimepp.dll - ok
01:10:00.0484 0x060c [ 293864F48B7FA48DE3A3984C150B58F8, 07519FBB0DD8AA1912C851ABDD898BDD399463353B5862CC6B22870ECBC6EE03 ] C:\Program Files\Ad-Aware Antivirus\SbHips.dll
01:10:00.0484 0x060c C:\Program Files\Ad-Aware Antivirus\SbHips.dll - ok
01:10:00.0500 0x060c [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
01:10:00.0500 0x060c C:\WINDOWS\system32\userinit.exe - ok
01:10:00.0500 0x060c [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe
01:10:00.0500 0x060c C:\WINDOWS\system32\WgaTray.exe - ok
01:10:00.0500 0x060c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
01:10:00.0500 0x060c C:\WINDOWS\system32\seclogon.dll - ok
01:10:00.0515 0x060c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
01:10:00.0515 0x060c C:\WINDOWS\system32\sens.dll - ok
01:10:00.0515 0x060c [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
01:10:00.0515 0x060c C:\WINDOWS\explorer.exe - ok
01:10:00.0515 0x060c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
01:10:00.0515 0x060c C:\WINDOWS\system32\srsvc.dll - ok
01:10:00.0531 0x060c [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
01:10:00.0531 0x060c C:\WINDOWS\system32\browseui.dll - ok
01:10:00.0531 0x060c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
01:10:00.0531 0x060c C:\WINDOWS\system32\trkwks.dll - ok
01:10:00.0531 0x060c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll
01:10:00.0531 0x060c C:\WINDOWS\system32\wiaservc.dll - ok
01:10:00.0546 0x060c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
01:10:00.0546 0x060c C:\WINDOWS\system32\wbem\wmisvc.dll - ok
01:10:00.0546 0x060c [ 35A20217C4D06D1D36A3ADDFD8CE58C2, 17E7C260BF50F7D4C91AB54655B824F23DE344F32515136A561A7C7631FA4E70 ] C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
01:10:00.0546 0x060c C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe - ok
01:10:00.0562 0x060c [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
01:10:00.0562 0x060c C:\WINDOWS\system32\mscms.dll - ok
01:10:00.0562 0x060c [ A75BD227929CBE5097DD0B7C53ECF6F7, 071C31D3EDFD81607BC6EE7819BD8B6179AD3E7B4BF9722FCC57D3D38D059D82 ] C:\WINDOWS\system32\shdocvw.dll
01:10:00.0562 0x060c C:\WINDOWS\system32\shdocvw.dll - ok
01:10:00.0562 0x060c [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
01:10:00.0562 0x060c C:\WINDOWS\system32\vssapi.dll - ok
01:10:00.0578 0x060c [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
01:10:00.0578 0x060c C:\WINDOWS\system32\comsvcs.dll - ok
01:10:00.0578 0x060c [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
01:10:00.0578 0x060c C:\WINDOWS\system32\cryptnet.dll - ok
01:10:00.0593 0x060c [ 869E96DB271E01CF2FF8DBED91422723, D975FA931542313AC0860CAEC302547E04FA9C6E86696D5A701AAA5D9582540F ] C:\Program Files\Ad-Aware Antivirus\vipre.dll
01:10:00.0593 0x060c C:\Program Files\Ad-Aware Antivirus\vipre.dll - ok
01:10:00.0593 0x060c [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll
01:10:00.0593 0x060c C:\WINDOWS\system32\LegitCheckControl.dll - ok
01:10:00.0609 0x060c [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
01:10:00.0609 0x060c C:\WINDOWS\system32\wbem\wbemprox.dll - ok
01:10:00.0625 0x060c [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
01:10:00.0625 0x060c C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
01:10:00.0625 0x060c [ 1D570D48487747D617ADAE280D9EDCED, 1F178885E0C9D2F78F2E53ECA7D4874843AEF68CA0A04AE8FE459F1ABCF36497 ] C:\Program Files\Ad-Aware Antivirus\Definitions\remediation.dll
01:10:00.0625 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\remediation.dll - ok
01:10:00.0625 0x060c [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
01:10:00.0625 0x060c C:\WINDOWS\system32\colbact.dll - ok
01:10:00.0640 0x060c [ 689A85364D1FD21344852EC4694AE984, 5C437255507DA3C00F77DA00EA5AED178E0550CD482BE4BCB3E04046A89E00B9 ] C:\Program Files\Ad-Aware Antivirus\Definitions\vcore.dll
01:10:00.0640 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\vcore.dll - ok
01:10:00.0640 0x060c [ E7C84A8A763C460FE182F4DCBC17B9DC, 5DDBBC88E34056ED8BD6E6C6B05B02593AB780C4FCC53D8A4AB919C226F23376 ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
01:10:00.0640 0x060c C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok
01:10:00.0640 0x060c [ 4EA92135C436D18975C2EBEC242B71DA, DD2B489667D9A196D120A9AE73E5DA9CECD92E876A59C9C0645DA4C641E8F4B4 ] C:\WINDOWS\system32\icmp.dll
01:10:00.0640 0x060c C:\WINDOWS\system32\icmp.dll - ok
01:10:00.0656 0x060c [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
01:10:00.0656 0x060c C:\WINDOWS\system32\mtxclu.dll - ok
01:10:00.0656 0x060c [ FAEADA2F2E1C3EA8F8BBD0BC7EF72EE0, 02F8931A5256E2AAFAE5D3B55D9C81DE3A4D7004C571B74E9AB32D235D08D342 ] C:\Program Files\NETGEAR\WNA1100\WifiLib.dll
01:10:00.0656 0x060c C:\Program Files\NETGEAR\WNA1100\WifiLib.dll - ok
01:10:00.0671 0x060c [ 8D566D1D239B3AFE06DCA53264A1ED44, FCE2639982052803B02358A4DB3B1F985073819F95025FEAA635E48527010310 ] C:\WINDOWS\system32\AcSignIcon.dll
01:10:00.0671 0x060c C:\WINDOWS\system32\AcSignIcon.dll - ok
01:10:00.0671 0x060c [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
01:10:00.0671 0x060c C:\WINDOWS\system32\clusapi.dll - ok
01:10:00.0671 0x060c [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
01:10:00.0671 0x060c C:\WINDOWS\system32\resutils.dll - ok
01:10:00.0687 0x060c [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
01:10:00.0687 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
01:10:00.0687 0x060c [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
01:10:00.0687 0x060c C:\WINDOWS\system32\wbem\wbemcore.dll - ok
01:10:00.0687 0x060c [ F5A28ABEF0C0D109C206173F18AA905B, 5A5AD6909E889C16A37210C8671538D08755B970E09B07B7E8C1456B9F4F65D7 ] C:\WINDOWS\system32\wcapi.dll
01:10:00.0687 0x060c C:\WINDOWS\system32\wcapi.dll - ok
01:10:00.0703 0x060c [ 7174D3AA396B2184D8A8A3B3C5E09623, 265060E07176C6081CBF82E21C0A216C44924CCAD1F101C8DDD1C04073360358 ] C:\WINDOWS\system32\fuusd.dll
01:10:00.0703 0x060c C:\WINDOWS\system32\fuusd.dll - ok
01:10:00.0703 0x060c [ 6C58A857BF667B72EEFBD5DF2269F7AB, C89E0A287E7167EA33EAA36AECE8407C7F46FDEE4C896DD96066C63B7AFE07CC ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
01:10:00.0703 0x060c C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok
01:10:00.0703 0x060c [ C82519398737215BF7B0406C36791220, D6F01807491ABC56703A84F921019D30531BCA7F7D104D9B655433FA0FF28652 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll
01:10:00.0703 0x060c C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok
01:10:00.0718 0x060c [ AD60BBB0781E0199FEE51612146BAB69, C9D8CEC1E946D7FE0350FA4C2338D5661476D4DBC3963BDA2A73AFFF0E62539F ] C:\WINDOWS\system32\athcfg20.dll
01:10:00.0718 0x060c C:\WINDOWS\system32\athcfg20.dll - ok
01:10:00.0718 0x060c [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
01:10:00.0718 0x060c C:\WINDOWS\system32\wbem\esscli.dll - ok
01:10:00.0718 0x060c [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
01:10:00.0718 0x060c C:\WINDOWS\system32\mfc42.dll - ok
01:10:00.0734 0x060c [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
01:10:00.0734 0x060c C:\WINDOWS\system32\wbem\fastprox.dll - ok
01:10:00.0734 0x060c [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
01:10:00.0734 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
01:10:00.0734 0x060c [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
01:10:00.0734 0x060c C:\WINDOWS\system32\desk.cpl - ok
01:10:00.0750 0x060c [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
01:10:00.0750 0x060c C:\WINDOWS\system32\actxprxy.dll - ok
01:10:00.0750 0x060c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
01:10:00.0750 0x060c C:\WINDOWS\system32\wuaueng.dll - ok
01:10:00.0750 0x060c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
01:10:00.0750 0x060c C:\WINDOWS\system32\wuauserv.dll - ok
01:10:00.0765 0x060c [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
01:10:00.0765 0x060c C:\WINDOWS\system32\themeui.dll - ok
01:10:00.0765 0x060c [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
01:10:00.0765 0x060c C:\WINDOWS\system32\cabinet.dll - ok
01:10:00.0765 0x060c [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
01:10:00.0765 0x060c C:\WINDOWS\system32\mspatcha.dll - ok
01:10:00.0781 0x060c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
01:10:00.0781 0x060c C:\WINDOWS\system32\browser.dll - ok
01:10:00.0781 0x060c [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
01:10:00.0781 0x060c C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
01:10:00.0781 0x060c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
01:10:00.0781 0x060c C:\WINDOWS\system32\ipnathlp.dll - ok
01:10:00.0796 0x060c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
01:10:00.0796 0x060c C:\WINDOWS\system32\wscsvc.dll - ok
01:10:00.0796 0x060c [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
01:10:00.0796 0x060c C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
01:10:00.0796 0x060c [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
01:10:00.0796 0x060c C:\WINDOWS\system32\wbem\wmiutils.dll - ok
01:10:00.0812 0x060c [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
01:10:00.0812 0x060c C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
01:10:00.0812 0x060c [ D1B01B7933F26211E80EAC667A909E1B, 9515F423FC74D84CB9B8CFDCB94017697D85ADBDFCECC9BE70D755D253EA7F27 ] C:\Program Files\Ad-Aware Antivirus\Definitions\patchw32.dll
01:10:00.0812 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\patchw32.dll - ok
01:10:00.0812 0x060c [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
01:10:00.0812 0x060c C:\WINDOWS\system32\cmd.exe - ok
01:10:00.0828 0x060c [ 6AFF6AAC545E16B84972A9B402F632E2, 8A2EEB2E7E72149DD42778C6FD5352C33149D679CF3478F9C81DE91048891CFD ] C:\WINDOWS\system32\ieframe.dll
01:10:00.0828 0x060c C:\WINDOWS\system32\ieframe.dll - ok
01:10:00.0828 0x060c [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
01:10:00.0828 0x060c C:\WINDOWS\system32\wups.dll - ok
01:10:00.0828 0x060c [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
01:10:00.0828 0x060c C:\WINDOWS\system32\wups2.dll - ok
01:10:00.0843 0x060c [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
01:10:00.0843 0x060c C:\WINDOWS\system32\wbem\wbemess.dll - ok
01:10:00.0843 0x060c [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
01:10:00.0843 0x060c C:\WINDOWS\system32\wuauclt.exe - ok
01:10:00.0843 0x060c [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
01:10:00.0843 0x060c C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
01:10:00.0859 0x060c [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll
01:10:00.0859 0x060c C:\WINDOWS\system32\wuapi.dll - ok
01:10:00.0859 0x060c [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
01:10:00.0859 0x060c C:\WINDOWS\system32\wbem\ncprov.dll - ok
01:10:00.0859 0x060c [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
01:10:00.0859 0x060c C:\WINDOWS\system32\wbem\wbemcons.dll - ok
01:10:00.0875 0x060c [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe
01:10:00.0875 0x060c C:\WINDOWS\system32\wscntfy.exe - ok
01:10:00.0875 0x060c [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll
01:10:00.0875 0x060c C:\WINDOWS\system32\licwmi.dll - ok
01:10:00.0875 0x060c [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
01:10:00.0875 0x060c C:\WINDOWS\system32\wbem\framedyn.dll - ok
01:10:00.0875 0x060c [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll
01:10:00.0875 0x060c C:\WINDOWS\system32\licdll.dll - ok
01:10:00.0890 0x060c [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
01:10:00.0890 0x060c C:\WINDOWS\system32\msxml6.dll - ok
01:10:00.0890 0x060c [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
01:10:00.0890 0x060c C:\WINDOWS\system32\wbem\cimwin32.dll - ok
01:10:00.0906 0x060c [ 7A5D902D7C2FBA5DBE9D38043EBDA71B, BDF6B9CB07F7D515300A6DA8366512FBFF4AACAF3BD0C1D4CB2237BC0F00AFD8 ] C:\Program Files\Ad-Aware Antivirus\Definitions\lgpl.dll
01:10:00.0906 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\lgpl.dll - ok
01:10:00.0906 0x060c [ 111DC2D051E0342BC7F0C1D03A137218, A5357013ECD70373D74BF39CBE8B0C90129DF4BC7022F256423D2F60B137F943 ] C:\Program Files\Ad-Aware Antivirus\Definitions\lib7zip.dll
01:10:00.0906 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\lib7zip.dll - ok
01:10:00.0906 0x060c [ 842AD215765FC98DA2D5A8C095145913, 02E03D6DE78A663F69F566520A7E44AB01ED7D84C7E5EE511E19452F2A765CDA ] C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll
01:10:00.0906 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll - ok
01:10:00.0921 0x060c [ 0CB64868F9305952CACAD3652BEF0A43, 6F2E92A6C32EFEA504DCBBE7AC8DCF9CE29CBC077F8C43245A5A3AE552A8C6A6 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libCHM.dll
01:10:00.0921 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libCHM.dll - ok
01:10:00.0921 0x060c [ 557B474AC8470AE8C33849841D4DA9EE, E0DB6F1EA1E703C748E40626CFFF8A64AFF7C4E04CE100549505C2810D6A2042 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libEmail.dll
01:10:00.0921 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libEmail.dll - ok
01:10:00.0921 0x060c [ AD8E274B2FEC4C6A1AA89649C984321A, AABD1CC6838209F1C4D855AD214431CC322B79265D93F2EECE2A722200961471 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
01:10:00.0921 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll - ok
01:10:00.0937 0x060c [ CE744C60C2CE6798A8BA4074B92FA6C1, 4BE8DF43F4F7A8FFFBD10DF727733028219937E4A81D42D0BCD819CF15B6E092 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libMsCab.dll
01:10:00.0937 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libMsCab.dll - ok
01:10:00.0937 0x060c [ 4BB151B6D7305FDA79D5090838B7D359, D53EC3E96814E58F01CF2A8467DCA35FBCF67064CB791E698CB1E11F24C22D1C ] C:\Program Files\Ad-Aware Antivirus\Definitions\libMsi.dll
01:10:00.0937 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libMsi.dll - ok
01:10:00.0937 0x060c [ 8EF09764CE629095A2CB1DEA229EEB4D, 9A9B9F49550DD3728F0A8A3D334FC63E71D96148CA49186D7A421CBFB66D709D ] C:\Program Files\Ad-Aware Antivirus\Definitions\libNSIS.dll
01:10:00.0937 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libNSIS.dll - ok
01:10:00.0953 0x060c [ 92168320E485E0A7143CFB807C98D6F5, 8564AA978A93D8A60FE842574DB6680BD136EB27239BEA5A19CD751F1BE7CA08 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libOleA.dll
01:10:00.0953 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libOleA.dll - ok
01:10:00.0953 0x060c [ 3AF9D09DF10A321C575DA6080A369AAD, C104BB955800E1E73C13C228908067DF77F757BF71FDE17ED1B3237741BA52BC ] C:\Program Files\Ad-Aware Antivirus\Definitions\libRar.dll
01:10:00.0953 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libRar.dll - ok
01:10:00.0953 0x060c [ 90A7E1E56F2E8EBE4D3A5FE630B35DD6, 854DFF9EE57FD6FE5BC55A50ED5FE0197FBC1C55E22ED33CBFA7A8595B9AC17E ] C:\Program Files\Ad-Aware Antivirus\Definitions\libRTF.dll
01:10:00.0953 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libRTF.dll - ok
01:10:00.0968 0x060c [ 936EFCE14911D207BBCA80200D9566CD, DD6A28A3F0976D6795C87FEFB96C9DC49DDA950ACD2A82F72F40299E936B1F78 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libtd.dll
01:10:00.0968 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libtd.dll - ok
01:10:00.0968 0x060c [ 6981AB9206B664F552B46FAA05BE3823, 5BC55F78972858BDA6F25D783956E348F3C995B62AE23D1C871F8733919C3F5E ] C:\Program Files\Ad-Aware Antivirus\Definitions\libVvs.dll
01:10:00.0968 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libVvs.dll - ok
01:10:00.0968 0x060c [ F5C8AC95FE584B55A4C06AD69515FF5D, 289237D9CC447369CE0E88A4FC94EA22A627EA1232049AC21ACC40F4F191AAD4 ] C:\Program Files\Ad-Aware Antivirus\Definitions\libZip.dll
01:10:00.0968 0x060c C:\Program Files\Ad-Aware Antivirus\Definitions\libZip.dll - ok
01:10:00.0984 0x060c [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
01:10:00.0984 0x060c C:\WINDOWS\system32\shfolder.dll - ok
01:10:00.0984 0x060c [ A7B312D8E3AAA89190D210E66B819DCD, 54347A70B79F128870B0AE1E5B26DD957FF024664732E5BFA62FAE2B4C68E246 ] C:\Program Files\Ad-Aware Antivirus\SBRE.dll
01:10:00.0984 0x060c C:\Program Files\Ad-Aware Antivirus\SBRE.dll - ok
01:10:00.0984 0x060c [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
01:10:00.0984 0x060c C:\WINDOWS\system32\fltlib.dll - ok
01:10:01.0000 0x060c [ 0DFA4D5E8205614EDA53394E637812E4, EEFF82683D2818E505556DCDC220FC246DBE61612BD272CA844FC3FC8BADC0B1 ] C:\WINDOWS\system32\vdmdbg.dll
01:10:01.0000 0x060c C:\WINDOWS\system32\vdmdbg.dll - ok
01:10:01.0000 0x060c [ 7E8C932C1F984A7EB9168FD401886D28, 7EC5529479AED111837B4D5D10C55C8B9CAEB97F14A0262E9A7F25FCD9077A7E ] C:\Program Files\Ad-Aware Antivirus\SBAMTray.exe
01:10:01.0000 0x060c C:\Program Files\Ad-Aware Antivirus\SBAMTray.exe - ok
01:10:01.0000 0x060c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe
01:10:01.0000 0x060c C:\WINDOWS\system32\alg.exe - ok
01:10:01.0015 0x060c [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
01:10:01.0015 0x060c C:\WINDOWS\system32\netcfgx.dll - ok
01:10:01.0015 0x060c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
01:10:01.0015 0x060c C:\WINDOWS\system32\rasmans.dll - ok
01:10:01.0015 0x060c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll
01:10:01.0015 0x060c C:\WINDOWS\system32\tapisrv.dll - ok
01:10:01.0015 0x060c [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll
01:10:01.0031 0x060c C:\WINDOWS\system32\rastapi.dll - ok
01:10:01.0031 0x060c [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp
01:10:01.0031 0x060c C:\WINDOWS\system32\unimdm.tsp - ok
01:10:01.0031 0x060c [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll
01:10:01.0031 0x060c C:\WINDOWS\system32\uniplat.dll - ok
01:10:01.0046 0x060c [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
01:10:01.0046 0x060c C:\WINDOWS\system32\spoolss.dll - ok
01:10:01.0046 0x060c [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
01:10:01.0046 0x060c C:\WINDOWS\system32\localspl.dll - ok
01:10:01.0046 0x060c [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp
01:10:01.0046 0x060c C:\WINDOWS\system32\kmddsp.tsp - ok
01:10:01.0046 0x060c [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
01:10:01.0046 0x060c C:\WINDOWS\system32\cnbjmon.dll - ok
01:10:01.0062 0x060c [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp
01:10:01.0062 0x060c C:\WINDOWS\system32\ndptsp.tsp - ok
01:10:01.0062 0x060c [ F4F3EAE16AE6FD93E1F22DF295E2A7FC, C69B84461A68F8AFDC6FD5BB99C8912B45B11E7EDF289E45BD98CFDFD3662C88 ] C:\WINDOWS\system32\E_FLBGCE.DLL
01:10:01.0062 0x060c C:\WINDOWS\system32\E_FLBGCE.DLL - ok
01:10:01.0078 0x060c [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp
01:10:01.0078 0x060c C:\WINDOWS\system32\ipconf.tsp - ok
01:10:01.0078 0x060c [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp
01:10:01.0078 0x060c C:\WINDOWS\system32\h323.tsp - ok
01:10:01.0078 0x060c [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp
01:10:01.0078 0x060c C:\WINDOWS\system32\hidphone.tsp - ok
01:10:01.0093 0x060c [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll
01:10:01.0093 0x060c C:\WINDOWS\system32\rasppp.dll - ok
01:10:01.0093 0x060c [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll
01:10:01.0093 0x060c C:\WINDOWS\system32\ntlsapi.dll - ok
01:10:01.0093 0x060c [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll
01:10:01.0093 0x060c C:\WINDOWS\system32\rasqec.dll - ok
01:10:01.0109 0x060c [ 1498B92DB24988F5A093E55028EE8840, 9F1F37CCA0649DC473BF9BDC68858DDB03D02029C9CD413D80EDCD048BB37584 ] C:\WINDOWS\system32\enppmon.dll
01:10:01.0109 0x060c C:\WINDOWS\system32\enppmon.dll - ok
01:10:01.0109 0x060c [ D289490C15678D961B8CCA03E32952FA, 56539E0E800EAE251FDB27F1260E82F09E478FB90F795CF77CF3927C6666BD97 ] C:\WINDOWS\system32\enpres.dll
01:10:01.0109 0x060c C:\WINDOWS\system32\enpres.dll - ok
01:10:01.0109 0x060c [ A2973A14FD05F6A5BD61F3528DFAE922, A4DE8166DC9655D6471B35B35861DF9067FB832046FA33DE7804F7BA3242481D ] C:\WINDOWS\system32\hpzsnt12.dll
01:10:01.0109 0x060c C:\WINDOWS\system32\hpzsnt12.dll - ok
01:10:01.0125 0x060c [ 322FD75A97DBA67FC8F97A9957F857F1, 52CC0FBBE9769C0C751F886E0ED58ED263FB9175F323C603E7BAB876AE60D196 ] C:\WINDOWS\system32\mdimon.dll
01:10:01.0125 0x060c C:\WINDOWS\system32\mdimon.dll - ok
01:10:01.0125 0x060c [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
01:10:01.0125 0x060c C:\WINDOWS\system32\pjlmon.dll - ok
01:10:01.0125 0x060c [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
01:10:01.0125 0x060c C:\WINDOWS\system32\tcpmon.dll - ok
01:10:01.0125 0x060c [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
01:10:01.0125 0x060c C:\WINDOWS\system32\usbmon.dll - ok
01:10:01.0140 0x060c [ EA8647A21BCB56C5F15712D4B7407501, E6479992B84BD336E672B0A724A3C9FB90AC28CEFD186FCC628006061C9927C0 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
01:10:01.0140 0x060c C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
01:10:01.0140 0x060c [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
01:10:01.0140 0x060c C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
01:10:01.0140 0x060c [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
01:10:01.0140 0x060c C:\WINDOWS\system32\win32spl.dll - ok
01:10:01.0156 0x060c [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
01:10:01.0156 0x060c C:\WINDOWS\system32\netrap.dll - ok
01:10:01.0156 0x060c [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
01:10:01.0156 0x060c C:\WINDOWS\system32\inetpp.dll - ok
01:10:01.0156 0x060c [ 043684CFE34C546CB3044A9CE1F49443, 5D7E81ED1BB141DE13D1484B5EC5C01E54C5AEB953D68C4879233041E9DBC4F1 ] C:\Program Files\Java\jre7\bin\awt.dll
01:10:01.0156 0x060c C:\Program Files\Java\jre7\bin\awt.dll - ok
01:10:01.0171 0x060c [ 123F2A33E8E193D64060DD9AC0511BCF, B70C4BCEE0D9C487E66789AC3C29AFD8EB26C704C5C3E24AC21E10492A474604 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
01:10:01.0171 0x060c C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
01:10:01.0171 0x060c [ 19638BCDC71C61E6DB5069082CE24EAD, 638932151EA082585260F4B9B4C370EDFE98F4B84A71BC2D4790AFA870C0F8BF ] C:\Program Files\Java\jre7\bin\dcpr.dll
01:10:01.0171 0x060c C:\Program Files\Java\jre7\bin\dcpr.dll - ok
01:10:01.0171 0x060c [ 58A2EC6C59BCED3BBB30F28B11D24899, BA5E8F0745D5E67108C2D6640D25E6DBFDAB343C0E1538A8334535D09823430D ] C:\Program Files\Java\jre7\bin\deploy.dll
01:10:01.0171 0x060c C:\Program Files\Java\jre7\bin\deploy.dll - ok
01:10:01.0187 0x060c [ 4C3A7242A11491866BCAAA91C93C917A, 545ED95EB1C88ADC1913238CAEA2A693DC4C81FD539A96CA63E64FAB81F1A1D9 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
01:10:01.0187 0x060c C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
01:10:01.0187 0x060c [ 11C6C8B9D5B482DDEEA831374C82E2F0, FF1666171F67C478DA0BC31364C046EFDAB9F8F045828A751F097F665DBBCA7A ] C:\Program Files\Java\jre7\bin\java.dll
01:10:01.0187 0x060c C:\Program Files\Java\jre7\bin\java.dll - ok
01:10:01.0187 0x060c [ DC1342498BEE7EF1646E9D63138B69CC, 68C457CD03FB9F031AA7D30E5F9092BC331C45F4875F673C79A77D470E0B7821 ] C:\Program Files\Java\jre7\bin\javaw.exe
01:10:01.0187 0x060c C:\Program Files\Java\jre7\bin\javaw.exe - ok
01:10:01.0203 0x060c [ 8F10A7CBC6A0ABB88A377C87D4D25B25, 0C218265CB680D265EB60847D636AE693181C0560BC9A71D5368B3E92F1F8FC2 ] C:\Program Files\Java\jre7\bin\jp2native.dll
01:10:01.0203 0x060c C:\Program Files\Java\jre7\bin\jp2native.dll - ok
01:10:01.0203 0x060c [ 64F3B64B8EFE42A458E47F1DFA75BA38, A44280B6281CD3971743BB74D03AD2934948DD0C275A04CFD84C26C3DBECA2B6 ] C:\Program Files\Java\jre7\bin\jpeg.dll
01:10:01.0203 0x060c C:\Program Files\Java\jre7\bin\jpeg.dll - ok
01:10:01.0203 0x060c [ 27CFBA7983B29D8A9754971648904801, AAE4D733BB79383D2E9B2217211868A28AC608C2053C18E218BB60ED7DEEE81E ] C:\Program Files\Java\jre7\bin\net.dll
01:10:01.0203 0x060c C:\Program Files\Java\jre7\bin\net.dll - ok
01:10:01.0218 0x060c [ E0A8CC3AA6FDD44DD151A2B68873496F, 1F26306CFFCE43DE181E5DA9FE21EC466A3EE260A1CA05C26B5BB6D8E3533149 ] C:\Program Files\Java\jre7\bin\nio.dll
01:10:01.0218 0x060c C:\Program Files\Java\jre7\bin\nio.dll - ok
01:10:01.0218 0x060c [ B55D17E86CF910171CCDAA1A302E6163, 6CEB464CEBCF7D6FF3E5A8D4547FC786584967646E4C0A8DD0C948A03481DF1B ] C:\Program Files\Java\jre7\bin\verify.dll
01:10:01.0218 0x060c C:\Program Files\Java\jre7\bin\verify.dll - ok
01:10:01.0218 0x060c [ 9CB933E4926691A5F3C76AFAA4F1C1AE, DFABE29E91D639F39F0278457BEFA3C342598CBD40EC2259A19DDE80A3B5C05C ] C:\Program Files\Java\jre7\bin\zip.dll
01:10:01.0218 0x060c C:\Program Files\Java\jre7\bin\zip.dll - ok
01:10:01.0234 0x060c [ CF01210E6381219E213A115F280D7953, 79413F9FD5125FB4BE7E5D7C13B5CD5E58E8ED024178AD87C292BEA4CB08D0E5 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{87C4659B-DFCF-42D8-9B3B-A68060DF4786}.exe
01:10:01.0234 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{87C4659B-DFCF-42D8-9B3B-A68060DF4786}.exe - ok
01:10:01.0234 0x060c [ AC9A93C782B6A2D29DAAE75C19FD9816, BED121DFFDF27862951D4BBE1A5681648FFEF1BA548060BB78450216A93E8F10 ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
01:10:01.0234 0x060c C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
01:10:01.0234 0x060c [ E79977B1ECC05C53F0194750457BBB37, 10E4F2EEF3FC47768205CB907ACA89AD0E51A0CE6D39B1F5414AA0480504FA39 ] C:\WINDOWS\system32\igfxtray.exe
01:10:01.0234 0x060c C:\WINDOWS\system32\igfxtray.exe - ok
01:10:01.0250 0x060c [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
01:10:01.0250 0x060c C:\WINDOWS\system32\linkinfo.dll - ok
01:10:01.0250 0x060c [ D0127023AF6070D5B479B1AE65B107A2, FBB0B911E21E07CC139581B83A38BA80B94D4B52F066D047CCDF708587D9ABD0 ] C:\WINDOWS\system32\hccutils.dll
01:10:01.0250 0x060c C:\WINDOWS\system32\hccutils.dll - ok
01:10:01.0250 0x060c [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
01:10:01.0250 0x060c C:\WINDOWS\system32\ntshrui.dll - ok
01:10:01.0265 0x060c [ DDE4A991F26179573D2CFA7A093F56FA, F7A54B2A69B57A4E674678E74DCA36D345C45560D3CA948EADD95F65F38033A4 ] C:\WINDOWS\system32\hkcmd.exe
01:10:01.0265 0x060c C:\WINDOWS\system32\hkcmd.exe - ok
01:10:01.0265 0x060c [ BE240B2C948D91D4C11DCA8653A8B604, 590C27E3CF0A473085061E6F0B0DEC21FDAD38B676C35DA066F4694654604B6E ] C:\WINDOWS\system32\igfxsrvc.exe
01:10:01.0265 0x060c C:\WINDOWS\system32\igfxsrvc.exe - ok
01:10:01.0265 0x060c [ EAF47A526B911B0961D3FECEB442E0C4, 8F597130C34678B7DED2D68F2863CF9DF9F204DA707533087FA3492D9A69A76F ] C:\WINDOWS\system32\igfxpers.exe
01:10:01.0265 0x060c C:\WINDOWS\system32\igfxpers.exe - ok
01:10:01.0281 0x060c [ 09A350F25D94D18190A8988E25671844, 52CF5AA1B8A91B2A86683F2301FA3D8B52A32283B75CD330D80B40FA3B6DB902 ] C:\WINDOWS\system32\igfxsrvc.dll
01:10:01.0281 0x060c C:\WINDOWS\system32\igfxsrvc.dll - ok
01:10:01.0281 0x060c [ 58C8809D7486DB2D9C6A24A8630A5478, C77776DFC3D80214B4C36AF9A1C4F15C3F92BB18D8430897000D3B8CEA01A1AC ] C:\WINDOWS\system32\igfxdev.dll
01:10:01.0281 0x060c C:\WINDOWS\system32\igfxdev.dll - ok
01:10:01.0281 0x060c [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{97B29CF9-5353-43ED-8FAE-B23161BB26D3}.tmp
01:10:01.0281 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{97B29CF9-5353-43ED-8FAE-B23161BB26D3}.tmp - ok
01:10:01.0296 0x060c [ FFDE5245589FFA24C5075203D2A9C314, EA1D9D2FB101ECE560CD320696973A26F4867FD3BE1F8691B622E5F40D3FBFDC ] C:\WINDOWS\KHALMNPR.Exe
01:10:01.0296 0x060c C:\WINDOWS\KHALMNPR.Exe - ok
01:10:01.0296 0x060c [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{01EB4623-3A75-41DF-83E6-943B9CB1BA80}.tmp
01:10:01.0296 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{01EB4623-3A75-41DF-83E6-943B9CB1BA80}.tmp - ok
01:10:01.0296 0x060c [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{CC732C7A-09B2-4F06-BBC4-59F286A55D12}.tmp
01:10:01.0296 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{CC732C7A-09B2-4F06-BBC4-59F286A55D12}.tmp - ok
01:10:01.0312 0x060c [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{28A6A87A-520C-4EC2-88F2-D40B793E06EF}.tmp
01:10:01.0312 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{28A6A87A-520C-4EC2-88F2-D40B793E06EF}.tmp - ok
01:10:01.0312 0x060c [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{223196FE-C25A-480D-8EB1-10432E4F6920}.tmp
01:10:01.0312 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{223196FE-C25A-480D-8EB1-10432E4F6920}.tmp - ok
01:10:01.0312 0x060c [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{EFD3BB45-2CA6-4944-9515-AA7DCC0D42E5}.tmp
01:10:01.0312 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{EFD3BB45-2CA6-4944-9515-AA7DCC0D42E5}.tmp - ok
01:10:01.0328 0x060c [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{65B68724-77F4-41D3-A914-2FDB69441C83}.tmp
01:10:01.0328 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{65B68724-77F4-41D3-A914-2FDB69441C83}.tmp - ok
01:10:01.0328 0x060c [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{A9D85433-16A8-473B-B955-F932A1161568}.tmp
01:10:01.0328 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{A9D85433-16A8-473B-B955-F932A1161568}.tmp - ok
01:10:01.0328 0x060c [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{4C4C28AA-9368-4F20-AFB0-731938969500}.tmp
01:10:01.0328 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{4C4C28AA-9368-4F20-AFB0-731938969500}.tmp - ok
01:10:01.0343 0x060c [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{03A68347-68E1-4C9E-A100-CC68F73622DE}.tmp
01:10:01.0343 0x060c C:\DOCUME~1\Gaitens\LOCALS~1\temp\{AE5D3AE8-4CBB-44D9-8024-68AD9B8A1030}\{03A68347-68E1-4C9E-A100-CC68F73622DE}.tmp - ok
01:10:01.0343 0x060c [ 3BC5518ACD5532C264430FE45BDC8B64, A23A321780718CC365D48179323AD30F5CA9C3A60E5D32E7D71A7A9AD6757C6B ] C:\Program Files\btbb_wcm\McciTrayApp.exe
01:10:01.0343 0x060c C:\Program Files\btbb_wcm\McciTrayApp.exe - ok
01:10:01.0343 0x060c [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
01:10:01.0343 0x060c C:\WINDOWS\system32\webcheck.dll - ok
01:10:01.0359 0x060c [ 7A93BE0D9188760E872534D59F8906D1, 5A6E87F6D0B43778D0476FDC2763D5EEEB96A6CA69DB91BD7B5B8834B10DAC1A ] C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll
01:10:01.0359 0x060c C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll - ok
01:10:01.0359 0x060c [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
01:10:01.0359 0x060c C:\WINDOWS\system32\batmeter.dll - ok
01:10:01.0359 0x060c [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
01:10:01.0359 0x060c C:\WINDOWS\system32\stobject.dll - ok
01:10:01.0375 0x060c [ 7012901FB0B5487426A9AF963A61D97B, A0090CDCB26A1D55463FCA170A2EB8B1214E0A05E70403ECE9A8880A7991A627 ] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
01:10:01.0375 0x060c C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe - ok
01:10:01.0375 0x060c [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll
01:10:01.0375 0x060c C:\WINDOWS\system32\WPDShServiceObj.dll - ok
01:10:01.0375 0x060c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe
01:10:01.0375 0x060c C:\WINDOWS\system32\imapi.exe - ok
01:10:01.0390 0x060c [ 1682778803A9F60F3BDAA449C3EDF51A, B23451D3AE3A5D207027DF3AECAA7721F3DF0D778DD81F9F4735B8B1AF5E8EF6 ] C:\Program Files\Common Files\Motive\MREW32N55_550-1804-1_DSR.dll
01:10:01.0390 0x060c C:\Program Files\Common Files\Motive\MREW32N55_550-1804-1_DSR.dll - ok
01:10:01.0390 0x060c [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys
01:10:01.0390 0x060c C:\PROGRA~1\COMMON~1\Motive\MRESP50.sys - ok
01:10:01.0390 0x060c [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll
01:10:01.0390 0x060c C:\WINDOWS\system32\mydocs.dll - ok
01:10:01.0406 0x060c [ 2EF423CB1782744666C3A9B827C7AA9C, 8E01EC2E394A894B03E0B9E37F219AF42BCA43521AFC68D0B80542E35648C169 ] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
01:10:01.0406 0x060c C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe - ok
01:10:01.0406 0x060c [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
01:10:01.0406 0x060c C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
01:10:01.0406 0x060c [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll
01:10:01.0406 0x060c C:\WINDOWS\system32\PortableDeviceApi.dll - ok
01:10:01.0421 0x060c [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
01:10:01.0421 0x060c C:\WINDOWS\system32\upnp.dll - ok
01:10:01.0421 0x060c [ 1F3FF6C062B311FE410EC89F6BFAC213, E7DCD366568321BDE5B801680B5D0DE30548C36CE58E326DA6C74537DCCAA49B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
01:10:01.0421 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
01:10:01.0421 0x060c [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
01:10:01.0421 0x060c C:\WINDOWS\system32\security.dll - ok
01:10:01.0421 0x060c [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
01:10:01.0421 0x060c C:\WINDOWS\system32\ssdpapi.dll - ok
01:10:01.0437 0x060c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys
01:10:01.0437 0x060c C:\WINDOWS\system32\drivers\http.sys - ok
01:10:01.0437 0x060c [ 0DCAC41EB58A45049BD7FF665C32D5F4, 704C900FD51645F47C4F58817A7A16408B3B6AB09458286A188EB7D7BC06DFB3 ] C:\Program Files\iTunes\iTunesHelper.exe
01:10:01.0437 0x060c C:\Program Files\iTunes\iTunesHelper.exe - ok
01:10:01.0437 0x060c [ BCD9591E1B2FEE41178E84556A4D3998, 9B1D8A296D15114C8EE7C63B40613BE3CAA90FF24D6A1400E1F01917D2273DB0 ] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
01:10:01.0437 0x060c C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe - ok
01:10:01.0453 0x060c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll
01:10:01.0453 0x060c C:\WINDOWS\system32\ssdpsrv.dll - ok
01:10:01.0453 0x060c [ 7B93C623333F121DC9E689CCB1B7A733, 0C58F682E1B3AF064963DD616E80609006E9317F2FCB0F3A51ED32FEF13B1081 ] C:\Program Files\HTC\HTC Sync 3.0\MFC71u.dll
01:10:01.0453 0x060c C:\Program Files\HTC\HTC Sync 3.0\MFC71u.dll - ok
01:10:01.0453 0x060c [ 9BED5FA9D8E98A1C4F8A9922185FDA7D, DF52C94C0279415D9C7A3A0B5EB905C0D50478935682163E1516E429D7C1C1D1 ] C:\WINDOWS\RTHDCPL.exe
01:10:01.0453 0x060c C:\WINDOWS\RTHDCPL.exe - ok
01:10:01.0468 0x060c [ E4CE6C4AE730E0EC87FC5DA4CD1946AD, 3753BB5246FCC9A70FC2FEC050CBAE6C7A625433F48EF38C41C0734136528D77 ] C:\Program Files\iTunes\iTunesHelper.dll
01:10:01.0468 0x060c C:\Program Files\iTunes\iTunesHelper.dll - ok
01:10:01.0468 0x060c [ 33DFEF2F49DC5A273ECD406B2C21D405, 31657C24E4A99257CB8FF20875FFDAC89D5C31ECE9B9B135B6D433B9187508F6 ] C:\Program Files\Yahoo!\browser\ybrwres.dll
01:10:01.0468 0x060c C:\Program Files\Yahoo!\browser\ybrwres.dll - ok
01:10:01.0468 0x060c [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\HTC\HTC Sync 3.0\msvcr71.dll
01:10:01.0468 0x060c C:\Program Files\HTC\HTC Sync 3.0\msvcr71.dll - ok
01:10:01.0484 0x060c [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll
01:10:01.0484 0x060c C:\WINDOWS\system32\rasdlg.dll - ok
01:10:01.0484 0x060c [ 8A451B4C2E8688311B7483B2D61D3FB6, 55D364311F53C39A63E2CFFD8A4A7C304F0EC321D116EC4C7D74CFE2A070FD3A ] C:\WINDOWS\SkyTel.exe
01:10:01.0484 0x060c C:\WINDOWS\SkyTel.exe - ok
01:10:01.0484 0x060c [ 0D034E8C4F88C5B2B0C1AF3CF438CC4F, F44F9A6BBA0AE6D350F98CDBF2D5B09D56D9B1CF46F4CB9F50566232B32F8BAE ] C:\WINDOWS\SoundMan.exe
01:10:01.0484 0x060c C:\WINDOWS\SoundMan.exe - ok
01:10:01.0500 0x060c [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1, F68E4CDBC879423EA47D763A6768567F5F8063924F13A74239750C13FA8D168A ] C:\WINDOWS\system32\msvcr70.dll
01:10:01.0500 0x060c C:\WINDOWS\system32\msvcr70.dll - ok
01:10:01.0500 0x060c [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\HTC\HTC Sync 3.0\msvcp71.dll
01:10:01.0500 0x060c C:\Program Files\HTC\HTC Sync 3.0\msvcp71.dll - ok
01:10:01.0500 0x060c [ EC05E964058693D1F71D1B5506B5CF09, B1E126AA040800FEC99CAE2C675A225183D50A6F3D24262051A5FB5D96E61012 ] C:\WINDOWS\alcwzrd.exe
01:10:01.0500 0x060c C:\WINDOWS\alcwzrd.exe - ok
01:10:01.0515 0x060c [ C98FF6C440E8967251F59C7919B505A1, 3486C9C855E52FD084FBA3276E296ED8647B445A52FC459B794367AAED48D817 ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
01:10:01.0515 0x060c C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
01:10:01.0515 0x060c [ 7DEA54CE6051D36D6B56ADFD95467082, 4C23E902B590833F5DDF9514332D82D6B484B99F0C71B25AA4A6E9A5CDC4FF97 ] C:\Program Files\HTC\HTC Sync 3.0\UPCT_DB.dll
01:10:01.0515 0x060c C:\Program Files\HTC\HTC Sync 3.0\UPCT_DB.dll - ok
01:10:01.0515 0x060c [ DC384325FFC20A35BBD2A49FAE962153, 9C57A2BF5155879F832940EC03B086E813B62B59CB9424B3B9D5C009F6477255 ] C:\PROGRA~1\Yahoo!\browser\ycommon.exe
01:10:01.0515 0x060c C:\PROGRA~1\Yahoo!\browser\ycommon.exe - ok
01:10:01.0531 0x060c [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll
01:10:01.0531 0x060c C:\WINDOWS\system32\wbem\wmipcima.dll - ok
01:10:01.0531 0x060c [ 6515C8E7AA6787CD9672ECE6F9BB6C0A, F2FDFF0B28D1DFB9129455EC72CC0908C4FB062D5FF5B503CB9E85D6D2FEE510 ] C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
01:10:01.0531 0x060c C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll - ok
01:10:01.0531 0x060c [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
01:10:01.0531 0x060c C:\WINDOWS\system32\dsound.dll - ok
01:10:01.0546 0x060c [ 5F269C46A99F9B461D7B17B3EDEA1BB6, 8FD90CDC7E617914B785532C6496EE8D68A2B12AD1B6DC25C9AF221B43113ACE ] C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
01:10:01.0546 0x060c C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll - ok
01:10:01.0546 0x060c [ 3F5A73A49355241E5D9D5CF3EE14DBB8, 6B5079FB40C4CE441E85773A362C03A74291931579E13439E6E84106B00922F5 ] C:\Program Files\HTC\HTC Sync 3.0\PIMAccess.dll
-
Continued:
01:09:50.0500 0x060c sr - ok
01:09:50.0515 0x060c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
01:09:50.0578 0x060c srservice - ok
01:09:50.0625 0x060c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:09:51.0375 0x060c Srv - ok
01:09:51.0406 0x060c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:09:51.0453 0x060c SSDPSRV - ok
01:09:51.0484 0x060c [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
01:09:51.0578 0x060c StillCam - ok
01:09:51.0609 0x060c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
01:09:51.0750 0x060c stisvc - ok
01:09:51.0781 0x060c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:09:51.0890 0x060c streamip - ok
01:09:51.0890 0x060c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
01:09:51.0984 0x060c swenum - ok
01:09:52.0015 0x060c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
01:09:52.0109 0x060c swmidi - ok
01:09:52.0125 0x060c SwPrv - ok
01:09:52.0125 0x060c symc810 - ok
01:09:52.0125 0x060c symc8xx - ok
01:09:52.0140 0x060c sym_hi - ok
01:09:52.0140 0x060c sym_u3 - ok
01:09:52.0171 0x060c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
01:09:52.0265 0x060c sysaudio - ok
01:09:52.0296 0x060c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
01:09:52.0406 0x060c SysmonLog - ok
01:09:52.0437 0x060c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:09:52.0546 0x060c TapiSrv - ok
01:09:52.0593 0x060c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:09:52.0625 0x060c Tcpip - ok
01:09:52.0656 0x060c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
01:09:52.0750 0x060c TDPIPE - ok
01:09:52.0765 0x060c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
01:09:52.0859 0x060c TDTCP - ok
01:09:52.0875 0x060c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
01:09:52.0968 0x060c TermDD - ok
01:09:53.0031 0x060c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
01:09:53.0156 0x060c TermService - ok
01:09:53.0171 0x060c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
01:09:53.0187 0x060c Themes - ok
01:09:53.0218 0x060c [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
01:09:53.0265 0x060c TlntSvr - ok
01:09:53.0265 0x060c TosIde - ok
01:09:53.0281 0x060c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
01:09:53.0406 0x060c TrkWks - ok
01:09:53.0406 0x060c Trufos - ok
01:09:53.0437 0x060c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
01:09:53.0546 0x060c Udfs - ok
01:09:53.0562 0x060c ultra - ok
01:09:53.0609 0x060c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
01:09:53.0734 0x060c Update - ok
01:09:53.0765 0x060c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
01:09:53.0828 0x060c upnphost - ok
01:09:53.0843 0x060c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
01:09:53.0953 0x060c UPS - ok
01:09:53.0984 0x060c [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
01:09:54.0015 0x060c USBAAPL - ok
01:09:54.0046 0x060c [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
01:09:54.0109 0x060c usbaudio - ok
01:09:54.0125 0x060c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:09:54.0171 0x060c usbccgp - ok
01:09:54.0187 0x060c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:09:54.0218 0x060c usbehci - ok
01:09:54.0250 0x060c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:09:54.0343 0x060c usbhub - ok
01:09:54.0375 0x060c [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:09:54.0468 0x060c usbohci - ok
01:09:54.0484 0x060c [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:09:54.0578 0x060c usbprint - ok
01:09:54.0609 0x060c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:09:54.0625 0x060c usbscan - ok
01:09:54.0656 0x060c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:09:54.0765 0x060c USBSTOR - ok
01:09:54.0781 0x060c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:09:54.0875 0x060c usbuhci - ok
01:09:54.0921 0x060c [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
01:09:54.0937 0x060c usbvideo - ok
01:09:54.0968 0x060c [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
01:09:55.0000 0x060c usb_rndisx - ok
01:09:55.0031 0x060c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
01:09:55.0125 0x060c VgaSave - ok
01:09:55.0125 0x060c ViaIde - ok
01:09:55.0140 0x060c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
01:09:55.0234 0x060c VolSnap - ok
01:09:55.0265 0x060c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
01:09:55.0343 0x060c VSS - ok
01:09:55.0375 0x060c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
01:09:55.0484 0x060c W32Time - ok
01:09:55.0500 0x060c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:09:55.0593 0x060c Wanarp - ok
01:09:55.0640 0x060c [ 4769596D7CC0F5FA447D2BABC239672A, 1E889FE9FDA0A23F07FD8BAE11204D739033F6795CE7F23FE3EF66A0B76958C8 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
01:09:55.0687 0x060c Wdf01000 - ok
01:09:55.0687 0x060c WDICA - ok
01:09:55.0734 0x060c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
01:09:55.0828 0x060c wdmaud - ok
01:09:55.0859 0x060c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
01:09:55.0968 0x060c WebClient - ok
01:09:56.0015 0x060c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:09:56.0125 0x060c winmgmt - ok
01:09:56.0156 0x060c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
01:09:56.0234 0x060c WmdmPmSN - ok
01:09:56.0312 0x060c [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
01:09:56.0375 0x060c Wmi - ok
01:09:56.0406 0x060c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:09:56.0515 0x060c WmiApSrv - ok
01:09:56.0640 0x060c [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
01:09:56.0750 0x060c WMPNetworkSvc - ok
01:09:56.0812 0x060c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:09:56.0968 0x060c WS2IFSL - ok
01:09:57.0000 0x060c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
01:09:57.0093 0x060c wscsvc - ok
01:09:57.0125 0x060c [ 7A36F3083E28405D6C5ECDB942513C3B, 83C67779DE0CF43C9CCDC61A3827DCC550004F7F322E31563BEC7654519D95A3 ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
01:09:57.0125 0x060c WSIMD - detected UnsignedFile.Multi.Generic ( 1 )
01:09:57.0125 0x060c WSIMD ( UnsignedFile.Multi.Generic ) - warning
01:09:57.0140 0x060c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:09:57.0234 0x060c WSTCODEC - ok
01:09:57.0265 0x060c [ 35A20217C4D06D1D36A3ADDFD8CE58C2, 17E7C260BF50F7D4C91AB54655B824F23DE344F32515136A561A7C7631FA4E70 ] WSWNA1100 C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
01:09:57.0281 0x060c WSWNA1100 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:57.0281 0x060c WSWNA1100 ( UnsignedFile.Multi.Generic ) - warning
01:09:57.0328 0x060c [ E7C84A8A763C460FE182F4DCBC17B9DC, 5DDBBC88E34056ED8BD6E6C6B05B02593AB780C4FCC53D8A4AB919C226F23376 ] WSWNA3100 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
01:09:57.0359 0x060c WSWNA3100 - ok
01:09:57.0375 0x060c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
01:09:57.0484 0x060c wuauserv - ok
01:09:57.0515 0x060c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:09:57.0546 0x060c WudfPf - ok
01:09:57.0562 0x060c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:09:57.0593 0x060c WudfRd - ok
01:09:57.0609 0x060c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
01:09:57.0625 0x060c WudfSvc - ok
01:09:57.0687 0x060c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
01:09:57.0828 0x060c WZCSVC - ok
01:09:57.0859 0x060c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
01:09:57.0968 0x060c xmlprov - ok
01:09:58.0000 0x060c [ D46403EF02C003DE80B4BE8A31549FB4, 93F0613BDE1A87914527BAF1558858D97EF0FFA5B7E1800F2E5C2380B79D1E3A ] YPCService C:\WINDOWS\system32\YPCSER~1.EXE
01:09:58.0000 0x060c YPCService - detected UnsignedFile.Multi.Generic ( 1 )
01:09:58.0000 0x060c YPCService ( UnsignedFile.Multi.Generic ) - warning
01:09:58.0000 0x060c Force sending object to P2P due to detect: C:\WINDOWS\system32\YPCSER~1.EXE
01:09:58.0000 0x060c Object send P2P result: false
01:09:58.0031 0x060c ================ Scan global ===============================
01:09:58.0062 0x060c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
01:09:58.0109 0x060c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:09:58.0140 0x060c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:09:58.0171 0x060c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
01:09:58.0171 0x060c [ Global ] - ok
01:09:58.0171 0x060c ================ Scan MBR ==================================
01:09:58.0187 0x060c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
01:09:58.0640 0x060c \Device\Harddisk0\DR0 - ok
01:09:58.0640 0x060c ================ Scan VBR ==================================
01:09:58.0656 0x060c [ 04FE17AE2A32235CCD01764B2E2CB94D ] \Device\Harddisk0\DR0\Partition1
01:09:58.0671 0x060c \Device\Harddisk0\DR0\Partition1 - ok
01:09:58.0671 0x060c [ D7B94BDEBC7F5E7801F390FED14E0D05 ] \Device\Harddisk0\DR0\Partition2
01:09:58.0671 0x060c \Device\Harddisk0\DR0\Partition2 - ok
01:09:58.0671 0x060c ================ Scan active images ========================
01:09:58.0671 0x060c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
01:09:58.0671 0x060c C:\WINDOWS\system32\drivers\intelppm.sys - ok
01:09:58.0671 0x060c [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
01:09:58.0671 0x060c C:\WINDOWS\system32\drivers\videoprt.sys - ok
01:09:58.0687 0x060c [ 81C3E6674D0609AA84C07681BCA252DE, D9AE93C4BF19AA9BF1AFE32D9EB57CBA764B727EA98C8673832987A43EE974E1 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
01:09:58.0687 0x060c C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
01:09:58.0687 0x060c [ B2961A8861DA27C4562282C3707250F5, 880964DB5186A56376FA9E80E8CEE83DF3D124A5AECC34F6F8F6B074961931CC ] C:\WINDOWS\system32\drivers\Rtenicxp.sys
01:09:58.0687 0x060c C:\WINDOWS\system32\drivers\Rtenicxp.sys - ok
01:09:58.0687 0x060c [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
01:09:58.0687 0x060c C:\WINDOWS\system32\drivers\usbport.sys - ok
01:09:58.0703 0x060c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
01:09:58.0703 0x060c C:\WINDOWS\system32\drivers\usbuhci.sys - ok
01:09:58.0703 0x060c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
01:09:58.0703 0x060c C:\WINDOWS\system32\drivers\usbehci.sys - ok
01:09:58.0703 0x060c [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
01:09:58.0703 0x060c C:\WINDOWS\system32\drivers\usbd.sys - ok
01:09:58.0718 0x060c [ 9E9306063ECD8AA91B3FB76678D3CEE2, 892E749B670F9CBBE242C613F8B2A5BEE4D1D539C5F6FCEA46C6D637598B7139 ] C:\WINDOWS\system32\drivers\LVUSBSta.sys
01:09:58.0718 0x060c C:\WINDOWS\system32\drivers\LVUSBSta.sys - ok
01:09:58.0718 0x060c [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
01:09:58.0718 0x060c C:\WINDOWS\system32\drivers\ks.sys - ok
01:09:58.0718 0x060c [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
01:09:58.0718 0x060c C:\WINDOWS\system32\drivers\drmk.sys - ok
01:09:58.0734 0x060c [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
01:09:58.0734 0x060c C:\WINDOWS\system32\drivers\portcls.sys - ok
01:09:58.0734 0x060c [ B34DAFA517F838B82A4256B08346917F, 471649BE27B1E5EFD0BA062A2374FB911C99EDF6C3A0D43617C7115DE8C3A039 ] C:\WINDOWS\system32\drivers\delta.sys
01:09:58.0734 0x060c C:\WINDOWS\system32\drivers\delta.sys - ok
01:09:58.0734 0x060c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
01:09:58.0734 0x060c C:\WINDOWS\system32\drivers\fdc.sys - ok
01:09:58.0750 0x060c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
01:09:58.0750 0x060c C:\WINDOWS\system32\drivers\parport.sys - ok
01:09:58.0750 0x060c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] C:\WINDOWS\system32\drivers\serenum.sys
01:09:58.0750 0x060c C:\WINDOWS\system32\drivers\serenum.sys - ok
01:09:58.0750 0x060c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
01:09:58.0750 0x060c C:\WINDOWS\system32\drivers\serial.sys - ok
01:09:58.0765 0x060c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
01:09:58.0765 0x060c C:\WINDOWS\system32\drivers\imapi.sys - ok
01:09:58.0765 0x060c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
01:09:58.0765 0x060c C:\WINDOWS\system32\drivers\cdrom.sys - ok
01:09:58.0765 0x060c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
01:09:58.0765 0x060c C:\WINDOWS\system32\drivers\redbook.sys - ok
01:09:58.0781 0x060c [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
01:09:58.0781 0x060c C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
01:09:58.0781 0x060c [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] C:\WINDOWS\system32\drivers\serscan.sys
01:09:58.0781 0x060c C:\WINDOWS\system32\drivers\serscan.sys - ok
01:09:58.0781 0x060c [ AD67795900AA8C05CC4570F5349E0639, D74DEDC8E88504C1D81108B561F9109B6D9583028280089B17DF38EDB04DBBBC ] C:\WINDOWS\system32\drivers\jswscimd.sys
01:09:58.0781 0x060c C:\WINDOWS\system32\drivers\jswscimd.sys - ok
01:09:58.0796 0x060c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
01:09:58.0796 0x060c C:\WINDOWS\system32\drivers\audstub.sys - ok
01:09:58.0796 0x060c [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] C:\WINDOWS\system32\drivers\rasirda.sys
01:09:58.0796 0x060c C:\WINDOWS\system32\drivers\rasirda.sys - ok
01:09:58.0796 0x060c [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
01:09:58.0796 0x060c C:\WINDOWS\system32\drivers\tdi.sys - ok
01:09:58.0812 0x060c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
01:09:58.0812 0x060c C:\WINDOWS\system32\drivers\ndistapi.sys - ok
01:09:58.0812 0x060c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
01:09:58.0812 0x060c C:\WINDOWS\system32\drivers\ndiswan.sys - ok
01:09:58.0812 0x060c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
01:09:58.0812 0x060c C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
01:09:58.0828 0x060c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
01:09:58.0828 0x060c C:\WINDOWS\system32\drivers\raspppoe.sys - ok
01:09:58.0828 0x060c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
01:09:58.0828 0x060c C:\WINDOWS\system32\drivers\msgpc.sys - ok
01:09:58.0828 0x060c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
01:09:58.0828 0x060c C:\WINDOWS\system32\drivers\psched.sys - ok
01:09:58.0843 0x060c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
01:09:58.0843 0x060c C:\WINDOWS\system32\drivers\raspptp.sys - ok
01:09:58.0843 0x060c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
01:09:58.0843 0x060c C:\WINDOWS\system32\drivers\ptilink.sys - ok
01:09:58.0843 0x060c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
01:09:58.0843 0x060c C:\WINDOWS\system32\drivers\raspti.sys - ok
01:09:58.0859 0x060c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
01:09:58.0859 0x060c C:\WINDOWS\system32\drivers\rdpdr.sys - ok
01:09:58.0859 0x060c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
01:09:58.0859 0x060c C:\WINDOWS\system32\drivers\kbdclass.sys - ok
01:09:58.0859 0x060c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
01:09:58.0859 0x060c C:\WINDOWS\system32\drivers\mouclass.sys - ok
01:09:58.0859 0x060c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
01:09:58.0859 0x060c C:\WINDOWS\system32\drivers\swenum.sys - ok
01:09:58.0875 0x060c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
01:09:58.0875 0x060c C:\WINDOWS\system32\drivers\termdd.sys - ok
01:09:58.0875 0x060c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
01:09:58.0875 0x060c C:\WINDOWS\system32\drivers\update.sys - ok
01:09:58.0875 0x060c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
01:09:58.0875 0x060c C:\WINDOWS\system32\drivers\mssmbios.sys - ok
01:09:58.0890 0x060c [ 7A36F3083E28405D6C5ECDB942513C3B, 83C67779DE0CF43C9CCDC61A3827DCC550004F7F322E31563BEC7654519D95A3 ] C:\WINDOWS\system32\drivers\wsimd.sys
01:09:58.0890 0x060c C:\WINDOWS\system32\drivers\wsimd.sys - ok
01:09:58.0890 0x060c [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] C:\WINDOWS\system32\drivers\ndproxy.sys
01:09:58.0890 0x060c C:\WINDOWS\system32\drivers\ndproxy.sys - ok
01:09:58.0906 0x060c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
01:09:58.0906 0x060c C:\WINDOWS\system32\drivers\usbhub.sys - ok
01:09:58.0906 0x060c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
01:09:58.0906 0x060c C:\WINDOWS\system32\drivers\flpydisk.sys - ok
01:09:58.0906 0x060c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
01:09:58.0906 0x060c C:\WINDOWS\system32\drivers\sfloppy.sys - ok
01:09:58.0921 0x060c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
01:09:58.0921 0x060c C:\WINDOWS\system32\drivers\beep.sys - ok
01:09:58.0921 0x060c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
01:09:58.0921 0x060c C:\WINDOWS\system32\drivers\cdaudio.sys - ok
01:09:58.0921 0x060c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
01:09:58.0921 0x060c C:\WINDOWS\system32\drivers\fs_rec.sys - ok
01:09:58.0937 0x060c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
01:09:58.0937 0x060c C:\WINDOWS\system32\drivers\null.sys - ok
01:09:58.0937 0x060c [ 1FD538C4FEB36B793D2121F20BBDC16F, 4785268D6116BD7363FD1802784D706A4392B3CCEBAE2840789A147903706BFB ] C:\WINDOWS\system32\drivers\SBREDrv.sys
01:09:58.0937 0x060c C:\WINDOWS\system32\drivers\SBREDrv.sys - ok
01:09:58.0937 0x060c [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
01:09:58.0937 0x060c C:\WINDOWS\system32\drivers\hidparse.sys - ok
01:09:58.0953 0x060c [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
01:09:58.0953 0x060c C:\WINDOWS\system32\drivers\kbdhid.sys - ok
01:09:58.0953 0x060c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
01:09:58.0953 0x060c C:\WINDOWS\system32\drivers\i8042prt.sys - ok
01:09:58.0953 0x060c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
01:09:58.0953 0x060c C:\WINDOWS\system32\drivers\mnmdd.sys - ok
01:09:58.0953 0x060c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
01:09:58.0953 0x060c C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
01:09:58.0968 0x060c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
01:09:58.0968 0x060c C:\WINDOWS\system32\drivers\vga.sys - ok
01:09:58.0968 0x060c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
01:09:58.0968 0x060c C:\WINDOWS\system32\drivers\msfs.sys - ok
01:09:58.0968 0x060c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
01:09:58.0968 0x060c C:\WINDOWS\system32\drivers\npfs.sys - ok
01:09:58.0984 0x060c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
01:09:58.0984 0x060c C:\WINDOWS\system32\drivers\rasacd.sys - ok
01:09:58.0984 0x060c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
01:09:58.0984 0x060c C:\WINDOWS\system32\drivers\ipsec.sys - ok
01:09:58.0984 0x060c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
01:09:58.0984 0x060c C:\WINDOWS\system32\drivers\tcpip.sys - ok
01:09:59.0000 0x060c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
01:09:59.0000 0x060c C:\WINDOWS\system32\drivers\ipnat.sys - ok
01:09:59.0000 0x060c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
01:09:59.0000 0x060c C:\WINDOWS\system32\drivers\netbt.sys - ok
01:09:59.0000 0x060c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
01:09:59.0000 0x060c C:\WINDOWS\system32\drivers\afd.sys - ok
01:09:59.0015 0x060c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
01:09:59.0015 0x060c C:\WINDOWS\system32\drivers\wanarp.sys - ok
01:09:59.0015 0x060c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:09:59.0015 0x060c C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
01:09:59.0015 0x060c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
01:09:59.0015 0x060c C:\WINDOWS\system32\drivers\netbios.sys - ok
01:09:59.0031 0x060c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
01:09:59.0031 0x060c C:\WINDOWS\system32\drivers\rdbss.sys - ok
01:09:59.0031 0x060c [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069, DDB6CE351714DFC783F75254D23402AD75BEACF4B7AB56321CD397339202E89D ] C:\WINDOWS\system32\drivers\sbaphd.sys
01:09:59.0031 0x060c C:\WINDOWS\system32\drivers\sbaphd.sys - ok
01:09:59.0031 0x060c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
01:09:59.0031 0x060c C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
01:09:59.0046 0x060c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
01:09:59.0046 0x060c C:\WINDOWS\system32\drivers\fips.sys - ok
01:09:59.0046 0x060c [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
01:09:59.0046 0x060c C:\WINDOWS\system32\ntdll.dll - ok
01:09:59.0046 0x060c [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
01:09:59.0046 0x060c C:\WINDOWS\system32\smss.exe - ok
01:09:59.0062 0x060c [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
01:09:59.0062 0x060c C:\WINDOWS\system32\autochk.exe - ok
01:09:59.0062 0x060c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] C:\WINDOWS\system32\drivers\usbccgp.sys
01:09:59.0062 0x060c C:\WINDOWS\system32\drivers\usbccgp.sys - ok
01:09:59.0062 0x060c [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
01:09:59.0062 0x060c C:\WINDOWS\system32\drivers\hidclass.sys - ok
01:09:59.0078 0x060c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
01:09:59.0078 0x060c C:\WINDOWS\system32\drivers\hidusb.sys - ok
01:09:59.0078 0x060c [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
01:09:59.0078 0x060c C:\WINDOWS\system32\sfcfiles.dll - ok
01:09:59.0078 0x060c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
01:09:59.0078 0x060c C:\WINDOWS\system32\drivers\cdfs.sys - ok
01:09:59.0093 0x060c [ BCDF72DCE41874B3AD9143D537B493B2, C048C773137DD94C980179E90FAE7D90A6902DA0153342B33E784DB04C16385A ] C:\WINDOWS\system32\drivers\bcmwlhigh5.sys
01:09:59.0093 0x060c C:\WINDOWS\system32\drivers\bcmwlhigh5.sys - ok
01:09:59.0093 0x060c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
01:09:59.0093 0x060c C:\WINDOWS\system32\drivers\mouhid.sys - ok
01:09:59.0093 0x060c [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] C:\WINDOWS\system32\drivers\nuidfltr.sys
01:09:59.0093 0x060c C:\WINDOWS\system32\drivers\nuidfltr.sys - ok
01:09:59.0109 0x060c [ 4769596D7CC0F5FA447D2BABC239672A, 1E889FE9FDA0A23F07FD8BAE11204D739033F6795CE7F23FE3EF66A0B76958C8 ] C:\WINDOWS\system32\drivers\wdf01000.sys
01:09:59.0109 0x060c C:\WINDOWS\system32\drivers\wdf01000.sys - ok
01:09:59.0109 0x060c [ BE682D71C4B7D7F639BF288B78F63EA0, E5354185E6333385807FDE08AAC19C6A596047740527D493B1716D77288B4652 ] C:\WINDOWS\system32\drivers\wdfldr.sys
01:09:59.0109 0x060c C:\WINDOWS\system32\drivers\wdfldr.sys - ok
01:09:59.0109 0x060c [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
01:09:59.0109 0x060c C:\WINDOWS\system32\drivers\wmilib.sys - ok
01:09:59.0125 0x060c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
01:09:59.0125 0x060c C:\WINDOWS\system32\drivers\atapi.sys - ok
01:09:59.0125 0x060c [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
01:09:59.0125 0x060c C:\WINDOWS\system32\drivers\dxapi.sys - ok
01:09:59.0125 0x060c [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
01:09:59.0125 0x060c C:\WINDOWS\system32\watchdog.sys - ok
01:09:59.0140 0x060c [ B9FE0B45F3D4A281B56CC84713824E0C, B37D569D09801FB9CF1306FF1295CE6EE4B6AAD11DCA7EBCBC155D186FD895CD ] C:\WINDOWS\system32\win32k.sys
01:09:59.0140 0x060c C:\WINDOWS\system32\win32k.sys - ok
01:09:59.0140 0x060c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
01:09:59.0140 0x060c C:\WINDOWS\system32\basesrv.dll - ok
01:09:59.0140 0x060c [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
01:09:59.0140 0x060c C:\WINDOWS\system32\csrsrv.dll - ok
01:09:59.0156 0x060c [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
01:09:59.0156 0x060c C:\WINDOWS\system32\csrss.exe - ok
01:09:59.0156 0x060c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:09:59.0156 0x060c C:\WINDOWS\system32\winsrv.dll - ok
01:09:59.0156 0x060c [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
01:09:59.0156 0x060c C:\WINDOWS\system32\gdi32.dll - ok
01:09:59.0171 0x060c [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
01:09:59.0171 0x060c C:\WINDOWS\system32\kernel32.dll - ok
01:09:59.0171 0x060c [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
01:09:59.0171 0x060c C:\WINDOWS\system32\user32.dll - ok
01:09:59.0171 0x060c [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
01:09:59.0171 0x060c C:\WINDOWS\system32\drivers\dxg.sys - ok
01:09:59.0187 0x060c [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
01:09:59.0187 0x060c C:\WINDOWS\system32\drivers\dxgthk.sys - ok
01:09:59.0187 0x060c [ 6278BBF4E6D4383C10656F43226E194D, 57F853A64F3149E36FBDB96BF2CCECD5E38545E70EFAB2EE354E64F82941CC8A ] C:\WINDOWS\system32\ati2dvag.dll
01:09:59.0187 0x060c C:\WINDOWS\system32\ati2dvag.dll - ok
01:09:59.0187 0x060c [ 4958DDB25EEEB8D562EBE241C25E9DFD, 41D34EC8A048C2BF13FE0121917CEF4D7415CB6470F6CF72E26943E0110EF22A ] C:\WINDOWS\system32\ati2cqag.dll
01:09:59.0187 0x060c C:\WINDOWS\system32\ati2cqag.dll - ok
01:09:59.0203 0x060c [ 3CF7BA11E24D9397B708A4172F12CECC, A57C90A06F1CEC7589DDF581D219B519E8D97B339DEBFE289C180B8FB62E02B4 ] C:\WINDOWS\system32\atikvmag.dll
01:09:59.0203 0x060c C:\WINDOWS\system32\atikvmag.dll - ok
01:09:59.0203 0x060c [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
01:09:59.0203 0x060c C:\WINDOWS\system32\vga.dll - ok
01:09:59.0203 0x060c [ C8D2E18677CC486FAF6B58BA8CB00440, DA6741D8534D44FA7785F888FDC4E6BEBCBB9296642E117210728326ED7EE930 ] C:\WINDOWS\system32\atiok3x2.dll
01:09:59.0203 0x060c C:\WINDOWS\system32\atiok3x2.dll - ok
01:09:59.0218 0x060c [ B4E9FB0C82EA52944826013BEC2210CD, EABA80B80A5D49AC42E6B3922FBD3CD18F3CBB371DDEEC0EFF9CA8E4D4F57BB8 ] C:\WINDOWS\system32\ati3duag.dll
01:09:59.0218 0x060c C:\WINDOWS\system32\ati3duag.dll - ok
01:09:59.0218 0x060c [ 9C27779A470CE59878E3A4D67183A413, 273F53AE34DF62DED84817F10326BFECADDADEBF369E145B62B3FAED6E556BA9 ] C:\WINDOWS\system32\ativvaxx.dll
01:09:59.0218 0x060c C:\WINDOWS\system32\ativvaxx.dll - ok
01:09:59.0218 0x060c [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
01:09:59.0218 0x060c C:\WINDOWS\system32\winlogon.exe - ok
01:09:59.0234 0x060c [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
01:09:59.0234 0x060c C:\WINDOWS\system32\advapi32.dll - ok
01:09:59.0234 0x060c [ B0E27554F0B16BAEF4D51D7260E62CFB, 3DE9F4817965F1DBB93CAAE541EB8EC19396ACE7CB74D69C52D1D7DF15FB14CF ] C:\WINDOWS\system32\rpcrt4.dll
01:09:59.0234 0x060c C:\WINDOWS\system32\rpcrt4.dll - ok
01:09:59.0234 0x060c [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
01:09:59.0234 0x060c C:\WINDOWS\system32\authz.dll - ok
01:09:59.0250 0x060c [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
01:09:59.0250 0x060c C:\WINDOWS\system32\secur32.dll - ok
01:09:59.0250 0x060c [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
01:09:59.0250 0x060c C:\WINDOWS\system32\msvcrt.dll - ok
01:09:59.0250 0x060c [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
01:09:59.0250 0x060c C:\WINDOWS\system32\crypt32.dll - ok
01:09:59.0265 0x060c [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
01:09:59.0265 0x060c C:\WINDOWS\system32\msasn1.dll - ok
01:09:59.0265 0x060c [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
01:09:59.0265 0x060c C:\WINDOWS\system32\nddeapi.dll - ok
01:09:59.0265 0x060c [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
01:09:59.0265 0x060c C:\WINDOWS\system32\netapi32.dll - ok
01:09:59.0281 0x060c [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
01:09:59.0281 0x060c C:\WINDOWS\system32\profmap.dll - ok
01:09:59.0281 0x060c [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
01:09:59.0281 0x060c C:\WINDOWS\system32\userenv.dll - ok
01:09:59.0281 0x060c [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
01:09:59.0281 0x060c C:\WINDOWS\system32\psapi.dll - ok
01:09:59.0296 0x060c [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
01:09:59.0296 0x060c C:\WINDOWS\system32\regapi.dll - ok
01:09:59.0296 0x060c [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
01:09:59.0296 0x060c C:\WINDOWS\system32\setupapi.dll - ok
01:09:59.0296 0x060c [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
01:09:59.0296 0x060c C:\WINDOWS\system32\version.dll - ok
01:09:59.0296 0x060c [ FFC01A72D1C25CCB39F61B202CE60819, 31A5C01E30B064BDBD378AF691DB99F6AA33A639C086ADC6C8408C3CB171C990 ] C:\WINDOWS\system32\imagehlp.dll
01:09:59.0312 0x060c C:\WINDOWS\system32\imagehlp.dll - ok
01:09:59.0312 0x060c [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
01:09:59.0312 0x060c C:\WINDOWS\system32\winsta.dll - ok
01:09:59.0312 0x060c [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
01:09:59.0312 0x060c C:\WINDOWS\system32\wintrust.dll - ok
01:09:59.0312 0x060c [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
01:09:59.0312 0x060c C:\WINDOWS\system32\ws2_32.dll - ok
01:09:59.0328 0x060c [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
01:09:59.0328 0x060c C:\WINDOWS\system32\imm32.dll - ok
01:09:59.0328 0x060c [ DAB9952E3626D84E74CBF4958B1B1F52, F14F88288FC3E6CA83602D33EA399E65ADDF80EB3AB561A8FF45AF2BF1AFD7E0 ] C:\WINDOWS\system32\kbduk.dll
01:09:59.0328 0x060c C:\WINDOWS\system32\kbduk.dll - ok
01:09:59.0343 0x060c [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
01:09:59.0343 0x060c C:\WINDOWS\system32\ws2help.dll - ok
01:09:59.0343 0x060c [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
01:09:59.0343 0x060c C:\WINDOWS\system32\msgina.dll - ok
01:09:59.0343 0x060c [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
01:09:59.0343 0x060c C:\WINDOWS\system32\comctl32.dll - ok
01:09:59.0359 0x060c [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
01:09:59.0359 0x060c C:\WINDOWS\system32\odbc32.dll - ok
01:09:59.0359 0x060c [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
01:09:59.0359 0x060c C:\WINDOWS\system32\comdlg32.dll - ok
01:09:59.0359 0x060c [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
01:09:59.0359 0x060c C:\WINDOWS\system32\shell32.dll - ok
01:09:59.0359 0x060c [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
01:09:59.0359 0x060c C:\WINDOWS\system32\shlwapi.dll - ok
01:09:59.0375 0x060c [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
01:09:59.0375 0x060c C:\WINDOWS\system32\sxs.dll - ok
01:09:59.0375 0x060c [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
01:09:59.0375 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
01:09:59.0375 0x060c [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
01:09:59.0375 0x060c C:\WINDOWS\system32\odbcint.dll - ok
01:09:59.0390 0x060c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
01:09:59.0390 0x060c C:\WINDOWS\system32\shsvcs.dll - ok
01:09:59.0390 0x060c [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
01:09:59.0390 0x060c C:\WINDOWS\system32\sfc.dll - ok
01:09:59.0390 0x060c [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
01:09:59.0390 0x060c C:\WINDOWS\system32\sfc_os.dll - ok
01:09:59.0406 0x060c [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
01:09:59.0406 0x060c C:\WINDOWS\system32\ole32.dll - ok
01:09:59.0406 0x060c [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
01:09:59.0406 0x060c C:\WINDOWS\system32\apphelp.dll - ok
01:09:59.0406 0x060c [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
01:09:59.0406 0x060c C:\WINDOWS\system32\lsasrv.dll - ok
01:09:59.0421 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
01:09:59.0421 0x060c C:\WINDOWS\system32\lsass.exe - ok
01:09:59.0421 0x060c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
01:09:59.0421 0x060c C:\WINDOWS\system32\services.exe - ok
01:09:59.0421 0x060c [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
01:09:59.0421 0x060c C:\WINDOWS\system32\msvcp60.dll - ok
01:09:59.0437 0x060c [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
01:09:59.0437 0x060c C:\WINDOWS\system32\ncobjapi.dll - ok
01:09:59.0437 0x060c [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
01:09:59.0437 0x060c C:\WINDOWS\system32\scesrv.dll - ok
01:09:59.0437 0x060c [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\AcAdProc.dll
01:09:59.0437 0x060c C:\WINDOWS\AppPatch\AcAdProc.dll - ok
01:09:59.0453 0x060c [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
01:09:59.0453 0x060c C:\WINDOWS\system32\mpr.dll - ok
01:09:59.0453 0x060c [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
01:09:59.0453 0x060c C:\WINDOWS\system32\shimeng.dll - ok
01:09:59.0453 0x060c [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
01:09:59.0453 0x060c C:\WINDOWS\system32\umpnpmgr.dll - ok
01:09:59.0468 0x060c [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
01:09:59.0468 0x060c C:\WINDOWS\system32\dnsapi.dll - ok
01:09:59.0468 0x060c [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
01:09:59.0468 0x060c C:\WINDOWS\system32\ntdsapi.dll - ok
01:09:59.0468 0x060c [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
01:09:59.0468 0x060c C:\WINDOWS\system32\wldap32.dll - ok
01:09:59.0484 0x060c [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
01:09:59.0484 0x060c C:\WINDOWS\system32\samlib.dll - ok
01:09:59.0484 0x060c [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
01:09:59.0484 0x060c C:\WINDOWS\system32\samsrv.dll - ok
01:09:59.0484 0x060c [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
01:09:59.0484 0x060c C:\WINDOWS\system32\cryptdll.dll - ok
01:09:59.0500 0x060c [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\AcGenral.dll
01:09:59.0500 0x060c C:\WINDOWS\AppPatch\AcGenral.dll - ok
01:09:59.0500 0x060c [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
01:09:59.0500 0x060c C:\WINDOWS\system32\oleaut32.dll - ok
01:09:59.0500 0x060c [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
01:09:59.0500 0x060c C:\WINDOWS\system32\winmm.dll - ok
01:09:59.0515 0x060c [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
01:09:59.0515 0x060c C:\WINDOWS\system32\msacm32.dll - ok
01:09:59.0515 0x060c [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
01:09:59.0515 0x060c C:\WINDOWS\system32\uxtheme.dll - ok
01:09:59.0515 0x060c [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
01:09:59.0515 0x060c C:\WINDOWS\system32\msapsspc.dll - ok
01:09:59.0531 0x060c [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
01:09:59.0531 0x060c C:\WINDOWS\system32\msvcrt40.dll - ok
01:09:59.0531 0x060c [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
01:09:59.0531 0x060c C:\WINDOWS\system32\schannel.dll - ok
01:09:59.0531 0x060c [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
01:09:59.0531 0x060c C:\WINDOWS\system32\digest.dll - ok
01:09:59.0546 0x060c [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
01:09:59.0546 0x060c C:\WINDOWS\system32\msnsspc.dll - ok
01:09:59.0546 0x060c [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
01:09:59.0546 0x060c C:\WINDOWS\system32\kerberos.dll - ok
01:09:59.0546 0x060c [ 3F790874A85819E94574F3E7AF9C5806, 9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ] C:\WINDOWS\system32\msctfime.ime
01:09:59.0546 0x060c C:\WINDOWS\system32\msctfime.ime - ok
01:09:59.0562 0x060c [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
01:09:59.0562 0x060c C:\WINDOWS\system32\msprivs.dll - ok
01:09:59.0562 0x060c [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
01:09:59.0562 0x060c C:\WINDOWS\system32\atmfd.dll - ok
01:09:59.0562 0x060c [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
01:09:59.0562 0x060c C:\WINDOWS\system32\msv1_0.dll - ok
01:09:59.0578 0x060c [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
01:09:59.0578 0x060c C:\WINDOWS\system32\iphlpapi.dll - ok
01:09:59.0578 0x060c [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
01:09:59.0578 0x060c C:\WINDOWS\system32\netlogon.dll - ok
01:09:59.0578 0x060c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
01:09:59.0578 0x060c C:\WINDOWS\system32\w32time.dll - ok
01:09:59.0593 0x060c [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
01:09:59.0593 0x060c C:\WINDOWS\system32\rsaenh.dll - ok
01:09:59.0593 0x060c [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
01:09:59.0593 0x060c C:\WINDOWS\system32\wdigest.dll - ok
01:09:59.0593 0x060c [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
01:09:59.0593 0x060c C:\WINDOWS\system32\winscard.dll - ok
01:09:59.0609 0x060c [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
01:09:59.0609 0x060c C:\WINDOWS\system32\wtsapi32.dll - ok
01:09:59.0609 0x060c [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
01:09:59.0609 0x060c C:\WINDOWS\system32\scecli.dll - ok
01:09:59.0609 0x060c [ 42E4E2CF0406394BBCE7EB358AE4E208, 0A934F89AA687C44AB08E66139E4DD91E6988895CA38198B0D5741EE69382DA2 ] C:\WINDOWS\system32\ati2evxx.exe
01:09:59.0609 0x060c C:\WINDOWS\system32\ati2evxx.exe - ok
01:09:59.0609 0x060c [ 3FFF8CDA4D2F29CA06F1557E85163C30, 83B6DC7652A9B6518EE768B0DE34275BFAB0A62E4459E51BD461636BC539D8CC ] C:\WINDOWS\system32\drivers\sbapifs.sys
01:09:59.0609 0x060c C:\WINDOWS\system32\drivers\sbapifs.sys - ok
01:09:59.0625 0x060c [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
01:09:59.0625 0x060c C:\WINDOWS\system32\cfgmgr32.dll - ok
01:09:59.0625 0x060c [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
01:09:59.0625 0x060c C:\WINDOWS\system32\powrprof.dll - ok
01:09:59.0625 0x060c [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
01:09:59.0625 0x060c C:\WINDOWS\system32\svchost.exe - ok
01:09:59.0640 0x060c [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
01:09:59.0640 0x060c C:\WINDOWS\system32\ntmarta.dll - ok
01:09:59.0640 0x060c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
01:09:59.0640 0x060c C:\WINDOWS\system32\rpcss.dll - ok
01:09:59.0640 0x060c [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
01:09:59.0640 0x060c C:\WINDOWS\system32\xpsp2res.dll - ok
01:09:59.0656 0x060c [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
01:09:59.0656 0x060c C:\WINDOWS\system32\eventlog.dll - ok
01:09:59.0656 0x060c [ DD4CA7A8AB1093153E1D7476FC138BBD, 6D3C35AE88B27C51D536B78DE2DEFB5C5EAE86DEEDEAD41F047E326FA210EB34 ] C:\WINDOWS\system32\ati2edxx.dll
01:09:59.0656 0x060c C:\WINDOWS\system32\ati2edxx.dll - ok
01:09:59.0656 0x060c [ FF6ABBC8C03452D04EBDD5B9D9BF68A1, D291FDCA9BF45135BE4546A52FDAA92FC0F11AFF24EBB7D14BB9AE5CDE44D2A2 ] C:\WINDOWS\system32\atipdlxx.dll
01:09:59.0656 0x060c C:\WINDOWS\system32\atipdlxx.dll - ok
01:09:59.0671 0x060c [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
01:09:59.0671 0x060c C:\WINDOWS\system32\hnetcfg.dll - ok
01:09:59.0671 0x060c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
01:09:59.0671 0x060c C:\WINDOWS\system32\mswsock.dll - ok
01:09:59.0671 0x060c [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
01:09:59.0671 0x060c C:\WINDOWS\system32\rasadhlp.dll - ok
01:09:59.0687 0x060c [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
01:09:59.0687 0x060c C:\WINDOWS\system32\winrnr.dll - ok
01:09:59.0687 0x060c [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
01:09:59.0687 0x060c C:\WINDOWS\system32\wshtcpip.dll - ok
01:09:59.0687 0x060c [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
01:09:59.0687 0x060c C:\WINDOWS\system32\drivers\fssfltr_tdi.sys - ok
01:09:59.0703 0x060c [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] C:\WINDOWS\system32\drivers\irda.sys
01:09:59.0703 0x060c C:\WINDOWS\system32\drivers\irda.sys - ok
01:09:59.0703 0x060c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
01:09:59.0703 0x060c C:\WINDOWS\system32\drivers\ndisuio.sys - ok
01:09:59.0703 0x060c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
01:09:59.0703 0x060c C:\WINDOWS\system32\dhcpcsvc.dll - ok
01:09:59.0718 0x060c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
01:09:59.0718 0x060c C:\WINDOWS\system32\dnsrslvr.dll - ok
01:09:59.0718 0x060c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
01:09:59.0718 0x060c C:\WINDOWS\system32\lmhsvc.dll - ok
01:09:59.0718 0x060c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
01:09:59.0718 0x060c C:\WINDOWS\system32\termsrv.dll - ok
01:09:59.0734 0x060c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
01:09:59.0734 0x060c C:\WINDOWS\system32\wzcsvc.dll - ok
01:09:59.0734 0x060c [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
01:09:59.0734 0x060c C:\WINDOWS\system32\icaapi.dll - ok
01:09:59.0734 0x060c [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
01:09:59.0734 0x060c C:\WINDOWS\system32\mstlsapi.dll - ok
01:09:59.0750 0x060c [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
01:09:59.0750 0x060c C:\WINDOWS\system32\activeds.dll - ok
01:09:59.0750 0x060c [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
01:09:59.0750 0x060c C:\WINDOWS\system32\eapolqec.dll - ok
01:09:59.0750 0x060c [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
01:09:59.0750 0x060c C:\WINDOWS\system32\rtutils.dll - ok
01:09:59.0765 0x060c [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
01:09:59.0765 0x060c C:\WINDOWS\system32\wmi.dll - ok
01:09:59.0765 0x060c [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
01:09:59.0765 0x060c C:\WINDOWS\system32\atl.dll - ok
01:09:59.0765 0x060c [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
01:09:59.0765 0x060c C:\WINDOWS\system32\qutil.dll - ok
01:09:59.0781 0x060c [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
01:09:59.0781 0x060c C:\WINDOWS\system32\adsldpc.dll - ok
01:09:59.0781 0x060c [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
01:09:59.0781 0x060c C:\WINDOWS\system32\dot3api.dll - ok
01:09:59.0781 0x060c [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
01:09:59.0781 0x060c C:\WINDOWS\system32\esent.dll - ok
01:09:59.0796 0x060c [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] C:\WINDOWS\system32\irmon.dll
01:09:59.0796 0x060c C:\WINDOWS\system32\irmon.dll - ok
01:09:59.0796 0x060c [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
01:09:59.0796 0x060c C:\WINDOWS\system32\clbcatq.dll - ok
01:09:59.0796 0x060c [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
01:09:59.0796 0x060c C:\WINDOWS\system32\comres.dll - ok
01:09:59.0812 0x060c [ 52778FCE46E510B60F513B8882A65CD6, 25DDC9E3982A45EFE665D2876B6CCA45244A44C396FC05DB323ABDBDEA8B04CA ] C:\WINDOWS\system32\wshirda.dll
01:09:59.0812 0x060c C:\WINDOWS\system32\wshirda.dll - ok
01:09:59.0812 0x060c [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
01:09:59.0812 0x060c C:\WINDOWS\system32\cryptui.dll - ok
01:09:59.0812 0x060c [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
01:09:59.0812 0x060c C:\WINDOWS\system32\logonui.exe - ok
01:09:59.0828 0x060c [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
01:09:59.0828 0x060c C:\WINDOWS\system32\rastls.dll - ok
01:09:59.0828 0x060c [ 17C3EB51D17D90EB10B60D9804D8884D, CA33821ED80C388FF14F22FC6636880653B45A359DEA723E3C4488927BC21A1F ] C:\WINDOWS\system32\ati2evxx.dll
01:09:59.0828 0x060c C:\WINDOWS\system32\ati2evxx.dll - ok
01:09:59.0828 0x060c [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
01:09:59.0828 0x060c C:\WINDOWS\system32\cscdll.dll - ok
01:09:59.0843 0x060c [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
01:09:59.0843 0x060c C:\WINDOWS\system32\dimsntfy.dll - ok
01:09:59.0843 0x060c [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
01:09:59.0843 0x060c C:\WINDOWS\system32\duser.dll - ok
01:09:59.0843 0x060c [ C5ACAB147F9697F40ECEBB4BC0247EBF, 872C21861DDD24E2A95A2E87CC1D06EBF80D5A1D2C78CA792E2325001519E9D4 ] C:\WINDOWS\system32\wininet.dll
01:09:59.0843 0x060c C:\WINDOWS\system32\wininet.dll - ok
01:09:59.0859 0x060c [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
01:09:59.0859 0x060c C:\WINDOWS\system32\wlnotify.dll - ok
01:09:59.0859 0x060c [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
01:09:59.0859 0x060c C:\WINDOWS\system32\winspool.drv - ok
01:09:59.0859 0x060c [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
01:09:59.0859 0x060c C:\WINDOWS\system32\msimg32.dll - ok
01:09:59.0859 0x060c [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll
01:09:59.0859 0x060c C:\WINDOWS\system32\WgaLogon.dll - ok
01:09:59.0875 0x060c [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
01:09:59.0875 0x060c C:\WINDOWS\system32\oleacc.dll - ok
01:09:59.0875 0x060c [ ACFEE2392503DD5E457363A0510B8BCB, 60CFB4C077409ABA90F7C0B0D5B1A0F0D10DFA2DA3338AAA174C051724039517 ] C:\WINDOWS\system32\msxml3.dll
01:09:59.0875 0x060c C:\WINDOWS\system32\msxml3.dll - ok
01:09:59.0875 0x060c [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
01:09:59.0875 0x060c C:\WINDOWS\system32\normaliz.dll - ok
01:09:59.0890 0x060c [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
01:09:59.0890 0x060c C:\WINDOWS\system32\shgina.dll - ok
01:09:59.0890 0x060c [ 743A679E9EBFBF63AF22199B5F8A451F, A8C42A9DAFC4DEECE5CF895BBCEA8D884DADA1B58142AA4CB91CB97BB968AEBF ] C:\WINDOWS\system32\urlmon.dll
01:09:59.0890 0x060c C:\WINDOWS\system32\urlmon.dll - ok
01:09:59.0890 0x060c [ 6287D8B7F760D5EE6779BB3DE09FBA29, E8B2348EC9D5C09295B959F43C080CB19EC14A6DD5CCABFED3C80BB7C85F69C2 ] C:\WINDOWS\system32\athgina.dll
01:09:59.0890 0x060c C:\WINDOWS\system32\athgina.dll - ok
01:09:59.0906 0x060c [ 49BDB041049367849C621D9D381E4823, D3659FFFB56E4D595AE55F9D17A394E11C5A30C3D5838B2719E75C9120FD2CDA ] C:\WINDOWS\system32\iertutil.dll
01:09:59.0906 0x060c C:\WINDOWS\system32\iertutil.dll - ok
01:09:59.0906 0x060c [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe
01:09:59.0906 0x060c C:\WINDOWS\system32\mpnotify.exe - ok
01:09:59.0906 0x060c [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
01:09:59.0906 0x060c C:\WINDOWS\system32\mprapi.dll - ok
01:09:59.0921 0x060c [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
01:09:59.0921 0x060c C:\WINDOWS\system32\rasapi32.dll - ok
01:09:59.0921 0x060c [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
01:09:59.0921 0x060c C:\WINDOWS\system32\rasman.dll - ok
01:09:59.0921 0x060c [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
01:09:59.0921 0x060c C:\WINDOWS\system32\tapi32.dll - ok
01:09:59.0937 0x060c [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
01:09:59.0937 0x060c C:\WINDOWS\system32\riched20.dll - ok
01:09:59.0937 0x060c [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
01:09:59.0937 0x060c C:\WINDOWS\system32\cscui.dll - ok
01:09:59.0937 0x060c [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
01:09:59.0937 0x060c C:\WINDOWS\system32\raschap.dll - ok
01:09:59.0953 0x060c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
01:09:59.0953 0x060c C:\WINDOWS\system32\netman.dll - ok
01:09:59.0953 0x060c [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
01:09:59.0953 0x060c C:\WINDOWS\system32\netshell.dll - ok
01:09:59.0953 0x060c [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
01:09:59.0953 0x060c C:\WINDOWS\system32\dpcdll.dll - ok
01:09:59.0968 0x060c [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
01:09:59.0968 0x060c C:\WINDOWS\system32\credui.dll - ok
01:09:59.0968 0x060c [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
01:09:59.0968 0x060c C:\WINDOWS\system32\dot3dlg.dll - ok
01:09:59.0968 0x060c [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
01:09:59.0968 0x060c C:\WINDOWS\system32\onex.dll - ok
01:09:59.0984 0x060c [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
01:09:59.0984 0x060c C:\WINDOWS\system32\eappcfg.dll - ok
01:09:59.0984 0x060c [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
01:09:59.0984 0x060c C:\WINDOWS\system32\eappprxy.dll - ok
01:09:59.0984 0x060c [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
01:09:59.0984 0x060c C:\WINDOWS\system32\wzcsapi.dll - ok
01:10:00.0000 0x060c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
01:10:00.0000 0x060c C:\WINDOWS\system32\schedsvc.dll - ok
01:10:00.0000 0x060c [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
01:10:00.0000 0x060c C:\WINDOWS\system32\msidle.dll - ok
01:10:00.0000 0x060c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
01:10:00.0000 0x060c C:\WINDOWS\system32\spoolsv.exe - ok
01:10:00.0015 0x060c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
01:10:00.0015 0x060c C:\WINDOWS\system32\audiosrv.dll - ok
01:10:00.0015 0x060c [ 4ACF9052A6355D1530CF782E0919C5B4, A20B733010D29AB8F21A17D3FBD3C6354BA8F9D75D116348D93548ABA5F4E4BD ] C:\WINDOWS\system32\acs.exe
01:10:00.0015 0x060c C:\WINDOWS\system32\acs.exe - ok
01:10:00.0015 0x060c [ 69C287672428CB3978A2528FE58F4208, 7850DD8BC435E4F8853FEDAED586E186399DA87E42A23DB888560ACC16668D55 ] C:\WINDOWS\system32\athcfg20U.dll
01:10:00.0015 0x060c C:\WINDOWS\system32\athcfg20U.dll - ok
01:10:00.0031 0x060c [ F6F2BFC17069EB335ACCEEF7595F9302, 7434C4353DD2B2E5C8F3690CEF2E1F7E234C2402E6E3BFCBF29DCB1494125F8A ] C:\WINDOWS\system32\mfc42u.dll
01:10:00.0031 0x060c C:\WINDOWS\system32\mfc42u.dll - ok
01:10:00.0031 0x060c [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
01:10:00.0031 0x060c C:\WINDOWS\system32\wsock32.dll - ok
01:10:00.0031 0x060c [ AA268974048D5DDE8985716F0A0DF885, 44FFF4301B0DE39399B7BE98F2FBAD7CB7F8974A6B424FAB2CFD6958E6762D1D ] C:\WINDOWS\system32\athcfg20resU.dll
01:10:00.0031 0x060c C:\WINDOWS\system32\athcfg20resU.dll - ok
01:10:00.0046 0x060c [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
01:10:00.0046 0x060c C:\WINDOWS\system32\pdh.dll - ok
01:10:00.0046 0x060c [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
01:10:00.0046 0x060c C:\WINDOWS\system32\odbcbcp.dll - ok
01:10:00.0046 0x060c [ 585992D78B671AAA075C02241309795D, 0EE3E35534899C41CFED686BDBA80B5AEC1BDB0173222D8BC7E69CFA277CBE32 ] C:\WINDOWS\system32\msvcirt.dll
01:10:00.0046 0x060c C:\WINDOWS\system32\msvcirt.dll - ok
01:10:00.0062 0x060c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
01:10:00.0062 0x060c C:\WINDOWS\system32\drivers\mrxdav.sys - ok
01:10:00.0062 0x060c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
01:10:00.0062 0x060c C:\WINDOWS\system32\wkssvc.dll - ok
01:10:00.0078 0x060c [ 6C694A902BEB7E7BDAD873EA6F547291, 217B076A1BD46B09F70BA6E84E537BCAB4F054DCA78442623D39368599BC7F64 ] C:\WINDOWS\system32\wsfwDS.dll
01:10:00.0078 0x060c C:\WINDOWS\system32\wsfwDS.dll - ok
01:10:00.0078 0x060c [ 8733FBEBBDD1AB7F806F2BBA8CF9C4E4, EA8CFA868FC075073E75407DFE0CE8C61A6F139FBBCD34A5C2E4E865015EC28D ] C:\WINDOWS\system32\wsimd.dll
01:10:00.0078 0x060c C:\WINDOWS\system32\wsimd.dll - ok
01:10:00.0078 0x060c [ BE90AD430CECC63102CACE16EB4826C9, 31D9531B9019DA94636BE69628EEB7A380EB6F69085C9E06E679BC73DC85A7B2 ] C:\WINDOWS\system32\dsa.dll
01:10:00.0078 0x060c C:\WINDOWS\system32\dsa.dll - ok
01:10:00.0093 0x060c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
01:10:00.0093 0x060c C:\WINDOWS\system32\webclnt.dll - ok
01:10:00.0093 0x060c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] C:\WINDOWS\system32\drivers\parvdm.sys
01:10:00.0093 0x060c C:\WINDOWS\system32\drivers\parvdm.sys - ok
01:10:00.0093 0x060c [ AF9658974154C3B6A333D86DC2E0AAC8, C3FCFC9EC01D7C96BA953CCCC8B540048ECC2840E8FA2C1994EEFD95E69D908A ] C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
01:10:00.0093 0x060c C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe - ok
01:10:00.0109 0x060c [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:10:00.0109 0x060c C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
01:10:00.0109 0x060c [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
01:10:00.0109 0x060c C:\WINDOWS\system32\msi.dll - ok
01:10:00.0109 0x060c [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
01:10:00.0109 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
01:10:00.0125 0x060c [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
01:10:00.0125 0x060c C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
01:10:00.0125 0x060c [ 92DA9EDE07390B4352B29DD82079E398, 8140FF0CD2BB08CA92C0303B2439F4FCEFD59C7F4A772F1277B29FE0B77F5A67 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
01:10:00.0125 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
01:10:00.0125 0x060c [ 6FE3E3A215E55C76A811B9B56A5AEB09, 7123E4334A7F9CEBF86DEFEE25B836914E9A380C296B543C44EA3DDBCC5D328C ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
01:10:00.0125 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
01:10:00.0125 0x060c [ 2503287BD19AE52E36E9DE42834A2AC0, 61556112F6FC02EC787868C0A300465AD5CC825028DEBB72BC702EFA05754356 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
01:10:00.0125 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
01:10:00.0140 0x060c [ 638C7596B493F5F77DB9EF6BAD8FE46C, 98077E0E65D89D5DEBC02F12BA00D00B355D4EEA5FEC36E69D39312019E3DD1E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
01:10:00.0140 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
01:10:00.0140 0x060c [ 794950DB77AA590C2964ECA0A5874A09, DB686B0F7EC16ED6C4827FB5E85B9C87E6B806A18A95E37633DE22D4972F8F25 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
01:10:00.0140 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
01:10:00.0140 0x060c [ 250BF888DDBE88D61EB19A9D4957C794, E0B07BCFB007B2192D1092612506FE48E5D0A18345ABFC7D188D4F11889C843E ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
01:10:00.0140 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
01:10:00.0156 0x060c [ 5A963C340DE1A01BA6E24945CE05D16A, 0CC79B72D03621D6FA4E7A8F3B10125A531C1D19098189671FBE3687E3E70E33 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
01:10:00.0156 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
01:10:00.0156 0x060c [ F4BC62990E7E5C29799A895B80FC3177, 57772AB986BA00B3C2730184D94A76E932CA94000119D0E63407F3DF9867238A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
01:10:00.0156 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
01:10:00.0171 0x060c [ 149D74E1128A86DC9CFB2851FBEA11EB, 95E2FF3379DEE729089CF85140C4D4C202B7FEFE239024D48DFFD5CB1E7415BC ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
01:10:00.0171 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
01:10:00.0171 0x060c [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
01:10:00.0171 0x060c C:\WINDOWS\system32\wdmaud.drv - ok
01:10:00.0171 0x060c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
01:10:00.0171 0x060c C:\WINDOWS\system32\drivers\wdmaud.sys - ok
01:10:00.0187 0x060c [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
01:10:00.0187 0x060c C:\WINDOWS\system32\mlang.dll - ok
01:10:00.0187 0x060c [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll
01:10:00.0187 0x060c C:\WINDOWS\system32\xmlprovi.dll - ok
01:10:00.0187 0x060c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
01:10:00.0187 0x060c C:\WINDOWS\system32\drivers\sysaudio.sys - ok
01:10:00.0203 0x060c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
01:10:00.0203 0x060c C:\WINDOWS\system32\drivers\splitter.sys - ok
01:10:00.0203 0x060c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
01:10:00.0203 0x060c C:\WINDOWS\system32\drivers\aec.sys - ok
01:10:00.0203 0x060c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
01:10:00.0203 0x060c C:\WINDOWS\system32\drivers\swmidi.sys - ok
01:10:00.0218 0x060c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys
01:10:00.0218 0x060c C:\WINDOWS\system32\drivers\DMusic.sys - ok
01:10:00.0218 0x060c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
01:10:00.0218 0x060c C:\WINDOWS\system32\drivers\kmixer.sys - ok
01:10:00.0218 0x060c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
01:10:00.0218 0x060c C:\WINDOWS\system32\drivers\drmkaud.sys - ok
01:10:00.0234 0x060c [ 37CF2461CB5E40C4CFAB82C8FC79A2BC, C5CFDAC82B1B9AEAABF94DB04324DBA56FA2DB23CE780504D811D3F90F254231 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
01:10:00.0234 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
01:10:00.0234 0x060c [ 1224BC6DE919F8CD8C1C945280E63852, 5A15E71CD3308F14C339749258C54AA6A0C956035389AC20AB4C577236E8142C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
01:10:00.0234 0x060c C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
01:10:00.0234 0x060c [ 905B5BF5BE0A86E8412801BF20357195, 0E46D37F9B13110009BCE7315A27E07C98E2D41974793DA9B39B84841E1C0673 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
01:10:00.0234 0x060c C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
01:10:00.0250 0x060c [ AC9585B420C7FF0A25B078EBB7642AE9, 999F09645F675436ADE79083CC038C44527C6B287D19D6FC6575B5D1EFC45631 ] C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.EXE
01:10:00.0250 0x060c C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.EXE - ok
01:10:00.0250 0x060c [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
01:10:00.0250 0x060c C:\WINDOWS\system32\msacm32.drv - ok
01:10:00.0250 0x060c [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
01:10:00.0250 0x060c C:\WINDOWS\system32\midimap.dll - ok
01:10:00.0265 0x060c [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
01:10:00.0265 0x060c C:\WINDOWS\system32\sensapi.dll - ok
01:10:00.0265 0x060c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
01:10:00.0265 0x060c C:\WINDOWS\system32\cryptsvc.dll - ok
01:10:00.0265 0x060c [ 2E14406E05789F91C9282AE7CFCA3A07, BDB403FC7EDDF5B3F24F1E8232C6EEFE888C5D72A819567EEA73D0AF7D511095 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
01:10:00.0265 0x060c C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
01:10:00.0281 0x060c [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0, B14D8B284F383608B21F772CCB720DFEF9E4285AAC3605F577751B6CB8F3FF99 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
-
TDSS Killer Log:
01:06:21.0000 0x08ec TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
01:06:21.0109 0x08ec ============================================================
01:06:21.0109 0x08ec Current date / time: 2013/11/18 01:06:21.0109
01:06:21.0109 0x08ec SystemInfo:
01:06:21.0109 0x08ec
01:06:21.0109 0x08ec OS Version: 5.1.2600 ServicePack: 3.0
01:06:21.0109 0x08ec Product type: Workstation
01:06:21.0109 0x08ec ComputerName: GAITENS-PC
01:06:21.0109 0x08ec UserName: Gaitens
01:06:21.0109 0x08ec Windows directory: C:\WINDOWS
01:06:21.0109 0x08ec System windows directory: C:\WINDOWS
01:06:21.0109 0x08ec Processor architecture: Intel x86
01:06:21.0109 0x08ec Number of processors: 2
01:06:21.0109 0x08ec Page size: 0x1000
01:06:21.0109 0x08ec Boot type: Normal boot
01:06:21.0109 0x08ec ============================================================
01:06:21.0109 0x08ec BG loaded
01:06:21.0421 0x08ec System UUID: {6201280A-1680-7E25-073B-C88DDC06133D}
01:06:22.0484 0x08ec Drive \Device\Harddisk0\DR0 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:06:22.0500 0x08ec ============================================================
01:06:22.0500 0x08ec \Device\Harddisk0\DR0:
01:06:22.0500 0x08ec MBR partitions:
01:06:22.0500 0x08ec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA8544EC
01:06:22.0500 0x08ec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA85456A, BlocksNum 0x180C415B
01:06:22.0500 0x08ec ============================================================
01:06:22.0609 0x08ec D: <-> \Device\Harddisk0\DR0\Partition2
01:06:22.0656 0x08ec C: <-> \Device\Harddisk0\DR0\Partition1
01:06:22.0671 0x08ec ============================================================
01:06:22.0671 0x08ec Initialize success
01:06:22.0671 0x08ec ============================================================
01:08:53.0546 0x060c ============================================================
01:08:53.0546 0x060c Scan started
01:08:53.0546 0x060c Mode: Manual; SigCheck; TDLFS;
01:08:53.0546 0x060c ============================================================
01:08:53.0546 0x060c KSN ping started
01:09:00.0703 0x060c KSN ping finished: false
01:09:01.0484 0x060c ================ Scan system memory ========================
01:09:01.0484 0x060c System memory - ok
01:09:01.0484 0x060c ================ Scan services =============================
01:09:01.0593 0x060c Abiosdsk - ok
01:09:01.0593 0x060c abp480n5 - ok
01:09:01.0640 0x060c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:09:02.0765 0x060c ACPI - ok
01:09:02.0843 0x060c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
01:09:02.0953 0x060c ACPIEC - ok
01:09:03.0015 0x060c [ 4ACF9052A6355D1530CF782E0919C5B4, A20B733010D29AB8F21A17D3FBD3C6354BA8F9D75D116348D93548ABA5F4E4BD ] ACS C:\WINDOWS\system32\acs.exe
01:09:03.0031 0x060c ACS - detected UnsignedFile.Multi.Generic ( 1 )
01:09:13.0140 0x060c ACS ( UnsignedFile.Multi.Generic ) - warning
01:09:20.0796 0x060c [ AF9658974154C3B6A333D86DC2E0AAC8, C3FCFC9EC01D7C96BA953CCCC8B540048ECC2840E8FA2C1994EEFD95E69D908A ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
01:09:20.0875 0x060c Ad-Aware Service - ok
01:09:20.0890 0x060c adpu160m - ok
01:09:20.0921 0x060c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
01:09:21.0046 0x060c aec - ok
01:09:21.0078 0x060c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
01:09:21.0109 0x060c AFD - ok
01:09:21.0125 0x060c Aha154x - ok
01:09:21.0125 0x060c aic78u2 - ok
01:09:21.0140 0x060c aic78xx - ok
01:09:21.0156 0x060c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
01:09:21.0281 0x060c Alerter - ok
01:09:21.0296 0x060c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
01:09:21.0343 0x060c ALG - ok
01:09:21.0359 0x060c AliIde - ok
01:09:21.0359 0x060c amsint - ok
01:09:21.0421 0x060c [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:09:21.0437 0x060c Apple Mobile Device - ok
01:09:21.0468 0x060c [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
01:09:21.0531 0x060c AppMgmt - ok
01:09:21.0656 0x060c [ 3BC98A53C0ABE3FEB3B2B9B3BD9E7AA5, 6F9128B473A18560806F2C953D77677DD6A862E49B6EDDAD51CBF3DCA1A97ADE ] AR9271 C:\WINDOWS\system32\DRIVERS\athuw.sys
01:09:21.0906 0x060c AR9271 - ok
01:09:21.0953 0x060c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:09:22.0062 0x060c Arp1394 - ok
01:09:22.0062 0x060c asc - ok
01:09:22.0078 0x060c asc3350p - ok
01:09:22.0078 0x060c asc3550 - ok
01:09:22.0140 0x060c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:09:22.0171 0x060c aspnet_state - ok
01:09:22.0187 0x060c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:09:22.0312 0x060c AsyncMac - ok
01:09:22.0343 0x060c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
01:09:22.0453 0x060c atapi - ok
01:09:22.0468 0x060c Atdisk - ok
01:09:22.0531 0x060c [ 42E4E2CF0406394BBCE7EB358AE4E208, 0A934F89AA687C44AB08E66139E4DD91E6988895CA38198B0D5741EE69382DA2 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
01:09:22.0625 0x060c Ati HotKey Poller - ok
01:09:22.0875 0x060c [ 81C3E6674D0609AA84C07681BCA252DE, D9AE93C4BF19AA9BF1AFE32D9EB57CBA764B727EA98C8673832987A43EE974E1 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:09:23.0140 0x060c ati2mtag - ok
01:09:23.0187 0x060c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:09:23.0296 0x060c Atmarpc - ok
01:09:23.0312 0x060c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
01:09:23.0421 0x060c AudioSrv - ok
01:09:23.0453 0x060c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
01:09:23.0546 0x060c audstub - ok
01:09:23.0609 0x060c [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
01:09:23.0640 0x060c Autodesk Licensing Service - ok
01:09:23.0750 0x060c [ AC9585B420C7FF0A25B078EBB7642AE9, 999F09645F675436ADE79083CC038C44527C6B287D19D6FC6575B5D1EFC45631 ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe
01:09:23.0765 0x060c BBSvc - ok
01:09:23.0796 0x060c [ D829E0575EE424F77E78340D362B3664, 54255DCD0A36FCE189C29C9457F17AA6A095C60EB93C94A7DB3B77FC9891185C ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe
01:09:23.0828 0x060c BBUpdate - ok
01:09:23.0921 0x060c [ BCDF72DCE41874B3AD9143D537B493B2, C048C773137DD94C980179E90FAE7D90A6902DA0153342B33E784DB04C16385A ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
01:09:24.0015 0x060c BCMH43XX - ok
01:09:24.0062 0x060c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:09:24.0171 0x060c Beep - ok
01:09:24.0218 0x060c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
01:09:24.0406 0x060c BITS - ok
01:09:24.0437 0x060c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
01:09:24.0484 0x060c Browser - ok
01:09:24.0500 0x060c catchme - ok
01:09:24.0515 0x060c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
01:09:24.0640 0x060c cbidf2k - ok
01:09:24.0687 0x060c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:09:24.0781 0x060c CCDECODE - ok
01:09:24.0781 0x060c cd20xrnt - ok
01:09:24.0812 0x060c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
01:09:24.0921 0x060c Cdaudio - ok
01:09:24.0953 0x060c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
01:09:25.0062 0x060c Cdfs - ok
01:09:25.0062 0x060c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:09:25.0171 0x060c Cdrom - ok
01:09:25.0171 0x060c Changer - ok
01:09:25.0187 0x060c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
01:09:25.0296 0x060c CiSvc - ok
01:09:25.0328 0x060c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
01:09:25.0421 0x060c ClipSrv - ok
01:09:25.0453 0x060c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:09:25.0515 0x060c clr_optimization_v2.0.50727_32 - ok
01:09:25.0515 0x060c CmdIde - ok
01:09:25.0515 0x060c COMSysApp - ok
01:09:25.0531 0x060c Cpqarray - ok
01:09:25.0546 0x060c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
01:09:25.0656 0x060c CryptSvc - ok
01:09:25.0656 0x060c dac2w2k - ok
01:09:25.0671 0x060c dac960nt - ok
01:09:25.0812 0x060c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:09:26.0140 0x060c DcomLaunch - ok
01:09:26.0187 0x060c [ B34DAFA517F838B82A4256B08346917F, 471649BE27B1E5EFD0BA062A2374FB911C99EDF6C3A0D43617C7115DE8C3A039 ] DELTA C:\WINDOWS\system32\DRIVERS\delta.sys
01:09:26.0218 0x060c DELTA - detected UnsignedFile.Multi.Generic ( 1 )
01:09:26.0218 0x060c DELTA ( UnsignedFile.Multi.Generic ) - warning
01:09:26.0218 0x060c DELTAII - ok
01:09:26.0250 0x060c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
01:09:26.0359 0x060c Dhcp - ok
01:09:26.0375 0x060c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
01:09:26.0500 0x060c Disk - ok
01:09:26.0500 0x060c dmadmin - ok
01:09:26.0578 0x060c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
01:09:26.0765 0x060c dmboot - ok
01:09:26.0796 0x060c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
01:09:26.0921 0x060c dmio - ok
01:09:26.0953 0x060c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
01:09:27.0046 0x060c dmload - ok
01:09:27.0062 0x060c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
01:09:27.0171 0x060c dmserver - ok
01:09:27.0203 0x060c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
01:09:27.0312 0x060c DMusic - ok
01:09:27.0343 0x060c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:09:27.0390 0x060c Dnscache - ok
01:09:27.0421 0x060c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
01:09:27.0546 0x060c Dot3svc - ok
01:09:27.0546 0x060c dpti2o - ok
01:09:27.0578 0x060c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:09:27.0671 0x060c drmkaud - ok
01:09:27.0687 0x060c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
01:09:27.0812 0x060c EapHost - ok
01:09:27.0843 0x060c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
01:09:27.0937 0x060c ERSvc - ok
01:09:27.0984 0x060c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
01:09:28.0031 0x060c Eventlog - ok
01:09:28.0062 0x060c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
01:09:28.0093 0x060c EventSystem - ok
01:09:28.0125 0x060c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
01:09:28.0234 0x060c Fastfat - ok
01:09:28.0265 0x060c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:09:28.0328 0x060c FastUserSwitchingCompatibility - ok
01:09:28.0328 0x060c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
01:09:28.0421 0x060c Fdc - ok
01:09:28.0453 0x060c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
01:09:28.0562 0x060c Fips - ok
01:09:28.0578 0x060c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:09:28.0671 0x060c Flpydisk - ok
01:09:28.0703 0x060c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:09:28.0828 0x060c FltMgr - ok
01:09:28.0875 0x060c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:09:28.0890 0x060c FontCache3.0.0.0 - ok
01:09:28.0921 0x060c [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
01:09:28.0937 0x060c fssfltr - ok
01:09:29.0046 0x060c [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
01:09:29.0125 0x060c fsssvc - ok
01:09:29.0140 0x060c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:09:29.0250 0x060c Fs_Rec - ok
01:09:29.0265 0x060c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:09:29.0375 0x060c Ftdisk - ok
01:09:29.0390 0x060c [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:09:29.0406 0x060c GEARAspiWDM - ok
01:09:29.0437 0x060c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:09:29.0546 0x060c Gpc - ok
01:09:29.0625 0x060c [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
01:09:29.0640 0x060c gupdate - ok
01:09:29.0656 0x060c [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
01:09:29.0671 0x060c gupdatem - ok
01:09:29.0750 0x060c [ 4236E014632F4163F53EBB717F41594C, 0C29E1A6C036EC81E50D66503BCA4081706245E06EED5C4A92B13C23FDECB6DB ] HCF_MSFT C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
01:09:29.0937 0x060c HCF_MSFT - ok
01:09:29.0984 0x060c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:09:30.0093 0x060c HDAudBus - ok
01:09:30.0140 0x060c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:09:30.0265 0x060c helpsvc - ok
01:09:30.0281 0x060c [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
01:09:30.0390 0x060c HidServ - ok
01:09:30.0421 0x060c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:09:30.0531 0x060c hidusb - ok
01:09:30.0562 0x060c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
01:09:30.0671 0x060c hkmsvc - ok
01:09:30.0671 0x060c hpn - ok
01:09:30.0703 0x060c [ 9F1D80908658EB7F1BF70809E0B51470, 84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:09:30.0781 0x060c HPZid412 - ok
01:09:30.0781 0x060c [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3, 886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:09:30.0828 0x060c HPZipr12 - ok
01:09:30.0843 0x060c [ CF1B7951B4EC8D13F3C93B74BB2B461B, 3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:09:30.0875 0x060c HPZius12 - ok
01:09:30.0906 0x060c [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
01:09:30.0937 0x060c HTCAND32 - ok
01:09:30.0968 0x060c [ 04E3B3554076B8192A668EFE88A682A1, 95EE46A1100178CC1989D61897239C09694647CA638E25CED10005730728E7A5 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
01:09:31.0000 0x060c htcnprot - ok
01:09:31.0031 0x060c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
01:09:31.0062 0x060c HTTP - ok
01:09:31.0093 0x060c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
01:09:31.0203 0x060c HTTPFilter - ok
01:09:31.0203 0x060c i2omgmt - ok
01:09:31.0218 0x060c i2omp - ok
01:09:31.0250 0x060c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:09:31.0343 0x060c i8042prt - ok
01:09:31.0687 0x060c [ 2AAE7BE67911F4AEC9AD28E9CFB9096F, A06A325ABECFA76F50D9E11940EA5840228795A78961B9D4412680AD0CD50687 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:09:32.0296 0x060c ialm - ok
01:09:32.0421 0x060c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:09:32.0531 0x060c idsvc - ok
01:09:32.0562 0x060c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
01:09:32.0671 0x060c Imapi - ok
01:09:32.0843 0x060c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
01:09:32.0968 0x060c ImapiService - ok
01:09:32.0968 0x060c ini910u - ok
01:09:33.0312 0x060c [ EB5608FD4F2961517AC9F5CAC88B023B, 31F3EFF97D332B03314CD57519ECFBDEF7FE8C3992E3C81602ABE3D60ABD7608 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:09:33.0843 0x060c IntcAzAudAddService - ok
01:09:33.0859 0x060c IntelIde - ok
01:09:33.0906 0x060c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:09:34.0015 0x060c intelppm - ok
01:09:34.0046 0x060c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:09:34.0140 0x060c Ip6Fw - ok
01:09:34.0171 0x060c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:09:34.0265 0x060c IpFilterDriver - ok
01:09:34.0281 0x060c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:09:34.0390 0x060c IpInIp - ok
01:09:34.0406 0x060c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:09:34.0531 0x060c IpNat - ok
01:09:34.0593 0x060c [ 49918803B661367023BF325CF602AFDC, 2821451FD31EAFCB5D3081998756F7274B4C2594E9A378EEE5C1D5D92C1FC58C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:09:34.0640 0x060c iPod Service - ok
01:09:34.0687 0x060c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:09:34.0781 0x060c IPSec - ok
01:09:34.0812 0x060c [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
01:09:34.0859 0x060c irda - ok
01:09:34.0890 0x060c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
01:09:34.0937 0x060c IRENUM - ok
01:09:34.0953 0x060c [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] Irmon C:\WINDOWS\System32\irmon.dll
01:09:35.0000 0x060c Irmon - ok
01:09:35.0015 0x060c [ 0501F0B9AB08425F8C0EACBDCC04AA32, 7764734BCA35CFF4E60B9F05553DF7500F03CB6A5398826746705FD758AE4D0A ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
01:09:35.0078 0x060c irsir - ok
01:09:35.0125 0x060c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:09:35.0218 0x060c isapnp - ok
01:09:35.0328 0x060c [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
01:09:35.0343 0x060c JavaQuickStarterService - ok
01:09:35.0390 0x060c [ AD7C73C72480EECB7675C90EB565E7CB, 3975739F539F153F3FF83F04CF146F4ED72EEB18978209D0D5ACE24197BD5879 ] jswpsapi C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
01:09:35.0453 0x060c jswpsapi - detected UnsignedFile.Multi.Generic ( 1 )
01:09:35.0453 0x060c jswpsapi ( UnsignedFile.Multi.Generic ) - warning
01:09:35.0453 0x060c Force sending object to P2P due to detect: C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
01:09:35.0468 0x060c Object send P2P result: false
01:09:35.0515 0x060c [ AD67795900AA8C05CC4570F5349E0639, D74DEDC8E88504C1D81108B561F9109B6D9583028280089B17DF38EDB04DBBBC ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys
01:09:35.0546 0x060c JSWSCIMD - ok
01:09:35.0578 0x060c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:09:35.0687 0x060c Kbdclass - ok
01:09:35.0703 0x060c [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:09:35.0796 0x060c kbdhid - ok
01:09:35.0843 0x060c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
01:09:35.0984 0x060c kmixer - ok
01:09:36.0015 0x060c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
01:09:36.0093 0x060c KSecDD - ok
01:09:36.0125 0x060c [ E141AB3701EA166109212DCA4B28CA2C, B24BCC253FF334568CB55313CC6B5370085D8234C10BF2A42F22A56F8355FA21 ] L8042Kbd C:\WINDOWS\system32\Drivers\L8042Kbd.sys
01:09:36.0140 0x060c L8042Kbd - ok
01:09:36.0156 0x060c [ F0F944E4DA9A75DEE6A37D4AFC7E1BBC, 6A32BA16F26AFF5A9FC0AFF1EA03B6BC2D0ED9262DD9CEA498388F534F0DEF28 ] L8042mou C:\WINDOWS\system32\Drivers\L8042mou.sys
01:09:36.0171 0x060c L8042mou - ok
01:09:36.0203 0x060c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
01:09:36.0234 0x060c LanmanServer - ok
01:09:36.0265 0x060c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:09:36.0312 0x060c lanmanworkstation - ok
01:09:36.0328 0x060c [ B28C741AE2912A079CF90041A9E5C0A4, D4730585D24E89F1426091E9AAEC4C93D4F4D68BF06796FB9875966130BAC81D ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
01:09:36.0328 0x060c LBeepKE - detected UnsignedFile.Multi.Generic ( 1 )
01:09:36.0328 0x060c LBeepKE ( UnsignedFile.Multi.Generic ) - warning
01:09:36.0343 0x060c lbrtfdc - ok
01:09:36.0359 0x060c [ DD40C03D85649205EC086722474C8A63, AE90C3B9FF1D4A205D1646F32CBD709DB544A90F36FD14077517B433B9A089D5 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
01:09:36.0375 0x060c LHidKe - ok
01:09:36.0406 0x060c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
01:09:36.0515 0x060c LmHosts - ok
01:09:36.0515 0x060c [ 2EBD4C02D259944869630A912EC86BCE, 26048FE85C2E8D54D0DB071119857F73E443917D5FB439C93A4350EE3B77D881 ] LMouKE C:\WINDOWS\system32\Drivers\LMouKE.sys
01:09:36.0531 0x060c LMouKE - ok
01:09:36.0578 0x060c [ 9E9306063ECD8AA91B3FB76678D3CEE2, 892E749B670F9CBBE242C613F8B2A5BEE4D1D539C5F6FCEA46C6D637598B7139 ] LVUSBSta C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
01:09:36.0593 0x060c LVUSBSta - ok
01:09:36.0640 0x060c [ F8B823414A22DBF3BEC10DCAA5F93CD8, 651C7521033439C0AA9006F1AC2CF376B1588CE781BEE4D10B7622FA3D055F6C ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
01:09:36.0703 0x060c McciCMService - detected UnsignedFile.Multi.Generic ( 1 )
01:09:36.0703 0x060c McciCMService ( UnsignedFile.Multi.Generic ) - warning
01:09:36.0765 0x060c [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
01:09:36.0796 0x060c McComponentHostService - ok
01:09:36.0843 0x060c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
01:09:36.0875 0x060c MDM - ok
01:09:36.0890 0x060c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
01:09:37.0000 0x060c Messenger - ok
01:09:37.0031 0x060c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
01:09:37.0125 0x060c mnmdd - ok
01:09:37.0156 0x060c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
01:09:37.0265 0x060c mnmsrvc - ok
01:09:37.0281 0x060c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
01:09:37.0406 0x060c Modem - ok
01:09:37.0421 0x060c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:09:37.0515 0x060c Mouclass - ok
01:09:37.0546 0x060c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:09:37.0656 0x060c mouhid - ok
01:09:37.0671 0x060c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
01:09:37.0781 0x060c MountMgr - ok
01:09:37.0796 0x060c mraid35x - ok
01:09:37.0812 0x060c [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
01:09:37.0828 0x060c MREMP50 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0828 0x060c MREMP50 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0859 0x060c [ 2BC9E43F55DE8C30FC817ED56D0EE907, 0100BE629A0B80DDBC87AECA8E558C8B90A9884CE0530673899DC946D3A6C069 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
01:09:37.0859 0x060c MREMPR5 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0875 0x060c MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0875 0x060c [ 594B9D8194E3F4ECBF0325BD10BBEB05, BA002410AB77F129564FBA4BA2989B8E4E7128F81C016D742ADBAA40D55728F3 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
01:09:37.0890 0x060c MRENDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0890 0x060c MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0906 0x060c [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
01:09:37.0906 0x060c MRESP50 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0906 0x060c MRESP50 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0921 0x060c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:09:38.0046 0x060c MRxDAV - ok
01:09:38.0078 0x060c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:09:38.0156 0x060c MRxSmb - ok
01:09:38.0171 0x060c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
01:09:38.0281 0x060c MSDTC - ok
01:09:38.0312 0x060c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:09:38.0421 0x060c Msfs - ok
01:09:38.0421 0x060c MSIServer - ok
01:09:38.0437 0x060c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:09:38.0546 0x060c MSKSSRV - ok
01:09:38.0562 0x060c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:09:38.0656 0x060c MSPCLOCK - ok
01:09:38.0671 0x060c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:09:38.0781 0x060c MSPQM - ok
01:09:38.0796 0x060c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:09:38.0890 0x060c mssmbios - ok
01:09:38.0921 0x060c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01:09:39.0015 0x060c MSTEE - ok
01:09:39.0062 0x060c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01:09:39.0078 0x060c Mup - ok
01:09:39.0109 0x060c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:09:39.0203 0x060c NABTSFEC - ok
01:09:39.0265 0x060c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
01:09:39.0390 0x060c napagent - ok
01:09:39.0421 0x060c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01:09:39.0531 0x060c NDIS - ok
01:09:39.0562 0x060c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:09:39.0656 0x060c NdisIP - ok
01:09:39.0703 0x060c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:09:39.0734 0x060c NdisTapi - ok
01:09:39.0765 0x060c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:09:39.0875 0x060c Ndisuio - ok
01:09:39.0875 0x060c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:09:39.0984 0x060c NdisWan - ok
01:09:40.0015 0x060c [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:09:40.0046 0x060c NDProxy - ok
01:09:40.0078 0x060c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:09:40.0171 0x060c NetBIOS - ok
01:09:40.0187 0x060c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:09:40.0296 0x060c NetBT - ok
01:09:40.0328 0x060c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
01:09:40.0421 0x060c NetDDE - ok
01:09:40.0437 0x060c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
01:09:40.0531 0x060c NetDDEdsdm - ok
01:09:40.0562 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:09:40.0656 0x060c Netlogon - ok
01:09:40.0750 0x060c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
01:09:41.0156 0x060c Netman - ok
01:09:41.0187 0x060c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:09:41.0218 0x060c NetTcpPortSharing - ok
01:09:41.0250 0x060c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:09:41.0359 0x060c NIC1394 - ok
01:09:41.0375 0x060c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
01:09:41.0406 0x060c Nla - ok
01:09:41.0421 0x060c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:09:41.0515 0x060c Npfs - ok
01:09:41.0562 0x060c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:09:41.0718 0x060c Ntfs - ok
01:09:41.0734 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
01:09:41.0828 0x060c NtLmSsp - ok
01:09:41.0875 0x060c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
01:09:42.0031 0x060c NtmsSvc - ok
01:09:42.0046 0x060c [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
01:09:42.0062 0x060c NuidFltr - ok
01:09:42.0093 0x060c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
01:09:42.0187 0x060c Null - ok
01:09:42.0328 0x060c [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:09:42.0609 0x060c nv - ok
01:09:42.0625 0x060c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:09:43.0000 0x060c NwlnkFlt - ok
01:09:43.0015 0x060c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:09:43.0109 0x060c NwlnkFwd - ok
01:09:43.0125 0x060c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:09:43.0234 0x060c ohci1394 - ok
01:09:43.0265 0x060c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:09:43.0281 0x060c ose - ok
01:09:43.0375 0x060c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
01:09:43.0500 0x060c Parport - ok
01:09:43.0515 0x060c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
01:09:43.0640 0x060c PartMgr - ok
01:09:43.0703 0x060c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
01:09:43.0875 0x060c ParVdm - ok
01:09:43.0937 0x060c [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
01:09:43.0937 0x060c PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
01:09:43.0953 0x060c PassThru Service ( UnsignedFile.Multi.Generic ) - warning
01:09:43.0984 0x060c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
01:09:44.0093 0x060c PCI - ok
01:09:44.0093 0x060c PCIDump - ok
01:09:44.0109 0x060c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
01:09:44.0203 0x060c PCIIde - ok
01:09:44.0265 0x060c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
01:09:44.0390 0x060c Pcmcia - ok
01:09:44.0390 0x060c PDCOMP - ok
01:09:44.0390 0x060c PDFRAME - ok
01:09:44.0406 0x060c PDRELI - ok
01:09:44.0406 0x060c PDRFRAME - ok
01:09:44.0421 0x060c perc2 - ok
01:09:44.0421 0x060c perc2hib - ok
01:09:44.0546 0x060c [ 0DA6C5E0C8DA6CEBE52DAACFE7AE9DE6, 6D42AB7A9D45BEEC387A61C9801AD6707F4BBA33BAA8C35A3419C43CC6862EC3 ] PID_PEPI C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
01:09:44.0671 0x060c PID_PEPI - ok
01:09:44.0687 0x060c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
01:09:44.0734 0x060c PlugPlay - ok
01:09:44.0812 0x060c [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
01:09:44.0890 0x060c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:44.0890 0x060c Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:09:44.0953 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
01:09:45.0046 0x060c PolicyAgent - ok
01:09:45.0093 0x060c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:09:45.0187 0x060c PptpMiniport - ok
01:09:45.0187 0x060c Profos - ok
01:09:45.0203 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:09:45.0296 0x060c ProtectedStorage - ok
01:09:45.0312 0x060c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
01:09:45.0421 0x060c PSched - ok
01:09:45.0453 0x060c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:09:45.0546 0x060c Ptilink - ok
01:09:45.0546 0x060c ql1080 - ok
01:09:45.0562 0x060c Ql10wnt - ok
01:09:45.0562 0x060c ql12160 - ok
01:09:45.0578 0x060c ql1240 - ok
01:09:45.0578 0x060c ql1280 - ok
01:09:45.0593 0x060c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:09:45.0687 0x060c RasAcd - ok
01:09:45.0718 0x060c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:09:45.0812 0x060c RasAuto - ok
01:09:45.0828 0x060c [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
01:09:45.0875 0x060c Rasirda - ok
01:09:45.0875 0x060c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:09:45.0984 0x060c Rasl2tp - ok
01:09:46.0015 0x060c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:09:46.0109 0x060c RasMan - ok
01:09:46.0125 0x060c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:09:46.0234 0x060c RasPppoe - ok
01:09:46.0250 0x060c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
01:09:46.0359 0x060c Raspti - ok
01:09:46.0406 0x060c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:09:46.0515 0x060c Rdbss - ok
01:09:46.0546 0x060c [ 91154E400C7E66F3953F3532930EF33A, 04276F605C33DDFF2F236F85576506B72220C3E7C5B29F01FD5D92434974B321 ] RDID1061 C:\WINDOWS\system32\Drivers\rdwm1061.sys
01:09:46.0578 0x060c RDID1061 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:46.0578 0x060c RDID1061 ( UnsignedFile.Multi.Generic ) - warning
01:09:46.0593 0x060c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:09:46.0687 0x060c RDPCDD - ok
01:09:46.0734 0x060c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:09:46.0843 0x060c rdpdr - ok
01:09:46.0875 0x060c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
01:09:46.0968 0x060c RDPWD - ok
01:09:47.0015 0x060c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
01:09:47.0125 0x060c RDSessMgr - ok
01:09:47.0140 0x060c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
01:09:47.0250 0x060c redbook - ok
01:09:47.0265 0x060c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:09:47.0375 0x060c RemoteAccess - ok
01:09:47.0421 0x060c [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
01:09:47.0531 0x060c RemoteRegistry - ok
01:09:47.0546 0x060c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:09:47.0640 0x060c RpcLocator - ok
01:09:47.0687 0x060c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
01:09:47.0718 0x060c RpcSs - ok
01:09:47.0796 0x060c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
01:09:47.0921 0x060c RSVP - ok
01:09:47.0953 0x060c [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
01:09:48.0046 0x060c rtl8139 - ok
01:09:48.0093 0x060c [ B2961A8861DA27C4562282C3707250F5, 880964DB5186A56376FA9E80E8CEE83DF3D124A5AECC34F6F8F6B074961931CC ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
01:09:48.0125 0x060c RTLE8023xp - ok
01:09:48.0140 0x060c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
01:09:48.0218 0x060c SamSs - ok
01:09:48.0437 0x060c [ BCE943896289A91AD75CC5652620B1C6, 6D261602C210888DD26215115A43FDCA29A96FFE649ABF0B7E67080B7DEAECED ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
01:09:48.0656 0x060c SBAMSvc - ok
01:09:48.0671 0x060c [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069, DDB6CE351714DFC783F75254D23402AD75BEACF4B7AB56321CD397339202E89D ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
01:09:48.0671 0x060c sbaphd - ok
01:09:48.0703 0x060c [ 3FFF8CDA4D2F29CA06F1557E85163C30, 83B6DC7652A9B6518EE768B0DE34275BFAB0A62E4459E51BD461636BC539D8CC ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
01:09:48.0718 0x060c sbapifs - ok
01:09:48.0734 0x060c [ 1FD538C4FEB36B793D2121F20BBDC16F, 4785268D6116BD7363FD1802784D706A4392B3CCEBAE2840789A147903706BFB ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
01:09:48.0750 0x060c SBRE - ok
01:09:48.0796 0x060c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
01:09:48.0906 0x060c SCardSvr - ok
01:09:48.0937 0x060c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:09:49.0046 0x060c Schedule - ok
01:09:49.0062 0x060c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:09:49.0109 0x060c Secdrv - ok
01:09:49.0125 0x060c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
01:09:49.0218 0x060c seclogon - ok
01:09:49.0250 0x060c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
01:09:49.0359 0x060c SENS - ok
01:09:49.0375 0x060c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
01:09:49.0468 0x060c serenum - ok
01:09:49.0500 0x060c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
01:09:49.0593 0x060c Serial - ok
01:09:49.0625 0x060c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
01:09:49.0734 0x060c Sfloppy - ok
01:09:49.0781 0x060c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:09:49.0906 0x060c SharedAccess - ok
01:09:49.0921 0x060c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:09:49.0937 0x060c ShellHWDetection - ok
01:09:49.0953 0x060c Simbad - ok
01:09:49.0968 0x060c [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
01:09:50.0078 0x060c sisagp - ok
01:09:50.0078 0x060c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:09:50.0187 0x060c SLIP - ok
01:09:50.0187 0x060c Sparrow - ok
01:09:50.0234 0x060c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
01:09:50.0328 0x060c splitter - ok
01:09:50.0359 0x060c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
01:09:50.0390 0x060c Spooler - ok
01:09:50.0437 0x060c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
-
I couldn't see the open report line so wasn't able to save the log.
It detected a trojan.redirect I think called acpi which was in the drivers folder. I don't know if you need to see the specific log or if it saved anywhere. I thought it would give me the option on reboot.
Update;
System still won't restart correctly first time, have to power down fully and then restart. Also still can't run FRST or OTL without getting "program too big for memory error".
-
I think I already done this when I connected it to the internet. I ran this anyway and updated to Java 7 update 45.
What next FRST and OTL still won't run..
-
ESET Scan log:
C:\Documents and Settings\Gaitens\.frostwire5\updates\frostwire-5.3.2.windows.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\Desktop\desktop crap\frostwire-5.2.11.windows.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\5d79fb49-2b566195 multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\My Documents\Downloads\WinZip165Multi-language.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
-
An update, I managed to get this connected to the internet and am managing to run the ESET scanner, it has found 2 threats so far. I'll post the log once its done. I does still concern me that I couldn't run FRST or OTL as above I managed to see the "program too big for memory" error. I checked online and this appears to possibly be a registry virus?
-
tried doing it in safe mode still no luck.
However I managed to see the cmd box a bit better it is saying:
"Program too big to fit in memory" -
Exact same thing is happening with that tool, cmd box pops up and disappears almost straight away.. this is frustrating haha
-
This tool is not working either, when I double click a command box appears but disappears almost straight away.. Whats going on?!
I'm running another MBAM scan just now as that's all I can run but please advise?
Its definitely a 32bit system and I downloaded the 32 bit version.
Computer Failing on BIOS loading Screen
in Resolved Malware Removal Logs
Posted
Sorry, didn't attach it
here it is now.
GMER.log