Blank Desktop with Movable Mouse Cursor

[lynnejm]

Hi.

My laptop boots up, but after logging in (as either a user or administrator), it only loads a blank desktop (I can see the wallpaper but no taskbar, start menu, or desktop icons) with a movable mouse cursor. Ctrl+Alt+Del does not do anything.

I have booted into Safe Mode with Networking and logged in as administrator, but everything runs very slowly there. (The mouse cursor moves properly, and I can type into text boxes well enough, but moving a window or scrolling result in very choppy movements. I tried running Malwarebytes, but it freezes every time. I tried running rkill and TDSKill and then Malwarebytes, but it still froze. I tried Chameleon as well, and Malwarebytes still freezes.

Attached are my dds.txt and attach.txt files.

Thank you in advance for your time. I will do my best to follow the instructions given.

Best wishes,

Lynne

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29

Run by Administrator at 19:23:48 on 2012-10-02

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3572.3249 [GMT -4:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0080829

uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0080829

uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110421124356.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12

mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe

mRun: [secureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe

mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe"

mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"

mRun: [DCPstrApp] c:\program files\dell\dell controlpoint\security manager\SecurityDeviceInfoSetRegistryString.exe

mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe"

mRun: [<NO NAME>]

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"

mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [AClntUsr] c:\program files\altiris\aclient\AClntUsr.EXE

mRun: [AeXAgentLogon] c:\program files\altiris\altiris agent\AeXAgentActivate.exe /logon

mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [DesktopAuthority User Experience] "c:\program files\scriptlogic\desktop authority\client files\8.10.255\cbm\ScriptLogic.CBM.UserExperience.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1343593748859

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343593733671

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {74233DB3-F72F-44EA-94DC-258A624037E6} - hxxp://helpdesk.capecod.edu/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/VSFlex8.CAB

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {FDF527BA-DDDA-11D3-AA82-006094EB09CB} - hxxp://helpdesk.capecod.edu/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/AeXClipboard.CAB

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

LSA: Authentication Packages = msv1_0 wvauth

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\2vrprfa9.default\

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-4-21 436728]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-4-21 88544]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-4-21 145936]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-8-29 244368]

R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [2008-11-24 77976]

S2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968]

S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328]

S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2008-7-31 808296]

S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2008-7-31 21352]

S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-1 455960]

S2 gupdate1ca0eee7327b88e;Google Update Service (gupdate1ca0eee7327b88e);c:\program files\google\update\GoogleUpdate.exe [2009-7-27 133104]

S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-9-25 120128]

S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-4-21 159320]

S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2011-1-12 209760]

S2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [2008-11-24 223313]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-7-3 2458984]

S2 ScriptLogic CBM Service;ScriptLogic CBM Service;c:\program files\scriptlogic\desktop authority\client files\8.10.255\cbm\ScriptLogic.CBM.Agent.exe [2010-11-7 427008]

S2 SLClient;ScriptLogic Service;c:\program files\scriptlogic\desktop authority\client files\8.10.255\SLClient.exe [2010-11-7 557920]

S2 SLInstall;Desktop Authority Client Provisioning Service;c:\windows\system32\slinstall.exe [2011-4-21 557920]

S2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-8-1 69632]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-4-10 671344]

S2 vmware-view-usbd;VMware View USB;c:\program files\vmware\vmware view\client\bin\vmware-view-usbd.exe [2012-5-2 2370560]

S2 wsnm;VMware View Client;c:\program files\vmware\vmware view\client\bin\wsnm.exe [2012-5-2 472176]

S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2008-8-29 108160]

S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832]

S3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2008-8-29 32808]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-27 133104]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-9-26 35144]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-10-2 40776]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-4-21 171296]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-4-21 58456]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-4-21 85152]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]

S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-11-11 30576]

S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [2008-11-24 20632]

S3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [2008-11-24 25240]

S3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [2008-11-24 23192]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\drivers\vmwvusb.sys --> c:\windows\system32\drivers\vmwvusb.sys [?]

.

=============== Created Last 30 ================

.

2012-10-02 22:46:20 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-09-26 19:52:58 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2012-09-26 17:34:55 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes

2012-09-26 17:34:47 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-09-26 17:34:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-26 17:34:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-09-26 13:09:24 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-09-26 13:09:24 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-09-26 12:43:07 -------- d-----w- c:\program files\GUM5.tmp

2012-09-23 00:57:13 -------- d-sh--w- c:\documents and settings\administrator\IECompatCache

2012-09-22 02:55:54 4096000 ----a-w- c:\program files\GUT6.tmp

2012-09-22 02:53:29 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-09-22 02:53:29 -------- d-----w- c:\windows\system32\wbem\Repository

2012-09-22 02:35:07 -------- d-----w- c:\documents and settings\all users\application data\MFAData

2012-09-22 02:35:07 -------- d-----w- c:\documents and settings\all users\application data\Common Files

2012-09-22 02:35:07 -------- d-----w- c:\documents and settings\administrator\local settings\application data\MFAData

.

==================== Find3M ====================

.

2012-09-26 14:12:08 2401 ----a-w- c:\windows\system32\drivers\AlKernel.sys

.

============= FINISH: 19:24:26.35 ===============

attach.txt

dds.txt

[Maniac]

Hello Lynne and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

Please try the following in Safe mode with Networking:

Please download unhide.exe from here and save it to your Desktop. Double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run. When Unhide is complete, it will create a logfile on the Windows Desktop called Unhide.txt . Post the log file in your next reply here and let me know how what is the situation then in Normal mode.

[lynnejm]

Hi, Maniac. Thaanks so much for your time. I ran unhide.exe. It appeared to freeze at "Processing C: drive". In case it needed time, I waited for 30+ minutes but saw no change. I could still move the mouse cursor at that point, but attempting to do anything else showed that everything was frozen, not just unhide.exe. Here is what was in the unhide.txt:

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 10/04/2012 07:25:36 PM

Windows Version: Windows XP

Please be patient while your files are made visible again.

Processing the C:\ drive

Forcing a shut-down, then starting up in Normal mode, and then logging in resulted in the same, original problem: I can see the desktop wallpaper and a movable mouse cursor, but no icons and no taskbar. Neither Ctrl+Alt+Del nor Windows+R resulted in anything. Pressing the power button did nothing, so I had to force shut-down.

I should have been more specific before when I described the freezing up of Malwarebytes and Chameleon links... Just to clarify, when I boot into Safe-mode with Networking and log in, moving of windows and scrolling are very choppy, but I can open IE and the task manager, and run rkill and tdskiller successfully. But as soon as I start Malwarebytes (in any way) or run unhide.exe, they run for a moment and then hang. The command prompt might still be blinking, but no matter how long I wait, the next thing I try to do -- anything -- if the command prompt was blinking, it's not blinking anymore. I can't close or open any windows or programs. Nothing other than move the mouse cursor. I hope that is good information. The only other thing I can think to mention is that sometimes the cursor jumps around, as if I've accidentally hit the touchpad, but more often than I think I might actually be doing.

[Maniac]

Please try again, but this time in Safe mode, not in Safe mode with Networking.

[lynnejm]

Hi, Maniac.

I tried again in Safe Mode (without networking). Unhide.exe appeared to hang again. I let it sit untouched for a few hours. The cursor in the command prompt continued to blink as if it was still working, but as soon as I left-clicked (on the Start button in this case), everything froze, including the mouse cursor.

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 10/05/2012 11:15:04 AM

Windows Version: Windows XP

Please be patient while your files are made visible again.

Processing the C:\ drive

[Maniac]

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
    

[lynnejm]

Hi, Maniac. I ran OTL's quick scan with Scan All users checked and it never completed. I rebooted and tried again with the same results. No new text file was created, and booting into regular mode was the same as before, a blank desktop with moveable mouse. For what it's worth, both times it hung while it was scanning in C:\Documents and Settings\(username)\Cookies. I didn't note which file in Cookies it hung on the first time, but the second time it hung on DE7TC7UD.txt.

Cheers,

Lynne

[Maniac]

Try again in Safe mode with Networking:

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx

[lynnejm]

That was in safe mode with networking. (Sorry, your previous instructions had been to download and run OTL. Since I could only download when in safe mode with networking, I assumed your instructions meant to also run OTL while in the same mode.) Should I try in safe mode without networking too?

[Maniac]

If you already make it in Safe mode with Networking, try in Normal mode and Safe mode.

[lynnejm]

Normal mode doesn't function at all. I ran OTL's quick scan in safe mode (no networking) with Scan All users checked and it never completed. No new text file was created. The program hung as soon as it reached C:\Documents and Settings\(username)\Cookies\DE7TC7UD.txt, the same file as last time.

[Maniac]

Note: Please do not run this tool without special supervision and instruction of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[lynnejm]

I tried running ComboFix in Safe Mode with Networking and in Safe Mode (without networking), and both times it hung at "Attempting to create a new System Restore point" for over an hour in each mode. No new text file was created.

[Maniac]

Did you check in C:\ComboFix.txt ? Please manually delete your copy, download a new fresh one and try to run it in Normal mode.

[lynnejm]

Yes, I looked in C: drive for ComboFix.txt. There is no text file there. There is, however a folder in the C: drive called ComboFix which "contains" local drives (C: and D:), just as My Computer does. (Or maybe you were asking a trick question? )

I deleted ComboFix from the desktop and downloaded a fresh copy using the link you provided above, however I am unable to run it in Normal mode because Normal mode does not function, as mentioned previously.

I ran ComboFix in Safe Mode with Networking with the same results as before. I let ComboFix run for over an hour without clicking anywhere. Very quickly it got to "Attempting to create a new System Restore point" and stayed there for most of the hour.

After an hour, using the mouse button either froze the computer or showed that it had been frozen for some time. I clicked on the Start button and nothing happened. I tried Ctrl+Alt+Del and nothing happened. I had to force a shut down.

ComboFix has now been run in Safe Mode with and without Networking with the same results. The odd C:ComboFix (folder) that acts like My Computer has remained. Normal Mode still doesn't function.

[Maniac]

Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
• Put a checkmark beside loaded modules.
  
  
• A reboot will be needed to apply the changes. Do it.
  
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  
• Then click on Change parameters in TDSSKiller.
  
• Check all boxes then click OK.
  
  
• Click the Start Scan button.
  
  
• The scan should take no longer than 2 minutes.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

[lynnejm]

Hi, Maniac.

I had to split this among two separate posts because it was too long to fit into one (even with just the txt file data alone).

The only differences between your instructions and what happened on my end are:

1. 1.When I clicked on Reboot Now, the computer rebooted, I made it go into Safe Mode with Networking (because Normal mode doesn't function), and TDSKiller did not run automatically. I ran it from the desktop.
   
2. 2.When I clicked on Change Parameters, there was an additional selection under Objects to Scan, which was selected by default both times, called "System Memory". I left it checked both times.
   

Thanks,

Lynne

13:37:17.0875 1764 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

13:37:18.0453 1764 ============================================================

13:37:18.0453 1764 Current date / time: 2012/10/13 13:37:18.0453

13:37:18.0453 1764 SystemInfo:

13:37:18.0453 1764

13:37:18.0453 1764 OS Version: 5.1.2600 ServicePack: 3.0

13:37:18.0453 1764 Product type: Workstation

13:37:18.0453 1764 ComputerName: E64LP01

13:37:18.0453 1764 UserName: Administrator

13:37:18.0453 1764 Windows directory: C:\WINDOWS

13:37:18.0453 1764 System windows directory: C:\WINDOWS

13:37:18.0453 1764 Processor architecture: Intel x86

13:37:18.0453 1764 Number of processors: 2

13:37:18.0453 1764 Page size: 0x1000

13:37:18.0453 1764 Boot type: Safe boot with network

13:37:18.0453 1764 ============================================================

13:37:18.0937 1764 BG loaded

13:37:19.0234 1764 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:37:19.0234 1764 ============================================================

13:37:19.0234 1764 \Device\Harddisk0\DR0:

13:37:19.0234 1764 MBR partitions:

13:37:19.0234 1764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x129E5AF4

13:37:19.0234 1764 ============================================================

13:37:19.0265 1764 C: <-> \Device\Harddisk0\DR0\Partition1

13:37:19.0281 1764 ============================================================

13:37:19.0281 1764 Initialize success

13:37:19.0281 1764 ============================================================

13:41:03.0687 0568 ============================================================

13:41:03.0687 0568 Scan started

13:41:03.0687 0568 Mode: Manual; SigCheck; TDLFS;

13:41:03.0687 0568 ============================================================

13:41:03.0859 0568 ================ Scan system memory ========================

13:41:03.0859 0568 System memory - ok

13:41:03.0859 0568 ================ Scan services =============================

13:41:04.0156 0568 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys

13:41:06.0125 0568 61883 - ok

13:41:06.0140 0568 65116563 - ok

13:41:06.0171 0568 Abiosdsk - ok

13:41:06.0218 0568 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

13:41:06.0328 0568 abp480n5 - ok

13:41:06.0406 0568 AClient - ok

13:41:06.0437 0568 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:41:06.0515 0568 ACPI - ok

13:41:06.0531 0568 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

13:41:06.0609 0568 ACPIEC - ok

13:41:06.0718 0568 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

13:41:06.0734 0568 Adobe Version Cue CS3 - ok

13:41:06.0781 0568 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys

13:41:06.0859 0568 adpu160m - ok

13:41:06.0921 0568 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

13:41:07.0000 0568 aec - ok

13:41:07.0046 0568 [ FDE8ED2C9280AFB8975894AA78EEF59F ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys

13:41:07.0109 0568 AESTAud - ok

13:41:07.0187 0568 [ D8E43DE37F622644B80D519B226F3C91 ] AeXNSClient C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe

13:41:07.0296 0568 AeXNSClient ( UnsignedFile.Multi.Generic ) - warning

13:41:07.0296 0568 AeXNSClient - detected UnsignedFile.Multi.Generic (1)

13:41:07.0343 0568 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

13:41:07.0375 0568 AFD - ok

13:41:07.0421 0568 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys

13:41:07.0515 0568 agp440 - ok

13:41:07.0531 0568 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

13:41:07.0609 0568 agpCPQ - ok

13:41:07.0625 0568 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys

13:41:07.0656 0568 Aha154x - ok

13:41:07.0671 0568 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys

13:41:07.0765 0568 aic78u2 - ok

13:41:07.0765 0568 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys

13:41:07.0843 0568 aic78xx - ok

13:41:07.0890 0568 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

13:41:07.0984 0568 Alerter - ok

13:41:08.0000 0568 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

13:41:08.0046 0568 ALG - ok

13:41:08.0062 0568 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys

13:41:08.0125 0568 AliIde - ok

13:41:08.0140 0568 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys

13:41:08.0218 0568 alim1541 - ok

13:41:08.0250 0568 [ 06112696A1B06692939CF087D1F1C84E ] AlKernel C:\WINDOWS\system32\Drivers\AlKernel.sys

13:41:08.0250 0568 AlKernel ( UnsignedFile.Multi.Generic ) - warning

13:41:08.0250 0568 AlKernel - detected UnsignedFile.Multi.Generic (1)

13:41:08.0296 0568 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys

13:41:08.0390 0568 amdagp - ok

13:41:08.0406 0568 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys

13:41:08.0453 0568 amsint - ok

13:41:08.0484 0568 [ 1DE27858A431A5749E0F3DF54BA935B9 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

13:41:08.0500 0568 ApfiltrService - ok

13:41:08.0546 0568 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

13:41:08.0578 0568 AppMgmt - ok

13:41:08.0609 0568 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

13:41:08.0687 0568 Arp1394 - ok

13:41:08.0703 0568 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys

13:41:08.0781 0568 asc - ok

13:41:08.0796 0568 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys

13:41:08.0828 0568 asc3350p - ok

13:41:08.0859 0568 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys

13:41:08.0953 0568 asc3550 - ok

13:41:09.0031 0568 [ 9AD6EF4D591211A93848103368125B41 ] ASFAgent C:\Program Files\Intel\ASF Agent\ASFAgent.exe

13:41:09.0046 0568 ASFAgent - ok

13:41:09.0093 0568 [ ACEE9813685F4A03EE5A160057DD61A8 ] AsfAlrt C:\WINDOWS\system32\Drivers\AsfAlrt.sys

13:41:09.0109 0568 AsfAlrt - ok

13:41:09.0203 0568 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

13:41:09.0234 0568 aspnet_state - ok

13:41:09.0265 0568 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:41:09.0343 0568 AsyncMac - ok

13:41:09.0375 0568 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

13:41:09.0453 0568 atapi - ok

13:41:09.0468 0568 Atdisk - ok

13:41:09.0484 0568 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:41:09.0562 0568 Atmarpc - ok

13:41:09.0609 0568 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

13:41:09.0687 0568 AudioSrv - ok

13:41:09.0750 0568 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

13:41:09.0812 0568 audstub - ok

13:41:09.0843 0568 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys

13:41:09.0921 0568 Avc - ok

13:41:09.0968 0568 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

13:41:10.0031 0568 Beep - ok

13:41:10.0093 0568 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

13:41:10.0296 0568 BITS - ok

13:41:10.0343 0568 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

13:41:10.0343 0568 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning

13:41:10.0343 0568 Bonjour Service - detected UnsignedFile.Multi.Generic (1)

13:41:10.0406 0568 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll

13:41:10.0484 0568 Browser - ok

13:41:10.0546 0568 [ 4749020C47AA0F13F256D8F694751812 ] buttonsvc32 C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe

13:41:10.0562 0568 buttonsvc32 - ok

13:41:10.0625 0568 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

13:41:10.0718 0568 cbidf - ok

13:41:10.0734 0568 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

13:41:10.0796 0568 cbidf2k - ok

13:41:10.0828 0568 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

13:41:10.0921 0568 CCDECODE - ok

13:41:10.0953 0568 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

13:41:11.0000 0568 cd20xrnt - ok

13:41:11.0015 0568 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

13:41:11.0093 0568 Cdaudio - ok

13:41:11.0125 0568 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

13:41:11.0187 0568 Cdfs - ok

13:41:11.0234 0568 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:41:11.0296 0568 Cdrom - ok

13:41:11.0328 0568 Changer - ok

13:41:11.0375 0568 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

13:41:11.0453 0568 CiSvc - ok

13:41:11.0484 0568 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

13:41:11.0562 0568 ClipSrv - ok

13:41:11.0609 0568 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:41:11.0703 0568 clr_optimization_v2.0.50727_32 - ok

13:41:11.0734 0568 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

13:41:11.0812 0568 CmBatt - ok

13:41:11.0843 0568 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys

13:41:11.0906 0568 CmdIde - ok

13:41:11.0937 0568 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

13:41:12.0015 0568 Compbatt - ok

13:41:12.0031 0568 COMSysApp - ok

13:41:12.0093 0568 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys

13:41:12.0171 0568 Cpqarray - ok

13:41:12.0234 0568 [ 5B0C32A596FDD0AAA10E147E4D71E086 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

13:41:12.0312 0568 Credential Vault Host Control Service - ok

13:41:12.0312 0568 [ 14CE9DEC178A24356BC2FDE8CE586D80 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

13:41:12.0328 0568 Credential Vault Host Storage - ok

13:41:12.0359 0568 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

13:41:12.0437 0568 CryptSvc - ok

13:41:12.0468 0568 [ 6FDBD7618935247D24A84D673D796AD0 ] cvusbdrv C:\WINDOWS\system32\Drivers\cvusbdrv.sys

13:41:12.0468 0568 cvusbdrv - ok

13:41:12.0515 0568 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

13:41:12.0609 0568 dac2w2k - ok

13:41:12.0625 0568 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys

13:41:12.0703 0568 dac960nt - ok

13:41:12.0750 0568 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

13:41:12.0828 0568 DcomLaunch - ok

13:41:12.0921 0568 [ B3DD7677A80F75B2DF38A08585084447 ] dcpsysmgrsvc C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe

13:41:12.0953 0568 dcpsysmgrsvc - ok

13:41:13.0000 0568 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

13:41:13.0078 0568 Dhcp - ok

13:41:13.0125 0568 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

13:41:13.0187 0568 Disk - ok

13:41:13.0234 0568 [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS

13:41:13.0250 0568 DLABMFSM - ok

13:41:13.0265 0568 [ D4587063ACEA776699251E177D719586 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS

13:41:13.0265 0568 DLABOIOM - ok

13:41:13.0281 0568 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

13:41:13.0296 0568 DLACDBHM - ok

13:41:13.0328 0568 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS

13:41:13.0343 0568 DLADResM - ok

13:41:13.0375 0568 [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

13:41:13.0390 0568 DLAIFS_M - ok

13:41:13.0390 0568 [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

13:41:13.0406 0568 DLAOPIOM - ok

13:41:13.0421 0568 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS

13:41:13.0421 0568 DLAPoolM - ok

13:41:13.0437 0568 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

13:41:13.0453 0568 DLARTL_M - ok

13:41:13.0468 0568 [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

13:41:13.0468 0568 DLAUDFAM - ok

13:41:13.0484 0568 [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

13:41:13.0500 0568 DLAUDF_M - ok

13:41:13.0515 0568 dmadmin - ok

13:41:13.0562 0568 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

13:41:13.0718 0568 dmboot - ok

13:41:13.0734 0568 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

13:41:13.0796 0568 dmio - ok

13:41:13.0812 0568 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

13:41:13.0890 0568 dmload - ok

13:41:13.0921 0568 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

13:41:14.0015 0568 dmserver - ok

13:41:14.0046 0568 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

13:41:14.0140 0568 DMusic - ok

13:41:14.0171 0568 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

13:41:14.0281 0568 Dnscache - ok

13:41:14.0312 0568 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

13:41:14.0390 0568 Dot3svc - ok

13:41:14.0421 0568 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys

13:41:14.0515 0568 dpti2o - ok

13:41:14.0531 0568 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

13:41:14.0593 0568 drmkaud - ok

13:41:14.0625 0568 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

13:41:14.0625 0568 DRVMCDB - ok

13:41:14.0656 0568 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

13:41:14.0671 0568 DRVNDDM - ok

13:41:14.0718 0568 [ 10CBD2B278CE365B41DE378632CB5DDB ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y5132.sys

13:41:14.0734 0568 e1yexpress - ok

13:41:14.0781 0568 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

13:41:14.0859 0568 EapHost - ok

13:41:14.0890 0568 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

13:41:14.0968 0568 ERSvc - ok

13:41:15.0015 0568 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

13:41:15.0046 0568 Eventlog - ok

13:41:15.0109 0568 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

13:41:15.0140 0568 EventSystem - ok

13:41:15.0187 0568 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

13:41:15.0250 0568 Fastfat - ok

13:41:15.0312 0568 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

13:41:15.0375 0568 FastUserSwitchingCompatibility - ok

13:41:15.0421 0568 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe

13:41:15.0515 0568 Fax - ok

13:41:15.0546 0568 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

13:41:15.0625 0568 Fdc - ok

13:41:15.0640 0568 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

13:41:15.0718 0568 Fips - ok

13:41:15.0781 0568 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

13:41:15.0843 0568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

13:41:15.0843 0568 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

13:41:15.0859 0568 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

13:41:15.0953 0568 Flpydisk - ok

13:41:15.0968 0568 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

13:41:16.0046 0568 FltMgr - ok

13:41:16.0125 0568 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

13:41:16.0125 0568 FontCache3.0.0.0 - ok

13:41:16.0140 0568 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:41:16.0218 0568 Fs_Rec - ok

13:41:16.0250 0568 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:41:16.0312 0568 Ftdisk - ok

13:41:16.0359 0568 [ 78494AE0F93358179B97571B9E76997C ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

13:41:16.0375 0568 getPlus® Helper - ok

13:41:16.0406 0568 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:41:16.0468 0568 Gpc - ok

13:41:16.0562 0568 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca0eee7327b88e C:\Program Files\Google\Update\GoogleUpdate.exe

13:41:16.0562 0568 gupdate1ca0eee7327b88e - ok

13:41:16.0593 0568 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

13:41:16.0609 0568 gupdatem - ok

13:41:16.0671 0568 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:41:16.0703 0568 gusvc - ok

13:41:16.0750 0568 [ D95554949082FD29A04D351B58396718 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys

13:41:16.0890 0568 Hardlock - ok

13:41:16.0937 0568 [ BC2A32DC079593407AFDE2CFB6B57409 ] hcmon C:\WINDOWS\system32\drivers\hcmon.sys

13:41:16.0953 0568 hcmon - ok

13:41:17.0000 0568 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

13:41:17.0078 0568 HDAudBus - ok

13:41:17.0156 0568 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:41:17.0234 0568 helpsvc - ok

13:41:17.0265 0568 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

13:41:17.0328 0568 HidServ - ok

13:41:17.0359 0568 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:41:17.0421 0568 hidusb - ok

13:41:17.0453 0568 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

13:41:17.0531 0568 hkmsvc - ok

13:41:17.0562 0568 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys

13:41:17.0625 0568 hpn - ok

13:41:17.0671 0568 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

13:41:17.0718 0568 HPZid412 - ok

13:41:17.0750 0568 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

13:41:17.0796 0568 HPZipr12 - ok

13:41:17.0812 0568 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

13:41:17.0859 0568 HPZius12 - ok

13:41:17.0921 0568 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

13:41:17.0953 0568 HTTP - ok

13:41:17.0984 0568 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

13:41:18.0078 0568 HTTPFilter - ok

13:41:18.0093 0568 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys

13:41:18.0171 0568 i2omgmt - ok

13:41:18.0218 0568 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys

13:41:18.0312 0568 i2omp - ok

13:41:18.0359 0568 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:41:18.0437 0568 i8042prt - ok

13:41:18.0500 0568 [ F148C2E931BFC20397EDC0A7B4F8E22B ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

13:41:18.0515 0568 IAANTMON - ok

13:41:18.0578 0568 [ 692830B048AACD7E0D6EDEDF098ACC01 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys

13:41:18.0593 0568 iaStor - ok

13:41:18.0687 0568 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Roxio\Roxio MyDVD Premier\InstallShield\Driver\1050\Intel 32\IDriverT.exe

13:41:18.0703 0568 IDriverT ( UnsignedFile.Multi.Generic ) - warning

13:41:18.0703 0568 IDriverT - detected UnsignedFile.Multi.Generic (1)

13:41:18.0796 0568 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:41:18.0859 0568 idsvc - ok

13:41:18.0906 0568 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

13:41:18.0984 0568 Imapi - ok

13:41:19.0031 0568 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

13:41:19.0109 0568 ImapiService - ok

13:41:19.0171 0568 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys

13:41:19.0265 0568 ini910u - ok

13:41:19.0312 0568 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

13:41:19.0390 0568 IntelIde - ok

13:41:19.0421 0568 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:41:19.0500 0568 intelppm - ok

13:41:19.0531 0568 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

13:41:19.0609 0568 Ip6Fw - ok

13:41:19.0625 0568 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:41:19.0687 0568 IpFilterDriver - ok

13:41:19.0703 0568 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:41:19.0765 0568 IpInIp - ok

13:41:19.0796 0568 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:41:19.0859 0568 IpNat - ok

13:41:19.0890 0568 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:41:19.0953 0568 IPSec - ok

13:41:19.0984 0568 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

13:41:20.0015 0568 IRENUM - ok

13:41:20.0062 0568 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:41:20.0140 0568 isapnp - ok

13:41:20.0312 0568 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

13:41:20.0343 0568 JavaQuickStarterService - ok

13:41:20.0375 0568 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:41:20.0453 0568 Kbdclass - ok

13:41:20.0484 0568 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

13:41:20.0562 0568 kbdhid - ok

13:41:20.0593 0568 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

13:41:20.0703 0568 kmixer - ok

13:41:20.0734 0568 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

13:41:20.0828 0568 KSecDD - ok

13:41:20.0859 0568 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

13:41:20.0890 0568 LanmanServer - ok

13:41:20.0937 0568 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

13:41:20.0968 0568 lanmanworkstation - ok

13:41:20.0984 0568 lbrtfdc - ok

13:41:21.0062 0568 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

13:41:21.0140 0568 LmHosts - ok

13:41:21.0171 0568 [ 34F2249A8EEE91AD85FBDB7440C0DF96 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys

13:41:21.0187 0568 mbamchameleon - ok

13:41:21.0218 0568 MBAMSwissArmy - ok

13:41:21.0312 0568 [ 39E75F7E4C913587C399016C2F29315E ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe

13:41:21.0359 0568 McAfeeFramework - ok

13:41:21.0437 0568 [ 50182E471B44C7A0F63B46E2DEF08B0F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

13:41:21.0437 0568 McShield - ok

13:41:21.0484 0568 [ B15BB3AEF59158B4E1DDA5328C842713 ] McTaskManager C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

13:41:21.0500 0568 McTaskManager - ok

13:41:21.0562 0568 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

13:41:21.0578 0568 MDM ( UnsignedFile.Multi.Generic ) - warning

13:41:21.0578 0568 MDM - detected UnsignedFile.Multi.Generic (1)

13:41:21.0625 0568 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

13:41:21.0703 0568 Messenger - ok

13:41:21.0765 0568 [ C0D975D64C1AF8057F2D75B1297A6979 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys

13:41:21.0765 0568 mfeapfk - ok

13:41:21.0812 0568 [ C169326049A8A03D5F905B34F5A65F8C ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys

13:41:21.0812 0568 mfeavfk - ok

13:41:21.0859 0568 [ 50B0253B2484A306A20D8695C5AE5858 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys

13:41:21.0875 0568 mfebopk - ok

13:41:21.0906 0568 [ 188B40866DB2AB8EF262FEBC65291687 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys

13:41:21.0937 0568 mfehidk - ok

13:41:21.0953 0568 [ C1B30AF2E18E69BF8CEB39B33F32D3C1 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys

13:41:21.0968 0568 mferkdet - ok

13:41:22.0000 0568 [ 97EF4CA122DDDA4781FF557E65DFB262 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys

13:41:22.0000 0568 mfetdi2k - ok

13:41:22.0046 0568 [ 49C8E20D178BE981FF28523A942A570F ] mfevtp C:\WINDOWS\system32\mfevtps.exe

13:41:22.0046 0568 mfevtp - ok

13:41:22.0125 0568 Microsoft SharePoint Workspace Audit Service - ok

13:41:22.0156 0568 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

13:41:22.0234 0568 mnmdd - ok

13:41:22.0296 0568 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

13:41:22.0375 0568 mnmsrvc - ok

13:41:22.0406 0568 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

13:41:22.0500 0568 Modem - ok

13:41:22.0546 0568 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:41:22.0609 0568 Mouclass - ok

13:41:22.0625 0568 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:41:22.0703 0568 mouhid - ok

13:41:22.0734 0568 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

13:41:22.0796 0568 MountMgr - ok

13:41:22.0843 0568 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys

13:41:22.0906 0568 mraid35x - ok

13:41:22.0937 0568 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:41:23.0015 0568 MRxDAV - ok

13:41:23.0062 0568 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:41:23.0140 0568 MRxSmb - ok

13:41:23.0203 0568 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe

13:41:23.0218 0568 MSCamSvc - ok

13:41:23.0265 0568 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

13:41:23.0343 0568 MSDTC - ok

13:41:23.0390 0568 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys

13:41:23.0484 0568 MSDV - ok

13:41:23.0484 0568 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

13:41:23.0562 0568 Msfs - ok

13:41:23.0593 0568 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\WINDOWS\system32\Drivers\nx6000.sys

13:41:23.0609 0568 MSHUSBVideo - ok

13:41:23.0609 0568 MSIServer - ok

13:41:23.0671 0568 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:41:23.0750 0568 MSKSSRV - ok

13:41:23.0781 0568 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:41:23.0875 0568 MSPCLOCK - ok

13:41:23.0875 0568 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

13:41:23.0953 0568 MSPQM - ok

13:41:23.0984 0568 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:41:24.0062 0568 mssmbios - ok

13:41:24.0093 0568 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

13:41:24.0171 0568 MSTEE - ok

13:41:24.0218 0568 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

13:41:24.0250 0568 Mup - ok

13:41:24.0281 0568 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

13:41:24.0359 0568 NABTSFEC - ok

13:41:24.0390 0568 [ A467E1DEB3BB2B57426C8A5993BA933E ] NAL C:\WINDOWS\system32\Drivers\iqvw32.sys

13:41:24.0406 0568 NAL - ok

13:41:24.0453 0568 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

13:41:24.0531 0568 napagent - ok

13:41:24.0578 0568 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

13:41:24.0656 0568 NDIS - ok

13:41:24.0687 0568 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys

13:41:24.0750 0568 NdisIP - ok

13:41:24.0796 0568 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:41:24.0828 0568 NdisTapi - ok

13:41:24.0875 0568 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:41:24.0937 0568 Ndisuio - ok

13:41:24.0953 0568 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:41:25.0031 0568 NdisWan - ok

13:41:25.0078 0568 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

13:41:25.0140 0568 NDProxy - ok

13:41:25.0171 0568 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

13:41:25.0234 0568 NetBIOS - ok

13:41:25.0265 0568 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

13:41:25.0343 0568 NetBT - ok

13:41:25.0390 0568 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

13:41:25.0484 0568 NetDDE - ok

13:41:25.0500 0568 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

13:41:25.0578 0568 NetDDEdsdm - ok

13:41:25.0609 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

13:41:25.0687 0568 Netlogon - ok

13:41:25.0703 0568 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

13:41:25.0781 0568 Netman - ok

13:41:25.0828 0568 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:41:25.0843 0568 NetTcpPortSharing - ok

13:41:25.0968 0568 [ CFE1981A47A2F7650A1EF8917DC4D1C3 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys

13:41:26.0109 0568 NETw5x32 - ok

13:41:26.0156 0568 [ 785FE8EFB7038F5BE1E59ECD9FA37D21 ] NgFilter C:\WINDOWS\system32\DRIVERS\ngfilter.sys

13:41:26.0156 0568 NgFilter - ok

13:41:26.0187 0568 [ CF003A07F81F47DF1CEB89014A6FD3A9 ] NgLog C:\WINDOWS\system32\DRIVERS\nglog.sys

13:41:26.0187 0568 NgLog - ok

13:41:26.0234 0568 [ 545DC61FC2A350290774248C9F217EBB ] NgVpn C:\WINDOWS\system32\DRIVERS\ngvpn.sys

13:41:26.0250 0568 NgVpn - ok

13:41:26.0328 0568 [ 753B7586E6A192FC6ADA7DAF9DA68154 ] NgVpnMgr C:\WINDOWS\system32\ngvpnmgr.exe

13:41:26.0343 0568 NgVpnMgr ( UnsignedFile.Multi.Generic ) - warning

13:41:26.0343 0568 NgVpnMgr - detected UnsignedFile.Multi.Generic (1)

13:41:26.0375 0568 [ 5B377246043F6A483B247E8E7E321AF3 ] NgWfp C:\WINDOWS\system32\DRIVERS\ngwfp.sys

13:41:26.0375 0568 NgWfp - ok

13:41:26.0406 0568 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

13:41:26.0484 0568 NIC1394 - ok

13:41:26.0515 0568 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

13:41:26.0546 0568 Nla - ok

13:41:26.0578 0568 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

13:41:26.0656 0568 Npfs - ok

13:41:26.0703 0568 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

13:41:26.0796 0568 Ntfs - ok

13:41:26.0812 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

13:41:26.0890 0568 NtLmSsp - ok

13:41:26.0937 0568 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

13:41:27.0015 0568 NtmsSvc - ok

13:41:27.0046 0568 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

13:41:27.0109 0568 Null - ok

13:41:27.0484 0568 [ 18A012E8A546942E5AA45CA0D2F52FCB ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

13:41:28.0187 0568 nv - ok

13:41:28.0250 0568 [ E3C0F0D0DB96BFF169B0D7C33E2BA1AA ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

13:41:28.0265 0568 NVSvc - ok

13:41:28.0375 0568 [ 1C5B75CA579E6FC7A833DA91576FEED7 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

13:41:28.0468 0568 nvUpdatusService - ok

13:41:28.0531 0568 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:41:28.0625 0568 NwlnkFlt - ok

13:41:28.0640 0568 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:41:28.0718 0568 NwlnkFwd - ok

13:41:28.0843 0568 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:41:28.0875 0568 odserv - ok

13:41:28.0906 0568 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

13:41:28.0984 0568 ohci1394 - ok

13:41:29.0062 0568 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:41:29.0078 0568 ose - ok

13:41:29.0250 0568 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:41:29.0500 0568 osppsvc - ok

13:41:29.0562 0568 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys

13:41:29.0640 0568 Parport - ok

13:41:29.0656 0568 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

13:41:29.0718 0568 PartMgr - ok

13:41:29.0734 0568 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

13:41:29.0812 0568 ParVdm - ok

13:41:29.0859 0568 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\WINDOWS\system32\DRIVERS\PBADRV.sys

13:41:29.0859 0568 PBADRV - ok

13:41:29.0890 0568 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

13:41:29.0968 0568 PCI - ok

13:41:29.0984 0568 PCIDump - ok

13:41:30.0031 0568 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

13:41:30.0093 0568 PCIIde - ok

13:41:30.0109 0568 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

13:41:30.0171 0568 Pcmcia - ok

13:41:30.0187 0568 PDCOMP - ok

13:41:30.0218 0568 PDFRAME - ok

13:41:30.0234 0568 PDRELI - ok

13:41:30.0250 0568 PDRFRAME - ok

13:41:30.0281 0568 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys

13:41:30.0343 0568 perc2 - ok

13:41:30.0359 0568 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys

13:41:30.0421 0568 perc2hib - ok

13:41:30.0500 0568 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

13:41:30.0515 0568 PlugPlay - ok

13:41:30.0562 0568 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

13:41:30.0578 0568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

13:41:30.0578 0568 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

13:41:30.0578 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

13:41:30.0656 0568 PolicyAgent - ok

13:41:30.0671 0568 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:41:30.0734 0568 PptpMiniport - ok

13:41:30.0750 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

13:41:30.0812 0568 ProtectedStorage - ok

13:41:30.0828 0568 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

13:41:30.0890 0568 PSched - ok

13:41:30.0921 0568 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:41:31.0000 0568 Ptilink - ok

13:41:31.0015 0568 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

13:41:31.0015 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

13:41:31.0015 0568 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

13:41:31.0046 0568 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys

13:41:31.0125 0568 ql1080 - ok

13:41:31.0140 0568 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

13:41:31.0218 0568 Ql10wnt - ok

13:41:31.0234 0568 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys

13:41:31.0296 0568 ql12160 - ok

13:41:31.0312 0568 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys

13:41:31.0390 0568 ql1240 - ok

13:41:31.0437 0568 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys

13:41:31.0500 0568 ql1280 - ok

13:41:31.0531 0568 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:41:31.0593 0568 RasAcd - ok

13:41:31.0625 0568 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

13:41:31.0718 0568 RasAuto - ok

13:41:31.0734 0568 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:41:31.0812 0568 Rasl2tp - ok

13:41:31.0843 0568 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

13:41:31.0921 0568 RasMan - ok

13:41:31.0937 0568 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:41:32.0000 0568 RasPppoe - ok

13:41:32.0046 0568 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

13:41:32.0125 0568 Raspti - ok

13:41:32.0156 0568 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:41:32.0218 0568 Rdbss - ok

13:41:32.0234 0568 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:41:32.0296 0568 RDPCDD - ok

13:41:32.0328 0568 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:41:32.0406 0568 rdpdr - ok

13:41:32.0484 0568 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

13:41:32.0546 0568 RDPWD - ok

13:41:32.0593 0568 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

13:41:32.0671 0568 RDSessMgr - ok

13:41:32.0703 0568 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

13:41:32.0765 0568 redbook - ok

13:41:32.0828 0568 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

13:41:32.0921 0568 RemoteAccess - ok

13:41:32.0953 0568 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

13:41:33.0031 0568 RemoteRegistry - ok

13:41:33.0078 0568 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

13:41:33.0109 0568 rimmptsk - ok

13:41:33.0234 0568 [ D25FFAF83B458720023326342869F8EC ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

13:41:33.0265 0568 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning

13:41:33.0265 0568 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)

13:41:33.0328 0568 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

13:41:33.0390 0568 RpcLocator - ok

13:41:33.0453 0568 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

13:41:33.0500 0568 RpcSs - ok

13:41:33.0546 0568 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

13:41:33.0609 0568 RSVP - ok

13:41:33.0640 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

13:41:33.0703 0568 SamSs - ok

13:41:33.0734 0568 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

13:41:33.0812 0568 SCardSvr - ok

13:41:33.0828 0568 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

13:41:33.0906 0568 Schedule - ok

13:41:34.0000 0568 [ F92587354C74FED1074BBEC49DC0589D ] ScriptLogic CBM Service C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.10.255\CBM\ScriptLogic.CBM.Agent.exe

13:41:34.0062 0568 ScriptLogic CBM Service ( UnsignedFile.Multi.Generic ) - warning

13:41:34.0062 0568 ScriptLogic CBM Service - detected UnsignedFile.Multi.Generic (1)

13:41:34.0109 0568 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys

13:41:34.0187 0568 sdbus - ok

13:41:34.0218 0568 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:41:34.0265 0568 Secdrv - ok

13:41:34.0312 0568 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

13:41:34.0390 0568 seclogon - ok

13:41:34.0500 0568 [ E80163F46AE96CC0A05FB9F3F55DEB18 ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe

13:41:34.0531 0568 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning

13:41:34.0531 0568 SecureStorageService - detected UnsignedFile.Multi.Generic (1)

13:41:34.0546 0568 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

13:41:34.0625 0568 SENS - ok

13:41:34.0656 0568 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

13:41:34.0718 0568 Serenum - ok

13:41:34.0734 0568 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

13:41:34.0828 0568 Serial - ok

13:41:34.0906 0568 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

13:41:34.0968 0568 Sfloppy - ok

13:41:35.0031 0568 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

13:41:35.0125 0568 SharedAccess - ok

13:41:35.0140 0568 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

13:41:35.0156 0568 ShellHWDetection - ok

13:41:35.0171 0568 Simbad - ok

13:41:35.0218 0568 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys

13:41:35.0281 0568 sisagp - ok

13:41:35.0343 0568 [ F235006550706B67CA7CBAF12BDED4CC ] SLClient C:\Program Files\ScriptLogic\Desktop Authority\Client Files\8.10.255\SLClient.exe

13:41:35.0375 0568 SLClient - ok

13:41:35.0421 0568 [ 289F7CFB7E40FE60AB42C4E31C74D0C2 ] SLInstall c:\windows\system32\slinstall.exe

13:41:35.0500 0568 SLInstall - ok

13:41:35.0562 0568 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys

13:41:35.0625 0568 SLIP - ok

13:41:35.0718 0568 [ AF916F97671D188BF336CB47888DBEAE ] SMManager C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

13:41:35.0718 0568 SMManager ( UnsignedFile.Multi.Generic ) - warning

13:41:35.0718 0568 SMManager - detected UnsignedFile.Multi.Generic (1)

13:41:35.0765 0568 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys

13:41:35.0796 0568 Sparrow - ok

13:41:35.0843 0568 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

13:41:35.0906 0568 splitter - ok

13:41:35.0968 0568 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

13:41:36.0000 0568 Spooler - ok

13:41:36.0015 0568 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

13:41:36.0062 0568 sr - ok

13:41:36.0109 0568 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

13:41:36.0156 0568 srservice - ok

13:41:36.0187 0568 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

13:41:36.0265 0568 Srv - ok

13:41:36.0312 0568 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

13:41:36.0343 0568 SSDPSRV - ok

13:41:36.0468 0568 [ 12898D947CFCB36CB7A43E8F86A53CBC ] STacSV c:\drivers\audio\r190031\stacsv.exe

13:41:36.0484 0568 STacSV - ok

13:41:36.0531 0568 [ 503A4536C83E041DDCDF75B38CD5ECF7 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys

13:41:36.0656 0568 STHDA - ok

13:41:36.0703 0568 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

13:41:36.0812 0568 stisvc - ok

13:41:36.0875 0568 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

13:41:36.0875 0568 stllssvr ( UnsignedFile.Multi.Generic ) - warning

13:41:36.0875 0568 stllssvr - detected UnsignedFile.Multi.Generic (1)

13:41:36.0906 0568 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys

13:41:36.0984 0568 streamip - ok

13:41:37.0015 0568 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

13:41:37.0078 0568 swenum - ok

13:41:37.0125 0568 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

13:41:37.0203 0568 swmidi - ok

13:41:37.0218 0568 SwPrv - ok

13:41:37.0281 0568 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys

13:41:37.0343 0568 symc810 - ok

13:41:37.0375 0568 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys

13:41:37.0453 0568 symc8xx - ok

13:41:37.0468 0568 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys

[lynnejm]

13:41:37.0531 0568 sym_hi - ok

13:41:37.0562 0568 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys

13:41:37.0640 0568 sym_u3 - ok

13:41:37.0671 0568 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

13:41:37.0734 0568 sysaudio - ok

13:41:37.0781 0568 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

13:41:37.0843 0568 SysmonLog - ok

13:41:37.0890 0568 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

13:41:37.0953 0568 TapiSrv - ok

13:41:38.0000 0568 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:41:38.0015 0568 Tcpip - ok

13:41:38.0093 0568 [ BA9202E263A6FC1FFD7889FEA186A2C4 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

13:41:38.0171 0568 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning

13:41:38.0171 0568 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)

13:41:38.0250 0568 [ EA63BF38938AD9917BEB1846D6D15C84 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

13:41:38.0281 0568 TdmService ( UnsignedFile.Multi.Generic ) - warning

13:41:38.0281 0568 TdmService - detected UnsignedFile.Multi.Generic (1)

13:41:38.0328 0568 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

13:41:38.0406 0568 TDPIPE - ok

13:41:38.0421 0568 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

13:41:38.0531 0568 TDTCP - ok

13:41:38.0562 0568 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

13:41:38.0625 0568 TermDD - ok

13:41:38.0671 0568 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

13:41:38.0750 0568 TermService - ok

13:41:38.0781 0568 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

13:41:38.0781 0568 Themes - ok

13:41:38.0828 0568 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

13:41:38.0859 0568 TlntSvr - ok

13:41:38.0875 0568 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys

13:41:38.0937 0568 TosIde - ok

13:41:38.0968 0568 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

13:41:39.0046 0568 TrkWks - ok

13:41:39.0093 0568 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

13:41:39.0156 0568 Udfs - ok

13:41:39.0203 0568 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys

13:41:39.0250 0568 ultra - ok

13:41:39.0281 0568 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

13:41:39.0359 0568 Update - ok

13:41:39.0390 0568 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

13:41:39.0453 0568 upnphost - ok

13:41:39.0468 0568 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

13:41:39.0531 0568 UPS - ok

13:41:39.0593 0568 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

13:41:39.0687 0568 usbaudio - ok

13:41:39.0750 0568 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys

13:41:39.0812 0568 usbbus - ok

13:41:39.0859 0568 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:41:39.0875 0568 usbccgp - ok

13:41:39.0921 0568 [ 2825E0E294686A26506690059E1F437A ] USBCCID C:\WINDOWS\system32\DRIVERS\usbccid.sys

13:41:39.0953 0568 USBCCID - ok

13:41:39.0984 0568 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys

13:41:40.0000 0568 UsbDiag - ok

13:41:40.0046 0568 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:41:40.0125 0568 usbehci - ok

13:41:40.0171 0568 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:41:40.0250 0568 usbhub - ok

13:41:40.0328 0568 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

13:41:40.0343 0568 USBModem - ok

13:41:40.0406 0568 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:41:40.0468 0568 usbprint - ok

13:41:40.0515 0568 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

13:41:40.0593 0568 usbscan - ok

13:41:40.0640 0568 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:41:40.0703 0568 USBSTOR - ok

13:41:40.0734 0568 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:41:40.0812 0568 usbuhci - ok

13:41:40.0875 0568 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys

13:41:40.0937 0568 usbvideo - ok

13:41:40.0984 0568 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

13:41:41.0046 0568 VgaSave - ok

13:41:41.0078 0568 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys

13:41:41.0156 0568 viaagp - ok

13:41:41.0187 0568 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

13:41:41.0281 0568 ViaIde - ok

13:41:41.0343 0568 [ AFB10AD9AA91D2F70C9F0E6BDA0D119B ] vmusb C:\WINDOWS\system32\Drivers\vmusb.sys

13:41:41.0343 0568 vmusb - ok

13:41:41.0531 0568 [ D6B4D14A96C58FC68805DE67C8DCCF80 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

13:41:41.0578 0568 VMUSBArbService - ok

13:41:41.0687 0568 [ F939341BF1846C5FB1B3614D5FEE32B8 ] vmware-view-usbd C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe

13:41:41.0828 0568 vmware-view-usbd ( UnsignedFile.Multi.Generic ) - warning

13:41:41.0828 0568 vmware-view-usbd - detected UnsignedFile.Multi.Generic (1)

13:41:41.0859 0568 vmwvusb - ok

13:41:41.0906 0568 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

13:41:41.0968 0568 VolSnap - ok

13:41:42.0031 0568 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

13:41:42.0062 0568 VSS - ok

13:41:42.0093 0568 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll

13:41:42.0171 0568 w32time - ok

13:41:42.0218 0568 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:41:42.0296 0568 Wanarp - ok

13:41:42.0359 0568 [ 0BE8DD6C95C5BDFF9C5F3FA8095D304C ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys

13:41:42.0375 0568 WavxDMgr - ok

13:41:42.0421 0568 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

13:41:42.0437 0568 Wdf01000 - ok

13:41:42.0453 0568 WDICA - ok

13:41:42.0484 0568 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

13:41:42.0562 0568 wdmaud - ok

13:41:42.0578 0568 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

13:41:42.0656 0568 WebClient - ok

13:41:42.0750 0568 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

13:41:42.0812 0568 winmgmt - ok

13:41:42.0890 0568 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

13:41:42.0937 0568 WmdmPmSN - ok

13:41:43.0000 0568 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

13:41:43.0015 0568 Wmi - ok

13:41:43.0078 0568 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

13:41:43.0140 0568 WmiAcpi - ok

13:41:43.0187 0568 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:41:43.0250 0568 WmiApSrv - ok

13:41:43.0359 0568 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

13:41:43.0421 0568 WMPNetworkSvc - ok

13:41:43.0453 0568 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

13:41:43.0515 0568 WS2IFSL - ok

13:41:43.0593 0568 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

13:41:43.0656 0568 wscsvc - ok

13:41:43.0765 0568 [ EA21558D53933880F6A3CD9F6462D482 ] wsnm C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

13:41:43.0843 0568 wsnm - ok

13:41:43.0859 0568 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

13:41:43.0937 0568 WSTCODEC - ok

13:41:43.0953 0568 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

13:41:44.0046 0568 wuauserv - ok

13:41:44.0093 0568 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:41:44.0140 0568 WudfPf - ok

13:41:44.0156 0568 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:41:44.0187 0568 WudfRd - ok

13:41:44.0218 0568 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

13:41:44.0218 0568 WudfSvc - ok

13:41:44.0265 0568 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

13:41:44.0359 0568 WZCSVC - ok

13:41:44.0406 0568 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

13:41:44.0468 0568 xmlprov - ok

13:41:44.0515 0568 ================ Scan global ===============================

13:41:44.0562 0568 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

13:41:44.0578 0568 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

13:41:44.0593 0568 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

13:41:44.0625 0568 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

13:41:44.0625 0568 [Global] - ok

13:41:44.0625 0568 ================ Scan MBR ==================================

13:41:44.0656 0568 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

13:41:44.0968 0568 \Device\Harddisk0\DR0 - ok

13:41:44.0968 0568 ================ Scan VBR ==================================

13:41:44.0984 0568 [ 3102809BBEFAD2C543145D23726BA134 ] \Device\Harddisk0\DR0\Partition1

13:41:44.0984 0568 \Device\Harddisk0\DR0\Partition1 - ok

13:41:45.0000 0568 ================ Scan active images ========================

13:41:45.0000 0568 [ 10CBD2B278CE365B41DE378632CB5DDB ] C:\WINDOWS\system32\drivers\e1y5132.sys

13:41:45.0000 0568 C:\WINDOWS\system32\drivers\e1y5132.sys - ok

13:41:45.0031 0568 [ 810834AA294A79B3B718EF55A6A58A48 ] C:\WINDOWS\system32\drivers\usbport.sys

13:41:45.0031 0568 C:\WINDOWS\system32\drivers\usbport.sys - ok

13:41:45.0046 0568 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys

13:41:45.0046 0568 C:\WINDOWS\system32\drivers\usbuhci.sys - ok

13:41:45.0062 0568 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys

13:41:45.0062 0568 C:\WINDOWS\system32\drivers\usbehci.sys - ok

13:41:45.0093 0568 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys

13:41:45.0093 0568 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok

13:41:45.0109 0568 [ CFE1981A47A2F7650A1EF8917DC4D1C3 ] C:\WINDOWS\system32\drivers\NETw5x32.sys

13:41:45.0109 0568 C:\WINDOWS\system32\drivers\NETw5x32.sys - ok

13:41:45.0140 0568 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] C:\WINDOWS\system32\drivers\rimmptsk.sys

13:41:45.0140 0568 C:\WINDOWS\system32\drivers\rimmptsk.sys - ok

13:41:45.0156 0568 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys

13:41:45.0156 0568 C:\WINDOWS\system32\drivers\i8042prt.sys - ok

13:41:45.0171 0568 [ 1DE27858A431A5749E0F3DF54BA935B9 ] C:\WINDOWS\system32\drivers\Apfiltr.sys

13:41:45.0171 0568 C:\WINDOWS\system32\drivers\Apfiltr.sys - ok

13:41:45.0187 0568 [ 399C974DDA25FD3E59F22BAB787F662B ] C:\WINDOWS\system32\drivers\wdfldr.sys

13:41:45.0187 0568 C:\WINDOWS\system32\drivers\wdfldr.sys - ok

13:41:45.0203 0568 [ D918617B46457B9AC28027722E30F647 ] C:\WINDOWS\system32\drivers\wdf01000.sys

13:41:45.0203 0568 C:\WINDOWS\system32\drivers\wdf01000.sys - ok

13:41:45.0234 0568 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys

13:41:45.0234 0568 C:\WINDOWS\system32\drivers\mouclass.sys - ok

13:41:45.0250 0568 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys

13:41:45.0250 0568 C:\WINDOWS\system32\drivers\kbdclass.sys - ok

13:41:45.0265 0568 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys

13:41:45.0265 0568 C:\WINDOWS\system32\drivers\imapi.sys - ok

13:41:45.0296 0568 [ 5230CDB7E715F3A3B4A882E254CDD35D ] C:\WINDOWS\system32\drivers\DLACDBHM.SYS

13:41:45.0296 0568 C:\WINDOWS\system32\drivers\DLACDBHM.SYS - ok

13:41:45.0312 0568 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys

13:41:45.0312 0568 C:\WINDOWS\system32\drivers\cdrom.sys - ok

13:41:45.0343 0568 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys

13:41:45.0343 0568 C:\WINDOWS\system32\drivers\ks.sys - ok

13:41:45.0359 0568 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys

13:41:45.0359 0568 C:\WINDOWS\system32\drivers\redbook.sys - ok

13:41:45.0375 0568 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys

13:41:45.0375 0568 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok

13:41:45.0406 0568 [ 545DC61FC2A350290774248C9F217EBB ] C:\WINDOWS\system32\drivers\ngvpn.sys

13:41:45.0406 0568 C:\WINDOWS\system32\drivers\ngvpn.sys - ok

13:41:45.0421 0568 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys

13:41:45.0421 0568 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok

13:41:45.0437 0568 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys

13:41:45.0437 0568 C:\WINDOWS\system32\drivers\tdi.sys - ok

13:41:45.0453 0568 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys

13:41:45.0453 0568 C:\WINDOWS\system32\drivers\ndistapi.sys - ok

13:41:45.0468 0568 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys

13:41:45.0468 0568 C:\WINDOWS\system32\drivers\ndiswan.sys - ok

13:41:45.0500 0568 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys

13:41:45.0500 0568 C:\WINDOWS\system32\drivers\psched.sys - ok

13:41:45.0515 0568 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys

13:41:45.0515 0568 C:\WINDOWS\system32\drivers\raspppoe.sys - ok

13:41:45.0531 0568 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys

13:41:45.0531 0568 C:\WINDOWS\system32\drivers\raspptp.sys - ok

13:41:45.0562 0568 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys

13:41:45.0562 0568 C:\WINDOWS\system32\drivers\msgpc.sys - ok

13:41:45.0578 0568 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys

13:41:45.0578 0568 C:\WINDOWS\system32\drivers\ptilink.sys - ok

13:41:45.0609 0568 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys

13:41:45.0609 0568 C:\WINDOWS\system32\drivers\raspti.sys - ok

13:41:45.0625 0568 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys

13:41:45.0625 0568 C:\WINDOWS\system32\drivers\rdpdr.sys - ok

13:41:45.0640 0568 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys

13:41:45.0640 0568 C:\WINDOWS\system32\drivers\swenum.sys - ok

13:41:45.0671 0568 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys

13:41:45.0671 0568 C:\WINDOWS\system32\drivers\termdd.sys - ok

13:41:45.0671 0568 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys

13:41:45.0671 0568 C:\WINDOWS\system32\drivers\update.sys - ok

13:41:45.0703 0568 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys

13:41:45.0703 0568 C:\WINDOWS\system32\drivers\mssmbios.sys - ok

13:41:45.0718 0568 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys

13:41:45.0718 0568 C:\WINDOWS\system32\drivers\ndproxy.sys - ok

13:41:45.0734 0568 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys

13:41:45.0734 0568 C:\WINDOWS\system32\drivers\usbd.sys - ok

13:41:45.0765 0568 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys

13:41:45.0765 0568 C:\WINDOWS\system32\drivers\usbhub.sys - ok

13:41:45.0781 0568 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys

13:41:45.0781 0568 C:\WINDOWS\system32\drivers\fdc.sys - ok

13:41:45.0796 0568 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys

13:41:45.0796 0568 C:\WINDOWS\system32\drivers\flpydisk.sys - ok

13:41:45.0828 0568 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys

13:41:45.0828 0568 C:\WINDOWS\system32\drivers\sfloppy.sys - ok

13:41:45.0843 0568 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys

13:41:45.0843 0568 C:\WINDOWS\system32\drivers\cdaudio.sys - ok

13:41:45.0875 0568 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys

13:41:45.0875 0568 C:\WINDOWS\system32\drivers\fs_rec.sys - ok

13:41:45.0890 0568 [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys

13:41:45.0890 0568 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok

13:41:45.0906 0568 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys

13:41:45.0906 0568 C:\WINDOWS\system32\drivers\beep.sys - ok

13:41:45.0921 0568 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys

13:41:45.0921 0568 C:\WINDOWS\system32\drivers\null.sys - ok

13:41:45.0937 0568 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] C:\WINDOWS\system32\drivers\DLARTL_M.SYS

13:41:45.0937 0568 C:\WINDOWS\system32\drivers\DLARTL_M.SYS - ok

13:41:45.0968 0568 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys

13:41:45.0968 0568 C:\WINDOWS\system32\drivers\videoprt.sys - ok

13:41:45.0984 0568 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys

13:41:45.0984 0568 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok

13:41:46.0000 0568 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys

13:41:46.0000 0568 C:\WINDOWS\system32\drivers\vga.sys - ok

13:41:46.0031 0568 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys

13:41:46.0031 0568 C:\WINDOWS\system32\drivers\ipsec.sys - ok

13:41:46.0046 0568 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys

13:41:46.0046 0568 C:\WINDOWS\system32\drivers\msfs.sys - ok

13:41:46.0062 0568 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys

13:41:46.0062 0568 C:\WINDOWS\system32\drivers\npfs.sys - ok

13:41:46.0093 0568 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys

13:41:46.0093 0568 C:\WINDOWS\system32\drivers\rasacd.sys - ok

13:41:46.0109 0568 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys

13:41:46.0109 0568 C:\WINDOWS\system32\drivers\tcpip.sys - ok

13:41:46.0125 0568 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys

13:41:46.0125 0568 C:\WINDOWS\system32\drivers\ipnat.sys - ok

13:41:46.0156 0568 [ 97EF4CA122DDDA4781FF557E65DFB262 ] C:\WINDOWS\system32\drivers\mfetdi2k.sys

13:41:46.0156 0568 C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok

13:41:46.0171 0568 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys

13:41:46.0171 0568 C:\WINDOWS\system32\drivers\netbt.sys - ok

13:41:46.0187 0568 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys

13:41:46.0187 0568 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok

13:41:46.0203 0568 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys

13:41:46.0203 0568 C:\WINDOWS\system32\drivers\afd.sys - ok

13:41:46.0234 0568 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys

13:41:46.0234 0568 C:\WINDOWS\system32\drivers\netbios.sys - ok

13:41:46.0250 0568 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys

13:41:46.0250 0568 C:\WINDOWS\system32\drivers\rdbss.sys - ok

13:41:46.0265 0568 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys

13:41:46.0265 0568 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok

13:41:46.0296 0568 [ C18D6C74953621346DF6B0A11F80C1CC ] C:\WINDOWS\system32\drivers\usbccgp.sys

13:41:46.0296 0568 C:\WINDOWS\system32\drivers\usbccgp.sys - ok

13:41:46.0312 0568 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe

13:41:46.0312 0568 C:\WINDOWS\system32\smss.exe - ok

13:41:46.0328 0568 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll

13:41:46.0328 0568 C:\WINDOWS\system32\ntdll.dll - ok

13:41:46.0359 0568 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe

13:41:46.0359 0568 C:\WINDOWS\system32\autochk.exe - ok

13:41:46.0375 0568 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll

13:41:46.0375 0568 C:\WINDOWS\system32\sfcfiles.dll - ok

13:41:46.0390 0568 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys

13:41:46.0390 0568 C:\WINDOWS\system32\drivers\cdfs.sys - ok

13:41:46.0421 0568 [ 692830B048AACD7E0D6EDEDF098ACC01 ] C:\WINDOWS\system32\drivers\iaStor.sys

13:41:46.0421 0568 C:\WINDOWS\system32\drivers\iaStor.sys - ok

13:41:46.0437 0568 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys

13:41:46.0437 0568 C:\WINDOWS\system32\drivers\dxapi.sys - ok

13:41:46.0453 0568 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys

13:41:46.0453 0568 C:\WINDOWS\system32\watchdog.sys - ok

13:41:46.0468 0568 [ DFF851C4D8977A26F95B929A0B89BB5D ] C:\WINDOWS\system32\win32k.sys

13:41:46.0468 0568 C:\WINDOWS\system32\win32k.sys - ok

13:41:46.0500 0568 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll

13:41:46.0500 0568 C:\WINDOWS\system32\csrsrv.dll - ok

13:41:46.0515 0568 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe

13:41:46.0515 0568 C:\WINDOWS\system32\csrss.exe - ok

13:41:46.0531 0568 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

13:41:46.0531 0568 C:\WINDOWS\system32\basesrv.dll - ok

13:41:46.0562 0568 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

13:41:46.0562 0568 C:\WINDOWS\system32\winsrv.dll - ok

13:41:46.0578 0568 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll

13:41:46.0578 0568 C:\WINDOWS\system32\gdi32.dll - ok

13:41:46.0593 0568 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll

13:41:46.0593 0568 C:\WINDOWS\system32\kernel32.dll - ok

13:41:46.0625 0568 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll

13:41:46.0625 0568 C:\WINDOWS\system32\user32.dll - ok

13:41:46.0640 0568 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys

13:41:46.0640 0568 C:\WINDOWS\system32\drivers\dxg.sys - ok

13:41:46.0656 0568 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys

13:41:46.0656 0568 C:\WINDOWS\system32\drivers\dxgthk.sys - ok

13:41:46.0671 0568 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll

13:41:46.0671 0568 C:\WINDOWS\system32\vga.dll - ok

13:41:46.0687 0568 [ C669A8B0A436641AAD3C2EADA780CBB9 ] C:\WINDOWS\system32\framebuf.dll

13:41:46.0703 0568 C:\WINDOWS\system32\framebuf.dll - ok

13:41:46.0718 0568 [ 1FB5E4AD68B9091148D2A28CF6831D77 ] C:\WINDOWS\system32\vga256.dll

13:41:46.0718 0568 C:\WINDOWS\system32\vga256.dll - ok

13:41:46.0734 0568 [ D5A9D4E5DFD788A5F427DEC60A278FBD ] C:\WINDOWS\system32\vga64k.dll

13:41:46.0734 0568 C:\WINDOWS\system32\vga64k.dll - ok

13:41:46.0765 0568 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe

13:41:46.0765 0568 C:\WINDOWS\system32\winlogon.exe - ok

13:41:46.0781 0568 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll

13:41:46.0781 0568 C:\WINDOWS\system32\advapi32.dll - ok

13:41:46.0796 0568 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll

13:41:46.0796 0568 C:\WINDOWS\system32\rpcrt4.dll - ok

13:41:46.0828 0568 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll

13:41:46.0828 0568 C:\WINDOWS\system32\secur32.dll - ok

13:41:46.0843 0568 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll

13:41:46.0843 0568 C:\WINDOWS\system32\authz.dll - ok

13:41:46.0859 0568 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll

13:41:46.0859 0568 C:\WINDOWS\system32\msvcrt.dll - ok

13:41:46.0890 0568 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll

13:41:46.0890 0568 C:\WINDOWS\system32\crypt32.dll - ok

13:41:46.0906 0568 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll

13:41:46.0906 0568 C:\WINDOWS\system32\msasn1.dll - ok

13:41:46.0921 0568 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll

13:41:46.0921 0568 C:\WINDOWS\system32\nddeapi.dll - ok

13:41:46.0937 0568 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll

13:41:46.0937 0568 C:\WINDOWS\system32\profmap.dll - ok

13:41:46.0953 0568 [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll

13:41:46.0953 0568 C:\WINDOWS\system32\netapi32.dll - ok

13:41:46.0984 0568 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll

13:41:46.0984 0568 C:\WINDOWS\system32\userenv.dll - ok

13:41:47.0000 0568 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll

13:41:47.0000 0568 C:\WINDOWS\system32\psapi.dll - ok

13:41:47.0031 0568 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll

13:41:47.0031 0568 C:\WINDOWS\system32\regapi.dll - ok

13:41:47.0046 0568 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll

13:41:47.0046 0568 C:\WINDOWS\system32\setupapi.dll - ok

13:41:47.0062 0568 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll

13:41:47.0062 0568 C:\WINDOWS\system32\version.dll - ok

13:41:47.0093 0568 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll

13:41:47.0093 0568 C:\WINDOWS\system32\winsta.dll - ok

13:41:47.0109 0568 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll

13:41:47.0109 0568 C:\WINDOWS\system32\imagehlp.dll - ok

13:41:47.0125 0568 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll

13:41:47.0125 0568 C:\WINDOWS\system32\wintrust.dll - ok

13:41:47.0156 0568 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll

13:41:47.0156 0568 C:\WINDOWS\system32\ws2_32.dll - ok

13:41:47.0171 0568 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll

13:41:47.0171 0568 C:\WINDOWS\system32\ws2help.dll - ok

13:41:47.0187 0568 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll

13:41:47.0187 0568 C:\WINDOWS\system32\imm32.dll - ok

13:41:47.0203 0568 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll

13:41:47.0203 0568 C:\WINDOWS\system32\kbdus.dll - ok

13:41:47.0218 0568 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll

13:41:47.0218 0568 C:\WINDOWS\system32\msgina.dll - ok

13:41:47.0250 0568 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll

13:41:47.0250 0568 C:\WINDOWS\system32\comctl32.dll - ok

13:41:47.0265 0568 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll

13:41:47.0265 0568 C:\WINDOWS\system32\comdlg32.dll - ok

13:41:47.0296 0568 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll

13:41:47.0296 0568 C:\WINDOWS\system32\odbc32.dll - ok

13:41:47.0312 0568 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll

13:41:47.0312 0568 C:\WINDOWS\system32\shell32.dll - ok

13:41:47.0328 0568 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll

13:41:47.0328 0568 C:\WINDOWS\system32\shlwapi.dll - ok

13:41:47.0359 0568 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll

13:41:47.0359 0568 C:\WINDOWS\system32\sxs.dll - ok

13:41:47.0375 0568 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

13:41:47.0375 0568 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

13:41:47.0390 0568 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll

13:41:47.0390 0568 C:\WINDOWS\system32\odbcint.dll - ok

13:41:47.0421 0568 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll

13:41:47.0421 0568 C:\WINDOWS\system32\sfc.dll - ok

13:41:47.0421 0568 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll

13:41:47.0421 0568 C:\WINDOWS\system32\shsvcs.dll - ok

13:41:47.0453 0568 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll

13:41:47.0453 0568 C:\WINDOWS\system32\sfc_os.dll - ok

13:41:47.0468 0568 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll

13:41:47.0468 0568 C:\WINDOWS\system32\ole32.dll - ok

13:41:47.0484 0568 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll

13:41:47.0484 0568 C:\WINDOWS\system32\apphelp.dll - ok

13:41:47.0515 0568 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

13:41:47.0515 0568 C:\WINDOWS\system32\services.exe - ok

13:41:47.0531 0568 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe

13:41:47.0531 0568 C:\WINDOWS\system32\lsass.exe - ok

13:41:47.0546 0568 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll

13:41:47.0546 0568 C:\WINDOWS\system32\msvcp60.dll - ok

13:41:47.0578 0568 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll

13:41:47.0578 0568 C:\WINDOWS\system32\ncobjapi.dll - ok

13:41:47.0593 0568 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll

13:41:47.0593 0568 C:\WINDOWS\system32\lsasrv.dll - ok

13:41:47.0625 0568 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll

13:41:47.0625 0568 C:\WINDOWS\system32\scesrv.dll - ok

13:41:47.0640 0568 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll

13:41:47.0640 0568 C:\WINDOWS\system32\mpr.dll - ok

13:41:47.0656 0568 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll

13:41:47.0656 0568 C:\WINDOWS\system32\umpnpmgr.dll - ok

13:41:47.0671 0568 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll

13:41:47.0671 0568 C:\WINDOWS\system32\ntdsapi.dll - ok

13:41:47.0687 0568 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll

13:41:47.0687 0568 C:\WINDOWS\system32\dnsapi.dll - ok

13:41:47.0718 0568 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll

13:41:47.0718 0568 C:\WINDOWS\system32\shimeng.dll - ok

13:41:47.0734 0568 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll

13:41:47.0734 0568 C:\WINDOWS\system32\wldap32.dll - ok

13:41:47.0750 0568 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll

13:41:47.0750 0568 C:\WINDOWS\AppPatch\AcAdProc.dll - ok

13:41:47.0781 0568 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll

13:41:47.0781 0568 C:\WINDOWS\system32\samlib.dll - ok

13:41:47.0796 0568 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll

13:41:47.0796 0568 C:\WINDOWS\system32\samsrv.dll - ok

13:41:47.0812 0568 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll

13:41:47.0812 0568 C:\WINDOWS\AppPatch\AcGenral.dll - ok

13:41:47.0843 0568 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll

13:41:47.0843 0568 C:\WINDOWS\system32\cryptdll.dll - ok

13:41:47.0859 0568 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll

13:41:47.0859 0568 C:\WINDOWS\system32\winmm.dll - ok

13:41:47.0890 0568 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll

13:41:47.0890 0568 C:\WINDOWS\system32\oleaut32.dll - ok

13:41:47.0906 0568 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll

13:41:47.0906 0568 C:\WINDOWS\system32\msacm32.dll - ok

13:41:47.0921 0568 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll

13:41:47.0921 0568 C:\WINDOWS\system32\uxtheme.dll - ok

13:41:47.0937 0568 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll

13:41:47.0937 0568 C:\WINDOWS\system32\msapsspc.dll - ok

13:41:47.0953 0568 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll

13:41:47.0953 0568 C:\WINDOWS\system32\msvcrt40.dll - ok

13:41:47.0984 0568 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll

13:41:47.0984 0568 C:\WINDOWS\system32\digest.dll - ok

13:41:48.0000 0568 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll

13:41:48.0000 0568 C:\WINDOWS\system32\schannel.dll - ok

13:41:48.0015 0568 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll

13:41:48.0015 0568 C:\WINDOWS\system32\msnsspc.dll - ok

13:41:48.0046 0568 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME

13:41:48.0046 0568 C:\WINDOWS\system32\MSCTFIME.IME - ok

13:41:48.0062 0568 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll

13:41:48.0062 0568 C:\WINDOWS\system32\msprivs.dll - ok

13:41:48.0078 0568 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll

13:41:48.0078 0568 C:\WINDOWS\system32\kerberos.dll - ok

13:41:48.0109 0568 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll

13:41:48.0109 0568 C:\WINDOWS\system32\msv1_0.dll - ok

13:41:48.0125 0568 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll

13:41:48.0125 0568 C:\WINDOWS\system32\iphlpapi.dll - ok

13:41:48.0156 0568 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll

13:41:48.0156 0568 C:\WINDOWS\system32\netlogon.dll - ok

13:41:48.0171 0568 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll

13:41:48.0171 0568 C:\WINDOWS\system32\w32time.dll - ok

13:41:48.0187 0568 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll

13:41:48.0187 0568 C:\WINDOWS\system32\wdigest.dll - ok

13:41:48.0203 0568 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll

13:41:48.0203 0568 C:\WINDOWS\system32\atmfd.dll - ok

13:41:48.0218 0568 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll

13:41:48.0218 0568 C:\WINDOWS\system32\rsaenh.dll - ok

13:41:48.0250 0568 [ 400CFC6FA47FC7B0B3B3A01B2CA56F95 ] C:\WINDOWS\system32\wsauth.dll

13:41:48.0250 0568 C:\WINDOWS\system32\wsauth.dll - ok

13:41:48.0265 0568 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll

13:41:48.0265 0568 C:\WINDOWS\system32\wtsapi32.dll - ok

13:41:48.0281 0568 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll

13:41:48.0281 0568 C:\WINDOWS\system32\cryptui.dll - ok

13:41:48.0312 0568 [ 6B1774334E2975AA60596E54F5EA1430 ] C:\WINDOWS\system32\wininet.dll

13:41:48.0312 0568 C:\WINDOWS\system32\wininet.dll - ok

13:41:48.0328 0568 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll

13:41:48.0328 0568 C:\WINDOWS\system32\normaliz.dll - ok

13:41:48.0343 0568 [ FDF44991CB9A33C901FFCBDF19CE95BE ] C:\WINDOWS\system32\urlmon.dll

13:41:48.0343 0568 C:\WINDOWS\system32\urlmon.dll - ok

13:41:48.0375 0568 [ AD850C33A8AC45CF66574E62D1645272 ] C:\WINDOWS\system32\iertutil.dll

13:41:48.0375 0568 C:\WINDOWS\system32\iertutil.dll - ok

13:41:48.0390 0568 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll

13:41:48.0390 0568 C:\WINDOWS\system32\riched20.dll - ok

13:41:48.0421 0568 [ 8E822282D929C06DF8CFCB89A6FF8C13 ] C:\WINDOWS\system32\wvauth.dll

13:41:48.0421 0568 C:\WINDOWS\system32\wvauth.dll - ok

13:41:48.0421 0568 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll

13:41:48.0421 0568 C:\WINDOWS\system32\winscard.dll - ok

13:41:48.0453 0568 [ 95B8AD699DB4ACCDACE81BAAB7A5CCA1 ] C:\WINDOWS\system32\biolsp.dll

13:41:48.0453 0568 C:\WINDOWS\system32\biolsp.dll - ok

13:41:48.0468 0568 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll

13:41:48.0468 0568 C:\WINDOWS\system32\activeds.dll - ok

13:41:48.0484 0568 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll

13:41:48.0484 0568 C:\WINDOWS\system32\adsldpc.dll - ok

13:41:48.0515 0568 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll

13:41:48.0515 0568 C:\WINDOWS\system32\atl.dll - ok

13:41:48.0531 0568 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll

13:41:48.0531 0568 C:\WINDOWS\system32\scecli.dll - ok

13:41:48.0546 0568 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe

13:41:48.0546 0568 C:\WINDOWS\system32\svchost.exe - ok

13:41:48.0578 0568 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll

13:41:48.0578 0568 C:\WINDOWS\system32\ntmarta.dll - ok

13:41:48.0593 0568 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll

13:41:48.0593 0568 C:\WINDOWS\system32\rpcss.dll - ok

13:41:48.0609 0568 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll

13:41:48.0609 0568 C:\WINDOWS\system32\xpsp2res.dll - ok

13:41:48.0640 0568 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll

13:41:48.0640 0568 C:\WINDOWS\system32\eventlog.dll - ok

13:41:48.0656 0568 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll

13:41:48.0656 0568 C:\WINDOWS\system32\mswsock.dll - ok

13:41:48.0671 0568 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll

13:41:48.0671 0568 C:\WINDOWS\system32\hnetcfg.dll - ok

13:41:48.0687 0568 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll

13:41:48.0687 0568 C:\WINDOWS\system32\wshtcpip.dll - ok

13:41:48.0718 0568 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll

13:41:48.0718 0568 C:\WINDOWS\system32\winrnr.dll - ok

13:41:48.0734 0568 [ 1F5A570AD942DFCFE4500326ABDD72B2 ] C:\Program Files\Bonjour\mdnsNSP.dll

13:41:48.0734 0568 C:\Program Files\Bonjour\mdnsNSP.dll - ok

13:41:48.0750 0568 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll

13:41:48.0750 0568 C:\WINDOWS\system32\rasadhlp.dll - ok

13:41:48.0781 0568 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys

13:41:48.0781 0568 C:\WINDOWS\system32\drivers\ndisuio.sys - ok

13:41:48.0796 0568 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll

13:41:48.0796 0568 C:\WINDOWS\system32\dhcpcsvc.dll - ok

13:41:48.0812 0568 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll

13:41:48.0812 0568 C:\WINDOWS\system32\dnsrslvr.dll - ok

13:41:48.0843 0568 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll

13:41:48.0843 0568 C:\WINDOWS\system32\lmhsvc.dll - ok

13:41:48.0859 0568 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll

13:41:48.0859 0568 C:\WINDOWS\system32\wzcsvc.dll - ok

13:41:48.0875 0568 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll

13:41:48.0890 0568 C:\WINDOWS\system32\eapolqec.dll - ok

13:41:48.0906 0568 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll

13:41:48.0906 0568 C:\WINDOWS\system32\rtutils.dll - ok

13:41:48.0921 0568 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll

13:41:48.0921 0568 C:\WINDOWS\system32\wmi.dll - ok

13:41:48.0937 0568 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll

13:41:48.0937 0568 C:\WINDOWS\system32\qutil.dll - ok

13:41:48.0953 0568 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll

13:41:48.0953 0568 C:\WINDOWS\system32\dot3api.dll - ok

13:41:48.0984 0568 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll

13:41:48.0984 0568 C:\WINDOWS\system32\esent.dll - ok

13:41:49.0000 0568 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll

13:41:49.0000 0568 C:\WINDOWS\system32\clbcatq.dll - ok

13:41:49.0015 0568 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll

13:41:49.0015 0568 C:\WINDOWS\system32\comres.dll - ok

13:41:49.0046 0568 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll

13:41:49.0046 0568 C:\WINDOWS\system32\mlang.dll - ok

13:41:49.0062 0568 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll

13:41:49.0062 0568 C:\WINDOWS\system32\wzcsapi.dll - ok

13:41:49.0078 0568 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll

13:41:49.0078 0568 C:\WINDOWS\system32\xmlprovi.dll - ok

13:41:49.0109 0568 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll

13:41:49.0109 0568 C:\WINDOWS\system32\rastls.dll - ok

13:41:49.0125 0568 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll

13:41:49.0125 0568 C:\WINDOWS\system32\mprapi.dll - ok

13:41:49.0140 0568 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll

13:41:49.0140 0568 C:\WINDOWS\system32\rasapi32.dll - ok

13:41:49.0171 0568 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll

13:41:49.0171 0568 C:\WINDOWS\system32\rasman.dll - ok

13:41:49.0187 0568 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll

13:41:49.0187 0568 C:\WINDOWS\system32\tapi32.dll - ok

13:41:49.0203 0568 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll

13:41:49.0203 0568 C:\WINDOWS\system32\raschap.dll - ok

13:41:49.0218 0568 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll

13:41:49.0218 0568 C:\WINDOWS\system32\wbem\wmisvc.dll - ok

13:41:49.0250 0568 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll

13:41:49.0250 0568 C:\WINDOWS\system32\vssapi.dll - ok

13:41:49.0265 0568 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll

13:41:49.0265 0568 C:\WINDOWS\system32\wkssvc.dll - ok

13:41:49.0281 0568 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll

13:41:49.0281 0568 C:\WINDOWS\system32\netman.dll - ok

13:41:49.0312 0568 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll

13:41:49.0312 0568 C:\WINDOWS\system32\netshell.dll - ok

13:41:49.0328 0568 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll

13:41:49.0328 0568 C:\WINDOWS\system32\credui.dll - ok

13:41:49.0343 0568 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll

13:41:49.0343 0568 C:\WINDOWS\system32\dot3dlg.dll - ok

13:41:49.0375 0568 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll

13:41:49.0375 0568 C:\WINDOWS\system32\eappcfg.dll - ok

13:41:49.0390 0568 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll

13:41:49.0390 0568 C:\WINDOWS\system32\onex.dll - ok

13:41:49.0406 0568 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll

13:41:49.0406 0568 C:\WINDOWS\system32\eappprxy.dll - ok

13:41:49.0421 0568 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll

13:41:49.0421 0568 C:\WINDOWS\system32\cryptsvc.dll - ok

13:41:49.0437 0568 [ 49C8E20D178BE981FF28523A942A570F ] C:\WINDOWS\system32\mfevtps.exe

13:41:49.0437 0568 C:\WINDOWS\system32\mfevtps.exe - ok

13:41:49.0468 0568 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll

13:41:49.0468 0568 C:\WINDOWS\system32\certcli.dll - ok

13:41:49.0484 0568 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

13:41:49.0484 0568 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

13:41:49.0515 0568 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll

13:41:49.0515 0568 C:\WINDOWS\system32\srvsvc.dll - ok

13:41:49.0531 0568 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll

13:41:49.0531 0568 C:\WINDOWS\system32\mscoree.dll - ok

13:41:49.0546 0568 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll

13:41:49.0546 0568 C:\WINDOWS\system32\ipnathlp.dll - ok

13:41:49.0578 0568 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll

13:41:49.0578 0568 C:\WINDOWS\system32\netmsg.dll - ok

13:41:49.0593 0568 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll

13:41:49.0593 0568 C:\WINDOWS\system32\srsvc.dll - ok

13:41:49.0609 0568 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll

13:41:49.0609 0568 C:\WINDOWS\system32\powrprof.dll - ok

13:41:49.0640 0568 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys

13:41:49.0640 0568 C:\WINDOWS\system32\drivers\srv.sys - ok

13:41:49.0656 0568 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll

13:41:49.0656 0568 C:\WINDOWS\system32\cscdll.dll - ok

13:41:49.0671 0568 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll

13:41:49.0671 0568 C:\WINDOWS\system32\dimsntfy.dll - ok

13:41:49.0687 0568 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll

13:41:49.0687 0568 C:\WINDOWS\system32\wlnotify.dll - ok

13:41:49.0718 0568 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll

13:41:49.0718 0568 C:\WINDOWS\system32\WgaLogon.dll - ok

13:41:49.0734 0568 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv

13:41:49.0734 0568 C:\WINDOWS\system32\winspool.drv - ok

13:41:49.0750 0568 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll

13:41:49.0750 0568 C:\WINDOWS\system32\msxml3.dll - ok

13:41:49.0781 0568 [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll

13:41:49.0781 0568 C:\WINDOWS\system32\browser.dll - ok

13:41:49.0796 0568 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll

13:41:49.0796 0568 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

13:41:49.0812 0568 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll

13:41:49.0812 0568 C:\WINDOWS\system32\wbem\wbemprox.dll - ok

13:41:49.0843 0568 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll

13:41:49.0843 0568 C:\WINDOWS\system32\wbem\wbemcore.dll - ok

13:41:49.0859 0568 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll

13:41:49.0859 0568 C:\WINDOWS\system32\wbem\esscli.dll - ok

13:41:49.0875 0568 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll

13:41:49.0875 0568 C:\WINDOWS\system32\wbem\fastprox.dll - ok

13:41:49.0906 0568 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll

13:41:49.0906 0568 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok

13:41:49.0921 0568 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll

13:41:49.0921 0568 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok

13:41:49.0937 0568 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll

13:41:49.0937 0568 C:\WINDOWS\system32\wbem\wmiutils.dll - ok

13:41:49.0953 0568 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll

13:41:49.0953 0568 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok

13:41:49.0968 0568 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll

13:41:49.0968 0568 C:\WINDOWS\system32\wbem\wbemess.dll - ok

13:41:50.0000 0568 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll

13:41:50.0000 0568 C:\WINDOWS\system32\netcfgx.dll - ok

13:41:50.0015 0568 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll

13:41:50.0015 0568 C:\WINDOWS\system32\clusapi.dll - ok

13:41:50.0046 0568 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll

13:41:50.0046 0568 C:\WINDOWS\system32\termsrv.dll - ok

13:41:50.0062 0568 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll

13:41:50.0062 0568 C:\WINDOWS\system32\icaapi.dll - ok

13:41:50.0078 0568 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll

13:41:50.0078 0568 C:\WINDOWS\system32\mstlsapi.dll - ok

13:41:50.0109 0568 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll

13:41:50.0109 0568 C:\WINDOWS\system32\wbem\ncprov.dll - ok

13:41:50.0125 0568 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll

13:41:50.0125 0568 C:\WINDOWS\system32\wbem\wbemcons.dll - ok

13:41:50.0140 0568 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe

13:41:50.0140 0568 C:\WINDOWS\system32\mpnotify.exe - ok

13:41:50.0171 0568 [ 3A20A4030236091C28FE7F675D2D8694 ] C:\WINDOWS\system32\TdmNetworkProvider.dll

13:41:50.0171 0568 C:\WINDOWS\system32\TdmNetworkProvider.dll - ok

13:41:50.0187 0568 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll

13:41:50.0187 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok

13:41:50.0203 0568 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll

13:41:50.0203 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok

13:41:50.0234 0568 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll

13:41:50.0234 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll - ok

13:41:50.0250 0568 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll

13:41:50.0250 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok

13:41:50.0281 0568 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll

13:41:50.0281 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok

13:41:50.0296 0568 [ 1C88CF5977C016A37BFAC1178DAA7822 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

13:41:50.0296 0568 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

13:41:50.0312 0568 [ DEC7885B2EF0966EA285C9A40E7AFBA4 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll

13:41:50.0312 0568 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll - ok

13:41:50.0343 0568 [ B560A085EED4D5D72B039929F9AE4991 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

13:41:50.0343 0568 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

13:41:50.0359 0568 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll

13:41:50.0359 0568 C:\WINDOWS\system32\cscui.dll - ok

13:41:50.0375 0568 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll

13:41:50.0375 0568 C:\WINDOWS\system32\dpcdll.dll - ok

13:41:50.0406 0568 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe

13:41:50.0406 0568 C:\WINDOWS\system32\userinit.exe - ok

13:41:50.0421 0568 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe

13:41:50.0421 0568 C:\WINDOWS\system32\WgaTray.exe - ok

13:41:50.0437 0568 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe

13:41:50.0437 0568 C:\WINDOWS\explorer.exe - ok

13:41:50.0453 0568 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll

13:41:50.0453 0568 C:\WINDOWS\system32\browseui.dll - ok

13:41:50.0468 0568 [ 004734AD6BE9C24DE7197DBDE23C8F2F ] C:\WINDOWS\system32\shdocvw.dll

13:41:50.0468 0568 C:\WINDOWS\system32\shdocvw.dll - ok

13:41:50.0500 0568 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll

13:41:50.0500 0568 C:\WINDOWS\system32\cryptnet.dll - ok

13:41:50.0515 0568 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll

13:41:50.0515 0568 C:\WINDOWS\system32\sensapi.dll - ok

13:41:50.0546 0568 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll

13:41:50.0546 0568 C:\WINDOWS\system32\winhttp.dll - ok

13:41:50.0562 0568 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll

13:41:50.0562 0568 C:\WINDOWS\system32\LegitCheckControl.dll - ok

13:41:50.0578 0568 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

13:41:50.0578 0568 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

13:41:50.0609 0568 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe

13:41:50.0609 0568 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok

13:41:50.0625 0568 [ 735F566CA0ADCA0ECC558CA648810A6C ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll

13:41:50.0625 0568 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll - ok

13:41:50.0640 0568 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll

13:41:50.0640 0568 C:\WINDOWS\system32\licwmi.dll - ok

13:41:50.0671 0568 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll

13:41:50.0671 0568 C:\WINDOWS\system32\wbem\framedyn.dll - ok

13:41:50.0671 0568 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll

13:41:50.0671 0568 C:\WINDOWS\system32\shfolder.dll - ok

13:41:50.0703 0568 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

13:41:50.0703 0568 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok

13:41:50.0718 0568 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll

13:41:50.0718 0568 C:\WINDOWS\system32\licdll.dll - ok

13:41:50.0750 0568 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll

13:41:50.0750 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok

13:41:50.0765 0568 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll

13:41:50.0765 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok

13:41:50.0781 0568 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll

13:41:50.0781 0568 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll - ok

13:41:50.0812 0568 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF

13:41:50.0812 0568 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok

13:41:50.0828 0568 [ A0AE7F043497C9971E9D7FE291099D40 ] C:\WINDOWS\system32\msxml6.dll

13:41:50.0828 0568 C:\WINDOWS\system32\msxml6.dll - ok

13:41:50.0843 0568 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll

13:41:50.0843 0568 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok

13:41:50.0875 0568 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl

13:41:50.0875 0568 C:\WINDOWS\system32\desk.cpl - ok

13:41:50.0890 0568 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll

13:41:50.0890 0568 C:\WINDOWS\system32\themeui.dll - ok

13:41:50.0921 0568 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll

13:41:50.0921 0568 C:\WINDOWS\system32\msimg32.dll - ok

13:41:50.0921 0568 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll

13:41:50.0921 0568 C:\WINDOWS\system32\wbem\cimwin32.dll - ok

13:41:50.0953 0568 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll

13:41:50.0953 0568 C:\WINDOWS\system32\cfgmgr32.dll - ok

13:41:50.0968 0568 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll

13:41:50.0968 0568 C:\WINDOWS\system32\es.dll - ok

13:41:50.0984 0568 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll

13:41:50.0984 0568 C:\WINDOWS\system32\loadperf.dll - ok

13:41:51.0015 0568 [ F5CF984927625B23757C83B0E3AACFA9 ] C:\WINDOWS\system32\wbem\wmiadap.exe

13:41:51.0015 0568 C:\WINDOWS\system32\wbem\wmiadap.exe - ok

13:41:51.0031 0568 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll

13:41:51.0031 0568 C:\WINDOWS\system32\wbem\wmiprov.dll - ok

13:41:51.0046 0568 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll

13:41:51.0046 0568 C:\WINDOWS\system32\MSCTF.dll - ok

13:41:51.0078 0568 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll

13:41:51.0078 0568 C:\WINDOWS\system32\msutb.dll - ok

13:41:51.0093 0568 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll

13:41:51.0093 0568 C:\WINDOWS\system32\linkinfo.dll - ok

13:41:51.0109 0568 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll

13:41:51.0109 0568 C:\WINDOWS\system32\ntshrui.dll - ok

13:41:51.0140 0568 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll

13:41:51.0140 0568 C:\WINDOWS\system32\msi.dll - ok

13:41:51.0156 0568 [ 3618313F7DFB605571A48FCF55D7868F ] C:\WINDOWS\system32\ieframe.dll

13:41:51.0156 0568 C:\WINDOWS\system32\ieframe.dll - ok

13:41:51.0171 0568 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll

13:41:51.0171 0568 C:\WINDOWS\system32\mmcshext.dll - ok

13:41:51.0187 0568 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll

13:41:51.0187 0568 C:\WINDOWS\system32\hhsetup.dll - ok

13:41:51.0218 0568 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll

13:41:51.0218 0568 C:\WINDOWS\system32\drprov.dll - ok

13:41:51.0234 0568 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll

13:41:51.0234 0568 C:\WINDOWS\system32\netui0.dll - ok

13:41:51.0250 0568 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll

13:41:51.0250 0568 C:\WINDOWS\system32\ntlanman.dll - ok

13:41:51.0281 0568 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll

13:41:51.0281 0568 C:\WINDOWS\system32\netrap.dll - ok

13:41:51.0296 0568 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll

13:41:51.0296 0568 C:\WINDOWS\system32\netui1.dll - ok

13:41:51.0312 0568 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll

13:41:51.0312 0568 C:\WINDOWS\system32\davclnt.dll - ok

13:41:51.0343 0568 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll

13:41:51.0343 0568 C:\WINDOWS\system32\cabinet.dll - ok

13:41:51.0359 0568 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Documents and Settings\Administrator\Desktop\tdsskiller.exe

13:41:51.0359 0568 C:\Documents and Settings\Administrator\Desktop\tdsskiller.exe - ok

13:41:51.0375 0568 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\17944843.sys

13:41:51.0375 0568 C:\WINDOWS\system32\drivers\17944843.sys - ok

13:41:51.0406 0568 [ 3998F895E95B6CC147BF7815EE90424A ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll

13:41:51.0406 0568 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok

13:41:51.0421 0568 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll

13:41:51.0421 0568 C:\WINDOWS\system32\msisip.dll - ok

13:41:51.0437 0568 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll

13:41:51.0437 0568 C:\WINDOWS\system32\wshext.dll - ok

13:41:51.0453 0568 [ E9AF8B12CFFC04C0F4399ED8E4D3826E ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll

13:41:51.0453 0568 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok

13:41:51.0484 0568 [ A68DA24239C7BA6C424E1AEAE7AA3E7A ] C:\WINDOWS\system32\mspaint.exe

13:41:51.0484 0568 C:\WINDOWS\system32\mspaint.exe - ok

13:41:51.0500 0568 [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll

13:41:51.0500 0568 C:\WINDOWS\system32\mfc42u.dll - ok

13:41:51.0515 0568 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll

13:41:51.0515 0568 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok

13:41:51.0546 0568 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll

13:41:51.0546 0568 C:\WINDOWS\system32\mscms.dll - ok

13:41:51.0562 0568 [ 81D2A27C916C7830743E4AFA454099F7 ] C:\WINDOWS\system32\WpdShext.dll

13:41:51.0562 0568 C:\WINDOWS\system32\WpdShext.dll - ok

13:41:51.0578 0568 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll

13:41:51.0578 0568 C:\WINDOWS\system32\PortableDeviceApi.dll - ok

13:41:51.0609 0568 [ 4C48F1B30A82583CAEE0DA02DD7259EE ] C:\WINDOWS\system32\audiodev.dll

13:41:51.0609 0568 C:\WINDOWS\system32\audiodev.dll - ok

13:41:51.0625 0568 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll

13:41:51.0625 0568 C:\WINDOWS\system32\WMVCore.dll - ok

13:41:51.0640 0568 [ 7365B5CA9747C84178D42CCA72486277 ] C:\WINDOWS\system32\wmasf.dll

13:41:51.0640 0568 C:\WINDOWS\system32\wmasf.dll - ok

13:41:51.0671 0568 [ BF67AC2C1F41BE892B98E9B8E91C0CB8 ] C:\WINDOWS\system32\wiashext.dll

13:41:51.0671 0568 C:\WINDOWS\system32\wiashext.dll - ok

13:41:51.0671 0568 ============================================================

13:41:51.0671 0568 Scan finished

13:41:51.0671 0568 ============================================================

13:41:51.0812 0560 Detected object count: 17

13:41:51.0812 0560 Actual detected object count: 17

13:42:39.0390 0560 AeXNSClient ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0390 0560 AeXNSClient ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0390 0560 AlKernel ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0390 0560 AlKernel ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0390 0560 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0390 0560 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0406 0560 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0406 0560 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0421 0560 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0421 0560 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0421 0560 MDM ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0421 0560 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0437 0560 NgVpnMgr ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0437 0560 NgVpnMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0453 0560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0453 0560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0453 0560 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0453 0560 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0468 0560 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0468 0560 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0484 0560 ScriptLogic CBM Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0484 0560 ScriptLogic CBM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0484 0560 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0484 0560 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0500 0560 SMManager ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0500 0560 SMManager ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0515 0560 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0515 0560 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0515 0560 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0515 0560 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0531 0560 TdmService ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0531 0560 TdmService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:42:39.0546 0560 vmware-view-usbd ( UnsignedFile.Multi.Generic ) - skipped by user

13:42:39.0546 0560 vmware-view-usbd ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:55:11.0421 1748 Deinitialize success

[Maniac]

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

[lynnejm]

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-10-14 17:24:19

-----------------------------

17:24:19.546 OS Version: Windows 5.1.2600 Service Pack 3

17:24:19.546 Number of processors: 2 586 0x1706

17:24:19.546 ComputerName: E64LP01 UserName:

17:24:20.765 Initialize success

17:24:38.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

17:24:38.343 Disk 0 Vendor: FUJITSU_ 0085 Size: 152627MB BusType: 3

17:24:38.375 Disk 0 MBR read successfully

17:24:38.390 Disk 0 MBR scan

17:24:38.406 Disk 0 Windows VISTA default MBR code

17:24:38.421 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63

17:24:38.437 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152523 MB offset 208845

17:24:38.453 Disk 0 scanning sectors +312576705

17:24:38.578 Disk 0 scanning C:\WINDOWS\system32\drivers

17:24:43.984 Service scanning

17:25:06.281 Modules scanning

17:25:10.828 Disk 0 trace - called modules:

17:25:10.875 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

17:25:10.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aee39c0]

17:25:10.906 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8af3d028]

17:25:11.203 Scan finished successfully

17:26:08.265 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"

17:26:08.281 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

[Maniac]

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

[lynnejm]

I let the scan run for 6 hours and 42 minutes.

• Less than one hour into the scan I checked it and it was at 34% on the file: C:\Documents and Settings\lmarchant\Application Data\Xerox\XrxWmV5.ini.
  
• At 6:42:05 it was still at 34% and on the same file with 0 infected files found.
  

Like with some of the other scanners, when I tried to do anything with the mouse at that time the computer was frozen (I could still move the mouse, but nothing would happen).

The only txt file found at C:\Program Files\ESET\Eset Online Scanner\log.txt was apparently created at the beginning of the scan (8:23 a.m. this morning) and contained only:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

[Maniac]

How are things now?

[lynnejm]

Things are still exactly the same. The scan never completed. Normal mode still doesn't funcion. Logging into Normal mode leads to an empty desktop with a movable cursor and no icons or taskbar, and no buttons or commands work. Only Safe Mode and Safe Mode with Networking function, except when running most scans.

[Maniac]

Please manually delete ComboFix and try to run it again.