Съмнение за заразена система

[kokotv]

Здравейте! Напоследък системата започна да работи много бавно. Дори безжичната мрежа прекъсва когато искам да сваля някой по-голям файл. Опитах се да стартирам GMER но след 1-2 минути сканиране компа се фризва, а понякога излиза син екран. Сканирах с Аваст и Malwarebytes Anti-Malware, но не откриха нищо. Заради синия екран проверих за лоши сектори - също няма. Използвам Windows XP SP3 и антивирусна Аваст. Ако може да ми помогнете.

[icotonev]

Здравейте..!

 

• Като за начало са необходими следните лог файлове, които ще предоставят важна информация, необходима за установяване на вашия проблем:

Изтеглете DDS (създаден от sUBs) от BleepingComputer.

 

След изтегляне на инструмента е необходимо да бъде запаметен (чрез менюто File => Save As...) на вашия работен плот.

 

http://i46.tinypic.com/2exprgh.jpg

 

След като изтеглите DDS на вашия работен плот, иконката на програмата би трябвало да изглежда по този начин: http://i49.tinypic.com/rvwlll.jpg

 

 

• Прекратете временно защитата в реално време на антивирусния ви софтуер. След това стартирайте DDS с двоен клик на иконката, като потвърдите намерението си с кликане върху бутона Run.

 

http://prikachi.com/images/294/5596294l.jpg

 

След приключване на работата на DDS, ще се появят два текстови файла в Notepad, наречени: DDS.txt и Attach.txt и ги запазете (чрез менюто File => Save As...) на вашия работен плот.

 

 

• Копирайте и поставете съдържанието на DDS.txt и Attach.txt директно във вашата тема. Моля, не ги прикачвайте!

[kokotv]

Свалих и сканирах с DDS Eto i rezultatite

 

Ot DDS.txt

 

DDS (Ver_2011-09-30.01) - NTFS_x86
Internet Explorer: 7.0.5730.13  BrowserJavaVersion: 10.9.2
Run by Kosio at 17:55:12 on 2013-09-09
Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.1023.383 [GMT 3:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hmonitor\hmonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dir.bg/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [ZCfgSvc.exe] c:\windows\system32\ZCfgSvc.exe
mRun: [PRONoMgr.exe] c:\program files\intel\ncs\proset\PRONoMgr.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [hmonitor] c:\program files\hmonitor\hmonitor.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [btTray] "c:\program files\ivt corporation\bluesoleil\BtTray.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AKVIS Retrialer from Unsofter.com] e:\downloade\programi\akvis_artwork_7.0.1614.8662\re-trial\Retrialer.exe
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\icq7.2\ICQ.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.euro.dell.com/systemprofiler/SysPro.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.caminova.net/en/downloads/getmodule.aspx?lang=en
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236961785668
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BBF0D44D-14E6-4DB3-8211-AEF1ABA7EE84} - hxxp://esupport.cabinetvision.com/ATLWebKeyButton.CAB
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{CBD10D66-E85B-4690-A4E1-C1DA363F46EB} : NameServer = 192.168.2.1
TCP: Interfaces\{EFFD514C-90CF-404B-BBAA-72D9B2104785} : NameServer = 192.168.2.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: Sebring - c:\windows\system32\LgNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kosio\application data\mozilla\firefox\profiles\j6a0e7c2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.bg/
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-3-13 165584]
R1 SASDIFSV;SASDIFSV;c:\docume~1\kosio\locals~1\temp\hbcd\superantispyware\SASDIFSV.SYS [2013-9-8 12880]
R1 SASKUTIL;SASKUTIL;c:\docume~1\kosio\locals~1\temp\hbcd\superantispyware\SASKUTIL.SYS [2013-9-8 67664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-3-13 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-20 40384]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2009-9-5 16695]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-2 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\malwarebytes' anti-malware\mbamservice.exe [2012-12-2 676936]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2012-7-23 38608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-2 22856]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S1 Uim_Vim;UIM Virtual Image Plugin;c:\windows\system32\drivers\Uim_Vim.sys [2012-12-2 283600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9aa07e41d64b0;Google Update Service (gupdate1c9aa07e41d64b0);c:\program files\google\update\GoogleUpdate.exe [2009-3-21 133104]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys --> c:\windows\system32\drivers\lgandbus.sys [?]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys --> c:\windows\system32\drivers\lganddiag.sys [?]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys --> c:\windows\system32\drivers\lgandgps.sys [?]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys --> c:\windows\system32\drivers\lgandmodem.sys [?]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-20 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-20 40384]
S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-21 133104]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys --> c:\windows\system32\drivers\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys --> c:\windows\system32\drivers\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys --> c:\windows\system32\drivers\lgvmodem.sys [?]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1"
FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1"
FileExt: .js: JSFile=NOTEPAD.EXE "%1"
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe"
.
=============== Created Last 30 ================
.
2013-09-08 07:40:23    --------    d-----w-    c:\documents and settings\kosio\application data\SUPERAntiSpyware.com
2013-09-08 07:40:22    --------    d-----w-    c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2013-09-07 09:42:19    12928    -c----w-    c:\windows\system32\dllcache\usb8023x.sys
2013-09-07 09:40:10    --------    d--h--w-    c:\windows\$hf_mig$
.
==================== Find3M  ====================
.
2013-07-25 18:08:06    841216    ----a-w-    c:\windows\system32\wininet.dll
2013-07-25 18:07:32    1830912    ------w-    c:\windows\system32\inetcpl.cpl
2013-07-25 18:06:52    78336    ----a-w-    c:\windows\system32\ieencode.dll
2013-07-25 18:06:36    17408    ----a-w-    c:\windows\system32\corpol.dll
2013-07-24 13:17:40    389120    ----a-w-    c:\windows\system32\html.iec
2013-07-10 10:37:53    406016    ----a-w-    c:\windows\system32\usp10.dll
2013-07-04 02:59:11    2193536    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30    2070144    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-06-20 11:18:27    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-06-20 11:18:26    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys HSF_CNXT.sys
c:\windows\system32\drivers\HSF_CNXT.sys Conexant Systems, Inc. SoftK56 Modem Driver
1 nt!IofCallDriver[0x804E3735] -> \Device\Harddisk0\DR0[0x86F13AB8]
3 CLASSPNP[0xF76ADFD7] -> nt!IofCallDriver[0x804E3735] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86F90768]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a;  }
user != kernel MBR !!!
.
============= FINISH: 17:56:34,48 ===============
 

Ot attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-09-30.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 13.3.2009 г. 05:50:42
System Uptime: 09.9.2013 г. 15:39:01 (2 hours ago)
.
Motherboard: Dell Computer Corporation |  |       
Processor:         Intel® Pentium® M processor 1700MHz | Microprocessor | 1698/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 15 GiB total, 2,257 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 23 GiB total, 11,532 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: O2Micro SmartCardBus_Reader
Device ID: PCMCIA\O2MICRO-SMARTCARDBUS_READER-2E10\1
Manufacturer:
Name: O2Micro SmartCardBus_Reader
PNP Device ID: PCMCIA\O2MICRO-SMARTCARDBUS_READER-2E10\1
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Bluetooth PAN Network Adapter
Device ID: ROOT\NET\0000
Manufacturer: IVT Corporation
Name: Bluetooth PAN Network Adapter
PNP Device ID: ROOT\NET\0000
Service: BT
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Bluetooth PAN Network Adapter
Device ID: ROOT\NET\0001
Manufacturer: IVT Corporation
Name: Bluetooth PAN Network Adapter #2
PNP Device ID: ROOT\NET\0001
Service: BT
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 6680
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6680
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP86: 08.9.2013 г. 09:13:07 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Архиватор WinRAR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.1.3
AdriaROUTE 3.30 NT
AKVIS ArtWork
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
avast! Free Antivirus
BG OFFRoadMap 4.80
BGMountains_LAT
BitComet 1.27
Bluesoleil 5.0.5.178
Broadcom Advanced Control Suite
Broadcom Gigabit Integrated Controller
BS.Player FREE
BulgarianPhonetic XP by G. Atanasov
C-Major Audio
CCleaner
Compatibility Pack for the 2007 Office system
Conexant D480 MDC V.92 Modem
Digital Line Detect
Diskeeper 2011
Document Express DjVu Plug-in
ESET Online Scanner v3
Garmin MapSource
Garmin Mobile PC v5.00.60
Garmin POI Loader
Garmin USB Drivers
Google Земя
Google Drive
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
Hardware sensors monitor 4.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
HP Print Diagnostic Utility
ICQ7.2
Intel® PROSet
Java 7 Update 9
Java Auto Updater
JDownloader
Malwarebytes Anti-Malware, версия 1.65.1.1000
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft ActiveSync
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
MobTime Cell Phone Manager V6.6.5
Mozilla Firefox 21.0 (x86 bg)
MSVC80_x86
MSVC80_x86_v2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB925673)
NavCity 2009.06 IKLTL by Basarsoft
Nero 8 Lite
Nokia Connectivity Cable Driver
Nokia PC Suite
Olyslager-WIS Setup
PC Connectivity Solution
Photosmart 320,370,7400,8100,8400 Series
PoiEdit
PowerDVD
PS7400
PSPrinters06
QuickSet
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
SA Dictionary 2005 T2
SCG Route 2.60 NT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2761465)
Security Update for Windows Internet Explorer 7 (KB2862772)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Sentinel System Driver
Skype™ 4.2
Spybot - Search & Destroy
Start Application
The Weather Channel App
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2863058)
VBA (3821h)
Visual Studio 2005 Tools for Office Second Edition Runtime
VLC media player 1.0.3
WebFldrs XP
Winamp
WinDjView 1.0.3
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Driver Package - Nokia Modem  (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem  (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
WinZip 12.0
Xirrus Wi-Fi Inspector
.
==== End Of File ===========================
 

 

[icotonev]

Здравейте отново..!
 
http://download.exdat.com/dl-ico_1-53944839-5270.png Изтеглете тази специална версия на RKill.exe и го запазете на вашия десктоп.

• Стартирате програмата с двоен клик върху файла и изчакайте търпеливо.
• След приключване на проверката ще се генерира лог файл с извършените процедури.
• Прикачете лог файла в следващия си пост.

 

http://prikachi.com/images/135/5010135e.jpg Моля, изтеглете aswMBR и го запазете на вашия десктоп.

• Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
• Изчакайте да изтегли дефинициите на avast!
• От падащото меню посочете дял C:\ както е на снимката:

http://img843.imageshack.us/img843/9021/unledyfm.png

• Изберете Scan бутона, за да започне проверката.
• Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.

 

 

http://prikachi.com/images/194/5010194f.jpg Моля, изтеглете последната версия на TDSSKiller оттук и я запазете на вашия декстоп.

• Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.
  http://img189.imageshack.us/img189/5251/image000q.png
• Сложете отметка през Loaded Modules.
  http://img802.imageshack.us/img802/859/2012081514h0118.png
• Необходим е рестарт за осъществяване на промените. Направете го!
• TDSSKiller ще стартира автоматично след рестарта. Важно е да се отбележи, че вашия компютър може да изглежда по-бавен, на моменти неизползваем и с по-ниска производителност. Това е нормално и ще трае само един рестарт. Дайте му достатъчно време да зареди приложенията стартиращи с Операционната Система във фонов режим.
• След това натиснете Change parameters в TDSSKiller отново.
• Сложете всички отметки (този път рестарт не се изисква).

• http://img11.imageshack.us/img11/3816/2012081517h0349.png
• Натиснете бутона Start Scan.
  http://img202.imageshack.us/img202/1699/19695967.jpg
• Проверката не би трябвало да отмене повече от 2 minutes.
• Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.
  http://img716.imageshack.us/img716/7638/67776163.jpg
• Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.
  Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.
  http://img717.imageshack.us/img717/718/62117367.jpg
  Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.
• Лог файл ще бъде създаден в свободната директория на дял C:\ . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.

http://www.europages.com/filestore/logo/fa/1b/K30_000018475001_es_c31bfeda.gif Изтеглете Gmer или от тук.
* Временно спрете Интернета си,всички работещи програми,както и антивирусната си програма.
* Стартирате програмата.
* След завършването на автомаичната експрес-проверка,махнете отметките от следните позиции:
- Sections
- IAT/EAT
- Show all
* От всички локални дискове маркирайте само системния дял (обикновенно това е C:\ )
http://i266.photobucket.com/albums/ii277/sUBs_/Gmer_initScan.gif

• Натиснете бутона Scan

http://i44.tinypic.com/jijosi.gif

• Изчакайте програмата да завърши сканирането,след което натиснете бутона Save и запишете (save as) резултатите на десктопа с име Gmer.log.
• Включете Интернета си и прикачете Gmer.log в следващия си коментар.

Забележка:
* Ако бъде открит Rootkit, ще последва въпрос дали желаете пълно сканиране на системата. Изберете NO.
* Не предприемайте никакви действия върху редовете маркирани с "<--- ROOТKIT" ,защото това може да доведе до грешки.

[kokotv]

Благодаря за бързия отговор. Първият линк не работи. Да изтегля ли програмата от тук http://www.bleepingcomputer.com/download/rkill/dl/10/

Благодаря за бързия отговор. Първият линк не работи. Да изтегля ли програмата от тук http://www.bleepingcomputer.com/download/rkill/dl/10/

[kokotv]

Ето резултатите

Rkill.txt

aswMBR.txt

Логовете от TDSSKiller са три. Нещо ми блокира след рестарта и се наложи да го стартирам отново   TDSSKiller.2.8.16.0_09.09.2013_21.25.40_log.txtTDSSKiller.2.8.16.0_09.09.2013_21.01.29_log.txtTDSSKiller.2.8.16.0_09.09.2013_21.06.25_log.txt

И лога на Gmer. Първият път като го стартирах пак ми се фризна, но втория път завърши до край

gmer.txt

 

 

[icotonev]

http://www.techsupportforum.com/images/smilies/i_arrow-r.gif Изтеглете ComboFix http://i121.photobucket.com/albums/o239/kevinf80/combofix.gif от тук и го запазете на десктопа си
Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to disable your security applications by amateur

Стартирайте Combo-Fix.com http://i121.photobucket.com/albums/o239/kevinf80/combofix.gif и следвайте инструкциите.
Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repai режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.

• Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console.В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.

** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.
 
http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif
 
След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:
 
http://img.photobucket.com/albums/v706/ried7/whatnext.png
Изберете Yes, за да продължи сканирането за зловреден софтуер.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:\ComboFix.txt в следващия Ви коментар в тази тема.
 
http://www.techsupportforum.com/images/smilies/i_exclaim.gif Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

[kokotv]

Ето лога

 

ComboFix 13-09-09.04 - Kosio 09.2013 г.   9:32.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.1023.465 [GMT 3:00]
Running from: c:\documents and settings\Kosio\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\XSxS
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-10 to 2013-09-10  )))))))))))))))))))))))))))))))
.
.
2013-09-08 07:40 . 2013-09-08 07:40    --------    d-----w-    c:\documents and settings\Kosio\Application Data\SUPERAntiSpyware.com
2013-09-08 07:40 . 2013-09-08 07:40    --------    d-----w-    c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-09-07 09:42 . 2013-02-12 00:32    12928    -c----w-    c:\windows\system32\dllcache\usb8023x.sys
2013-09-07 09:40 . 2013-09-07 11:57    --------    d--h--w-    c:\windows\$hf_mig$
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 18:08 . 2008-04-14 10:42    841216    ----a-w-    c:\windows\system32\wininet.dll
2013-07-25 18:07 . 2008-04-14 10:42    1830912    ------w-    c:\windows\system32\inetcpl.cpl
2013-07-25 18:06 . 2008-04-14 10:41    78336    ----a-w-    c:\windows\system32\ieencode.dll
2013-07-25 18:06 . 2008-04-14 10:41    17408    ----a-w-    c:\windows\system32\corpol.dll
2013-07-24 13:17 . 2008-04-14 05:07    389120    ----a-w-    c:\windows\system32\html.iec
2013-07-10 10:37 . 2008-04-14 10:42    406016    ----a-w-    c:\windows\system32\usp10.dll
2013-07-04 02:59 . 2008-04-14 05:57    2193536    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08 . 2008-04-14 05:01    2070144    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-06-20 11:18 . 2012-04-15 05:42    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-06-20 11:18 . 2011-05-23 05:03    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 13:11    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-17 39408]
"DW7"="c:\program files\The Weather Channel\The Weather Channel App\TWCApp.exe" [2013-03-06 13102080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 344064]
"ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2005-07-04 639040]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2005-06-27 135168]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-07 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-07 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"hmonitor"="c:\program files\Hmonitor\hmonitor.exe" [2004-05-21 284160]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-06-29 1032192]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2010-04-25 258134]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-01-24 295072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"AKVIS Retrialer from Unsofter.com"="e:\downloade\Programi\akvis_artwork_7.0.1614.8662\Re-trial\Retrialer.exe" [2008-09-23 338587]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2005-07-04 23:33    188482    ----a-w-    c:\windows\system32\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autocheck
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24327:TCP"= 24327:TCP:BitComet 24327 TCP
"24327:UDP"= 24327:UDP:BitComet 24327 UDP
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.3.2009 г. 19:52 165584]
R1 SASDIFSV;SASDIFSV;\??\c:\docume~1\Kosio\LOCALS~1\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS --> c:\docume~1\Kosio\LOCALS~1\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [?]
R1 SASKUTIL;SASKUTIL;\??\c:\docume~1\Kosio\LOCALS~1\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS --> c:\docume~1\Kosio\LOCALS~1\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [?]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.3.2009 г. 19:52 17744]
R2 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [05.9.2009 г. 16:23 16695]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamscheduler.exe [02.12.2012 г. 17:23 399432]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [29.11.2012 г. 21:31 38608]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [23.7.2012 г. 13:51 38608]
S1 Uim_Vim;UIM Virtual Image Plugin;c:\windows\system32\drivers\Uim_Vim.sys [02.12.2012 г. 23:54 283600]
S2 gupdate1c9aa07e41d64b0;Google Update Service (gupdate1c9aa07e41d64b0);c:\program files\Google\Update\GoogleUpdate.exe [21.3.2009 г. 12:32 133104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe [02.12.2012 г. 17:23 676936]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys --> c:\windows\system32\DRIVERS\lgandbus.sys [?]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys --> c:\windows\system32\DRIVERS\lganddiag.sys [?]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys --> c:\windows\system32\DRIVERS\lgandgps.sys [?]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys --> c:\windows\system32\DRIVERS\lgandmodem.sys [?]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [02.12.2012 г. 17:23 22856]
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 09:31]
.
2013-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 09:31]
.
2013-07-13 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-57989841-1708537768-1343024091-1003.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29 18:33]
.
2013-09-09 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-57989841-1708537768-1343024091-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 18:31]
.
2013-09-04 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-57989841-1708537768-1343024091-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 18:31]
.
2013-09-09 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-57989841-1708537768-1343024091-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 13:30]
.
2013-09-09 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-57989841-1708537768-1343024091-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 13:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.dir.bg/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: Interfaces\{CBD10D66-E85B-4690-A4E1-C1DA363F46EB}: NameServer = 192.168.2.1
TCP: Interfaces\{EFFD514C-90CF-404B-BBAA-72D9B2104785}: NameServer = 192.168.2.1
DPF: {BBF0D44D-14E6-4DB3-8211-AEF1ABA7EE84} - hxxp://esupport.cabinetvision.com/ATLWebKeyButton.CAB
FF - ProfilePath - c:\documents and settings\Kosio\Application Data\Mozilla\Firefox\Profiles\j6a0e7c2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.bg/
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-74328898.sys
AddRemove-JDownloader - c:\program files\JDownloader\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-10 09:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\B20@O=5 *=0 *C*C*l*e*a*n*e*r*& \command]
@="c:\\Program Files\\CCleaner\\ccleaner.exe"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(536)
c:\windows\system32\WININET.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-09-10  09:49:02
ComboFix-quarantined-files.txt  2013-09-10 06:48
.
Pre-Run: 2 234 298 368 bytes free
Post-Run: 2 486 562 816 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E7574635EF80E2514F37C5F53D6B232C
8F558EB6672622401DA993E1E865C861
 

[icotonev]

http://i47.tinypic.com/2lsf8k9.pngМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

• Затворете всички стартирани програми и браузъри
• Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
• Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
• Маркирайте Clean
• Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
• Моля, да публикувате съдържанието на този лог в отговора си
• Можете да намерите лога,който автоматично се запомня тук C:\AdwCleaner

http://assiste.free.fr/Assiste/media/images/AdwCleaner_Logo.png


http://imageshack.us/a/img841/7292/thisisujrt.gif Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

• Спрете временно работата на защитните програми.
• Стартирайте инструмента JRT.exe
• Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
• Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
• Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
• Моля копирайте съдържанието на лог файла в следващия си пост.

http://i1.ytimg.com/vi/dvnGAjWNSuk/mqdefault.jpg

+
 
Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.
  Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.
 
 
http://www.techsupportforum.com/images/smilies/i_arrow-r.gif Изтеглете програмата: ESET Online Scanner

• Стартирайте esetsmartinstaller_enu.exe http://store.picbg.net/pubpic/EF/3D/7c9e83b53227ef3d.jpg
• Сложете отметка на YES, I accept the Terms of Use и изберете Start:

• http://store.picbg.net/pubpic/E8/43/04ed1c15c0abe843.jpg

• Скенерът ще започне да изтегля компонентите, които са му необходими:

• http://store.picbg.net/pubpic/D7/13/3b734079c5ccd713.jpg

Уверете се, че е премахната отметката от:

• Remove found threats

Уверете се че са маркирани следните позиции:

• Scan Archives

Кликнете върху Advanced Settings и маркирайте следните опции:

• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology

Накрая изберете Start
Скенерът ще започне да изтегля последните дефиниции.

• След, като сканирането завърши изберете Finish.
• Отидете в: C:\Program Files\ESET\ESET Online Scanner
• Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар

[kokotv]

AdwCleaner има два лога

 

# AdwCleaner v3.003 - Report created 10/09/2013 at 18:12:33
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Kosio - KOSTA1
# Running from : C:\Documents and Settings\Kosio\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21348


-\\ Mozilla Firefox v21.0 (bg)

[ File : C:\Documents and Settings\Kosio\Application Data\Mozilla\Firefox\Profiles\4tba3mpj.default\prefs.js ]


[ File : C:\Documents and Settings\Kosio\Application Data\Mozilla\Firefox\Profiles\j6a0e7c2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1208 octets] - [10/09/2013 18:12:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1268 octets] ##########
 

 

 

# AdwCleaner v3.003 - Report created 10/09/2013 at 18:14:36
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Kosio - KOSTA1
# Running from : C:\Documents and Settings\Kosio\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21348


-\\ Mozilla Firefox v21.0 (bg)

[ File : C:\Documents and Settings\Kosio\Application Data\Mozilla\Firefox\Profiles\4tba3mpj.default\prefs.js ]


[ File : C:\Documents and Settings\Kosio\Application Data\Mozilla\Firefox\Profiles\j6a0e7c2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1348 octets] - [10/09/2013 18:12:33]
AdwCleaner[s0].txt - [1285 octets] - [10/09/2013 18:14:36]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1345 octets] ##########
 

 

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Microsoft Windows XP x86
Ran by Kosio on 10.09.2013 Ј. at 18:27:02,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.09.2013 Ј. at 18:32:08,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Malwarebytes' Anti-Malware я имам инсталирана и затова с нея сканирах

 

Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org

Database version: v2013.09.10.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Kosio :: KOSTA1 [limited]

Protection: Disabled

10.9.2013 г. 18:38:10
mbam-log-2013-09-10 (21-40-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 249783
Time elapsed: 2 hour(s), 54 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files\AKVIS\ArtWork\AKVIS_Retrial.exe (Trojan.Bumat) -> No action taken.
C:\Program Files\WinRar\keygenpatch.exe (Malware.Packer.Gen) -> No action taken.

(end)
 

eset  лог

 

 

# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=18963c9f740f5f459c75cb0383577679
# engine=15082
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-10 08:37:54
# local_time=2013-09-10 11:37:54 (+0200, GTB Daylight Time)
# country="Bulgaria"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=770 16774141 100 100 61090928 155555346 0 0
# scanned=49832
# found=3
# cleaned=0
# scan_time=5538
sh=AA199EC5FE3A70A59212FCA94129B0BB89194669 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.AB trojan" ac=I fn="C:\Documents and Settings\Kosio\Application Data\Sun\Java\Deployment\cache\6.0\29\29ad771d-667171c3"
sh=3CF56EFDD88D8CFB0F23E325C902F945683E9466 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Documents and Settings\Kosio\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\48\30efc430-27c5493d"
sh=12C29CE987BB09F12714439E899596E43F936FA7 ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A application" ac=I fn="C:\RECYCLER\S-1-5-21-57989841-1708537768-1343024091-1003\Dc2\Boot\konboot.gz"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=18963c9f740f5f459c75cb0383577679
# engine=15091
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-11 08:22:26
# local_time=2013-09-11 11:22:26 (+0200, GTB Daylight Time)
# country="Bulgaria"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=770 16774141 100 100 61176400 155640818 0 0
# scanned=57023
# found=7
# cleaned=0
# scan_time=10355
sh=AA199EC5FE3A70A59212FCA94129B0BB89194669 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.AB trojan" ac=I fn="C:\Documents and Settings\Kosio\Application Data\Sun\Java\Deployment\cache\6.0\29\29ad771d-667171c3"
sh=3CF56EFDD88D8CFB0F23E325C902F945683E9466 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Documents and Settings\Kosio\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\48\30efc430-27c5493d"
sh=12C29CE987BB09F12714439E899596E43F936FA7 ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A application" ac=I fn="C:\RECYCLER\S-1-5-21-57989841-1708537768-1343024091-1003\Dc2\Boot\konboot.gz"
sh=1ECFEFE60B4BE0F28C82AE2F40625CBFEEE451AF ft=1 fh=bc0b51a832b5ea4c vn="Win32/Adware.Virtumonde application" ac=I fn="E:\Downloade\Navisoft\Garmin\Tools\Garmin Unlock Generator v.1.5 FINAL\Garmin Unlock Generator v.1.5 FINAL\JMKG 1.5 FINAL\garmin_kgen.exe"
sh=2DBB1794757E44ABB2A2F67CBFEB7B6567F8D9FC ft=1 fh=0084f2ad8b8bf90d vn="a variant of Win32/Keygen.EM application" ac=I fn="E:\Downloade\Programi\MalwareBytes Anti-Malware PRO v1.65.0.1400 + Keygen [ECLiPSE HD]\KeyGen\KeyGen.exe"
sh=11D89A9605250127E81AE6B8ADBA94225657B111 ft=1 fh=e7eb8c929ead94cf vn="Win32/HackTool.Patcher.A application" ac=I fn="E:\Navigacia\iGo8PC\iGo.v8.0.PC.exe"
sh=369034D6E2D09C6DD69F378E6ED0993D89BF7C10 ft=1 fh=4db8473823e95396 vn="a variant of Win32/VB.PTZ trojan" ac=I fn="E:\Razni\Mebeli\Programi\KitchenDraw\KD5\KD\KD 5\KD50keygen.exe"
 

[icotonev]

Здравейте..!Всички дневници са наред....направихме малко по - задълбочена проверка защото остана само нещо което е под съмнение:
 

=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys HSF_CNXT.sys
c:\windows\system32\drivers\HSF_CNXT.sys Conexant Systems, Inc. SoftK56 Modem Driver
1 nt!IofCallDriver[0x804E3735] -> \Device\Harddisk0\DR0[0x86F13AB8]
3 CLASSPNP[0xF76ADFD7] -> nt!IofCallDriver[0x804E3735] -> \Device\Ide\IdeDeviceP0T0L0-3[0x86F90768]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a;  }
user != kernel MBR !!!

 
 
  Моля, изтеглете MbrScan (от Eric_71) от тук и го запишете на вашия Desktop:
 
http://security-x.fr/tools/download.php?f=MbrScan.exe
http://eric71.geekstogo.com/tools/MbrScan.exe

• Затворете всички работещи програми и кликнете два пъти върху "MbrScan.exe" (за Vista/W7, щракнете с десния бутон върху него => "Run as administrator").
• Моля, кликнете върху бутона "Scan" и след това 'Report' бутона.
• Когато сканирането завърши ще се отвори лог файл "MbrScan.log".
• Моля, копирайте и поставете съдържанието му в следващия си отговор.

 

 

и последно...направете ново сканиране с TDSSKiller (по инструкцията в пост 4) само че изтеглете последната версия 2.9.2.0 на програмата..!

[kokotv]

 

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 9 Stepping 5, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/09/13 (ISO 8601) at 09:09:20
________________________________________________________________________________

Device\Harddisk0\DR0    37.26 Go  [Fixed] ==> XP MBR Code ==> PARTITION TABLE FAKED !!

MBR_MD5   : FA6FE577A7ABF26E275280A9B9F381FA
MBR_SHA1  : 271D48070B6D21FD0E108E4F8B7C8E7F162BD625

Device\Harddisk0\Partition1    14.65 Go      0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2    22.61 Go      0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xF4A38000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF7BD5000
SIZE    : 8.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\hiber_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF7BBB000
SIZE    : 8.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.м.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 63 85 0B 52 8D 00 00 80 01   .....,Dc..R.....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 FA EF D4 01 00 FE   ...þ..?...úïÔ..þ
0x000001D0   FF FF 0F FE FF FF 39 F0 D4 01 C7 62 D3 02 00 00   ...þ..9ðÔ.ÇbÓ...
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

 

 

TDSSKiller има два лога

09:11:55.0337 0x0ff0  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
09:11:56.0218 0x0ff0  ============================================================
09:11:56.0218 0x0ff0  Current date / time: 2013/09/13 09:11:56.0218
09:11:56.0218 0x0ff0  SystemInfo:
09:11:56.0218 0x0ff0  
09:11:56.0218 0x0ff0  OS Version: 5.1.2600 ServicePack: 3.0
09:11:56.0218 0x0ff0  Product type: Workstation
09:11:56.0218 0x0ff0  ComputerName: KOSTA1
09:11:56.0218 0x0ff0  UserName: Kosio
09:11:56.0218 0x0ff0  Windows directory: C:\WINDOWS
09:11:56.0218 0x0ff0  System windows directory: C:\WINDOWS
09:11:56.0218 0x0ff0  Processor architecture: Intel x86
09:11:56.0218 0x0ff0  Number of processors: 1
09:11:56.0218 0x0ff0  Page size: 0x1000
09:11:56.0218 0x0ff0  Boot type: Normal boot
09:11:56.0218 0x0ff0  ============================================================
09:11:58.0211 0x0ff0  Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:11:58.0211 0x0ff0  ============================================================
09:11:58.0211 0x0ff0  \Device\Harddisk0\DR0:
09:11:58.0211 0x0ff0  MBR partitions:
09:11:58.0211 0x0ff0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D4EFFA
09:11:58.0221 0x0ff0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D4F078, BlocksNum 0x2D36288
09:11:58.0221 0x0ff0  ============================================================
09:11:58.0261 0x0ff0  C: <-> \Device\Harddisk0\DR0\Partition1
09:11:58.0311 0x0ff0  E: <-> \Device\Harddisk0\DR0\Partition2
09:11:58.0311 0x0ff0  ============================================================
09:11:58.0311 0x0ff0  Initialize success
09:11:58.0311 0x0ff0  ============================================================
09:12:20.0002 0x05b8  Deinitialize success
 

09:19:40.0022 0x0540  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
09:19:40.0824 0x0540  ============================================================
09:19:40.0824 0x0540  Current date / time: 2013/09/13 09:19:40.0824
09:19:40.0824 0x0540  SystemInfo:
09:19:40.0824 0x0540  
09:19:40.0824 0x0540  OS Version: 5.1.2600 ServicePack: 3.0
09:19:40.0824 0x0540  Product type: Workstation
09:19:40.0824 0x0540  ComputerName: KOSTA1
09:19:40.0834 0x0540  UserName: Kosio
09:19:40.0834 0x0540  Windows directory: C:\WINDOWS
09:19:40.0834 0x0540  System windows directory: C:\WINDOWS
09:19:40.0834 0x0540  Processor architecture: Intel x86
09:19:40.0834 0x0540  Number of processors: 1
09:19:40.0834 0x0540  Page size: 0x1000
09:19:40.0834 0x0540  Boot type: Normal boot
09:19:40.0834 0x0540  ============================================================
09:19:40.0834 0x0540  BG loaded
09:19:41.0424 0x0540  Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:19:41.0424 0x0540  ============================================================
09:19:41.0424 0x0540  \Device\Harddisk0\DR0:
09:19:41.0424 0x0540  MBR partitions:
09:19:41.0424 0x0540  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D4EFFA
09:19:41.0444 0x0540  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D4F078, BlocksNum 0x2D36288
09:19:41.0444 0x0540  ============================================================
09:19:41.0495 0x0540  C: <-> \Device\Harddisk0\DR0\Partition1
09:19:41.0565 0x0540  E: <-> \Device\Harddisk0\DR0\Partition2
09:19:41.0565 0x0540  ============================================================
09:19:41.0565 0x0540  Initialize success
09:19:41.0565 0x0540  ============================================================
09:20:13.0701 0x069c  ============================================================
09:20:13.0701 0x069c  Scan started
09:20:13.0701 0x069c  Mode: Manual; SigCheck; TDLFS;
09:20:13.0701 0x069c  ============================================================
09:20:14.0933 0x069c  ================ Scan system memory ========================
09:20:14.0943 0x069c  System memory - ok
09:20:14.0943 0x069c  ================ Scan services =============================
09:20:15.0503 0x069c  [ 8D488938E2F7048906F1FBD3AF394887 ] Aavmker4        C:\WINDOWS\system32\drivers\Aavmker4.sys
09:20:15.0694 0x069c  Aavmker4 - ok
09:20:15.0694 0x069c  Abiosdsk - ok
09:20:15.0714 0x069c  abp480n5 - ok
09:20:15.0804 0x069c  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:20:19.0820 0x069c  ACPI - ok
09:20:20.0000 0x069c  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
09:20:20.0200 0x069c  ACPIEC - ok
09:20:20.0210 0x069c  adpu160m - ok
09:20:20.0400 0x069c  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:20:20.0721 0x069c  aec - ok
09:20:20.0881 0x069c  [ 2C5C22990156A1063E19AD162191DC1D ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:20:20.0951 0x069c  AegisP ( UnsignedFile.Multi.Generic ) - warning
09:20:20.0951 0x069c  AegisP - detected UnsignedFile.Multi.Generic (1)
09:20:21.0142 0x069c  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:20:21.0212 0x069c  AFD - ok
09:20:21.0282 0x069c  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
09:20:21.0492 0x069c  agp440 - ok
09:20:21.0502 0x069c  Aha154x - ok
09:20:21.0512 0x069c  aic78u2 - ok
09:20:21.0532 0x069c  aic78xx - ok
09:20:21.0802 0x069c  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:20:22.0013 0x069c  Alerter - ok
09:20:22.0113 0x069c  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
09:20:22.0213 0x069c  ALG - ok
09:20:22.0223 0x069c  AliIde - ok
09:20:22.0243 0x069c  amsint - ok
09:20:22.0263 0x069c  Andbus - ok
09:20:22.0273 0x069c  AndDiag - ok
09:20:22.0293 0x069c  AndGps - ok
09:20:22.0303 0x069c  ANDModem - ok
09:20:22.0373 0x069c  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
09:20:22.0443 0x069c  APPDRV ( UnsignedFile.Multi.Generic ) - warning
09:20:22.0443 0x069c  APPDRV - detected UnsignedFile.Multi.Generic (1)
09:20:22.0584 0x069c  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:20:22.0744 0x069c  AppMgmt - ok
09:20:22.0764 0x069c  asc - ok
09:20:22.0774 0x069c  asc3350p - ok
09:20:22.0794 0x069c  asc3550 - ok
09:20:23.0024 0x069c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:20:23.0104 0x069c  aspnet_state - ok
09:20:23.0154 0x069c  [ A0D86B8AC93EF95620420C7A24AC5344 ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:20:23.0174 0x069c  aswFsBlk - ok
09:20:23.0225 0x069c  [ 7D880C76A285A41284D862E2D798EC0D ] aswMon2         C:\WINDOWS\system32\drivers\aswMon2.sys
09:20:23.0235 0x069c  aswMon2 - ok
09:20:23.0275 0x069c  [ 69823954BBD461A73D69774928C9737E ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
09:20:23.0285 0x069c  aswRdr - ok
09:20:23.0355 0x069c  [ 7ECC2776638B04553F9A85BD684C3ABF ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
09:20:23.0375 0x069c  aswSP - ok
09:20:23.0415 0x069c  [ 095ED820A926AA8189180B305E1BCFC9 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
09:20:23.0435 0x069c  aswTdi - ok
09:20:23.0475 0x069c  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:20:23.0695 0x069c  AsyncMac - ok
09:20:23.0785 0x069c  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:20:23.0966 0x069c  atapi - ok
09:20:23.0976 0x069c  Atdisk - ok
09:20:24.0226 0x069c  [ 450BF8C0BD401A48FFA91D28DF665E93 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:20:24.0356 0x069c  Ati HotKey Poller - ok
09:20:24.0937 0x069c  [ 246248AADA156450BE611ECEAA5FE033 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:20:25.0428 0x069c  ati2mtag - ok
09:20:25.0478 0x069c  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:20:25.0678 0x069c  Atmarpc - ok
09:20:25.0738 0x069c  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:20:25.0908 0x069c  AudioSrv - ok
09:20:25.0948 0x069c  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:20:26.0109 0x069c  audstub - ok
09:20:26.0279 0x069c  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:20:26.0289 0x069c  avast! Antivirus - ok
09:20:26.0309 0x069c  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:20:26.0329 0x069c  avast! Mail Scanner - ok
09:20:26.0359 0x069c  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:20:26.0369 0x069c  avast! Web Scanner - ok
09:20:26.0469 0x069c  [ 3A3A82FFD268BCFB7AE6A48CECF00AD9 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:20:26.0539 0x069c  b57w2k - ok
09:20:26.0599 0x069c  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:20:26.0780 0x069c  Beep - ok
09:20:27.0010 0x069c  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:20:27.0651 0x069c  BITS - ok
09:20:27.0711 0x069c  [ B77F00B776F53A470ADFDA3C81651807 ] BlueletAudio    C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
09:20:27.0751 0x069c  BlueletAudio ( UnsignedFile.Multi.Generic ) - warning
09:20:27.0751 0x069c  BlueletAudio - detected UnsignedFile.Multi.Generic (1)
09:20:28.0222 0x069c  [ 6A2F1A0787139A28F93B7CDAB830E354 ] BlueSoleilCS    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
09:20:28.0612 0x069c  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - warning
09:20:28.0612 0x069c  BlueSoleilCS - detected UnsignedFile.Multi.Generic (1)
09:20:28.0692 0x069c  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
09:20:28.0722 0x069c  Browser - ok
09:20:28.0793 0x069c  [ 43FAD5549B09E769B61BBEB58C02AB59 ] BsHelpCS        C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
09:20:28.0813 0x069c  BsHelpCS ( UnsignedFile.Multi.Generic ) - warning
09:20:28.0813 0x069c  BsHelpCS - detected UnsignedFile.Multi.Generic (1)
09:20:28.0863 0x069c  [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT              C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
09:20:28.0883 0x069c  BT - ok
09:20:28.0893 0x069c  btaudio - ok
09:20:28.0953 0x069c  [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB ] Btcsrusb        C:\WINDOWS\system32\Drivers\btcusb.sys
09:20:28.0983 0x069c  Btcsrusb - ok
09:20:28.0993 0x069c  BTDriver - ok
09:20:29.0043 0x069c  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:20:29.0263 0x069c  BthEnum - ok
09:20:29.0383 0x069c  [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum       C:\WINDOWS\system32\DRIVERS\vbtenum.sys
09:20:29.0403 0x069c  BTHidEnum - ok
09:20:29.0474 0x069c  [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr        C:\WINDOWS\system32\Drivers\BTHidMgr.sys
09:20:29.0504 0x069c  BTHidMgr - ok
09:20:29.0564 0x069c  [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM        C:\WINDOWS\system32\DRIVERS\bthmodem.sys
09:20:29.0734 0x069c  BTHMODEM - ok
09:20:29.0934 0x069c  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:20:30.0185 0x069c  BthPan - ok
09:20:30.0365 0x069c  [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
09:20:30.0485 0x069c  BTHPORT - ok
09:20:30.0535 0x069c  [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ         C:\WINDOWS\System32\bthserv.dll
09:20:30.0755 0x069c  BthServ - ok
09:20:30.0876 0x069c  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:20:31.0096 0x069c  BTHUSB - ok
09:20:31.0196 0x069c  [ 4F26303BECBB7CC5CA8FF39593124CF2 ] BTNetFilter     C:\WINDOWS\system32\drivers\BTNetFilter.sys
09:20:31.0226 0x069c  BTNetFilter - ok
09:20:31.0236 0x069c  BTWDNDIS - ok
09:20:31.0256 0x069c  BTWUSB - ok
09:20:31.0326 0x069c  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:20:31.0557 0x069c  cbidf2k - ok
09:20:31.0697 0x069c  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:20:31.0857 0x069c  CCDECODE - ok
09:20:31.0867 0x069c  cd20xrnt - ok
09:20:31.0977 0x069c  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:20:32.0147 0x069c  Cdaudio - ok
09:20:32.0298 0x069c  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:20:32.0498 0x069c  Cdfs - ok
09:20:32.0678 0x069c  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:20:32.0949 0x069c  Cdrom - ok
09:20:32.0969 0x069c  Changer - ok
09:20:33.0079 0x069c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:20:33.0289 0x069c  CiSvc - ok
09:20:33.0359 0x069c  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:20:33.0640 0x069c  ClipSrv - ok
09:20:33.0800 0x069c  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:34.0100 0x069c  clr_optimization_v2.0.50727_32 - ok
09:20:34.0190 0x069c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:20:34.0320 0x069c  clr_optimization_v4.0.30319_32 - ok
09:20:34.0381 0x069c  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:20:34.0691 0x069c  CmBatt - ok
09:20:34.0711 0x069c  CmdIde - ok
09:20:34.0741 0x069c  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:20:34.0921 0x069c  Compbatt - ok
09:20:34.0931 0x069c  COMSysApp - ok
09:20:34.0971 0x069c  Cpqarray - ok
09:20:35.0102 0x069c  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:20:35.0262 0x069c  CryptSvc - ok
09:20:35.0282 0x069c  dac2w2k - ok
09:20:35.0292 0x069c  dac960nt - ok
09:20:35.0492 0x069c  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:20:35.0632 0x069c  DcomLaunch - ok
09:20:35.0723 0x069c  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:20:35.0893 0x069c  Dhcp - ok
09:20:35.0913 0x069c  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:20:36.0113 0x069c  Disk - ok
09:20:37.0195 0x069c  [ DD347806400462F1937B162B5983E471 ] Diskeeper       C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
09:20:37.0846 0x069c  Diskeeper - ok
09:20:37.0886 0x069c  [ 23285D9144C76BEE6FEF8E4B8D2FD3C4 ] DKRtWrt         C:\WINDOWS\system32\DRIVERS\DKRtWrt.sys
09:20:37.0906 0x069c  DKRtWrt - ok
09:20:37.0916 0x069c  dmadmin - ok
09:20:38.0036 0x069c  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:20:38.0456 0x069c  dmboot - ok
09:20:38.0547 0x069c  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:20:38.0797 0x069c  dmio - ok
09:20:38.0837 0x069c  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:20:38.0977 0x069c  dmload - ok
09:20:39.0007 0x069c  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:20:39.0187 0x069c  dmserver - ok
09:20:39.0258 0x069c  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:20:39.0448 0x069c  DMusic - ok
09:20:39.0498 0x069c  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:20:39.0548 0x069c  Dnscache - ok
09:20:39.0718 0x069c  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:20:39.0969 0x069c  Dot3svc - ok
09:20:39.0979 0x069c  dpti2o - ok
09:20:40.0029 0x069c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:20:40.0179 0x069c  drmkaud - ok
09:20:40.0209 0x069c  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:20:40.0389 0x069c  EapHost - ok
09:20:40.0449 0x069c  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:20:40.0640 0x069c  ERSvc - ok
09:20:40.0710 0x069c  [ CB8EB214E5009782B6D3E16B4F479532 ] eusk2par        C:\WINDOWS\system32\Drivers\eusk2par.sys
09:20:40.0720 0x069c  eusk2par ( UnsignedFile.Multi.Generic ) - warning
09:20:40.0720 0x069c  eusk2par - detected UnsignedFile.Multi.Generic (1)
09:20:40.0790 0x069c  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
09:20:40.0840 0x069c  Eventlog - ok
09:20:40.0960 0x069c  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
09:20:41.0000 0x069c  EventSystem - ok
09:20:41.0090 0x069c  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:20:41.0301 0x069c  Fastfat - ok
09:20:41.0391 0x069c  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:20:41.0471 0x069c  FastUserSwitchingCompatibility - ok
09:20:41.0521 0x069c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
09:20:41.0751 0x069c  Fdc - ok
09:20:41.0791 0x069c  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:20:42.0002 0x069c  Fips - ok
09:20:42.0012 0x069c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
09:20:42.0202 0x069c  Flpydisk - ok
09:20:42.0282 0x069c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:20:42.0462 0x069c  FltMgr - ok
09:20:42.0562 0x069c  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:20:42.0612 0x069c  FontCache3.0.0.0 - ok
09:20:42.0652 0x069c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:20:42.0843 0x069c  Fs_Rec - ok
09:20:42.0903 0x069c  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:20:43.0103 0x069c  Ftdisk - ok
09:20:43.0153 0x069c  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:20:43.0363 0x069c  Gpc - ok
09:20:43.0474 0x069c  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9aa07e41d64b0 C:\Program Files\Google\Update\GoogleUpdate.exe
09:20:43.0484 0x069c  gupdate1c9aa07e41d64b0 - ok
09:20:43.0544 0x069c  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:20:43.0554 0x069c  gupdatem - ok
09:20:43.0704 0x069c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:20:43.0784 0x069c  gusvc - ok
09:20:43.0894 0x069c  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:20:44.0065 0x069c  helpsvc - ok
09:20:44.0075 0x069c  HidServ - ok
09:20:44.0125 0x069c  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:20:44.0325 0x069c  HidUsb - ok
09:20:44.0385 0x069c  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:20:44.0595 0x069c  hkmsvc - ok
09:20:44.0695 0x069c  [ 8AA2E73AF4F30A72492B16C834920839 ] hmonitor        C:\WINDOWS\system32\drivers\hmonitor.sys
09:20:44.0715 0x069c  hmonitor ( UnsignedFile.Multi.Generic ) - warning
09:20:44.0715 0x069c  hmonitor - detected UnsignedFile.Multi.Generic (1)
09:20:44.0725 0x069c  hpn - ok
09:20:44.0786 0x069c  [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:20:44.0836 0x069c  HPZid412 - ok
09:20:44.0866 0x069c  [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:20:44.0886 0x069c  HPZipr12 - ok
09:20:44.0946 0x069c  [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:20:45.0006 0x069c  HPZius12 - ok
09:20:45.0116 0x069c  [ A84BBBDD125D370593004F6429F8445C ] HSFHWICH        C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
09:20:45.0206 0x069c  HSFHWICH - ok
09:20:45.0567 0x069c  [ B678FA91CF4A1C19B462D8DB04CD02AB ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
09:20:45.0867 0x069c  HSF_DPV - ok
09:20:46.0007 0x069c  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:20:46.0047 0x069c  HTTP - ok
09:20:46.0127 0x069c  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:20:46.0358 0x069c  HTTPFilter - ok
09:20:46.0368 0x069c  i2omgmt - ok
09:20:46.0388 0x069c  i2omp - ok
09:20:46.0438 0x069c  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:20:46.0678 0x069c  i8042prt - ok
09:20:46.0828 0x069c  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:20:46.0889 0x069c  IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:20:46.0889 0x069c  IDriverT - detected UnsignedFile.Multi.Generic (1)
09:20:47.0339 0x069c  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:20:48.0080 0x069c  idsvc - ok
09:20:48.0120 0x069c  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:20:48.0311 0x069c  Imapi - ok
09:20:48.0401 0x069c  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:20:48.0571 0x069c  ImapiService - ok
09:20:48.0581 0x069c  ini910u - ok
09:20:48.0621 0x069c  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
09:20:48.0841 0x069c  IntelIde - ok
09:20:48.0891 0x069c  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:20:49.0092 0x069c  intelppm - ok
09:20:49.0132 0x069c  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:20:49.0332 0x069c  Ip6Fw - ok
09:20:49.0382 0x069c  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:20:49.0562 0x069c  IpFilterDriver - ok
09:20:49.0602 0x069c  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:20:49.0823 0x069c  IpInIp - ok
09:20:49.0923 0x069c  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:20:50.0103 0x069c  IpNat - ok
09:20:50.0163 0x069c  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:20:50.0354 0x069c  IPSec - ok
09:20:50.0434 0x069c  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
09:20:50.0514 0x069c  irda - ok
09:20:50.0544 0x069c  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:20:50.0644 0x069c  IRENUM - ok
09:20:50.0724 0x069c  [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon           C:\WINDOWS\System32\irmon.dll
09:20:50.0804 0x069c  Irmon - ok
09:20:50.0834 0x069c  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:20:51.0014 0x069c  isapnp - ok
09:20:51.0185 0x069c  [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:20:51.0195 0x069c  JavaQuickStarterService - ok
09:20:51.0265 0x069c  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:20:51.0465 0x069c  Kbdclass - ok
09:20:51.0545 0x069c  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:20:51.0776 0x069c  kmixer - ok
09:20:51.0856 0x069c  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:20:51.0916 0x069c  KSecDD - ok
09:20:51.0976 0x069c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
09:20:52.0016 0x069c  LanmanServer - ok
09:20:52.0106 0x069c  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:20:52.0136 0x069c  lanmanworkstation - ok
09:20:52.0146 0x069c  lbrtfdc - ok
09:20:52.0166 0x069c  LgBttPort - ok
09:20:52.0186 0x069c  lgbusenum - ok
09:20:52.0196 0x069c  LGVMODEM - ok
09:20:52.0256 0x069c  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:20:52.0447 0x069c  LmHosts - ok
09:20:52.0487 0x069c  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
09:20:52.0507 0x069c  MBAMProtector - ok
09:20:52.0737 0x069c  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:20:52.0847 0x069c  MBAMScheduler - ok
09:20:53.0097 0x069c  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe
09:20:53.0298 0x069c  MBAMService - ok
09:20:53.0338 0x069c  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:20:53.0368 0x069c  mdmxsdk - ok
09:20:53.0408 0x069c  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:20:53.0568 0x069c  Messenger - ok
09:20:53.0608 0x069c  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:20:53.0778 0x069c  mnmdd - ok
09:20:53.0829 0x069c  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:20:54.0019 0x069c  mnmsrvc - ok
09:20:54.0059 0x069c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:20:54.0249 0x069c  Modem - ok
09:20:54.0299 0x069c  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:20:54.0449 0x069c  Mouclass - ok
09:20:54.0489 0x069c  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:20:54.0690 0x069c  mouhid - ok
09:20:54.0740 0x069c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:20:54.0930 0x069c  MountMgr - ok
09:20:54.0950 0x069c  mraid35x - ok
09:20:55.0050 0x069c  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:20:55.0221 0x069c  MRxDAV - ok
09:20:55.0411 0x069c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:20:55.0551 0x069c  MRxSmb - ok
09:20:55.0601 0x069c  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:20:55.0791 0x069c  MSDTC - ok
09:20:55.0851 0x069c  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:20:56.0012 0x069c  Msfs - ok
09:20:56.0022 0x069c  MSIServer - ok
09:20:56.0062 0x069c  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:20:56.0262 0x069c  MSKSSRV - ok
09:20:56.0312 0x069c  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:20:56.0492 0x069c  MSPCLOCK - ok
09:20:56.0522 0x069c  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:20:56.0723 0x069c  MSPQM - ok
09:20:56.0773 0x069c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:20:56.0943 0x069c  mssmbios - ok
09:20:56.0983 0x069c  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
09:20:57.0163 0x069c  MSTEE - ok
09:20:57.0233 0x069c  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:20:57.0294 0x069c  Mup - ok
09:20:57.0354 0x069c  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:20:57.0544 0x069c  NABTSFEC - ok
09:20:57.0594 0x069c  [ EBBEF7D3DDEB24239AB8D067F3A27CCF ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
09:20:57.0624 0x069c  NAL ( UnsignedFile.Multi.Generic ) - warning
09:20:57.0624 0x069c  NAL - detected UnsignedFile.Multi.Generic (1)
09:20:57.0814 0x069c  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:20:58.0085 0x069c  napagent - ok
09:20:58.0165 0x069c  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:20:58.0405 0x069c  NDIS - ok
09:20:58.0445 0x069c  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:20:58.0625 0x069c  NdisIP - ok
09:20:58.0746 0x069c  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:20:58.0766 0x069c  NdisTapi - ok
09:20:58.0816 0x069c  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:20:59.0006 0x069c  Ndisuio - ok
09:20:59.0056 0x069c  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:20:59.0256 0x069c  NdisWan - ok
09:20:59.0316 0x069c  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:20:59.0356 0x069c  NDProxy - ok
09:20:59.0407 0x069c  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:20:59.0627 0x069c  NetBIOS - ok
09:20:59.0797 0x069c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:20:59.0967 0x069c  NetBT - ok
09:21:00.0068 0x069c  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:21:00.0308 0x069c  NetDDE - ok
09:21:00.0358 0x069c  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:21:00.0538 0x069c  NetDDEdsdm - ok
09:21:00.0598 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:21:00.0819 0x069c  Netlogon - ok
09:21:00.0919 0x069c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
09:21:01.0059 0x069c  Netman - ok
09:21:01.0209 0x069c  [ 25D4FD2151185172B6643C94F34F36BE ] NetSvc          C:\Program Files\Intel\NCS\Sync\NetSvc.exe
09:21:01.0289 0x069c  NetSvc ( UnsignedFile.Multi.Generic ) - warning
09:21:01.0289 0x069c  NetSvc - detected UnsignedFile.Multi.Generic (1)
09:21:01.0369 0x069c  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:21:01.0520 0x069c  NetTcpPortSharing - ok
09:21:01.0710 0x069c  [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
09:21:01.0830 0x069c  NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - warning
09:21:01.0830 0x069c  NICCONFIGSVC - detected UnsignedFile.Multi.Generic (1)
09:21:01.0950 0x069c  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
09:21:01.0980 0x069c  Nla - ok
09:21:02.0010 0x069c  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:21:02.0201 0x069c  Npfs - ok
09:21:02.0431 0x069c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:21:02.0821 0x069c  Ntfs - ok
09:21:02.0862 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:21:03.0012 0x069c  NtLmSsp - ok
09:21:03.0192 0x069c  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:21:03.0573 0x069c  NtmsSvc - ok
09:21:03.0613 0x069c  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:21:03.0843 0x069c  Null - ok
09:21:03.0883 0x069c  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:21:04.0053 0x069c  NwlnkFlt - ok
09:21:04.0093 0x069c  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:21:04.0244 0x069c  NwlnkFwd - ok
09:21:04.0304 0x069c  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
09:21:04.0304 0x069c  omci ( UnsignedFile.Multi.Generic ) - warning
09:21:04.0304 0x069c  omci - detected UnsignedFile.Multi.Generic (1)
09:21:04.0414 0x069c  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:21:04.0454 0x069c  ose - ok
09:21:04.0514 0x069c  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
09:21:04.0734 0x069c  Parport - ok
09:21:04.0764 0x069c  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:21:04.0975 0x069c  PartMgr - ok
09:21:05.0025 0x069c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:21:05.0215 0x069c  ParVdm - ok
09:21:05.0255 0x069c  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:21:05.0305 0x069c  pccsmcfd - ok
09:21:05.0335 0x069c  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:21:05.0545 0x069c  PCI - ok
09:21:05.0555 0x069c  PCIDump - ok
09:21:05.0575 0x069c  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
09:21:05.0776 0x069c  PCIIde - ok
09:21:05.0856 0x069c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:21:06.0056 0x069c  Pcmcia - ok
09:21:06.0076 0x069c  PDCOMP - ok
09:21:06.0086 0x069c  PDFRAME - ok
09:21:06.0106 0x069c  PDRELI - ok
09:21:06.0116 0x069c  PDRFRAME - ok
09:21:06.0136 0x069c  perc2 - ok
09:21:06.0146 0x069c  perc2hib - ok
09:21:06.0276 0x069c  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
09:21:06.0296 0x069c  PlugPlay - ok
09:21:06.0367 0x069c  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
09:21:06.0387 0x069c  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:21:06.0387 0x069c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:21:06.0417 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:21:06.0547 0x069c  PolicyAgent - ok
09:21:06.0587 0x069c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:21:06.0787 0x069c  PptpMiniport - ok
09:21:06.0807 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:21:06.0977 0x069c  ProtectedStorage - ok
09:21:07.0038 0x069c  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:21:07.0168 0x069c  PSched - ok
09:21:07.0198 0x069c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:21:07.0378 0x069c  Ptilink - ok
09:21:07.0428 0x069c  [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:21:07.0468 0x069c  PxHelp20 - ok
09:21:07.0468 0x069c  ql1080 - ok
09:21:07.0488 0x069c  Ql10wnt - ok
09:21:07.0498 0x069c  ql12160 - ok
09:21:07.0518 0x069c  ql1240 - ok
09:21:07.0528 0x069c  ql1280 - ok
09:21:07.0558 0x069c  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:21:07.0729 0x069c  RasAcd - ok
09:21:07.0789 0x069c  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:21:08.0009 0x069c  RasAuto - ok
09:21:08.0039 0x069c  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:21:08.0109 0x069c  Rasirda - ok
09:21:08.0139 0x069c  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:21:08.0299 0x069c  Rasl2tp - ok
09:21:08.0399 0x069c  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:21:08.0560 0x069c  RasMan - ok
09:21:08.0600 0x069c  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:21:08.0790 0x069c  RasPppoe - ok
09:21:08.0830 0x069c  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:21:09.0020 0x069c  Raspti - ok
09:21:09.0090 0x069c  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:21:09.0271 0x069c  Rdbss - ok
09:21:09.0291 0x069c  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:21:09.0491 0x069c  RDPCDD - ok
09:21:09.0621 0x069c  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:21:09.0822 0x069c  rdpdr - ok
09:21:09.0912 0x069c  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:21:10.0012 0x069c  RDPWD - ok
09:21:10.0112 0x069c  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:21:10.0342 0x069c  RDSessMgr - ok
09:21:10.0432 0x069c  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
09:21:10.0452 0x069c  RealNetworks Downloader Resolver Service - ok
09:21:10.0513 0x069c  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:21:10.0743 0x069c  redbook - ok
09:21:10.0823 0x069c  [ 06B6E4CC67DD02434F8FF80CCB922909 ] RegSrvc         C:\WINDOWS\system32\RegSrvc.exe
09:21:10.0843 0x069c  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
09:21:10.0843 0x069c  RegSrvc - detected UnsignedFile.Multi.Generic (1)
09:21:10.0903 0x069c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:21:11.0083 0x069c  RemoteAccess - ok
09:21:11.0133 0x069c  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:21:11.0304 0x069c  RemoteRegistry - ok
09:21:11.0354 0x069c  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
09:21:11.0544 0x069c  RFCOMM - ok
09:21:11.0594 0x069c  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
09:21:11.0774 0x069c  ROOTMODEM - ok
09:21:11.0844 0x069c  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:21:12.0005 0x069c  RpcLocator - ok
09:21:12.0155 0x069c  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
09:21:12.0295 0x069c  RpcSs - ok
09:21:12.0375 0x069c  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:21:12.0576 0x069c  RSVP - ok
09:21:12.0746 0x069c  [ 672CF74E8FA09E6CE6F49AB9A272D562 ] S24EventMonitor C:\WINDOWS\system32\S24EvMon.exe
09:21:12.0866 0x069c  S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
09:21:12.0866 0x069c  S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
09:21:12.0926 0x069c  [ 423AE506C8D55BBA9E429EEEEC035A40 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
09:21:12.0926 0x069c  s24trans ( UnsignedFile.Multi.Generic ) - warning
09:21:12.0926 0x069c  s24trans - detected UnsignedFile.Multi.Generic (1)
09:21:12.0946 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:21:13.0116 0x069c  SamSs - ok
09:21:13.0357 0x069c  SASDIFSV - ok
09:21:13.0377 0x069c  SASKUTIL - ok
09:21:13.0447 0x069c  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:21:13.0647 0x069c  SCardSvr - ok
09:21:13.0767 0x069c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:21:13.0998 0x069c  Schedule - ok
09:21:14.0048 0x069c  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:21:14.0158 0x069c  Secdrv - ok
09:21:14.0208 0x069c  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:21:14.0468 0x069c  seclogon - ok
09:21:14.0518 0x069c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
09:21:14.0789 0x069c  SENS - ok
09:21:14.0859 0x069c  [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel        C:\WINDOWS\System32\Drivers\SENTINEL.SYS
09:21:14.0879 0x069c  Sentinel ( UnsignedFile.Multi.Generic ) - warning
09:21:14.0879 0x069c  Sentinel - detected UnsignedFile.Multi.Generic (1)
09:21:14.0909 0x069c  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
09:21:15.0059 0x069c  serenum - ok
09:21:15.0099 0x069c  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
09:21:15.0279 0x069c  Serial - ok
09:21:15.0329 0x069c  [ 1F16931C722C69E4A7866244796C66A0 ] sermouse        C:\WINDOWS\system32\DRIVERS\sermouse.sys
09:21:15.0490 0x069c  sermouse - ok
09:21:15.0810 0x069c  [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:21:16.0221 0x069c  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
09:21:16.0221 0x069c  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
09:21:16.0301 0x069c  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
09:21:16.0461 0x069c  Sfloppy - ok
09:21:16.0591 0x069c  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:21:16.0862 0x069c  SharedAccess - ok
09:21:16.0932 0x069c  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:21:16.0962 0x069c  ShellHWDetection - ok
09:21:16.0982 0x069c  Simbad - ok
09:21:17.0022 0x069c  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:21:17.0192 0x069c  SLIP - ok
09:21:17.0232 0x069c  [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] SMCIRDA         C:\WINDOWS\system32\DRIVERS\smcirda.sys
09:21:17.0292 0x069c  SMCIRDA - ok
09:21:17.0352 0x069c  [ A1FF7D99B199CEA1F3DF371BA70D2780 ] Sntnlusb        C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
09:21:17.0382 0x069c  Sntnlusb - ok
09:21:17.0382 0x069c  Sparrow - ok
09:21:17.0432 0x069c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:21:17.0573 0x069c  splitter - ok
09:21:17.0633 0x069c  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:21:17.0663 0x069c  Spooler - ok
09:21:17.0753 0x069c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:21:17.0843 0x069c  sr - ok
09:21:17.0933 0x069c  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:21:18.0013 0x069c  srservice - ok
09:21:18.0164 0x069c  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:21:18.0284 0x069c  Srv - ok
09:21:18.0344 0x069c  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:21:18.0424 0x069c  SSDPSRV - ok
09:21:18.0554 0x069c  [ 5813D453EF8CE49D607C255CF128ACEB ] STAC97          C:\WINDOWS\system32\drivers\stac97.sys
09:21:18.0574 0x069c  STAC97 - ok
09:21:18.0754 0x069c  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:21:19.0005 0x069c  stisvc - ok
09:21:19.0045 0x069c  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:21:19.0235 0x069c  streamip - ok
09:21:19.0265 0x069c  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:21:19.0405 0x069c  swenum - ok
09:21:19.0455 0x069c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:21:19.0626 0x069c  swmidi - ok
09:21:19.0636 0x069c  SwPrv - ok
09:21:19.0656 0x069c  symc810 - ok
09:21:19.0676 0x069c  symc8xx - ok
09:21:19.0686 0x069c  sym_hi - ok
09:21:19.0706 0x069c  sym_u3 - ok
09:21:19.0746 0x069c  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:21:19.0936 0x069c  sysaudio - ok
09:21:20.0016 0x069c  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:21:20.0216 0x069c  SysmonLog - ok
09:21:20.0317 0x069c  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:21:20.0467 0x069c  TapiSrv - ok
09:21:20.0627 0x069c  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:21:20.0777 0x069c  Tcpip - ok
09:21:20.0817 0x069c  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:21:20.0978 0x069c  TDPIPE - ok
09:21:21.0018 0x069c  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:21:21.0178 0x069c  TDTCP - ok
09:21:21.0208 0x069c  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:21:21.0378 0x069c  TermDD - ok
09:21:21.0518 0x069c  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
09:21:21.0679 0x069c  TermService - ok
09:21:21.0769 0x069c  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:21:21.0789 0x069c  Themes - ok
09:21:21.0849 0x069c  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
09:21:21.0949 0x069c  TlntSvr - ok
09:21:21.0959 0x069c  TosIde - ok
09:21:22.0029 0x069c  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:21:22.0189 0x069c  TrkWks - ok
09:21:22.0249 0x069c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:21:22.0420 0x069c  Udfs - ok
09:21:22.0500 0x069c  [ 3CC218CF2A6443478B0EF705B803C504 ] UimBus          C:\WINDOWS\system32\DRIVERS\UimBus.sys
09:21:22.0510 0x069c  UimBus - ok
09:21:22.0700 0x069c  [ 803BDC7127F26F01E19070D4B26C037F ] Uim_IM          C:\WINDOWS\system32\Drivers\Uim_IM.sys
09:21:22.0890 0x069c  Uim_IM - ok
09:21:23.0061 0x069c  [ AA16B72277CDCE5310DEF8BB8F5DB695 ] Uim_Vim         C:\WINDOWS\system32\Drivers\Uim_Vim.sys
09:21:23.0091 0x069c  Uim_Vim - ok
09:21:23.0101 0x069c  UIUSys - ok
09:21:23.0111 0x069c  ultra - ok
09:21:23.0271 0x069c  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:21:23.0521 0x069c  Update - ok
09:21:23.0621 0x069c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:21:23.0802 0x069c  upnphost - ok
09:21:23.0832 0x069c  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
09:21:24.0012 0x069c  UPS - ok
09:21:24.0052 0x069c  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:21:24.0222 0x069c  usbccgp - ok
09:21:24.0272 0x069c  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:21:24.0423 0x069c  usbehci - ok
09:21:24.0473 0x069c  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:21:24.0643 0x069c  usbhub - ok
09:21:24.0673 0x069c  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:21:24.0863 0x069c  usbprint - ok
09:21:24.0903 0x069c  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:21:25.0073 0x069c  usbstor - ok
09:21:25.0124 0x069c  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:21:25.0294 0x069c  usbuhci - ok
09:21:25.0354 0x069c  [ 51750B0539986186C6931FC40D171521 ] VComm           C:\WINDOWS\system32\DRIVERS\VComm.sys
09:21:25.0374 0x069c  VComm - ok
09:21:25.0414 0x069c  [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr        C:\WINDOWS\system32\Drivers\VcommMgr.sys
09:21:25.0424 0x069c  VcommMgr - ok
09:21:25.0454 0x069c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:21:25.0594 0x069c  VgaSave - ok
09:21:25.0604 0x069c  ViaIde - ok
09:21:25.0644 0x069c  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:21:25.0865 0x069c  VolSnap - ok
09:21:26.0005 0x069c  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
09:21:26.0175 0x069c  VSS - ok
09:21:26.0275 0x069c  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
09:21:26.0425 0x069c  W32Time - ok
09:21:26.0686 0x069c  [ FB4D7A34EF3B49C2B5439E330B785313 ] w70n51          C:\WINDOWS\system32\DRIVERS\w70n51.sys
09:21:26.0916 0x069c  w70n51 - ok
09:21:26.0956 0x069c  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:21:27.0156 0x069c  Wanarp - ok
09:21:27.0207 0x069c  [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
09:21:27.0257 0x069c  wceusbsh - ok
09:21:27.0267 0x069c  WDICA - ok
09:21:27.0347 0x069c  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:21:27.0497 0x069c  wdmaud - ok
09:21:27.0557 0x069c  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:21:27.0757 0x069c  WebClient - ok
09:21:28.0028 0x069c  [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:21:28.0228 0x069c  winachsf - ok
09:21:28.0378 0x069c  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:21:28.0528 0x069c  winmgmt - ok
09:21:28.0599 0x069c  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:21:28.0619 0x069c  WmdmPmSN - ok
09:21:28.0929 0x069c  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
09:21:29.0139 0x069c  Wmi - ok
09:21:29.0209 0x069c  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:21:29.0400 0x069c  WmiApSrv - ok
09:21:29.0770 0x069c  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
09:21:30.0381 0x069c  WMPNetworkSvc - ok
09:21:30.0742 0x069c  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:21:31.0292 0x069c  WPFFontCache_v0400 - ok
09:21:31.0363 0x069c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:21:31.0533 0x069c  WS2IFSL - ok
09:21:31.0593 0x069c  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:21:31.0773 0x069c  wscsvc - ok
09:21:31.0813 0x069c  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:21:31.0963 0x069c  WSTCODEC - ok
09:21:32.0013 0x069c  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:21:32.0184 0x069c  wuauserv - ok
09:21:32.0254 0x069c  [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:21:32.0314 0x069c  WudfPf - ok
09:21:32.0374 0x069c  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:21:32.0434 0x069c  WudfRd - ok
09:21:32.0484 0x069c  [ 575A4190D989F64732119E4114045A4F ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:21:32.0524 0x069c  WudfSvc - ok
09:21:32.0745 0x069c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:21:33.0025 0x069c  WZCSVC - ok
09:21:33.0095 0x069c  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:21:33.0255 0x069c  xmlprov - ok
09:21:33.0335 0x069c  ================ Scan global ===============================
09:21:33.0385 0x069c  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:21:33.0526 0x069c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:21:33.0636 0x069c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:21:33.0696 0x069c  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:21:33.0696 0x069c  [Global] - ok
09:21:33.0706 0x069c  ================ Scan MBR ==================================
09:21:33.0736 0x069c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:21:34.0137 0x069c  \Device\Harddisk0\DR0 - ok
09:21:34.0147 0x069c  ================ Scan VBR ==================================
09:21:34.0177 0x069c  [ D04C35906FC3C710238A4E5BCAD999FC ] \Device\Harddisk0\DR0\Partition1
09:21:34.0187 0x069c  \Device\Harddisk0\DR0\Partition1 - ok
09:21:34.0217 0x069c  [ A4F211F93BB7F8982B26C22C129A587A ] \Device\Harddisk0\DR0\Partition2
09:21:34.0217 0x069c  \Device\Harddisk0\DR0\Partition2 - ok
09:21:34.0217 0x069c  ================ Scan active images ========================
09:21:34.0227 0x069c  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
09:21:34.0227 0x069c  C:\WINDOWS\system32\drivers\intelppm.sys - ok
09:21:34.0247 0x069c  [ 0F6C187D38D98F8DF904589A5F94D411 ] C:\WINDOWS\system32\drivers\CmBatt.sys
09:21:34.0247 0x069c  C:\WINDOWS\system32\drivers\CmBatt.sys - ok
09:21:34.0257 0x069c  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
09:21:34.0257 0x069c  C:\WINDOWS\system32\drivers\videoprt.sys - ok
09:21:34.0267 0x069c  [ 246248AADA156450BE611ECEAA5FE033 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
09:21:34.0267 0x069c  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
09:21:34.0287 0x069c  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
09:21:34.0287 0x069c  C:\WINDOWS\system32\drivers\usbport.sys - ok
09:21:34.0297 0x069c  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
09:21:34.0297 0x069c  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
09:21:34.0317 0x069c  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
09:21:34.0317 0x069c  C:\WINDOWS\system32\drivers\usbehci.sys - ok
09:21:34.0327 0x069c  [ FB4D7A34EF3B49C2B5439E330B785313 ] C:\WINDOWS\system32\drivers\w70n51.sys
09:21:34.0327 0x069c  C:\WINDOWS\system32\drivers\w70n51.sys - ok
09:21:34.0337 0x069c  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
09:21:34.0337 0x069c  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
09:21:34.0357 0x069c  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
09:21:34.0357 0x069c  C:\WINDOWS\system32\drivers\mouclass.sys - ok
09:21:34.0367 0x069c  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
09:21:34.0367 0x069c  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
09:21:34.0377 0x069c  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
09:21:34.0377 0x069c  C:\WINDOWS\system32\drivers\serial.sys - ok
09:21:34.0387 0x069c  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
09:21:34.0387 0x069c  C:\WINDOWS\system32\drivers\serenum.sys - ok
09:21:34.0407 0x069c  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
09:21:34.0407 0x069c  C:\WINDOWS\system32\drivers\parport.sys - ok
09:21:34.0417 0x069c  [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] C:\WINDOWS\system32\drivers\smcirda.sys
09:21:34.0417 0x069c  C:\WINDOWS\system32\drivers\smcirda.sys - ok
09:21:34.0427 0x069c  [ C93C9FF7B04D772627A3646D89F7BF89 ] C:\WINDOWS\system32\drivers\irenum.sys
09:21:34.0427 0x069c  C:\WINDOWS\system32\drivers\irenum.sys - ok
09:21:34.0447 0x069c  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
09:21:34.0447 0x069c  C:\WINDOWS\system32\drivers\imapi.sys - ok
09:21:34.0457 0x069c  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
09:21:34.0457 0x069c  C:\WINDOWS\system32\drivers\cdrom.sys - ok
09:21:34.0467 0x069c  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
09:21:34.0467 0x069c  C:\WINDOWS\system32\drivers\ks.sys - ok
09:21:34.0477 0x069c  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
09:21:34.0477 0x069c  C:\WINDOWS\system32\drivers\redbook.sys - ok
09:21:34.0497 0x069c  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
09:21:34.0497 0x069c  C:\WINDOWS\system32\drivers\drmk.sys - ok
09:21:34.0507 0x069c  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
09:21:34.0507 0x069c  C:\WINDOWS\system32\drivers\portcls.sys - ok
09:21:34.0517 0x069c  [ 5813D453EF8CE49D607C255CF128ACEB ] C:\WINDOWS\system32\drivers\stac97.sys
09:21:34.0517 0x069c  C:\WINDOWS\system32\drivers\stac97.sys - ok
09:21:34.0537 0x069c  [ A84BBBDD125D370593004F6429F8445C ] C:\WINDOWS\system32\drivers\HSFHWICH.sys
09:21:34.0537 0x069c  C:\WINDOWS\system32\drivers\HSFHWICH.sys - ok
09:21:34.0547 0x069c  [ B678FA91CF4A1C19B462D8DB04CD02AB ] C:\WINDOWS\system32\drivers\HSF_DPV.SYS
09:21:34.0547 0x069c  C:\WINDOWS\system32\drivers\HSF_DPV.SYS - ok
09:21:34.0557 0x069c  [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
09:21:34.0557 0x069c  C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
09:21:34.0567 0x069c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
09:21:34.0567 0x069c  C:\WINDOWS\system32\drivers\modem.sys - ok
09:21:34.0577 0x069c  [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] C:\WINDOWS\system32\drivers\VcommMgr.sys
09:21:34.0587 0x069c  C:\WINDOWS\system32\drivers\VcommMgr.sys - ok
09:21:34.0597 0x069c  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
09:21:34.0597 0x069c  C:\WINDOWS\system32\drivers\audstub.sys - ok
09:21:34.0607 0x069c  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] C:\WINDOWS\system32\drivers\rootmdm.sys
09:21:34.0607 0x069c  C:\WINDOWS\system32\drivers\rootmdm.sys - ok
09:21:34.0617 0x069c  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
09:21:34.0617 0x069c  C:\WINDOWS\system32\drivers\tdi.sys - ok
09:21:34.0637 0x069c  [ 0207D26DDF796A193CCD9F83047BB5FC ] C:\WINDOWS\system32\drivers\rasirda.sys
09:21:34.0637 0x069c  C:\WINDOWS\system32\drivers\rasirda.sys - ok
09:21:34.0647 0x069c  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
09:21:34.0647 0x069c  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
09:21:34.0657 0x069c  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
09:21:34.0657 0x069c  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
09:21:34.0667 0x069c  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
09:21:34.0667 0x069c  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
09:21:34.0687 0x069c  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
09:21:34.0687 0x069c  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
09:21:34.0697 0x069c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
09:21:34.0697 0x069c  C:\WINDOWS\system32\drivers\raspptp.sys - ok
09:21:34.0707 0x069c  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
09:21:34.0707 0x069c  C:\WINDOWS\system32\drivers\psched.sys - ok
09:21:34.0727 0x069c  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
09:21:34.0727 0x069c  C:\WINDOWS\system32\drivers\msgpc.sys - ok
09:21:34.0737 0x069c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
09:21:34.0737 0x069c  C:\WINDOWS\system32\drivers\ptilink.sys - ok
09:21:34.0757 0x069c  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
09:21:34.0757 0x069c  C:\WINDOWS\system32\drivers\raspti.sys - ok
09:21:34.0767 0x069c  [ 51750B0539986186C6931FC40D171521 ] C:\WINDOWS\system32\drivers\VComm.sys
09:21:34.0767 0x069c  C:\WINDOWS\system32\drivers\VComm.sys - ok
09:21:34.0777 0x069c  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
09:21:34.0777 0x069c  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
09:21:34.0787 0x069c  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
09:21:34.0787 0x069c  C:\WINDOWS\system32\drivers\termdd.sys - ok
09:21:34.0797 0x069c  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
09:21:34.0797 0x069c  C:\WINDOWS\system32\drivers\swenum.sys - ok
09:21:34.0817 0x069c  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
09:21:34.0817 0x069c  C:\WINDOWS\system32\drivers\update.sys - ok
09:21:34.0827 0x069c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
09:21:34.0827 0x069c  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
09:21:34.0838 0x069c  [ 53D5F1278D9EDB21689BBBCECC09108D ] C:\WINDOWS\system32\drivers\omci.sys
09:21:34.0838 0x069c  C:\WINDOWS\system32\drivers\omci.sys - ok
09:21:34.0848 0x069c  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
09:21:34.0848 0x069c  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
09:21:34.0858 0x069c  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
09:21:34.0868 0x069c  C:\WINDOWS\system32\drivers\usbd.sys - ok
09:21:34.0878 0x069c  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
09:21:34.0878 0x069c  C:\WINDOWS\system32\drivers\usbhub.sys - ok
09:21:34.0888 0x069c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
09:21:34.0888 0x069c  C:\WINDOWS\system32\drivers\fdc.sys - ok
09:21:34.0898 0x069c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
09:21:34.0898 0x069c  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
09:21:34.0908 0x069c  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
09:21:34.0908 0x069c  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
09:21:34.0918 0x069c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
09:21:34.0918 0x069c  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
09:21:34.0938 0x069c  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
09:21:34.0938 0x069c  C:\WINDOWS\system32\drivers\beep.sys - ok
09:21:34.0948 0x069c  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
09:21:34.0948 0x069c  C:\WINDOWS\system32\drivers\null.sys - ok
09:21:34.0958 0x069c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
09:21:34.0958 0x069c  C:\WINDOWS\system32\drivers\vga.sys - ok
09:21:34.0968 0x069c  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
09:21:34.0968 0x069c  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
09:21:34.0978 0x069c  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
09:21:34.0978 0x069c  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
09:21:34.0998 0x069c  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
09:21:34.0998 0x069c  C:\WINDOWS\system32\drivers\msfs.sys - ok
09:21:35.0008 0x069c  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
09:21:35.0008 0x069c  C:\WINDOWS\system32\drivers\npfs.sys - ok
09:21:35.0018 0x069c  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
09:21:35.0018 0x069c  C:\WINDOWS\system32\drivers\rasacd.sys - ok
09:21:35.0028 0x069c  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
09:21:35.0028 0x069c  C:\WINDOWS\system32\drivers\ipsec.sys - ok
09:21:35.0038 0x069c  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
09:21:35.0038 0x069c  C:\WINDOWS\system32\drivers\tcpip.sys - ok
09:21:35.0048 0x069c  [ 095ED820A926AA8189180B305E1BCFC9 ] C:\WINDOWS\system32\drivers\aswTdi.sys
09:21:35.0048 0x069c  C:\WINDOWS\system32\drivers\aswTdi.sys - ok
09:21:35.0058 0x069c  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
09:21:35.0058 0x069c  C:\WINDOWS\system32\drivers\ipnat.sys - ok
09:21:35.0068 0x069c  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
09:21:35.0078 0x069c  C:\WINDOWS\system32\drivers\wanarp.sys - ok
09:21:35.0088 0x069c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
09:21:35.0088 0x069c  C:\WINDOWS\system32\drivers\netbt.sys - ok
09:21:35.0098 0x069c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:21:35.0098 0x069c  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
09:21:35.0108 0x069c  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
09:21:35.0108 0x069c  C:\WINDOWS\system32\drivers\afd.sys - ok
09:21:35.0118 0x069c  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
09:21:35.0118 0x069c  C:\WINDOWS\system32\drivers\netbios.sys - ok
09:21:35.0128 0x069c  [ E67C7846EE66133B15FA407854778D4B ] C:\WINDOWS\system32\drivers\UimFIO.sys
09:21:35.0128 0x069c  C:\WINDOWS\system32\drivers\UimFIO.sys - ok
09:21:35.0138 0x069c  [ AA16B72277CDCE5310DEF8BB8F5DB695 ] C:\WINDOWS\system32\drivers\Uim_Vim.sys
09:21:35.0138 0x069c  C:\WINDOWS\system32\drivers\Uim_Vim.sys - ok
09:21:35.0158 0x069c  [ 803BDC7127F26F01E19070D4B26C037F ] C:\WINDOWS\system32\drivers\Uim_IM.sys
09:21:35.0158 0x069c  C:\WINDOWS\system32\drivers\Uim_IM.sys - ok
09:21:35.0168 0x069c  [ 3CC218CF2A6443478B0EF705B803C504 ] C:\WINDOWS\system32\drivers\UimBus.sys
09:21:35.0168 0x069c  C:\WINDOWS\system32\drivers\UimBus.sys - ok
09:21:35.0178 0x069c  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
09:21:35.0178 0x069c  C:\WINDOWS\system32\drivers\rdbss.sys - ok
09:21:35.0188 0x069c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
09:21:35.0188 0x069c  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
09:21:35.0198 0x069c  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
09:21:35.0198 0x069c  C:\WINDOWS\system32\drivers\fips.sys - ok
09:21:35.0208 0x069c  [ 7ECC2776638B04553F9A85BD684C3ABF ] C:\WINDOWS\system32\drivers\aswSP.sys
09:21:35.0208 0x069c  C:\WINDOWS\system32\drivers\aswSP.sys - ok
09:21:35.0238 0x069c  [ EC94E05B76D033B74394E7B2175103CF ] C:\WINDOWS\system32\drivers\APPDRV.SYS
09:21:35.0238 0x069c  C:\WINDOWS\system32\drivers\APPDRV.SYS - ok
09:21:35.0248 0x069c  [ 8D488938E2F7048906F1FBD3AF394887 ] C:\WINDOWS\system32\drivers\aavmker4.sys
09:21:35.0248 0x069c  C:\WINDOWS\system32\drivers\aavmker4.sys - ok
09:21:35.0258 0x069c  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
09:21:35.0258 0x069c  C:\WINDOWS\system32\drivers\hidparse.sys - ok
09:21:35.0268 0x069c  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
09:21:35.0278 0x069c  C:\WINDOWS\system32\drivers\hidclass.sys - ok
09:21:35.0288 0x069c  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
09:21:35.0288 0x069c  C:\WINDOWS\system32\smss.exe - ok
09:21:35.0298 0x069c  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
09:21:35.0298 0x069c  C:\WINDOWS\system32\drivers\hidusb.sys - ok
09:21:35.0308 0x069c  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
09:21:35.0308 0x069c  C:\WINDOWS\system32\ntdll.dll - ok
09:21:35.0318 0x069c  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
09:21:35.0318 0x069c  C:\WINDOWS\system32\drivers\mouhid.sys - ok
09:21:35.0328 0x069c  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
09:21:35.0328 0x069c  C:\WINDOWS\system32\sfcfiles.dll - ok
09:21:35.0338 0x069c  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
09:21:35.0338 0x069c  C:\WINDOWS\system32\drivers\cdfs.sys - ok
09:21:35.0358 0x069c  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
09:21:35.0358 0x069c  C:\WINDOWS\system32\drivers\atapi.sys - ok
09:21:35.0368 0x069c  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
09:21:35.0368 0x069c  C:\WINDOWS\system32\drivers\wmilib.sys - ok
09:21:35.0378 0x069c  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
09:21:35.0378 0x069c  C:\WINDOWS\system32\drivers\dxapi.sys - ok
09:21:35.0388 0x069c  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
09:21:35.0388 0x069c  C:\WINDOWS\system32\watchdog.sys - ok
09:21:35.0398 0x069c  [ A1886BEBC12536FE2FA8464B7FA6F0FC ] C:\WINDOWS\system32\win32k.sys
09:21:35.0398 0x069c  C:\WINDOWS\system32\win32k.sys - ok
09:21:35.0408 0x069c  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
09:21:35.0408 0x069c  C:\WINDOWS\system32\csrss.exe - ok
09:21:35.0418 0x069c  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
09:21:35.0418 0x069c  C:\WINDOWS\system32\csrsrv.dll - ok
09:21:35.0438 0x069c  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:21:35.0438 0x069c  C:\WINDOWS\system32\basesrv.dll - ok
09:21:35.0448 0x069c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:21:35.0448 0x069c  C:\WINDOWS\system32\winsrv.dll - ok
09:21:35.0458 0x069c  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
09:21:35.0458 0x069c  C:\WINDOWS\system32\gdi32.dll - ok
09:21:35.0468 0x069c  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
09:21:35.0468 0x069c  C:\WINDOWS\system32\kernel32.dll - ok
09:21:35.0478 0x069c  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
09:21:35.0478 0x069c  C:\WINDOWS\system32\user32.dll - ok
09:21:35.0488 0x069c  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
09:21:35.0488 0x069c  C:\WINDOWS\system32\lpk.dll - ok
09:21:35.0498 0x069c  [ 1D845821F5ADB076831DE4C2818F858B ] C:\WINDOWS\system32\usp10.dll
09:21:35.0498 0x069c  C:\WINDOWS\system32\usp10.dll - ok
09:21:35.0518 0x069c  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
09:21:35.0518 0x069c  C:\WINDOWS\system32\advapi32.dll - ok
09:21:35.0529 0x069c  [ B0E27554F0B16BAEF4D51D7260E62CFB ] C:\WINDOWS\system32\rpcrt4.dll
09:21:35.0529 0x069c  C:\WINDOWS\system32\rpcrt4.dll - ok
09:21:35.0529 0x069c  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
09:21:35.0529 0x069c  C:\WINDOWS\system32\secur32.dll - ok
09:21:35.0549 0x069c  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
09:21:35.0549 0x069c  C:\WINDOWS\system32\drivers\dxg.sys - ok
09:21:35.0559 0x069c  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
09:21:35.0559 0x069c  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
09:21:35.0569 0x069c  [ 9955D8E9ADEA5FE17873ADB291EC18FB ] C:\WINDOWS\system32\ati2dvag.dll
09:21:35.0569 0x069c  C:\WINDOWS\system32\ati2dvag.dll - ok
09:21:35.0579 0x069c  [ 7F5F78F55694F3685C16CB5D0D4A294B ] C:\WINDOWS\system32\ati2cqag.dll
09:21:35.0579 0x069c  C:\WINDOWS\system32\ati2cqag.dll - ok
09:21:35.0589 0x069c  [ 8E7136EAFF7EF29F70C017E58944F416 ] C:\WINDOWS\system32\atikvmag.dll
09:21:35.0589 0x069c  C:\WINDOWS\system32\atikvmag.dll - ok
09:21:35.0599 0x069c  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
09:21:35.0599 0x069c  C:\WINDOWS\system32\vga.dll - ok
09:21:35.0609 0x069c  [ 565B69B450C5E14458DEBA4111685F02 ] C:\WINDOWS\system32\ati3duag.dll
09:21:35.0609 0x069c  C:\WINDOWS\system32\ati3duag.dll - ok
09:21:35.0629 0x069c  [ 584040C6C8AA4D75D761EB99EFDA71D8 ] C:\WINDOWS\system32\ativvaxx.dll
09:21:35.0629 0x069c  C:\WINDOWS\system32\ativvaxx.dll - ok
09:21:35.0639 0x069c  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
09:21:35.0639 0x069c  C:\WINDOWS\system32\winlogon.exe - ok
09:21:35.0649 0x069c  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
09:21:35.0649 0x069c  C:\WINDOWS\system32\authz.dll - ok
09:21:35.0659 0x069c  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
09:21:35.0659 0x069c  C:\WINDOWS\system32\msvcrt.dll - ok
09:21:35.0669 0x069c  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
09:21:35.0669 0x069c  C:\WINDOWS\system32\crypt32.dll - ok
09:21:35.0679 0x069c  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
09:21:35.0679 0x069c  C:\WINDOWS\system32\msasn1.dll - ok
09:21:35.0689 0x069c  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
09:21:35.0689 0x069c  C:\WINDOWS\system32\nddeapi.dll - ok
09:21:35.0709 0x069c  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
09:21:35.0709 0x069c  C:\WINDOWS\system32\profmap.dll - ok
09:21:35.0719 0x069c  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
09:21:35.0719 0x069c  C:\WINDOWS\system32\netapi32.dll - ok
09:21:35.0729 0x069c  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
09:21:35.0729 0x069c  C:\WINDOWS\system32\userenv.dll - ok
09:21:35.0749 0x069c  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
09:21:35.0749 0x069c  C:\WINDOWS\system32\psapi.dll - ok
09:21:35.0759 0x069c  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
09:21:35.0759 0x069c  C:\WINDOWS\system32\regapi.dll - ok
09:21:35.0769 0x069c  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
09:21:35.0769 0x069c  C:\WINDOWS\system32\setupapi.dll - ok
09:21:35.0779 0x069c  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
09:21:35.0779 0x069c  C:\WINDOWS\system32\version.dll - ok
09:21:35.0789 0x069c  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
09:21:35.0789 0x069c  C:\WINDOWS\system32\winsta.dll - ok
09:21:35.0799 0x069c  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
09:21:35.0799 0x069c  C:\WINDOWS\system32\wintrust.dll - ok
09:21:35.0819 0x069c  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
09:21:35.0819 0x069c  C:\WINDOWS\system32\imagehlp.dll - ok
09:21:35.0829 0x069c  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
09:21:35.0829 0x069c  C:\WINDOWS\system32\ws2_32.dll - ok
09:21:35.0839 0x069c  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
09:21:35.0839 0x069c  C:\WINDOWS\system32\ws2help.dll - ok
09:21:35.0849 0x069c  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
09:21:35.0849 0x069c  C:\WINDOWS\system32\kbdus.dll - ok
09:21:35.0859 0x069c  [ 77C9095FDEC87A358485D5767E1D17EE ] C:\WINDOWS\system32\kbdBF.dll
09:21:35.0859 0x069c  C:\WINDOWS\system32\kbdBF.dll - ok
09:21:35.0879 0x069c  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
09:21:35.0879 0x069c  C:\WINDOWS\system32\msgina.dll - ok
09:21:35.0889 0x069c  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
09:21:35.0889 0x069c  C:\WINDOWS\system32\comctl32.dll - ok
09:21:35.0899 0x069c  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
09:21:35.0899 0x069c  C:\WINDOWS\system32\odbc32.dll - ok
09:21:35.0909 0x069c  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
09:21:35.0909 0x069c  C:\WINDOWS\system32\comdlg32.dll - ok
09:21:35.0919 0x069c  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
09:21:35.0919 0x069c  C:\WINDOWS\system32\shell32.dll - ok
09:21:35.0939 0x069c  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
09:21:35.0939 0x069c  C:\WINDOWS\system32\shlwapi.dll - ok
09:21:35.0949 0x069c  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
09:21:35.0949 0x069c  C:\WINDOWS\system32\sxs.dll - ok
09:21:35.0959 0x069c  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
09:21:35.0959 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
09:21:35.0969 0x069c  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
09:21:35.0969 0x069c  C:\WINDOWS\system32\odbcint.dll - ok
09:21:35.0979 0x069c  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
09:21:35.0979 0x069c  C:\WINDOWS\system32\shsvcs.dll - ok
09:21:35.0989 0x069c  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
09:21:35.0989 0x069c  C:\WINDOWS\system32\sfc.dll - ok
09:21:36.0009 0x069c  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
09:21:36.0009 0x069c  C:\WINDOWS\system32\sfc_os.dll - ok
09:21:36.0019 0x069c  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
09:21:36.0019 0x069c  C:\WINDOWS\system32\ole32.dll - ok
09:21:36.0029 0x069c  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
09:21:36.0029 0x069c  C:\WINDOWS\system32\apphelp.dll - ok
09:21:36.0039 0x069c  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:21:36.0039 0x069c  C:\WINDOWS\system32\services.exe - ok
09:21:36.0049 0x069c  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
09:21:36.0049 0x069c  C:\WINDOWS\system32\ncobjapi.dll - ok
09:21:36.0059 0x069c  [ 473AEFCD0D33ED3BB04FC9755AE37DBF ] C:\WINDOWS\system32\savedump.exe
09:21:36.0059 0x069c  C:\WINDOWS\system32\savedump.exe - ok
09:21:36.0069 0x069c  [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
09:21:36.0069 0x069c  C:\WINDOWS\system32\dbgeng.dll - ok
09:21:36.0079 0x069c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
09:21:36.0079 0x069c  C:\WINDOWS\system32\lsass.exe - ok
09:21:36.0089 0x069c  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
09:21:36.0089 0x069c  C:\WINDOWS\system32\lsasrv.dll - ok
09:21:36.0109 0x069c  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
09:21:36.0109 0x069c  C:\WINDOWS\system32\msvcp60.dll - ok
09:21:36.0119 0x069c  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
09:21:36.0119 0x069c  C:\WINDOWS\system32\scesrv.dll - ok
09:21:36.0129 0x069c  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
09:21:36.0129 0x069c  C:\WINDOWS\system32\dbghelp.dll - ok
09:21:36.0139 0x069c  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
09:21:36.0139 0x069c  C:\WINDOWS\system32\mpr.dll - ok
09:21:36.0149 0x069c  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
09:21:36.0149 0x069c  C:\WINDOWS\system32\ntdsapi.dll - ok
09:21:36.0159 0x069c  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
09:21:36.0159 0x069c  C:\WINDOWS\system32\umpnpmgr.dll - ok
09:21:36.0169 0x069c  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
09:21:36.0169 0x069c  C:\WINDOWS\system32\dnsapi.dll - ok
09:21:36.0189 0x069c  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
09:21:36.0189 0x069c  C:\WINDOWS\system32\shimeng.dll - ok
09:21:36.0199 0x069c  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
09:21:36.0199 0x069c  C:\WINDOWS\AppPatch\AcGenral.dll - ok
09:21:36.0209 0x069c  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
09:21:36.0209 0x069c  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
09:21:36.0220 0x069c  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
09:21:36.0220 0x069c  C:\WINDOWS\system32\wldap32.dll - ok
09:21:36.0230 0x069c  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
09:21:36.0230 0x069c  C:\WINDOWS\system32\samlib.dll - ok
09:21:36.0240 0x069c  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
09:21:36.0240 0x069c  C:\WINDOWS\system32\samsrv.dll - ok
09:21:36.0250 0x069c  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
09:21:36.0250 0x069c  C:\WINDOWS\system32\winmm.dll - ok
09:21:36.0260 0x069c  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
09:21:36.0270 0x069c  C:\WINDOWS\system32\oleaut32.dll - ok
09:21:36.0280 0x069c  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
09:21:36.0280 0x069c  C:\WINDOWS\system32\cryptdll.dll - ok
09:21:36.0280 0x069c  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
09:21:36.0280 0x069c  C:\WINDOWS\system32\msacm32.dll - ok
09:21:36.0290 0x069c  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
09:21:36.0290 0x069c  C:\WINDOWS\system32\uxtheme.dll - ok
09:21:36.0310 0x069c  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
09:21:36.0310 0x069c  C:\WINDOWS\system32\msapsspc.dll - ok
09:21:36.0320 0x069c  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
09:21:36.0320 0x069c  C:\WINDOWS\system32\msvcrt40.dll - ok
09:21:36.0330 0x069c  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
09:21:36.0330 0x069c  C:\WINDOWS\system32\schannel.dll - ok
09:21:36.0350 0x069c  [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
09:21:36.0350 0x069c  C:\WINDOWS\system32\faultrep.dll - ok
09:21:36.0360 0x069c  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
09:21:36.0360 0x069c  C:\WINDOWS\system32\digest.dll - ok
09:21:36.0370 0x069c  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
09:21:36.0370 0x069c  C:\WINDOWS\system32\msnsspc.dll - ok
09:21:36.0380 0x069c  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
09:21:36.0380 0x069c  C:\WINDOWS\system32\wtsapi32.dll - ok
09:21:36.0400 0x069c  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
09:21:36.0400 0x069c  C:\WINDOWS\system32\msprivs.dll - ok
09:21:36.0410 0x069c  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
09:21:36.0410 0x069c  C:\WINDOWS\system32\kerberos.dll - ok
09:21:36.0420 0x069c  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
09:21:36.0420 0x069c  C:\WINDOWS\system32\atmfd.dll - ok
09:21:36.0440 0x069c  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
09:21:36.0440 0x069c  C:\WINDOWS\system32\msv1_0.dll - ok
09:21:36.0450 0x069c  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
09:21:36.0450 0x069c  C:\WINDOWS\system32\iphlpapi.dll - ok
09:21:36.0460 0x069c  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
09:21:36.0460 0x069c  C:\WINDOWS\system32\netlogon.dll - ok
09:21:36.0480 0x069c  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
09:21:36.0480 0x069c  C:\WINDOWS\system32\w32time.dll - ok
09:21:36.0490 0x069c  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
09:21:36.0490 0x069c  C:\WINDOWS\system32\wdigest.dll - ok
09:21:36.0500 0x069c  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
09:21:36.0500 0x069c  C:\WINDOWS\system32\rsaenh.dll - ok
09:21:36.0510 0x069c  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
09:21:36.0510 0x069c  C:\WINDOWS\system32\winscard.dll - ok
09:21:36.0520 0x069c  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
09:21:36.0520 0x069c  C:\WINDOWS\system32\scecli.dll - ok
09:21:36.0530 0x069c  [ 500D089CE760D83DA2B6CBA681AA9949 ] C:\WINDOWS\system32\drivers\mbam.sys
09:21:36.0530 0x069c  C:\WINDOWS\system32\drivers\mbam.sys - ok
09:21:36.0540 0x069c  [ A0D86B8AC93EF95620420C7A24AC5344 ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:21:36.0540 0x069c  C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
09:21:36.0550 0x069c  [ 450BF8C0BD401A48FFA91D28DF665E93 ] C:\WINDOWS\system32\ati2evxx.exe
09:21:36.0550 0x069c  C:\WINDOWS\system32\ati2evxx.exe - ok
09:21:36.0570 0x069c  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
09:21:36.0570 0x069c  C:\WINDOWS\system32\svchost.exe - ok
09:21:36.0580 0x069c  [ 9E5137CDB076258E4F9979FF35C749C6 ] C:\WINDOWS\system32\ati2edxx.dll
09:21:36.0580 0x069c  C:\WINDOWS\system32\ati2edxx.dll - ok
09:21:36.0590 0x069c  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
09:21:36.0590 0x069c  C:\WINDOWS\system32\ntmarta.dll - ok
09:21:36.0610 0x069c  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
09:21:36.0610 0x069c  C:\WINDOWS\system32\rpcss.dll - ok
09:21:36.0620 0x069c  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
09:21:36.0620 0x069c  C:\WINDOWS\system32\eventlog.dll - ok
09:21:36.0630 0x069c  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
09:21:36.0630 0x069c  C:\WINDOWS\system32\xpsp2res.dll - ok
09:21:36.0650 0x069c  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
09:21:36.0650 0x069c  C:\WINDOWS\system32\mswsock.dll - ok
09:21:36.0660 0x069c  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
09:21:36.0660 0x069c  C:\WINDOWS\system32\hnetcfg.dll - ok
09:21:36.0680 0x069c  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
09:21:36.0680 0x069c  C:\WINDOWS\system32\wshtcpip.dll - ok
09:21:36.0690 0x069c  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
09:21:36.0690 0x069c  C:\WINDOWS\system32\winrnr.dll - ok
09:21:36.0710 0x069c  [ 46C55935FA730144449C884A472827E0 ] C:\WINDOWS\system32\wshbth.dll
09:21:36.0710 0x069c  C:\WINDOWS\system32\wshbth.dll - ok
09:21:36.0730 0x069c  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
09:21:36.0730 0x069c  C:\WINDOWS\system32\rasadhlp.dll - ok
09:21:36.0740 0x069c  [ 430C9414B077D55CC614CC6A3199B941 ] C:\WINDOWS\system32\ati2evxx.dll
09:21:36.0750 0x069c  C:\WINDOWS\system32\ati2evxx.dll - ok
09:21:36.0760 0x069c  [ 575A4190D989F64732119E4114045A4F ] C:\WINDOWS\system32\WudfSvc.dll
09:21:36.0760 0x069c  C:\WINDOWS\system32\WudfSvc.dll - ok
09:21:36.0770 0x069c  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
09:21:36.0780 0x069c  C:\WINDOWS\system32\cscdll.dll - ok
09:21:36.0780 0x069c  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
09:21:36.0780 0x069c  C:\WINDOWS\system32\dimsntfy.dll - ok
09:21:36.0790 0x069c  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
09:21:36.0790 0x069c  C:\WINDOWS\system32\wlnotify.dll - ok
09:21:36.0800 0x069c  [ EED1B6C2B6DD5C2FC1F6709102DC3191 ] C:\WINDOWS\system32\WudfPlatform.dll
09:21:36.0810 0x069c  C:\WINDOWS\system32\WudfPlatform.dll - ok
09:21:36.0820 0x069c  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
09:21:36.0820 0x069c  C:\WINDOWS\system32\winspool.drv - ok
09:21:36.0830 0x069c  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
09:21:36.0830 0x069c  C:\WINDOWS\system32\WgaLogon.dll - ok
09:21:36.0840 0x069c  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
09:21:36.0840 0x069c  C:\WINDOWS\system32\clbcatq.dll - ok
09:21:36.0850 0x069c  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
09:21:36.0850 0x069c  C:\WINDOWS\system32\comres.dll - ok
09:21:36.0860 0x069c  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
09:21:36.0860 0x069c  C:\WINDOWS\system32\msxml3.dll - ok
09:21:36.0880 0x069c  [ 2C5C22990156A1063E19AD162191DC1D ] C:\WINDOWS\system32\drivers\AegisP.sys
09:21:36.0880 0x069c  C:\WINDOWS\system32\drivers\AegisP.sys - ok
09:21:36.0890 0x069c  [ ACA5E7B54409F9CB5EED97ED0C81120E ] C:\WINDOWS\system32\drivers\irda.sys
09:21:36.0890 0x069c  C:\WINDOWS\system32\drivers\irda.sys - ok
09:21:36.0900 0x069c  [ 423AE506C8D55BBA9E429EEEEC035A40 ] C:\WINDOWS\system32\drivers\s24trans.sys
09:21:36.0900 0x069c  C:\WINDOWS\system32\drivers\s24trans.sys - ok
09:21:36.0910 0x069c  [ 672CF74E8FA09E6CE6F49AB9A272D562 ] C:\WINDOWS\system32\S24EvMon.exe
09:21:36.0910 0x069c  C:\WINDOWS\system32\S24EvMon.exe - ok
09:21:36.0931 0x069c  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
09:21:36.0931 0x069c  C:\WINDOWS\system32\netcfgx.dll - ok
09:21:36.0941 0x069c  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
09:21:36.0941 0x069c  C:\WINDOWS\system32\clusapi.dll - ok
09:21:36.0951 0x069c  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
09:21:36.0951 0x069c  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
09:21:36.0961 0x069c  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
09:21:36.0961 0x069c  C:\WINDOWS\system32\dhcpcsvc.dll - ok
09:21:36.0971 0x069c  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
09:21:36.0971 0x069c  C:\WINDOWS\system32\dnsrslvr.dll - ok
09:21:36.0981 0x069c  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
09:21:36.0981 0x069c  C:\WINDOWS\system32\lmhsvc.dll - ok
09:21:37.0001 0x069c  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
09:21:37.0001 0x069c  C:\WINDOWS\system32\termsrv.dll - ok
09:21:37.0011 0x069c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
09:21:37.0011 0x069c  C:\WINDOWS\system32\wzcsvc.dll - ok
09:21:37.0021 0x069c  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
09:21:37.0021 0x069c  C:\WINDOWS\system32\icaapi.dll - ok
09:21:37.0031 0x069c  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
09:21:37.0031 0x069c  C:\WINDOWS\system32\rtutils.dll - ok
09:21:37.0041 0x069c  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
09:21:37.0041 0x069c  C:\WINDOWS\system32\mstlsapi.dll - ok
09:21:37.0051 0x069c  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
09:21:37.0051 0x069c  C:\WINDOWS\system32\wmi.dll - ok
09:21:37.0061 0x069c  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
09:21:37.0061 0x069c  C:\WINDOWS\system32\activeds.dll - ok
09:21:37.0071 0x069c  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
09:21:37.0071 0x069c  C:\WINDOWS\system32\eapolqec.dll - ok
09:21:37.0081 0x069c  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
09:21:37.0081 0x069c  C:\WINDOWS\system32\atl.dll - ok
09:21:37.0091 0x069c  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
09:21:37.0091 0x069c  C:\WINDOWS\system32\adsldpc.dll - ok
09:21:37.0101 0x069c  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
09:21:37.0101 0x069c  C:\WINDOWS\system32\qutil.dll - ok
09:21:37.0121 0x069c  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
09:21:37.0121 0x069c  C:\WINDOWS\system32\dot3api.dll - ok
09:21:37.0131 0x069c  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
09:21:37.0131 0x069c  C:\WINDOWS\system32\esent.dll - ok
09:21:37.0141 0x069c  [ 49CC4533CE897CB2E93C1E84A818FDE5 ] C:\WINDOWS\system32\irmon.dll
09:21:37.0141 0x069c  C:\WINDOWS\system32\irmon.dll - ok
09:21:37.0151 0x069c  [ 52778FCE46E510B60F513B8882A65CD6 ] C:\WINDOWS\system32\wshirda.dll
09:21:37.0151 0x069c  C:\WINDOWS\system32\wshirda.dll - ok
09:21:37.0161 0x069c  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
09:21:37.0161 0x069c  C:\WINDOWS\system32\rastls.dll - ok
09:21:37.0171 0x069c  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
09:21:37.0171 0x069c  C:\WINDOWS\system32\cryptui.dll - ok
09:21:37.0181 0x069c  [ D8567C73D89D87BCF91AFE73DA92B11A ] C:\WINDOWS\system32\wininet.dll
09:21:37.0181 0x069c  C:\WINDOWS\system32\wininet.dll - ok
09:21:37.0201 0x069c  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
09:21:37.0201 0x069c  C:\WINDOWS\system32\normaliz.dll - ok
09:21:37.0211 0x069c  [ 2EAFCA0FAD218B1DA7CE7915013A25E3 ] C:\WINDOWS\system32\iertutil.dll
09:21:37.0211 0x069c  C:\WINDOWS\system32\iertutil.dll - ok
09:21:37.0221 0x069c  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
09:21:37.0221 0x069c  C:\WINDOWS\system32\mprapi.dll - ok
09:21:37.0231 0x069c  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
09:21:37.0231 0x069c  C:\WINDOWS\system32\rasapi32.dll - ok
09:21:37.0241 0x069c  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
09:21:37.0241 0x069c  C:\WINDOWS\system32\rasman.dll - ok
09:21:37.0251 0x069c  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
09:21:37.0251 0x069c  C:\WINDOWS\system32\tapi32.dll - ok
09:21:37.0261 0x069c  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
09:21:37.0261 0x069c  C:\WINDOWS\system32\riched20.dll - ok
09:21:37.0271 0x069c  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
09:21:37.0271 0x069c  C:\WINDOWS\system32\mlang.dll - ok
09:21:37.0281 0x069c  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
09:21:37.0281 0x069c  C:\WINDOWS\system32\raschap.dll - ok
09:21:37.0291 0x069c  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
09:21:37.0291 0x069c  C:\WINDOWS\system32\xmlprovi.dll - ok
09:21:37.0301 0x069c  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
09:21:37.0301 0x069c  C:\WINDOWS\system32\wzcsapi.dll - ok
09:21:37.0321 0x069c  [ 7D880C76A285A41284D862E2D798EC0D ] C:\WINDOWS\system32\drivers\aswmon2.sys
09:21:37.0321 0x069c  C:\WINDOWS\system32\drivers\aswmon2.sys - ok
09:21:37.0331 0x069c  [ 374E5F8FF2760893FECADD7A98AC8B92 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
09:21:37.0331 0x069c  C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
09:21:37.0341 0x069c  [ ACB544D7254F366DFB48F380BC36CD25 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
09:21:37.0341 0x069c  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
09:21:37.0351 0x069c  [ 893E86E4A9AEC93A854222142E7586E7 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
09:21:37.0351 0x069c  C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
09:21:37.0361 0x069c  [ 3C6477C4953FDE8A9CCCAE6A8B2575B3 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
09:21:37.0361 0x069c  C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
09:21:37.0381 0x069c  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
09:21:37.0381 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
09:21:37.0391 0x069c  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
09:21:37.0391 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
09:21:37.0401 0x069c  [ 0D61A530A06E1519FB4C5163ACBAE350 ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
09:21:37.0401 0x069c  C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
09:21:37.0411 0x069c  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
09:21:37.0411 0x069c  C:\WINDOWS\system32\wsock32.dll - ok
09:21:37.0431 0x069c  [ D4D6245B1BC183BA4C36BCC88143B916 ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
09:21:37.0431 0x069c  C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
09:21:37.0441 0x069c  [ B058A9F61A2BD8545B334066E88728E5 ] C:\Program Files\Alwil Software\Avast5\1026\Base.dll
09:21:37.0441 0x069c  C:\Program Files\Alwil Software\Avast5\1026\Base.dll - ok
09:21:37.0451 0x069c  [ 6DBE2C86B50616A378B5DC26D0668A78 ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
09:21:37.0451 0x069c  C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
09:21:37.0461 0x069c  [ 8842762C761261A29AC6B680E2DBCB5D ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
09:21:37.0461 0x069c  C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
09:21:37.0471 0x069c  [ 3047F361F71B35145FEBFB7151EB8A53 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
09:21:37.0471 0x069c  C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
09:21:37.0491 0x069c  [ 9931B1CDCF0B5E8DDF7A0D01F2FA9E2F ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
09:21:37.0491 0x069c  C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
09:21:37.0501 0x069c  [ A4D681B9A2F4981439DC6467EBEDD735 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
09:21:37.0501 0x069c  C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
09:21:37.0511 0x069c  [ 7FF91330D3C44CE3FA91CFA69BE69353 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
09:21:37.0511 0x069c  C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
09:21:37.0521 0x069c  [ 58245119DC0A30B2CB6F23B71699222C ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
09:21:37.0521 0x069c  C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
09:21:37.0531 0x069c  [ D4F59336EA56F87590B0708B07EF1872 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
09:21:37.0531 0x069c  C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
09:21:37.0541 0x069c  [ 9FAAFC215E7C81FE67791A1C8D141271 ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
09:21:37.0541 0x069c  C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
09:21:37.0551 0x069c  [ 1631D5637B7FEAA828D0942128492CD9 ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
09:21:37.0551 0x069c  C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
09:21:37.0561 0x069c  [ 3CD06A6BFAD5F6883D20004283A5E4F8 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswEngin.dll
09:21:37.0561 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswEngin.dll - ok
09:21:37.0571 0x069c  [ DB18011365FF055EA364910CE3604A07 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnIS.dll
09:21:37.0571 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnIS.dll - ok
09:21:37.0591 0x069c  [ AC17D7C168896F2EE187BEBF146DB749 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnOS.dll
09:21:37.0591 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnOS.dll - ok
09:21:37.0601 0x069c  [ 85D734D8A9B3C333F63DE170A580F182 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnBS.dll
09:21:37.0601 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswCmnBS.dll - ok
09:21:37.0612 0x069c  [ E6DA0DD68C037B2EBD58E1F9EBEA6B18 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswScan.dll
09:21:37.0612 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswScan.dll - ok
09:21:37.0622 0x069c  [ 2880583DF6DE126CC32B8491314A0DA3 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswRep.dll
09:21:37.0622 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswRep.dll - ok
09:21:37.0632 0x069c  [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\Alwil Software\Avast5\defs\13091201\aswFiDb.dll
09:21:37.0632 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\aswFiDb.dll - ok
09:21:37.0652 0x069c  [ 9A1C843AB0D1E4C92ADD0EDBBABA5B7F ] C:\WINDOWS\system32\LgNotify.dll
09:21:37.0652 0x069c  C:\WINDOWS\system32\LgNotify.dll - ok
09:21:37.0662 0x069c  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
09:21:37.0662 0x069c  C:\WINDOWS\system32\cscui.dll - ok
09:21:37.0672 0x069c  [ 52B8BEE6EC6E24C1EC6EA9FB6648F3DD ] C:\WINDOWS\system32\ZCfgSvc.exe
09:21:37.0672 0x069c  C:\WINDOWS\system32\ZCfgSvc.exe - ok
09:21:37.0682 0x069c  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
09:21:37.0682 0x069c  C:\WINDOWS\system32\powrprof.dll - ok
09:21:37.0692 0x069c  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
09:21:37.0692 0x069c  C:\WINDOWS\system32\dpcdll.dll - ok
09:21:37.0702 0x069c  [ 4F2495F3DFEEF5DCDF516E6E1E9DD9FE ] C:\WINDOWS\system32\PfMgrApi.dll
09:21:37.0702 0x069c  C:\WINDOWS\system32\PfMgrApi.dll - ok
09:21:37.0722 0x069c  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
09:21:37.0722 0x069c  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
09:21:37.0732 0x069c  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
09:21:37.0732 0x069c  C:\WINDOWS\system32\userinit.exe - ok
09:21:37.0752 0x069c  [ A3258C334350899659DE55A88FB92D07 ] C:\WINDOWS\system32\PsRegApi.dll
09:21:37.0752 0x069c  C:\WINDOWS\system32\PsRegApi.dll - ok
09:21:37.0762 0x069c  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
09:21:37.0762 0x069c  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
09:21:37.0772 0x069c  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
09:21:37.0772 0x069c  C:\WINDOWS\system32\WgaTray.exe - ok
09:21:37.0782 0x069c  [ 132E699B82A087D3059AE16D1675125B ] C:\WINDOWS\system32\C1XStngs.dll
09:21:37.0782 0x069c  C:\WINDOWS\system32\C1XStngs.dll - ok
09:21:37.0792 0x069c  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
09:21:37.0792 0x069c  C:\WINDOWS\explorer.exe - ok
09:21:37.0802 0x069c  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
09:21:37.0802 0x069c  C:\WINDOWS\system32\browseui.dll - ok
09:21:37.0812 0x069c  [ E80A88459F85686141DD60F56B256FFA ] C:\WINDOWS\system32\WConfig.dll
09:21:37.0812 0x069c  C:\WINDOWS\system32\WConfig.dll - ok
09:21:37.0832 0x069c  [ 0CFE8B71FC8B791B693624A472FDDAF4 ] C:\WINDOWS\system32\WiFiAdap.dll
09:21:37.0832 0x069c  C:\WINDOWS\system32\WiFiAdap.dll - ok
09:21:37.0842 0x069c  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
09:21:37.0842 0x069c  C:\WINDOWS\system32\shdocvw.dll - ok
09:21:37.0852 0x069c  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
09:21:37.0852 0x069c  C:\WINDOWS\system32\oledlg.dll - ok
09:21:37.0862 0x069c  [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
09:21:37.0862 0x069c  C:\WINDOWS\system32\olepro32.dll - ok
09:21:37.0872 0x069c  [ 8F35BD2E4FC1DB985346D9284F4F4FB1 ] C:\Program Files\Google\Drive\googledrivesync32.dll
09:21:37.0872 0x069c  C:\Program Files\Google\Drive\googledrivesync32.dll - ok
09:21:37.0892 0x069c  [ 9934B41F95D8F9BB278A0C6E7771F8AD ] C:\WINDOWS\system32\LsaWrApi.dll
09:21:37.0892 0x069c  C:\WINDOWS\system32\LsaWrApi.dll - ok
09:21:37.0902 0x069c  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcp90.dll
09:21:37.0902 0x069c  C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcp90.dll - ok
09:21:37.0912 0x069c  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcr90.dll
09:21:37.0912 0x069c  C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcr90.dll - ok
09:21:37.0922 0x069c  [ B00B3D5E9C296651BC2754863307201B ] C:\WINDOWS\system32\S24MUDLL.DLL
09:21:37.0922 0x069c  C:\WINDOWS\system32\S24MUDLL.DLL - ok
09:21:37.0942 0x069c  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
09:21:37.0942 0x069c  C:\WINDOWS\system32\cryptnet.dll - ok
09:21:37.0952 0x069c  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
09:21:37.0952 0x069c  C:\WINDOWS\system32\sensapi.dll - ok
09:21:37.0962 0x069c  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
09:21:37.0962 0x069c  C:\WINDOWS\system32\winhttp.dll - ok
09:21:37.0972 0x069c  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
09:21:37.0972 0x069c  C:\WINDOWS\system32\desk.cpl - ok
09:21:37.0982 0x069c  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
09:21:37.0982 0x069c  C:\WINDOWS\system32\themeui.dll - ok
09:21:37.0992 0x069c  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
09:21:37.0992 0x069c  C:\WINDOWS\system32\msimg32.dll - ok
09:21:38.0012 0x069c  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
09:21:38.0012 0x069c  C:\WINDOWS\system32\LegitCheckControl.dll - ok
09:21:38.0022 0x069c  [ B534C5A4976AD8F246C11542E9EE140C ] C:\WINDOWS\system32\1XConfig.exe
09:21:38.0022 0x069c  C:\WINDOWS\system32\1XConfig.exe - ok
09:21:38.0032 0x069c  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
09:21:38.0032 0x069c  C:\WINDOWS\system32\actxprxy.dll - ok
09:21:38.0032 0x069c  [ 8ED7137422C83E4282C97A22BD234F1F ] C:\WINDOWS\system32\IntelAE5.dll
09:21:38.0042 0x069c  C:\WINDOWS\system32\IntelAE5.dll - ok
09:21:38.0052 0x069c  [ 5D9C6320765C7A01D592E53A5389BC40 ] C:\WINDOWS\system32\urlmon.dll
09:21:38.0052 0x069c  C:\WINDOWS\system32\urlmon.dll - ok
09:21:38.0062 0x069c  [ 3A38303F8C518D53BB99816508A7F39F ] C:\WINDOWS\system32\D8021Xps.dll
09:21:38.0062 0x069c  C:\WINDOWS\system32\D8021Xps.dll - ok
09:21:38.0072 0x069c  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
09:21:38.0072 0x069c  C:\WINDOWS\system32\cmd.exe - ok
09:21:38.0082 0x069c  [ 761A36064C6F40DD31234485021C0727 ] C:\WINDOWS\system32\ieframe.dll
09:21:38.0082 0x069c  C:\WINDOWS\system32\ieframe.dll - ok
09:21:38.0092 0x069c  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
09:21:38.0092 0x069c  C:\WINDOWS\system32\es.dll - ok
09:21:38.0112 0x069c  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
09:21:38.0112 0x069c  C:\WINDOWS\system32\cabinet.dll - ok
09:21:38.0122 0x069c  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
09:21:38.0122 0x069c  C:\WINDOWS\system32\msutb.dll - ok
09:21:38.0132 0x069c  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
09:21:38.0132 0x069c  C:\WINDOWS\system32\MSCTF.dll - ok
09:21:38.0142 0x069c  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
09:21:38.0142 0x069c  C:\WINDOWS\system32\linkinfo.dll - ok
09:21:38.0152 0x069c  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
09:21:38.0152 0x069c  C:\WINDOWS\system32\ntshrui.dll - ok
09:21:38.0162 0x069c  [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
09:21:38.0162 0x069c  C:\WINDOWS\system32\verclsid.exe - ok
09:21:38.0172 0x069c  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
09:21:38.0172 0x069c  C:\WINDOWS\system32\netshell.dll - ok
09:21:38.0192 0x069c  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
09:21:38.0192 0x069c  C:\WINDOWS\system32\credui.dll - ok
09:21:38.0202 0x069c  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
09:21:38.0202 0x069c  C:\WINDOWS\system32\dot3dlg.dll - ok
09:21:38.0212 0x069c  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
09:21:38.0212 0x069c  C:\WINDOWS\system32\onex.dll - ok
09:21:38.0222 0x069c  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
09:21:38.0222 0x069c  C:\WINDOWS\system32\eappcfg.dll - ok
09:21:38.0232 0x069c  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
09:21:38.0232 0x069c  C:\WINDOWS\system32\eappprxy.dll - ok
09:21:38.0242 0x069c  [ 8DA7BF5728427A166F67F39AE4ABFD65 ] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
09:21:38.0242 0x069c  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe - ok
09:21:38.0252 0x069c  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
09:21:38.0252 0x069c  C:\WINDOWS\system32\msi.dll - ok
09:21:38.0262 0x069c  [ 621822F2F2BDE521D3FC687B62659B76 ] C:\WINDOWS\system32\mnmdd.dll
09:21:38.0262 0x069c  C:\WINDOWS\system32\mnmdd.dll - ok
09:21:38.0282 0x069c  [ A3C0A42C88C7C1E3C65AB2DA3A5E6B0C ] C:\WINDOWS\system32\rdpdd.dll
09:21:38.0282 0x069c  C:\WINDOWS\system32\rdpdd.dll - ok
09:21:38.0282 0x069c  [ 2FD212579A38A3521584C898EF80441B ] C:\Program Files\ATI Technologies\ATI Control Panel\atiprbxx.exe
09:21:38.0282 0x069c  C:\Program Files\ATI Technologies\ATI Control Panel\atiprbxx.exe - ok
09:21:38.0292 0x069c  [ 7EAC8ACCA6007B2605F108C48EFECE1C ] C:\WINDOWS\system32\webcheck.dll
09:21:38.0292 0x069c  C:\WINDOWS\system32\webcheck.dll - ok
09:21:38.0313 0x069c  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
09:21:38.0313 0x069c  C:\WINDOWS\system32\stobject.dll - ok
09:21:38.0323 0x069c  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
09:21:38.0323 0x069c  C:\WINDOWS\system32\batmeter.dll - ok
09:21:38.0333 0x069c  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
09:21:38.0333 0x069c  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
09:21:38.0343 0x069c  [ 345134D6F47635E7011FBB0D8F2FE810 ] C:\WINDOWS\system32\BSShell.dll
09:21:38.0343 0x069c  C:\WINDOWS\system32\BSShell.dll - ok
09:21:38.0353 0x069c  [ A86758C1E335E1E197BD5363D6A618D4 ] C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.enu
09:21:38.0353 0x069c  C:\Program Files\ATI Technologies\ATI Control Panel\atrpuixx.enu - ok
09:21:38.0363 0x069c  [ 8F3D22860AD5833ADC257366F44C68EA ] C:\WINDOWS\system32\BsSDK.dll
09:21:38.0363 0x069c  C:\WINDOWS\system32\BsSDK.dll - ok
09:21:38.0383 0x069c  [ F856A30ACCB03400D821C04520A11F09 ] C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll
09:21:38.0383 0x069c  C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll - ok
09:21:38.0393 0x069c  [ 9DD5CD9BFB2A5AACBDB10270D1D02070 ] C:\WINDOWS\system32\BsTrace.dll
09:21:38.0393 0x069c  C:\WINDOWS\system32\BsTrace.dll - ok
09:21:38.0403 0x069c  [ A50200F83A701E7651F153A110684BE2 ] C:\WINDOWS\system32\BsCommon.dll
09:21:38.0403 0x069c  C:\WINDOWS\system32\BsCommon.dll - ok
09:21:38.0413 0x069c  [ BA391BE9073304B8A8A6CD38BF96E79D ] C:\WINDOWS\system32\BsLangInDepRes.dll
09:21:38.0413 0x069c  C:\WINDOWS\system32\BsLangInDepRes.dll - ok
09:21:38.0423 0x069c  [ BCFAA9E05C01CD1A4A079EBCD95CFD64 ] C:\WINDOWS\system32\Bs2Res.dll
09:21:38.0423 0x069c  C:\WINDOWS\system32\Bs2Res.dll - ok
09:21:38.0433 0x069c  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
09:21:38.0433 0x069c  C:\WINDOWS\system32\mydocs.dll - ok
09:21:38.0443 0x069c  [ 4A49F8BD0E05373DFEB41F0394BBFB91 ] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
09:21:38.0443 0x069c  C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe - ok
09:21:38.0463 0x069c  [ F0CBAF724FF71D400FF45FBCEC4F3898 ] C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
09:21:38.0463 0x069c  C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
09:21:38.0473 0x069c  [ BB0A636A3FC40ED12089EE8F5AEEF8E6 ] C:\Program Files\Intel\NCS\PROSet\ENUPGUIR.dll
09:21:38.0473 0x069c  C:\Program Files\Intel\NCS\PROSet\ENUPGUIR.dll - ok
09:21:38.0483 0x069c  [ F099B129022170F2DF9E1C0185C9BCFB ] C:\WINDOWS\system32\d3d8.dll
09:21:38.0483 0x069c  C:\WINDOWS\system32\d3d8.dll - ok
09:21:38.0493 0x069c  [ 3DEFFD9E95E1667A4839AE2B3DDBA611 ] C:\WINDOWS\system32\Pn802_11.dll
09:21:38.0493 0x069c  C:\WINDOWS\system32\Pn802_11.dll - ok
09:21:38.0503 0x069c  [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
09:21:38.0503 0x069c  C:\WINDOWS\system32\d3d8thk.dll - ok
09:21:38.0513 0x069c  [ 274BD05EE2E770AE2DDC983E76B85676 ] C:\WINDOWS\system32\ShellNav.dll
09:21:38.0513 0x069c  C:\WINDOWS\system32\ShellNav.dll - ok
09:21:38.0533 0x069c  [ 83AB0FCCF90A395AE71B7EA931C90529 ] C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
09:21:38.0533 0x069c  C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
09:21:38.0533 0x069c  [ 826D35A960FADFFA8AEBB5271ACDE0F5 ] C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll
09:21:38.0533 0x069c  C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll - ok
09:21:38.0543 0x069c  [ AA0507F0516A4DFF1B1279AB4A2ABB37 ] C:\WINDOWS\system32\dinput8.dll
09:21:38.0543 0x069c  C:\WINDOWS\system32\dinput8.dll - ok
09:21:38.0553 0x069c  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
09:21:38.0563 0x069c  C:\WINDOWS\system32\hid.dll - ok
09:21:38.0573 0x069c  [ 29ECDA17BA5E6D98430F698587569ACC ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
09:21:38.0573 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
09:21:38.0583 0x069c  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
09:21:38.0583 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
09:21:38.0603 0x069c  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
09:21:38.0603 0x069c  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
09:21:38.0613 0x069c  [ 75563FF603C40F0A5486750E0C486CC2 ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll
09:21:38.0613 0x069c  C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll - ok
09:21:38.0623 0x069c  [ 073CFCA2F6A6829980B5CB96CAF8F913 ] C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR
09:21:38.0623 0x069c  C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR - ok
09:21:38.0633 0x069c  [ 5058D323DDABFAD0D8D8BC2CAEF73070 ] C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
09:21:38.0633 0x069c  C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
09:21:38.0643 0x069c  [ EF96B1E29EAE4700CA3934291CCD5705 ] C:\Program Files\Intel\NCS\PROSet\8023\PNC802_3.dll
09:21:38.0643 0x069c  C:\Program Files\Intel\NCS\PROSet\8023\PNC802_3.dll - ok
09:21:38.0663 0x069c  [ 40667B961C428546D2DEA2F7C80167F7 ] C:\Program Files\Intel\NCS\PROSet\8023\ENUPCMRs.dll
09:21:38.0663 0x069c  C:\Program Files\Intel\NCS\PROSet\8023\ENUPCMRs.dll - ok
09:21:38.0673 0x069c  [ E2DA2DA04DBAF4D9E44AA24B00F2ABCA ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
09:21:38.0673 0x069c  C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe - ok
09:21:38.0683 0x069c  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
09:21:38.0683 0x069c  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
09:21:38.0693 0x069c  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
09:21:38.0693 0x069c  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
09:21:38.0703 0x069c  [ 918675759BD4D8B0824C0C0C2922C517 ] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
09:21:38.0703 0x069c  C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe - ok
09:21:38.0723 0x069c  [ F5F1A8CDD473D55F9BF6FE23F715B0FA ] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
09:21:38.0723 0x069c  C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - ok
09:21:38.0733 0x069c  [ F10890AC4763888FF12E14C9DCB2129E ] C:\WINDOWS\system32\advpack.dll
09:21:38.0733 0x069c  C:\WINDOWS\system32\advpack.dll - ok
09:21:38.0753 0x069c  [ D4251D2EFDE4AF1E611B14191092A169 ] C:\Program Files\Hmonitor\hmonitor.exe
09:21:38.0753 0x069c  C:\Program Files\Hmonitor\hmonitor.exe - ok
09:21:38.0763 0x069c  [ A940874B1904F1C48D09F9196F9BC178 ] C:\Program Files\HP\hpcoretech\hpvcr70.dll
09:21:38.0763 0x069c  C:\Program Files\HP\hpcoretech\hpvcr70.dll - ok
09:21:38.0773 0x069c  [ C1D6235E8DEA361D430F375AA9CEE99A ] C:\Program Files\Dell\QuickSet\quickset.exe
09:21:38.0773 0x069c  C:\Program Files\Dell\QuickSet\quickset.exe - ok
09:21:38.0783 0x069c  [ 8FB740D758B14B1BC950CC347C21E461 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
09:21:38.0783 0x069c  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - ok
09:21:38.0793 0x069c  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
09:21:38.0793 0x069c  C:\WINDOWS\system32\rasdlg.dll - ok
09:21:38.0803 0x069c  [ 671A210D11B6E5206A7263220023170C ] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
09:21:38.0803 0x069c  C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe - ok
09:21:38.0823 0x069c  [ 535203DEA5820F3B5F3FAACE0D51252C ] C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll
09:21:38.0823 0x069c  C:\Program Files\CyberLink\PowerDVD\CLRCEngine2.dll - ok
09:21:38.0833 0x069c  [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:21:38.0833 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
09:21:38.0843 0x069c  [ CAF2D01A82A51DAECFC366432FBAD6B6 ] C:\WINDOWS\system32\Bscdlg.dll
09:21:38.0843 0x069c  C:\WINDOWS\system32\Bscdlg.dll - ok
09:21:38.0853 0x069c  [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\WINDOWS\system32\msxml4.dll
09:21:38.0853 0x069c  C:\WINDOWS\system32\msxml4.dll - ok
09:21:38.0873 0x069c  [ 331334335F95E4A3636C58CEDACE0CC1 ] C:\Program Files\Dell\QuickSet\IWH9.dll
09:21:38.0873 0x069c  C:\Program Files\Dell\QuickSet\IWH9.dll - ok
09:21:38.0883 0x069c  [ 48E6868781B4E8BF4B77DBEC7694BCE8 ] C:\Program Files\real\realplayer\Update\realsched.exe
09:21:38.0883 0x069c  C:\Program Files\real\realplayer\Update\realsched.exe - ok
09:21:38.0893 0x069c  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
09:21:38.0893 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
09:21:38.0903 0x069c  [ 962C174BB85B843FE0CA75A6DAF46F2F ] C:\Program Files\Dell\QuickSet\IWH10.dll
09:21:38.0903 0x069c  C:\Program Files\Dell\QuickSet\IWH10.dll - ok
09:21:38.0913 0x069c  [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files\QuickTime\QTTask.exe
09:21:38.0913 0x069c  C:\Program Files\QuickTime\QTTask.exe - ok
09:21:38.0933 0x069c  [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
09:21:38.0933 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
09:21:38.0943 0x069c  [ D588D501E19EE0B65F5A64483B529C46 ] C:\WINDOWS\system32\BsProfileFunc.dll
09:21:38.0943 0x069c  C:\WINDOWS\system32\BsProfileFunc.dll - ok
09:21:38.0953 0x069c  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
09:21:38.0953 0x069c  C:\WINDOWS\system32\mfc42.dll - ok
09:21:38.0963 0x069c  [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
09:21:38.0963 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
09:21:38.0973 0x069c  [ E4FAB6D19063927E60E48F4D02F5F099 ] E:\Downloade\Programi\akvis_artwork_7.0.1614.8662\Re-trial\Retrialer.exe
09:21:38.0973 0x069c  E:\Downloade\Programi\akvis_artwork_7.0.1614.8662\Re-trial\Retrialer.exe - ok
09:21:38.0993 0x069c  [ EE5B38DD8B8EBBE8868B9EF00B815585 ] C:\Program Files\real\realplayer\Update\setu3270.dll
09:21:38.0993 0x069c  C:\Program Files\real\realplayer\Update\setu3270.dll - ok
09:21:39.0004 0x069c  [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
09:21:39.0004 0x069c  C:\WINDOWS\system32\dumprep.exe - ok
09:21:39.0014 0x069c  [ 5515EB5E3A8B073F66CFC697EB0D4B55 ] C:\Program Files\Microsoft ActiveSync\wcescomm.exe
09:21:39.0014 0x069c  C:\Program Files\Microsoft ActiveSync\wcescomm.exe - ok
09:21:39.0024 0x069c  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
09:21:39.0024 0x069c  C:\WINDOWS\system32\msvcp100.dll - ok
09:21:39.0034 0x069c  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
09:21:39.0034 0x069c  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
09:21:39.0044 0x069c  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
09:21:39.0044 0x069c  C:\WINDOWS\system32\ctfmon.exe - ok
09:21:39.0054 0x069c  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
09:21:39.0054 0x069c  C:\WINDOWS\system32\imm32.dll - ok
09:21:39.0074 0x069c  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
09:21:39.0074 0x069c  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
09:21:39.0084 0x069c  [ 2D6E99C24E69DCA5CCF1E0EC61701982 ] C:\WINDOWS\system32\versit.dll
09:21:39.0084 0x069c  C:\WINDOWS\system32\versit.dll - ok
09:21:39.0094 0x069c  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
09:21:39.0094 0x069c  C:\WINDOWS\system32\msvcr100.dll - ok
09:21:39.0104 0x069c  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
09:21:39.0104 0x069c  C:\WINDOWS\ime\SPTIP.dll - ok
09:21:39.0114 0x069c  [ 43CCB246B3D0C385E54F14B04DF96E9F ] C:\WINDOWS\system32\ceutil.dll
09:21:39.0114 0x069c  C:\WINDOWS\system32\ceutil.dll - ok
09:21:39.0124 0x069c  [ 286AAA761254F247A09DF75A5ED4EF18 ] C:\Program Files\HP\hpcoretech\hpcmpmgr.dll
09:21:39.0124 0x069c  C:\Program Files\HP\hpcoretech\hpcmpmgr.dll - ok
09:21:39.0134 0x069c  [ B12C853961947ED89B9437966C7507B4 ] C:\WINDOWS\system32\rapi.dll
09:21:39.0134 0x069c  C:\WINDOWS\system32\rapi.dll - ok
09:21:39.0154 0x069c  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
09:21:39.0154 0x069c  C:\WINDOWS\system32\oleacc.dll - ok
09:21:39.0164 0x069c  [ DB0AA3706292AF63B46C7084BECCB8C7 ] C:\Program Files\Microsoft ActiveSync\tcp2udp.dll
09:21:39.0164 0x069c  C:\Program Files\Microsoft ActiveSync\tcp2udp.dll - ok
09:21:39.0174 0x069c  [ 01243FA89FBEC041E873DE8386138440 ] C:\Program Files\real\realplayer\realplay.exe
09:21:39.0174 0x069c  C:\Program Files\real\realplayer\realplay.exe - ok
09:21:39.0184 0x069c  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
09:21:39.0184 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
09:21:39.0194 0x069c  [ 7D4A768DEA3DC643CBB65222D5B1377B ] C:\PROGRA~1\MICROS~3\rapimgr.exe
09:21:39.0194 0x069c  C:\PROGRA~1\MICROS~3\rapimgr.exe - ok
09:21:39.0204 0x069c  [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
09:21:39.0204 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
09:21:39.0224 0x069c  [ 020D5F7ABD814935C1BBD55D97F11DB8 ] C:\Program Files\real\realplayer\rpwa3260.dll
09:21:39.0224 0x069c  C:\Program Files\real\realplayer\rpwa3260.dll - ok
09:21:39.0234 0x069c  [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
09:21:39.0234 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
09:21:39.0244 0x069c  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
09:21:39.0244 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
09:21:39.0254 0x069c  [ 6C1F256696FDB4CCBB46048C206ECEB7 ] C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
09:21:39.0254 0x069c  C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll - ok
09:21:39.0264 0x069c  [ 532F1D7F6F40019E1DC56A2470EC6EE2 ] C:\Program Files\Microsoft ActiveSync\dtptdns.dll
09:21:39.0264 0x069c  C:\Program Files\Microsoft ActiveSync\dtptdns.dll - ok
09:21:39.0274 0x069c  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
09:21:39.0274 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
09:21:39.0284 0x069c  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
09:21:39.0284 0x069c  C:\WINDOWS\system32\drprov.dll - ok
09:21:39.0294 0x069c  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
09:21:39.0294 0x069c  C:\WINDOWS\system32\ntlanman.dll - ok
09:21:39.0304 0x069c  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
09:21:39.0304 0x069c  C:\WINDOWS\system32\netui0.dll - ok
09:21:39.0324 0x069c  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
09:21:39.0324 0x069c  C:\WINDOWS\system32\netui1.dll - ok
09:21:39.0334 0x069c  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
09:21:39.0334 0x069c  C:\WINDOWS\system32\netrap.dll - ok
09:21:39.0344 0x069c  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
09:21:39.0344 0x069c  C:\WINDOWS\system32\davclnt.dll - ok
09:21:39.0354 0x069c  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
09:21:39.0354 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
09:21:39.0364 0x069c  [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
09:21:39.0364 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
09:21:39.0374 0x069c  [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
09:21:39.0374 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
09:21:39.0394 0x069c  [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
09:21:39.0394 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
09:21:39.0404 0x069c  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
09:21:39.0404 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
09:21:39.0414 0x069c  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
09:21:39.0414 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
09:21:39.0424 0x069c  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
09:21:39.0424 0x069c  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
09:21:39.0434 0x069c  [ 55BD08B17ABDB60F7A1E97056E665C4A ] C:\Program Files\Alwil Software\Avast5\defs\13091201\algo.dll
09:21:39.0434 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\algo.dll - ok
09:21:39.0454 0x069c  [ 3848C160A713B9CB716E1DDBB3BDF981 ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
09:21:39.0454 0x069c  C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
09:21:39.0464 0x069c  [ 39067BF01F1CC63E570FEFF0EEB0A763 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
09:21:39.0464 0x069c  C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
09:21:39.0474 0x069c  [ F8BAAF6B20A52D31EC9B89C2610D637D ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
09:21:39.0474 0x069c  C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
09:21:39.0484 0x069c  [ 98B626C46616CE423F1645CD3EFF02A6 ] C:\Program Files\Alwil Software\Avast5\ahResMes.dll
09:21:39.0484 0x069c  C:\Program Files\Alwil Software\Avast5\ahResMes.dll - ok
09:21:39.0494 0x069c  [ 76CAB0273BFF7BE8DFC4AF5B98D4CF02 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
09:21:39.0494 0x069c  C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
09:21:39.0504 0x069c  [ A59ADED53347B5B97907D63ACD8248D3 ] C:\Program Files\Alwil Software\Avast5\ahResP2P.dll
09:21:39.0504 0x069c  C:\Program Files\Alwil Software\Avast5\ahResP2P.dll - ok
09:21:39.0524 0x069c  [ 14AE7C128126559F96D174515B11BEB2 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
09:21:39.0524 0x069c  C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
09:21:39.0534 0x069c  [ 5AE2943B6E8CB4E418EE3E7117E2C7EA ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
09:21:39.0534 0x069c  C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
09:21:39.0534 0x069c  [ 3EBDCDE525EC17C670C574B5D5D221FF ] C:\Program Files\Alwil Software\Avast5\defs\13091201\ArPot.dll
09:21:39.0534 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\ArPot.dll - ok
09:21:39.0554 0x069c  [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\Alwil Software\Avast5\defs\13091201\exts.dll
09:21:39.0554 0x069c  C:\Program Files\Alwil Software\Avast5\defs\13091201\exts.dll - ok
09:21:39.0564 0x069c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
09:21:39.0564 0x069c  C:\WINDOWS\system32\schedsvc.dll - ok
09:21:39.0574 0x069c  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
09:21:39.0574 0x069c  C:\WINDOWS\system32\msidle.dll - ok
09:21:39.0584 0x069c  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
09:21:39.0584 0x069c  C:\WINDOWS\system32\spoolsv.exe - ok
09:21:39.0594 0x069c  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
09:21:39.0594 0x069c  C:\WINDOWS\system32\audiosrv.dll - ok
09:21:39.0604 0x069c  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
09:21:39.0604 0x069c  C:\WINDOWS\system32\wkssvc.dll - ok
09:21:39.0624 0x069c  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
09:21:39.0624 0x069c  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
09:21:39.0634 0x069c  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
09:21:39.0634 0x069c  C:\WINDOWS\system32\webclnt.dll - ok
09:21:39.0644 0x069c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
09:21:39.0644 0x069c  C:\WINDOWS\system32\drivers\parvdm.sys - ok
09:21:39.0654 0x069c  [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] C:\WINDOWS\system32\drivers\SENTINEL.SYS
09:21:39.0654 0x069c  C:\WINDOWS\system32\drivers\SENTINEL.SYS - ok
09:21:39.0664 0x069c  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
09:21:39.0664 0x069c  C:\WINDOWS\system32\wdmaud.drv - ok
09:21:39.0674 0x069c  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
09:21:39.0674 0x069c  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
09:21:39.0684 0x069c  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
09:21:39.0684 0x069c  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
09:21:39.0705 0x069c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
09:21:39.0705 0x069c  C:\WINDOWS\system32\drivers\splitter.sys - ok
09:21:39.0715 0x069c  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
09:21:39.0715 0x069c  C:\WINDOWS\system32\drivers\aec.sys - ok
09:21:39.0725 0x069c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
09:21:39.0725 0x069c  C:\WINDOWS\system32\drivers\swmidi.sys - ok
09:21:39.0735 0x069c  [ 6A2F1A0787139A28F93B7CDAB830E354 ] C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
09:21:39.0735 0x069c  C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe - ok
09:21:39.0755 0x069c  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
09:21:39.0755 0x069c  C:\WINDOWS\system32\drivers\DMusic.sys - ok
09:21:39.0775 0x069c  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
09:21:39.0775 0x069c  C:\WINDOWS\system32\drivers\kmixer.sys - ok
09:21:39.0785 0x069c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
09:21:39.0785 0x069c  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
09:21:39.0785 0x069c  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
09:21:39.0785 0x069c  C:\WINDOWS\system32\msacm32.drv - ok
09:21:39.0805 0x069c  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
09:21:39.0805 0x069c  C:\WINDOWS\system32\midimap.dll - ok
09:21:39.0815 0x069c  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:21:39.0815 0x069c  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
09:21:39.0825 0x069c  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
09:21:39.0825 0x069c  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
09:21:39.0835 0x069c  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
09:21:39.0835 0x069c  C:\WINDOWS\system32\mscoree.dll - ok
09:21:39.0855 0x069c  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
09:21:39.0855 0x069c  C:\WINDOWS\system32\cryptsvc.dll - ok
09:21:39.0865 0x069c  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
09:21:39.0865 0x069c  C:\WINDOWS\system32\certcli.dll - ok
09:21:39.0875 0x069c  [ DD347806400462F1937B162B5983E471 ] C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
09:21:39.0875 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe - ok
09:21:39.0885 0x069c  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
09:21:39.0885 0x069c  C:\WINDOWS\system32\pdh.dll - ok
09:21:39.0895 0x069c  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
09:21:39.0895 0x069c  C:\WINDOWS\system32\odbcbcp.dll - ok
09:21:39.0915 0x069c  [ 7A9FCB1AAE0D90542D7ECCB6C323CB45 ] C:\Program Files\Diskeeper Corporation\Diskeeper\MJS.dll
09:21:39.0915 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\MJS.dll - ok
09:21:39.0925 0x069c  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
09:21:39.0925 0x069c  C:\WINDOWS\system32\fltlib.dll - ok
09:21:39.0935 0x069c  [ 813AD2CB87C0ECBE8D7A0426658ABD01 ] C:\Program Files\Diskeeper Corporation\Diskeeper\DKLib.dll
09:21:39.0935 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\DKLib.dll - ok
09:21:39.0945 0x069c  [ E691C5E2F7ADDFD6CD96DBD6826CDDB0 ] C:\Program Files\Diskeeper Corporation\Diskeeper\PrFacade.dll
09:21:39.0945 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\PrFacade.dll - ok
09:21:39.0955 0x069c  [ 0D389A3CCD69A97E95386D3D0A23978B ] C:\Program Files\Diskeeper Corporation\Diskeeper\Tab.dll
09:21:39.0955 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\Tab.dll - ok
09:21:39.0975 0x069c  [ 7ECCC973CE1DCFD3B43892AB4DC5E5A2 ] C:\Program Files\Diskeeper Corporation\Diskeeper\1033\DkRes.dll
09:21:39.0975 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\1033\DkRes.dll - ok
09:21:39.0985 0x069c  [ CB8EB214E5009782B6D3E16B4F479532 ] C:\WINDOWS\system32\drivers\eusk2par.sys
09:21:39.0985 0x069c  C:\WINDOWS\system32\drivers\eusk2par.sys - ok
09:21:39.0995 0x069c  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
09:21:39.0995 0x069c  C:\WINDOWS\system32\ersvc.dll - ok
09:21:40.0005 0x069c  [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe
09:21:40.0005 0x069c  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
09:21:40.0025 0x069c  [ 779EC7C2E8F265EE27C3D539E811421F ] C:\Program Files\Diskeeper Corporation\Diskeeper\DkTabProvider.dll
09:21:40.0025 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\DkTabProvider.dll - ok
09:21:40.0035 0x069c  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
09:21:40.0035 0x069c  C:\WINDOWS\system32\vssapi.dll - ok
09:21:40.0035 0x069c  [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files\Google\Update\1.3.21.153\goopdate.dll
09:21:40.0035 0x069c  C:\Program Files\Google\Update\1.3.21.153\goopdate.dll - ok
09:21:40.0055 0x069c  [ 8AA2E73AF4F30A72492B16C834920839 ] C:\WINDOWS\system32\drivers\Hmonitor.sys
09:21:40.0055 0x069c  C:\WINDOWS\system32\drivers\Hmonitor.sys - ok
09:21:40.0065 0x069c  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
09:21:40.0065 0x069c  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
09:21:40.0075 0x069c  [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
09:21:40.0075 0x069c  C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
09:21:40.0085 0x069c  [ B591E761161D1EF547D76EF236EAA6A5 ] C:\Program Files\Java\jre7\bin\jqs.exe
09:21:40.0085 0x069c  C:\Program Files\Java\jre7\bin\jqs.exe - ok
09:21:40.0095 0x069c  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
09:21:40.0095 0x069c  C:\WINDOWS\system32\mstask.dll - ok
09:21:40.0105 0x069c  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
09:21:40.0105 0x069c  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
09:21:40.0125 0x069c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
09:21:40.0125 0x069c  C:\WINDOWS\system32\srvsvc.dll - ok
09:21:40.0135 0x069c  [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:21:40.0135 0x069c  C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
09:21:40.0145 0x069c  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
09:21:40.0145 0x069c  C:\WINDOWS\system32\netmsg.dll - ok
09:21:40.0155 0x069c  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
09:21:40.0155 0x069c  C:\WINDOWS\system32\perfos.dll - ok
09:21:40.0165 0x069c  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
09:21:40.0165 0x069c  C:\WINDOWS\system32\drivers\srv.sys - ok
09:21:40.0175 0x069c  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
09:21:40.0175 0x069c  C:\WINDOWS\system32\perfdisk.dll - ok
09:21:40.0185 0x069c  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
09:21:40.0185 0x069c  C:\WINDOWS\system32\spoolss.dll - ok
09:21:40.0205 0x069c  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
09:21:40.0205 0x069c  C:\WINDOWS\system32\localspl.dll - ok
09:21:40.0215 0x069c  [ CD1AD3BC48D47C43B9904CE6494AC934 ] C:\Program Files\Common Files\Diskeeper Corporation\MJS\MJSCR.dll
09:21:40.0215 0x069c  C:\Program Files\Common Files\Diskeeper Corporation\MJS\MJSCR.dll - ok
09:21:40.0225 0x069c  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
09:21:40.0225 0x069c  C:\WINDOWS\system32\cnbjmon.dll - ok
09:21:40.0235 0x069c  [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbam.dll
09:21:40.0235 0x069c  C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbam.dll - ok
09:21:40.0255 0x069c  [ 7B71FE13B723AC1A7BBC7A2A3834CA10 ] C:\WINDOWS\system32\BsMonSvr.dll
09:21:40.0255 0x069c  C:\WINDOWS\system32\BsMonSvr.dll - ok
09:21:40.0275 0x069c  [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
09:21:40.0275 0x069c  C:\WINDOWS\system32\perfproc.dll - ok
09:21:40.0285 0x069c  [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamnet.dll
09:21:40.0285 0x069c  C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamnet.dll - ok
09:21:40.0285 0x069c  [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe
09:21:40.0285 0x069c  C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe - ok
09:21:40.0305 0x069c  [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamcore.dll
09:21:40.0305 0x069c  C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamcore.dll - ok
09:21:40.0315 0x069c  [ C7438618AFD13B0375B5438F7B64FC86 ] C:\WINDOWS\system32\hpzlnt11.dll
09:21:40.0315 0x069c  C:\WINDOWS\system32\hpzlnt11.dll - ok
09:21:40.0325 0x069c  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
09:21:40.0325 0x069c  C:\WINDOWS\system32\pjlmon.dll - ok
09:21:40.0335 0x069c  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
09:21:40.0335 0x069c  C:\WINDOWS\system32\tcpmon.dll - ok
09:21:40.0345 0x069c  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
09:21:40.0345 0x069c  C:\WINDOWS\system32\usbmon.dll - ok
09:21:40.0355 0x069c  [ D5C9DC605E1ACB57BF37BE3E9890B936 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
09:21:40.0355 0x069c  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
09:21:40.0375 0x069c  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
09:21:40.0375 0x069c  C:\WINDOWS\system32\win32spl.dll - ok
09:21:40.0385 0x069c  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
09:21:40.0385 0x069c  C:\WINDOWS\system32\inetpp.dll - ok
09:21:40.0396 0x069c  [ 3C318B9CD391371BED62126581EE9961 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
09:21:40.0396 0x069c  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
09:21:40.0406 0x069c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
09:21:40.0406 0x069c  C:\WINDOWS\system32\netman.dll - ok
09:21:40.0416 0x069c  [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
09:21:40.0416 0x069c  C:\Program Files\Dell\QuickSet\NicConfigSvc.exe - ok
09:21:40.0426 0x069c  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] C:\WINDOWS\system32\HPZipm12.exe
09:21:40.0426 0x069c  C:\WINDOWS\system32\HPZipm12.exe - ok
09:21:40.0436 0x069c  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
09:21:40.0436 0x069c  C:\WINDOWS\system32\ipsecsvc.dll - ok
09:21:40.0456 0x069c  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
09:21:40.0456 0x069c  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
09:21:40.0466 0x069c  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
09:21:40.0466 0x069c  C:\WINDOWS\system32\oakley.dll - ok
09:21:40.0476 0x069c  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
09:21:40.0476 0x069c  C:\WINDOWS\system32\winipsec.dll - ok
09:21:40.0486 0x069c  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
09:21:40.0486 0x069c  C:\WINDOWS\system32\pstorsvc.dll - ok
09:21:40.0496 0x069c  [ 4217348720317D7B98E0646776124F31 ] C:\WINDOWS\system32\BMAPI.dll
09:21:40.0496 0x069c  C:\WINDOWS\system32\BMAPI.dll - ok
09:21:40.0506 0x069c  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
09:21:40.0506 0x069c  C:\WINDOWS\system32\cfgmgr32.dll - ok
09:21:40.0516 0x069c  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
09:21:40.0516 0x069c  C:\WINDOWS\system32\psbase.dll - ok
09:21:40.0536 0x069c  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
09:21:40.0536 0x069c  C:\WINDOWS\system32\dssenh.dll - ok
09:21:40.0536 0x069c  [ 06B6E4CC67DD02434F8FF80CCB922909 ] C:\WINDOWS\system32\RegSrvc.exe
09:21:40.0536 0x069c  C:\WINDOWS\system32\RegSrvc.exe - ok
09:21:40.0546 0x069c  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
09:21:40.0546 0x069c  C:\WINDOWS\system32\seclogon.dll - ok
09:21:40.0556 0x069c  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
09:21:40.0556 0x069c  C:\WINDOWS\system32\srsvc.dll - ok
09:21:40.0576 0x069c  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
09:21:40.0576 0x069c  C:\WINDOWS\system32\wiaservc.dll - ok
09:21:40.0586 0x069c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
09:21:40.0586 0x069c  C:\WINDOWS\system32\sens.dll - ok
09:21:40.0596 0x069c  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
09:21:40.0596 0x069c  C:\WINDOWS\system32\mscms.dll - ok
09:21:40.0606 0x069c  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
09:21:40.0606 0x069c  C:\WINDOWS\system32\browser.dll - ok
09:21:40.0616 0x069c  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
09:21:40.0616 0x069c  C:\WINDOWS\system32\wuauserv.dll - ok
09:21:40.0626 0x069c  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
09:21:40.0626 0x069c  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
09:21:40.0636 0x069c  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
09:21:40.0636 0x069c  C:\WINDOWS\system32\wuaueng.dll - ok
09:21:40.0656 0x069c  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
09:21:40.0656 0x069c  C:\WINDOWS\system32\mspatcha.dll - ok
09:21:40.0666 0x069c  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
09:21:40.0666 0x069c  C:\WINDOWS\system32\trkwks.dll - ok
09:21:40.0676 0x069c  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
09:21:40.0676 0x069c  C:\WINDOWS\system32\ipnathlp.dll - ok
09:21:40.0686 0x069c  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
09:21:40.0686 0x069c  C:\WINDOWS\system32\wscsvc.dll - ok
09:21:40.0696 0x069c  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
09:21:40.0696 0x069c  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
09:21:40.0706 0x069c  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
09:21:40.0706 0x069c  C:\WINDOWS\system32\wbem\esscli.dll - ok
09:21:40.0726 0x069c  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
09:21:40.0726 0x069c  C:\WINDOWS\system32\wbem\fastprox.dll - ok
09:21:40.0736 0x069c  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
09:21:40.0736 0x069c  C:\WINDOWS\system32\comsvcs.dll - ok
09:21:40.0756 0x069c  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
09:21:40.0756 0x069c  C:\WINDOWS\system32\colbact.dll - ok
09:21:40.0766 0x069c  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
09:21:40.0766 0x069c  C:\WINDOWS\system32\mtxclu.dll - ok
09:21:40.0776 0x069c  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
09:21:40.0776 0x069c  C:\WINDOWS\system32\resutils.dll - ok
09:21:40.0786 0x069c  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
09:21:40.0786 0x069c  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
09:21:40.0796 0x069c  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
09:21:40.0796 0x069c  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
09:21:40.0806 0x069c  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
09:21:40.0806 0x069c  C:\WINDOWS\system32\wups.dll - ok
09:21:40.0816 0x069c  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
09:21:40.0816 0x069c  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
09:21:40.0836 0x069c  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
09:21:40.0836 0x069c  C:\WINDOWS\system32\wups2.dll - ok
09:21:40.0846 0x069c  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
09:21:40.0846 0x069c  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
09:21:40.0856 0x069c  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
09:21:40.0856 0x069c  C:\WINDOWS\system32\wuauclt.exe - ok
09:21:40.0866 0x069c  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
09:21:40.0866 0x069c  C:\WINDOWS\system32\wbem\wbemess.dll - ok
09:21:40.0876 0x069c  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
09:21:40.0876 0x069c  C:\WINDOWS\system32\wuapi.dll - ok
09:21:40.0896 0x069c  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
09:21:40.0896 0x069c  C:\WINDOWS\system32\wbem\ncprov.dll - ok
09:21:40.0906 0x069c  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
09:21:40.0906 0x069c  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
09:21:40.0916 0x069c  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
09:21:40.0916 0x069c  C:\WINDOWS\system32\imapi.exe - ok
09:21:40.0926 0x069c  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
09:21:40.0926 0x069c  C:\WINDOWS\system32\upnp.dll - ok
09:21:40.0936 0x069c  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
09:21:40.0936 0x069c  C:\WINDOWS\system32\ssdpapi.dll - ok
09:21:40.0956 0x069c  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
09:21:40.0956 0x069c  C:\WINDOWS\system32\tapisrv.dll - ok
09:21:40.0966 0x069c  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
09:21:40.0966 0x069c  C:\WINDOWS\system32\rasmans.dll - ok
09:21:40.0976 0x069c  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
09:21:40.0976 0x069c  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
09:21:40.0986 0x069c  [ 43FAD5549B09E769B61BBEB58C02AB59 ] C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
09:21:40.0986 0x069c  C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe - ok
09:21:40.0996 0x069c  [ 77D0AB04F844D66D4216800D371413C9 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
09:21:40.0996 0x069c  C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
09:21:41.0006 0x069c  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
09:21:41.0006 0x069c  C:\WINDOWS\system32\rastapi.dll - ok
09:21:41.0026 0x069c  [ B7385775211DA54629E20D9735429479 ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
09:21:41.0026 0x069c  C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
09:21:41.0036 0x069c  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
09:21:41.0036 0x069c  C:\WINDOWS\system32\security.dll - ok
09:21:41.0036 0x069c  [ BC99E6C102A49602916BEBF59D212EF6 ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
09:21:41.0036 0x069c  C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
09:21:41.0056 0x069c  [ 30D2C6217E4C389D6E7FEB32CB691B52 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
09:21:41.0056 0x069c  C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
09:21:41.0066 0x069c  [ 23285D9144C76BEE6FEF8E4B8D2FD3C4 ] C:\WINDOWS\system32\drivers\DKRtWrt.sys
09:21:41.0066 0x069c  C:\WINDOWS\system32\drivers\DKRtWrt.sys - ok
09:21:41.0076 0x069c  [ 7AA199C2258BDBB616C367436D1F976B ] C:\WINDOWS\system32\BsHelpCSps.dll
09:21:41.0076 0x069c  C:\WINDOWS\system32\BsHelpCSps.dll - ok
09:21:41.0086 0x069c  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
09:21:41.0086 0x069c  C:\WINDOWS\system32\drivers\http.sys - ok
09:21:41.0097 0x069c  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
09:21:41.0107 0x069c  C:\WINDOWS\system32\unimdm.tsp - ok
09:21:41.0117 0x069c  [ 3D87B0484BE1093C6614062701F375C5 ] C:\WINDOWS\system32\drivers\BASFND.sys
09:21:41.0117 0x069c  C:\WINDOWS\system32\drivers\BASFND.sys - ok
09:21:41.0127 0x069c  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
09:21:41.0127 0x069c  C:\WINDOWS\system32\ssdpsrv.dll - ok
09:21:41.0137 0x069c  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
09:21:41.0137 0x069c  C:\WINDOWS\system32\uniplat.dll - ok
09:21:41.0147 0x069c  [ 69823954BBD461A73D69774928C9737E ] C:\WINDOWS\system32\drivers\aswRdr.sys
09:21:41.0147 0x069c  C:\WINDOWS\system32\drivers\aswRdr.sys - ok
09:21:41.0157 0x069c  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
09:21:41.0157 0x069c  C:\WINDOWS\system32\unimdmat.dll - ok
09:21:41.0167 0x069c  [ 63EF87400B5C8A50DE5735FE8C12D16B ] C:\WINDOWS\system32\BlueSoleilCSps.dll
09:21:41.0167 0x069c  C:\WINDOWS\system32\BlueSoleilCSps.dll - ok
09:21:41.0187 0x069c  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
09:21:41.0187 0x069c  C:\WINDOWS\system32\licwmi.dll - ok
09:21:41.0197 0x069c  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
09:21:41.0197 0x069c  C:\WINDOWS\system32\modemui.dll - ok
09:21:41.0207 0x069c  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
09:21:41.0207 0x069c  C:\WINDOWS\system32\alg.exe - ok
09:21:41.0217 0x069c  [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
09:21:41.0217 0x069c  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
09:21:41.0227 0x069c  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
09:21:41.0227 0x069c  C:\WINDOWS\system32\wbem\framedyn.dll - ok
09:21:41.0237 0x069c  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
09:21:41.0237 0x069c  C:\WINDOWS\system32\kmddsp.tsp - ok
09:21:41.0247 0x069c  [ F03A08E8826AFA7DD3C0383359D677AC ] C:\WINDOWS\system32\wbem\wmidcprv.dll
09:21:41.0247 0x069c  C:\WINDOWS\system32\wbem\wmidcprv.dll - ok
09:21:41.0257 0x069c  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
09:21:41.0257 0x069c  C:\WINDOWS\system32\ndptsp.tsp - ok
09:21:41.0277 0x069c  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
09:21:41.0277 0x069c  C:\WINDOWS\system32\ipconf.tsp - ok
09:21:41.0287 0x069c  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
09:21:41.0287 0x069c  C:\WINDOWS\system32\licdll.dll - ok
09:21:41.0287 0x069c  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
09:21:41.0287 0x069c  C:\WINDOWS\system32\h323.tsp - ok
09:21:41.0297 0x069c  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
09:21:41.0297 0x069c  C:\WINDOWS\system32\hidphone.tsp - ok
09:21:41.0317 0x069c  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
09:21:41.0317 0x069c  C:\WINDOWS\system32\rasppp.dll - ok
09:21:41.0327 0x069c  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
09:21:41.0327 0x069c  C:\WINDOWS\system32\ntlsapi.dll - ok
09:21:41.0337 0x069c  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
09:21:41.0337 0x069c  C:\WINDOWS\system32\rasqec.dll - ok
09:21:41.0347 0x069c  [ 7662673ED6B48BB1E58CE1D45D5B210C ] C:\WINDOWS\system32\atipdlxx.dll
09:21:41.0347 0x069c  C:\WINDOWS\system32\atipdlxx.dll - ok
09:21:41.0357 0x069c  [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
09:21:41.0357 0x069c  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
09:21:41.0367 0x069c  [ 3D9A7EB9C2A852818D47361F5E8ECFE8 ] C:\Program Files\Dell\QuickSet\dadkeyb.dll
09:21:41.0367 0x069c  C:\Program Files\Dell\QuickSet\dadkeyb.dll - ok
09:21:41.0387 0x069c  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
09:21:41.0387 0x069c  C:\WINDOWS\system32\msxml6.dll - ok
09:21:41.0397 0x069c  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
09:21:41.0397 0x069c  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
09:21:41.0407 0x069c  [ 7EC116936730DB1CBCC6D1D24AC2C1FD ] C:\Program Files\Diskeeper Corporation\Diskeeper\NsNtfsAutoAnalyze.dll
09:21:41.0407 0x069c  C:\Program Files\Diskeeper Corporation\Diskeeper\NsNtfsAutoAnalyze.dll - ok
09:21:41.0417 0x069c  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
09:21:41.0417 0x069c  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
09:21:41.0427 0x069c  [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Program Files\Java\jre7\bin\awt.dll
09:21:41.0427 0x069c  C:\Program Files\Java\jre7\bin\awt.dll - ok
09:21:41.0437 0x069c  [ 966CD21542A62F9AB237D84C451CC137 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
09:21:41.0437 0x069c  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
09:21:41.0457 0x069c  [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Program Files\Java\jre7\bin\dcpr.dll
09:21:41.0457 0x069c  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
09:21:41.0467 0x069c  [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files\Java\jre7\bin\deploy.dll
09:21:41.0467 0x069c  C:\Program Files\Java\jre7\bin\deploy.dll - ok
09:21:41.0477 0x069c  [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
09:21:41.0477 0x069c  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
09:21:41.0487 0x069c  [ B98F28229D292B99FF449FF3647F31BA ] C:\Program Files\Java\jre7\bin\java.dll
09:21:41.0487 0x069c  C:\Program Files\Java\jre7\bin\java.dll - ok
09:21:41.0497 0x069c  [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Program Files\Java\jre7\bin\javaw.exe
09:21:41.0497 0x069c  C:\Program Files\Java\jre7\bin\javaw.exe - ok
09:21:41.0507 0x069c  [ 0384126B913AC2E090804C642302945E ] C:\Program Files\Java\jre7\bin\jp2native.dll
09:21:41.0507 0x069c  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
09:21:41.0527 0x069c  [ CB91CCFA95601066772A004550B55A85 ] C:\Program Files\Java\jre7\bin\jpeg.dll
09:21:41.0527 0x069c  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
09:21:41.0537 0x069c  [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Program Files\Java\jre7\bin\net.dll
09:21:41.0537 0x069c  C:\Program Files\Java\jre7\bin\net.dll - ok
09:21:41.0537 0x069c  [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Program Files\Java\jre7\bin\nio.dll
09:21:41.0537 0x069c  C:\Program Files\Java\jre7\bin\nio.dll - ok
09:21:41.0557 0x069c  [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Program Files\Java\jre7\bin\verify.dll
09:21:41.0557 0x069c  C:\Program Files\Java\jre7\bin\verify.dll - ok
09:21:41.0567 0x069c  [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Program Files\Java\jre7\bin\zip.dll
09:21:41.0567 0x069c  C:\Program Files\Java\jre7\bin\zip.dll - ok
09:21:41.0577 0x069c  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
09:21:41.0577 0x069c  C:\WINDOWS\system32\wucltui.dll - ok
09:21:41.0587 0x069c  [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F ] C:\WINDOWS\system32\wzcdlg.dll
09:21:41.0587 0x069c  C:\WINDOWS\system32\wzcdlg.dll - ok
09:21:41.0597 0x069c  [ 93AAFCE5EB0BA6C77E53B892E9440BC4 ] C:\Documents and Settings\Kosio\Desktop\tdsskiller.exe
09:21:41.0597 0x069c  C:\Documents and Settings\Kosio\Desktop\tdsskiller.exe - ok
09:21:41.0607 0x069c  [ AEB21490315B3F93EAF87449CE4D61A2 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
09:21:41.0607 0x069c  C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
09:21:41.0627 0x069c  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
09:21:41.0627 0x069c  C:\WINDOWS\system32\riched32.dll - ok
09:21:41.0627 0x069c  ============================================================
09:21:41.0627 0x069c  Scan finished
09:21:41.0627 0x069c  ============================================================
09:21:41.0657 0x0360  Detected object count: 18
09:21:41.0657 0x0360  Actual detected object count: 18
09:25:38.0588 0x0360  AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0588 0x0360  AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0598 0x0360  APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0598 0x0360  APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0598 0x0360  BlueletAudio ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0598 0x0360  BlueletAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0598 0x0360  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0598 0x0360  BlueSoleilCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0608 0x0360  BsHelpCS ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0608 0x0360  BsHelpCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0608 0x0360  eusk2par ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0608 0x0360  eusk2par ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0608 0x0360  hmonitor ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0608 0x0360  hmonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0608 0x0360  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0608 0x0360  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0618 0x0360  NAL ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0618 0x0360  NAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0618 0x0360  NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0618 0x0360  NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0628 0x0360  NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0628 0x0360  NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0628 0x0360  omci ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0628 0x0360  omci ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0628 0x0360  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0628 0x0360  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0628 0x0360  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0628 0x0360  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0638 0x0360  S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0638 0x0360  S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0638 0x0360  s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0638 0x0360  s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0648 0x0360  Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0648 0x0360  Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:38.0648 0x0360  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:38.0648 0x0360  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
 

Забравих да ви кажа че след стартирането на ComboFix Аваста спря да се стартира сам, а така също Firefox промени някои настройки. Това нормално ли е?

[icotonev]

Стартирайте отново MbrScan. Изберете Dump и след това от падащото меню,маркирайте Dump Selected MBR . Ще се генерират три файла с разширение . .mbr..на вашия десктоп...Моля прикрепете ги към вашия следващ коментар чрез форумнната система на SoftVisia.

[kokotv]

Генерираха се само два файла.Системата на форума не ми разреши да прикача файловете, затова са в архив

MbrScan.rar

[icotonev]

Изпращам за анализ...Дано стане бързо..!